last executing test programs: 5m2.799831054s ago: executing program 2 (id=3): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000800000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9901) 5m2.664014145s ago: executing program 2 (id=5): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) r4 = syz_open_dev$usbfs(&(0x7f0000000280), 0x200, 0x40400) ioctl$USBDEVFS_REAPURB(r4, 0x4008550c, &(0x7f00000002c0)) r5 = socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000740)=ANY=[@ANYRESOCT=r2, @ANYRESOCT=r4, @ANYRES16=r3, @ANYRESOCT=r1, @ANYRESDEC=r3, @ANYRESDEC=r4, @ANYRES8=r0, @ANYRES8=0x0, @ANYRES64=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4fc, &(0x7f0000001500)="$eJzs3c9vG1kdAPDvOHFIdlOSBQ7LSuxGiFV3BbWTDbuNOLRFQnCqBJR7CIkTRXHiKHbaJqpQKs4ICSFAcIETFyT+ACTUPwEhVYJ7hRCogrYcOBSMxh63wdhJqtpx6nw+0uu8efPj+32uPPabmXgCOLdmIuJaRIxExPsRMZW157ISB82Srvf40Z3ltCRRr9/4exJJ1tbaV5JNX882G4+Ib34t4jtJ0mw4pLq3v7FULpd2svlibXO7WN3bv7S+ubRWWittzc/PfbRweeHDhdme9fXKV/7y4x/86qtXfveFWw8W//bed9N8J7Nlh/vRS83XJN94LVpGI2KnH8EGYCTrT/4kKyf9zwcAgKOl3/E/ERGfjYgnPxt0NgAAAEA/1K9OxtMkog4AAAAMrVzjHtgkV8juBZiMXK5QaN7D+6m4GuVKtfb51cru1krzXtnpyOdW18ul2exe4enIJ+n8XKP+fP6Dtvn5iHgjIn40NdGYLyxXyiuDPvkBAAAA50Q6zp/MNevp5J9TzfE/AAAAMGSmB50AAAAA0HfG/wAAADD8/n/8P9OcJKOnnwwAAADQa1+/fj0t9dbzr1du7u1uVG5eWilVNwqbu8uF5crOdmGtUllr/Gbf5nH7K1cq21+Mrd3bxVqpWitW9/YXNyu7W7XFxnO9F0snek40AAAA0FNvvHPvT0lEHHxpolFSY9kyY3UYbrkXWz3pVx7A6RsZdALAwLjBF84v73/guIH9+CnlAQAA9M/FTz+7/j8Rh67/X3jg+j8Muxe8/g8MEdf/4fxqu/73ixNt9LTen2SAU2WMDxx3HqDr9f/f9z4XAACgPyYbJckVsjHAZORyhULEhcZjAfLJ6nq5NBsRH4+IP07lP5bOzw06aQAAAAAAAAAAAAAAAAAAAAAAAAB4xdTrSdQBAACAoRaR+2sSEUmMR0x9brL9/MBY8q+pxjQibv38xk9uL9VqO3Np+z+etdd+mrV/MIgzGAAAAEC71ji9NY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF56/OjOcqscan6333EffjkipjvFH43xxnQ88hHx2pMkRg9tl0TESA/iH9yNiDc7xU/StGI6y6I9fi4iJgYc//UexIfz7F56/LnW6f2Xi5nGtPP7bzQrL+vhTLfjX+7Z8W+ky/HvwjH7Hsumb93/TbFr/LsRb412Pv604o+95PH329/a3++2rP7LiIsdP3+S/4lVrG1uF6t7+5fWN5fWSmulrfn5uY8WLi98uDBbXF0vl7J/O8b44Wd++5+j+v9al/jTWf+T9v4nzZzq9c77fKdt/t/3bz/6ZKcVk4iH38/qHf7/3+wWP3vt380+B9LlF1v1g2b9sLd//Ye3j+r/Spf+jx8RP217r9tO27z/je/9uVnLn3ALAKCfqnv7G0vlcmnnVa+knTkDafSwMnM20hj2SmsUdVbyOSuVwR6XAACA3nv+pX/QmQAAAAAAAAAAAAAAAAAAAMD51fr7/9ZvOffj58QOxxtvVZLk1PsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU/wYAAP//VsvQDw==") r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000140), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xa0242, 0x0) linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000700)='./file7\x00', 0x400) renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', 0x2) renameat2(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) r8 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000440)="9f000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7811e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08123d00020008000140010000009bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff55e461247604821d35c86ee54bbab3eaf8956e2ca426", 0x9f}], 0x1}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) syz_emit_ethernet(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) r9 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) write$binfmt_register(r9, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 5m2.253113348s ago: executing program 2 (id=6): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x1d4) getdents64(r0, 0xfffffffffffffffe, 0x29) 5m0.702984494s ago: executing program 2 (id=12): bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = epoll_create1(0x80000) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a}) read$char_usb(r1, &(0x7f0000001980)=""/179, 0xb3) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) 5m0.278986388s ago: executing program 32 (id=12): bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = epoll_create1(0x80000) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a}) read$char_usb(r1, &(0x7f0000001980)=""/179, 0xb3) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) 3.672279482s ago: executing program 4 (id=2000): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x83}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80) 3.407026384s ago: executing program 1 (id=2001): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x18) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400}) 2.537341184s ago: executing program 4 (id=2002): r0 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4) bpf$MAP_CREATE(0x0, 0x0, 0x50) sendmsg$kcm(r0, 0x0, 0x4000) 2.521368646s ago: executing program 1 (id=2003): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000880), 0x12) write$cgroup_pid(r1, &(0x7f0000000080), 0x12) 2.309101953s ago: executing program 4 (id=2005): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000001ac0)={0x0, 0x0, 0x0}, 0x0) close(r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x5, 0x7, 0x8, 0x5, 0x80}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r2}, &(0x7f0000000600), &(0x7f00000006c0)=r3}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) sendmsg$inet(r1, &(0x7f0000000b40)={0x0, 0x0, 0x0}, 0x0) 2.248718798s ago: executing program 1 (id=2006): socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918bc4055eaaeb6db4ee9bcb25b1811dbf40b3a7da5a8a64db04ed6dd26eea2e37229c339b1f91201c2796173864", 0x3d}], 0x1}, 0x0) close(r0) 2.041178274s ago: executing program 1 (id=2008): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kfree\x00', r0}, 0x18) r1 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00') r2 = socket(0x18, 0x800, 0x0) connect$pppoe(r2, &(0x7f0000000100)={0x18, 0x0, {0x2, @multicast, 'vcan0\x00'}}, 0x1e) sendfile(r2, r1, 0x0, 0x8) 1.918748554s ago: executing program 1 (id=2009): r0 = socket$nl_generic(0x10, 0x3, 0x10) set_mempolicy(0x1, &(0x7f0000000000)=0x9, 0x2) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffffffffffff, 0x7, 0x8}, 0xc) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4f0c3000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_group_source_req(r2, 0x0, 0x2f, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108) syz_clone(0x40ac8000, 0x0, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="31832abd70000000000019000000180001801400020065727370616e3000"], 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4886) 1.736457709s ago: executing program 0 (id=2010): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000580)='kfree\x00', r1}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4) sendmsg$inet(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x2000803e) 1.633197667s ago: executing program 4 (id=2011): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000e40)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000080)='U', 0x1080}], 0x29a}, 0x0) 1.431098224s ago: executing program 0 (id=2013): r0 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4) bpf$MAP_CREATE(0x0, 0x0, 0x50) sendmsg$kcm(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x4000) 1.36094235s ago: executing program 4 (id=2014): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000001580)={0x0, 0xffffffffffffff3c, &(0x7f0000000300)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911040000000000000003c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62458c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f00000025c0)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}, {&(0x7f00000006c0)="97b13f5cf9f584c87e0e637d2ff483a311bb412cb3b03c3d9e97e435f2fceb58ff0402ed7b96244b43386c222917662028d7a01206a1990722ccef1d8f39f7c8ae242e58359217b1c6161ea741445cf16b0c48eb18a6c72174dfb7cd1bd0f409dad5a432bed4afb470da3656dd30d70769e229dc91037321d618e1eff4a176ea46d5cd4d5da97f80356e46d9e8166bf2d97210b631654ece218a2a204a1786ab5a60a881a7a294cd2f92438350e6e3ec4439ebe06133ff65b1e32b809ba0482783b563ec8e5778285da5211e5821135433053a7921319c544d5e797f"}, {&(0x7f00000007c0)="75c37714a0bada8343bceb64ccb6d95a2a37b020e0bf1f6a1de4584223a2f285aaca30a9554cd5cdc1659cb9fec462cc5c2220a7cd891ec3bad99fe3c06e15a109ec0fdb6aeeee5ef8e4bfc28e17984a3860b907d549492d47a447782b7357ea72f4b2c26512a6a33c0247b730a6182ea5a99aee25fcee07f9cb0a80595cd5f744fa6898fdffda5b34b19474b8e853467329e4aea36cfd0e00735d37beb0f895c5688259a8935194eefd3a96d55707133a08f03e14da563160a545396b93341f41c161c93687e28a"}, {&(0x7f0000000b00)="1b080b7a30aec939ce8e26e0cbbe37fc064ceef965fd5e3b6739c966492dbdf71c04423d8a403e56dfd224e4e55918a5e31e683fec5cc9460882a0d1628d02d51a8da997073f856e2cd00586c6e8c89c71cf8be6121b0b3a85d597a1afb0cc311f30cc26183c8e594ce5ff62661c9e32cbc9dd9a72985e9857f3bddb52382b6c27ca85d5774cf17b92e2d2097f12a8687e70f90d46381a47706a9124a2cf61b84f26aae22fd4da84ae35b93f7be9fdfdfbf33c59f5c657e9f7e81b81b786082f88af4de07808ff3c954bae"}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0) recvmsg$unix(r1, &(0x7f0000001140)={0x0, 0x2, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x20}, 0x40000100) 1.274097787s ago: executing program 3 (id=2016): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000080000000850000002b000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b703000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="c1dfb061cd21d3084d94d35486dd", 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) 1.268111707s ago: executing program 0 (id=2017): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102000028"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c6f203cb1276bfdbb4ddffffff7f82dc2b938189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc2880072599456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca037604007600b6be484e4c9517af216bd8ed42f7dd01008e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8a80366ce5401ec61921a1b529cc8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa228504e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e0200000057033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400001000000000ff8d81006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864010067d6bab101446ebfe3fdeed7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab53038010000004abbfc59d6d1b18fe380df4bf024f120bd755d82033f2fb7d8fc9e0de834f7646c8dd27da1297d0c77b294e097e293db7f002c0024ab2fb4d32972cba6f49051cec1ff5d16231bbb90a2d201a500000000000000007700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f8107671141ffffffe0c7d8e94a27a06a4e3d9acee835fd0571e5bbb3e6d2b5eba505000000968983811f832dc5390f83e817c602c4f1f0d0504255c22ee8674053d0e160e5255366139bbe5863e23c3dd42d21f542816edf56a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875857f083144c642f71cdc8e5634c1360c056430fe77ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b1da97c971c8c84a427edc3492b97e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c800d156b059a718f6b10274b077a710f27ab8ee953de70ea860b74a0f3c3dc11177b11cc2e62a95f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f7975fe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9e45a35adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e34e4e8e51e81d4a355a7d00d917c16a2bb0cfb2b5f59dfead7ac6e7fa84746e2e425769b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c0002ea00000000009aa38a05e70591d5cdab1c488ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8adeaad7d3328fbb6e279f745d2872f0208635e465ca443c3a64c7803760880af23fb3f430a0311fffc96dd13b951642f1433f65b4e170a62a5f7b7d0f9d5cef0d17289c43d4aee0001f7a343899434594cc23e1c864164e130754b337e560f285dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141f018af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b64630e7fa0c2261bc2d5de32ab6bbcf296d36807544aa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f297661d3f8ba21c65badf55d1859581f9e7ef3e2693b46a8fc85be061ce79a08002c04dc04de8b6536123b24be2ef80eb06b2db900fb30596c1574b2a31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b91603e250eeedc7d601000000037426f643797be3e93da96b5643d3feed0b7c885d06006b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfaee5d9c1689a3bafc0d3b51b5a3bfd6007954c36d532960964183842601e5364ecb6ad9168040388c7640bfa2f88643de7eebf4da8d1c3e76daace5217761d933d06bbe9609fcf5971aa1e77c3123910e63daaadd8878ad468eabaf78a96012a4ada1a9cd217fb2a0da2d521454ea9e8fcd3b5badfd6f00003a73345b841d04a02bf441955b932c59608a555bc44873272812e0fb874618a0b56b4cf44990f60000000000000000000000b20000da0ca6797590ed13b0bccf71a39e05e877893646d185a77882f866785af6b0149e336c31fb177e3e85f4c60cd4de4ce6ea73a95f434328620fa493937386ad2e2a0d60eb815aa05c33e02c32276dab36d14c63af66a31409ab2a403ec3c7a4e07bd745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b52703d398d52694cfbb7d2b3791b030093b321d9f16b2f06676cf94d75cbba6491ae0b5a16ce92320321314d8d2e88d1cd7e7b1216bdaecba309a38e107103e649d46958cc6ba2d660dd41b78d832beb7206ae01508377273ea96e40760410aeed1866971e04f578e9d856d01000000045aea928f5f669be0636dc3f34f90c34531735f271527412d1ae755a9243da523d713071f9370b509a34eeb46415b2f0d271a7072cbd17e293f20132e6c15756e92776c6a0d7c3a9f512ce17edf3f1ea190853bbf93e220a6ce968b79d504c057000e7d8f8249a8158e68a90bbea8bfab2bd3c067c28e185fe62ce7020f5282cf045b9c790984c6fb65fd3187bd8bfcbe663df6b7770000f58fbad41e6eee5c9595950c4172b9c925403b2f99bbf3cb1981bb0d14bded8eae35e08278020a1ec7f508628056fd3d408a02a1cf8594bcbb21a88f477673442804f714212d000045b9f563b5352fe460a30489b1b6a6d37daead86151492f7fd4b5c64007b68a1b04027eac124478a2ef7f59fe472795785de83578cb96334e0f7c1370dc397d3aa42d937b5718b7610cdcdfe104db7801ec74980b8b111a2748321f81512e4204eb2b024b9fc9e0f257f8c6037b93b2caa236d4354b32434d5a6b01e00000000ee2ea723ea2e1accb97a200609c77e0000000000000000d3a54ccd6e13a966801e9341260d6cbce5fe03999214462cbaa297448677ab659102d0f430fbeae119a7ef2e962d2829d4dd2201c4b30d491269594c88252fbd09aced90609851bd9e5c307e7e0d39e73579c1f3563eff1a6237d3699d61acdc8e36010d76093ddd237df1c4181b0a0c4543b4249e9ff2f5e8b5e0ba2048d542de40f643fda4036124b8feb2dd45d0fa52300518c8052cc09ad73f89734fce82cc627356aa2c651ed2644f34cfbc32e8b29cf29e895e43b473ddb9a43421b4b25f8bbce8e2d7cb8547d156d5972021ae4c9e30f85413276ddebde55999d2ec3c524632b74d703147ba09e0dcb26c4b89636d28428b67e955f53bfd0c9eeb7a9d17000000000096cd8ecf1c511eea07aefa1c5cae1841efa9329d80eafefe00000000000000009111274a44c722ff9f5151aa7cb99ea3e8b2c51eadbd2d0ba1a25b08cc3e67cd186c12ea62a55ff905388bb30d1a63d42593c9aea3a84f5a6fc470d8aaaafeccb373ca26c3685679e6a048af19fca3fc5315a33687"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28) 1.029170496s ago: executing program 0 (id=2018): r0 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0) r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000080)={0x0, 0xec21, 0x80, 0x1, 0x40000333}, &(0x7f0000000340)=0x0, &(0x7f00000001c0)=0x0) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xfffffffe, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}) io_uring_enter(r1, 0x847ba, 0x2000, 0xe, 0x0, 0x0) 1.013782188s ago: executing program 3 (id=2019): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kfree\x00', r0}, 0x18) r1 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00') r2 = socket(0x18, 0x800, 0x0) connect$pppoe(r2, &(0x7f0000000100)={0x18, 0x0, {0x2, @multicast, 'vcan0\x00'}}, 0x1e) sendfile(r2, r1, 0x0, 0x8) 862.4026ms ago: executing program 3 (id=2020): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d58c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb6220030100dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000066d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c9727ec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f0dafc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa1c22015e53fd8a46be933ab460d8629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8f12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d61800aaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e3c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c59869c9200a1306ffa5a71ca69e89a69fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0dc4b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec086174439af6ee6c7fdb2d19c9280fa9a02e8fa6a38acfff09050d912635fed175fd06f577d40000000000000000000000000000754bffd73c0888ba8834f20b3acea57b7817663e12c1a5503bc4c13af59bda21688d68698c53ce3aa767657774db09ece7ec888d3af290207d36fa433b35e17dc0f3dc728ea1c633a4ef9e7d9bf81b57492e0544800921d1b751c5fbc163"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x55, 0x0, 0xffffffffffffffff, 0x3}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='kmem_cache_free\x00', r2}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xfe, 0x0, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff43052f002000636777fbac141443e000000d62079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) socketpair(0x11, 0x8000a, 0x300, &(0x7f0000000000)) 821.696583ms ago: executing program 1 (id=2021): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5c, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200000000000034a, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) r5 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x11, r5, 0x0) 768.500067ms ago: executing program 0 (id=2022): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r1}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local}) close(r0) 637.085398ms ago: executing program 3 (id=2023): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000004000000410000000000000001000000", @ANYRES32=0x1, @ANYBLOB="000000000000e20200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="024000000500"], 0x48) 320.636784ms ago: executing program 0 (id=2024): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) preadv(r0, &(0x7f00000019c0)=[{&(0x7f0000000400)=""/142, 0x8c}], 0x11, 0x90000001, 0x100) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="010028bd7000070000000200000008000100", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004) 308.368185ms ago: executing program 3 (id=2025): r0 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4) bpf$MAP_CREATE(0x0, 0x0, 0x50) sendmsg$kcm(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x4000) 89.082783ms ago: executing program 3 (id=2026): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10) 0s ago: executing program 4 (id=2027): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$ITER_CREATE(0xb, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/249, 0xf9}], 0x1, 0x0, 0x0, 0x2000000}, 0x0) close(r1) sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) kernel console output (not intermixed with test programs): 22][ T28] audit: type=1326 audit(1755887004.042:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6165 comm="syz.3.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3b52590b07 code=0x7ffc0000 [ 84.769807][ T28] audit: type=1326 audit(1755887004.042:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6165 comm="syz.3.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3b52590a7c code=0x7ffc0000 [ 84.830020][ T5924] veth0_vlan: entered promiscuous mode [ 84.869559][ T28] audit: type=1326 audit(1755887004.042:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6165 comm="syz.3.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3b525909b4 code=0x7ffc0000 [ 84.904690][ T5924] veth1_vlan: entered promiscuous mode [ 84.975927][ T5924] veth0_macvtap: entered promiscuous mode [ 84.991123][ T5924] veth1_macvtap: entered promiscuous mode [ 85.051392][ T5924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.092425][ T5924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.123762][ T5924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.153770][ T5924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.193701][ T5924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.233361][ T5924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.251248][ T5924] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.305982][ T5924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.325936][ T6208] netlink: 12 bytes leftover after parsing attributes in process `syz.0.84'. [ 85.351508][ T5924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.370909][ T5924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.390803][ T5924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.401774][ T5924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.412482][ T5924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.425435][ T5924] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.448584][ T6210] netlink: 'syz.3.85': attribute type 21 has an invalid length. [ 85.576792][ T5924] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.594508][ T5924] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.603336][ T5924] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.630998][ T5924] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.705272][ T6216] netlink: 4 bytes leftover after parsing attributes in process `syz.3.87'. [ 85.743426][ T6216] netlink: 12 bytes leftover after parsing attributes in process `syz.3.87'. [ 85.860753][ T3474] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.885432][ T3474] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.984929][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.992938][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.227141][ T6227] loop0: detected capacity change from 0 to 512 [ 86.287738][ T6227] ext4: Unknown parameter 'rootcontext' [ 86.300606][ T6231] netlink: 'syz.4.14': attribute type 13 has an invalid length. [ 86.413122][ T6231] gretap0: refused to change device tx_queue_len [ 86.455029][ T6231] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 86.849427][ T6247] loop4: detected capacity change from 0 to 512 [ 86.880546][ T6250] batadv1: entered promiscuous mode [ 86.911002][ T6247] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 86.914226][ T6250] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 86.936377][ T6247] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 86.978047][ T6247] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.97: corrupted in-inode xattr: overlapping e_value [ 87.013863][ T6247] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.97: couldn't read orphan inode 15 (err -117) [ 87.113851][ T6247] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.307449][ T6269] netlink: 12 bytes leftover after parsing attributes in process `syz.4.97'. [ 87.673336][ T5924] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.182394][ T6298] __nla_validate_parse: 2 callbacks suppressed [ 88.182408][ T6298] netlink: 348 bytes leftover after parsing attributes in process `syz.4.115'. [ 88.242541][ T6298] netlink: 4 bytes leftover after parsing attributes in process `syz.4.115'. [ 89.439379][ T6317] 9pnet: p9_errstr2errno: server reported unknown error [ 90.141723][ T6355] loop0: detected capacity change from 0 to 512 [ 90.174970][ T6355] EXT4-fs (loop0): too many log groups per flexible block group [ 90.183046][ T6355] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 90.190873][ T6355] EXT4-fs (loop0): mount failed [ 90.263909][ T23] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 90.523685][ T23] usb 2-1: device descriptor read/64, error -71 [ 90.638377][ T6364] loop4: detected capacity change from 0 to 512 [ 90.647181][ T6364] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 90.666396][ T6364] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 90.693401][ T6364] EXT4-fs (loop4): 1 orphan inode deleted [ 90.743344][ T6364] EXT4-fs (loop4): 1 truncate cleaned up [ 90.752148][ T6364] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.804876][ T23] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 90.853286][ T6370] loop3: detected capacity change from 0 to 512 [ 90.870807][ T6370] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 90.897859][ T6370] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 90.918992][ T6370] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.133: corrupted in-inode xattr: overlapping e_value [ 90.945857][ T6370] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.133: couldn't read orphan inode 15 (err -117) [ 90.996557][ T6370] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.026577][ T23] usb 2-1: device descriptor read/64, error -71 [ 91.070529][ T6364] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 91.105190][ T6364] EXT4-fs (loop4): Remounting filesystem read-only [ 91.164993][ T23] usb usb2-port1: attempt power cycle [ 91.236115][ T6378] netlink: 12 bytes leftover after parsing attributes in process `syz.3.133'. [ 91.329410][ T5924] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.614923][ T23] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 91.660167][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.676085][ T23] usb 2-1: device descriptor read/8, error -71 [ 91.954013][ T23] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 92.005374][ T23] usb 2-1: device descriptor read/8, error -71 [ 92.143955][ T23] usb usb2-port1: unable to enumerate USB device [ 93.464478][ T6444] netlink: 12 bytes leftover after parsing attributes in process `syz.3.144'. [ 95.438035][ T6480] netlink: 12 bytes leftover after parsing attributes in process `syz.1.153'. [ 97.489079][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 97.489092][ T28] audit: type=1326 audit(1755887017.512:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 97.554860][ T28] audit: type=1326 audit(1755887017.512:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 97.588991][ T28] audit: type=1326 audit(1755887017.542:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 97.656601][ T28] audit: type=1326 audit(1755887017.542:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 97.688182][ T28] audit: type=1326 audit(1755887017.542:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 97.767487][ T28] audit: type=1326 audit(1755887017.542:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 97.848416][ T28] audit: type=1326 audit(1755887017.542:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 97.901719][ T28] audit: type=1326 audit(1755887017.542:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 97.918156][ T6517] loop4: detected capacity change from 0 to 1024 [ 97.997219][ T6517] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.998656][ T28] audit: type=1326 audit(1755887017.542:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 98.033036][ T28] audit: type=1326 audit(1755887017.542:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 98.048150][ T6517] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.224610][ T6517] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 98.444061][ T6528] netlink: 12 bytes leftover after parsing attributes in process `syz.1.162'. [ 98.476811][ T6526] EXT4-fs error (device loop4): ext4_map_blocks:718: inode #15: block 1: comm syz.4.159: lblock 1 mapped to illegal pblock 1 (length 15) [ 98.613606][ T6526] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117 [ 98.703072][ T6417] Set syz1 is full, maxelem 65536 reached [ 98.709298][ T6526] EXT4-fs (loop4): This should not happen!! Data will be lost [ 98.709298][ T6526] [ 98.805584][ T6532] netlink: 'syz.1.163': attribute type 13 has an invalid length. [ 98.851900][ T6532] gretap0: refused to change device tx_queue_len [ 98.875245][ T6532] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 99.023989][ T5924] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.416099][ T6548] netlink: 132 bytes leftover after parsing attributes in process `syz.0.168'. [ 99.754375][ T6560] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 99.763905][ T6560] netlink: 28 bytes leftover after parsing attributes in process `+}[@'. [ 99.772662][ T6560] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 99.787048][ T6560] netlink: 28 bytes leftover after parsing attributes in process `+}[@'. [ 99.796556][ T6560] netlink: '+}[@': attribute type 6 has an invalid length. [ 99.965260][ T6561] loop3: detected capacity change from 0 to 512 [ 99.981902][ T6561] EXT4-fs: Ignoring removed oldalloc option [ 99.992763][ T6561] EXT4-fs: inline encryption not supported [ 100.015562][ T6561] EXT4-fs: Ignoring removed mblk_io_submit option [ 100.124979][ T6561] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 100.821815][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 100.924305][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c0!!! [ 101.206705][ T6561] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.171: bg 0: block 64: padding at end of block bitmap is not set [ 101.237158][ T6561] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.171: Failed to acquire dquot type 0 [ 101.303753][ T6561] EXT4-fs (loop3): 1 truncate cleaned up [ 101.333934][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 101.335134][ T6561] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.473434][ T6581] netlink: 4 bytes leftover after parsing attributes in process `syz.4.177'. [ 102.268725][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.990330][ T23] kernel write not supported for file bpf-prog (pid: 23 comm: kworker/1:0) [ 103.868449][ T1318] Bluetooth: hci4: Frame reassembly failed (-84) [ 104.734152][ T6672] loop3: detected capacity change from 0 to 512 [ 104.753956][ T6672] EXT4-fs: Ignoring removed nobh option [ 104.794212][ T6672] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.978295][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.394743][ T6703] 9pnet_fd: Insufficient options for proto=fd [ 105.590515][ T6709] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 105.609180][ T6709] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 105.636433][ T5790] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 105.708555][ T6712] loop4: detected capacity change from 0 to 1024 [ 105.716205][ T6712] EXT4-fs: Ignoring removed bh option [ 105.721653][ T6712] EXT4-fs: inline encryption not supported [ 105.833097][ T6712] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 105.912498][ T6712] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 106.054654][ T6712] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 2: comm syz.4.214: lblock 2 mapped to illegal pblock 2 (length 1) [ 106.110154][ T6712] __quota_error: 90 callbacks suppressed [ 106.110172][ T6712] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 106.125722][ T6712] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 48: comm syz.4.214: lblock 0 mapped to illegal pblock 48 (length 1) [ 106.150987][ T6712] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 106.198968][ T6712] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.214: Failed to acquire dquot type 0 [ 106.222600][ T6712] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 106.263053][ T6733] netlink: 12 bytes leftover after parsing attributes in process `syz.3.218'. [ 106.270859][ T6712] EXT4-fs error (device loop4): ext4_evict_inode:252: inode #11: comm syz.4.214: mark_inode_dirty error [ 106.285084][ T6733] netlink: 28 bytes leftover after parsing attributes in process `syz.3.218'. [ 106.301363][ T6712] EXT4-fs warning (device loop4): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 106.311475][ T6733] netlink: 12 bytes leftover after parsing attributes in process `syz.3.218'. [ 106.313468][ T6712] EXT4-fs (loop4): 1 orphan inode deleted [ 106.328525][ T12] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:1: lblock 1 mapped to illegal pblock 1 (length 1) [ 106.362559][ T6712] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.383316][ T12] Quota error (device loop4): remove_tree: Can't read quota data block 1 [ 106.392589][ T12] EXT4-fs error (device loop4): ext4_release_dquot:6974: comm kworker/u4:1: Failed to release dquot type 0 [ 106.432030][ T6709] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #2: block 16: comm syz.4.214: lblock 0 mapped to illegal pblock 16 (length 1) [ 106.471268][ T6709] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 106.505834][ T6709] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 106.595022][ T6709] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 106.604669][ T6709] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 106.872604][ T5924] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.895099][ T5924] EXT4-fs error (device loop4): __ext4_get_inode_loc:4483: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 106.973679][ T5924] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 107.015255][ T5924] EXT4-fs error (device loop4): ext4_quota_off:7222: inode #3: comm syz-executor: mark_inode_dirty error [ 108.355932][ T6776] netlink: 12 bytes leftover after parsing attributes in process `syz.3.227'. [ 108.373826][ T6776] netlink: 28 bytes leftover after parsing attributes in process `syz.3.227'. [ 108.404577][ T6776] netlink: 12 bytes leftover after parsing attributes in process `syz.3.227'. [ 111.643976][ T6874] netlink: 12 bytes leftover after parsing attributes in process `syz.4.247'. [ 111.658199][ T6874] netlink: 28 bytes leftover after parsing attributes in process `syz.4.247'. [ 111.683696][ T6874] netlink: 12 bytes leftover after parsing attributes in process `syz.4.247'. [ 111.976484][ T6886] Zero length message leads to an empty skb [ 112.737292][ T6911] loop3: detected capacity change from 0 to 4096 [ 112.797734][ T6911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.895200][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.501331][ T6939] pim6reg1: entered promiscuous mode [ 114.501516][ T6939] pim6reg1: entered allmulticast mode [ 114.830506][ T28] audit: type=1326 audit(1755887034.842:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6944 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 114.856723][ T28] audit: type=1326 audit(1755887034.842:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6944 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 114.880751][ T28] audit: type=1326 audit(1755887034.842:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6944 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 114.945733][ T28] audit: type=1326 audit(1755887034.842:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6944 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 114.979185][ T28] audit: type=1326 audit(1755887034.842:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6944 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 115.004135][ T28] audit: type=1326 audit(1755887034.842:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6944 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 115.142215][ T28] audit: type=1326 audit(1755887034.842:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6944 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f504958ec23 code=0x7ffc0000 [ 115.165704][ T28] audit: type=1326 audit(1755887034.842:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6944 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f504958d69f code=0x7ffc0000 [ 115.221450][ T28] audit: type=1326 audit(1755887034.842:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6944 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f504958ec77 code=0x7ffc0000 [ 115.307165][ T28] audit: type=1326 audit(1755887034.852:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6944 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f504958d550 code=0x7ffc0000 [ 116.497787][ T6978] loop4: detected capacity change from 0 to 512 [ 116.563812][ T6978] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.577395][ T6978] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 116.798920][ T5924] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.807077][ T6993] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 116.807077][ T6993] program syz.1.283 not setting count and/or reply_len properly [ 116.857609][ T6993] netlink: 'syz.1.283': attribute type 10 has an invalid length. [ 116.923700][ T6993] team0: Port device dummy0 added [ 117.146296][ T7000] loop4: detected capacity change from 0 to 2048 [ 117.189403][ T7000] EXT4-fs (loop4): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.261697][ T7000] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.287: bg 0: block 120: padding at end of block bitmap is not set [ 117.378426][ T7009] syz.4.287[7009] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 117.378550][ T7009] syz.4.287[7009] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 117.398345][ T7012] wireguard0: entered promiscuous mode [ 117.418161][ T7012] wireguard0: entered allmulticast mode [ 117.899564][ T7022] loop3: detected capacity change from 0 to 256 [ 117.926429][ T7022] FAT-fs (loop3): Unrecognized mount option "/dev/ptmx" or missing value [ 118.314031][ T5924] EXT4-fs (loop4): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 119.784737][ T42] Bluetooth: hci4: Frame reassembly failed (-84) [ 119.882464][ T42] Bluetooth: hci4: Frame reassembly failed (-84) [ 120.126353][ T5874] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 120.244580][ T7062] IPv6: Can't replace route, no match found [ 120.283780][ T5874] usb 4-1: device descriptor read/64, error -71 [ 120.315162][ T7064] netlink: 16 bytes leftover after parsing attributes in process `syz.1.309'. [ 120.556159][ T5874] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 121.290106][ T7080] netlink: 12 bytes leftover after parsing attributes in process `syz.1.313'. [ 121.305893][ T7080] netlink: 28 bytes leftover after parsing attributes in process `syz.1.313'. [ 121.316244][ T7080] netlink: 12 bytes leftover after parsing attributes in process `syz.1.313'. [ 121.388066][ T5874] usb 4-1: device descriptor read/64, error -71 [ 121.522319][ T5874] usb usb4-port1: attempt power cycle [ 121.793890][ T5798] Bluetooth: hci4: command 0x1003 tx timeout [ 121.801611][ T5790] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 124.130767][ T1318] Bluetooth: hci4: Frame reassembly failed (-84) [ 124.942295][ T7140] syzkaller0: entered promiscuous mode [ 124.950191][ T7140] syzkaller0: entered allmulticast mode [ 126.033932][ T5790] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 126.040446][ T5798] Bluetooth: hci4: command 0x1003 tx timeout [ 127.528081][ T28] kauditd_printk_skb: 61 callbacks suppressed [ 127.528096][ T28] audit: type=1326 audit(1755887047.552:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7179 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 127.584503][ T28] audit: type=1326 audit(1755887047.552:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7179 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 127.607425][ T28] audit: type=1326 audit(1755887047.552:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7179 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 127.637547][ T28] audit: type=1326 audit(1755887047.552:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7179 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 127.646387][ T7182] loop7: detected capacity change from 0 to 7 [ 127.711209][ T48] loop: Write error at byte offset 4, length 3584. [ 127.731955][ C1] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 127.741849][ C1] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 129.847610][ T7222] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in; [ 129.847610][ T7222] program syz.0.360 not setting count and/or reply_len properly [ 131.543288][ T7250] syz.3.372[7250] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 131.543415][ T7250] syz.3.372[7250] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 131.675320][ T7252] netlink: 'syz.4.373': attribute type 13 has an invalid length. [ 131.714921][ T7252] netlink: 28 bytes leftover after parsing attributes in process `syz.4.373'. [ 131.811362][ T7260] netlink: 104 bytes leftover after parsing attributes in process `syz.4.377'. [ 132.425378][ T7284] netlink: 'syz.3.387': attribute type 13 has an invalid length. [ 132.433307][ T7284] netlink: 28 bytes leftover after parsing attributes in process `syz.3.387'. [ 132.605660][ T7290] netlink: 4 bytes leftover after parsing attributes in process `syz.4.388'. [ 133.043314][ T7305] syz.4.398[7305] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.043441][ T7305] syz.4.398[7305] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.159060][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.177673][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.242937][ T7311] netlink: 'syz.0.399': attribute type 13 has an invalid length. [ 133.266016][ T7311] netlink: 28 bytes leftover after parsing attributes in process `syz.0.399'. [ 133.577421][ T7316] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 133.577421][ T7316] program syz.3.402 not setting count and/or reply_len properly [ 133.614639][ T7321] usb usb3: usbfs: process 7321 (syz.1.405) did not claim interface 0 before use [ 133.783908][ T7327] netlink: 'syz.3.402': attribute type 10 has an invalid length. [ 133.842867][ T7327] team0: Port device dummy0 added [ 133.958889][ T28] audit: type=1326 audit(1755887053.982:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 134.023746][ T28] audit: type=1326 audit(1755887053.982:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 134.078004][ T28] audit: type=1326 audit(1755887053.982:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 134.125456][ T28] audit: type=1326 audit(1755887053.982:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 134.181528][ T28] audit: type=1326 audit(1755887053.982:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 134.557268][ T7344] can0: slcan on ttyS3. [ 134.889940][ T7355] usb usb3: usbfs: process 7355 (syz.0.415) did not claim interface 0 before use [ 134.905846][ T7326] can0 (unregistered): slcan off ttyS3. [ 135.477940][ T7377] hub 9-0:1.0: USB hub found [ 135.494680][ T7377] hub 9-0:1.0: 1 port detected [ 136.021075][ T7389] usb usb3: usbfs: process 7389 (syz.4.426) did not claim interface 0 before use [ 139.821576][ T7516] syz_tun: entered allmulticast mode [ 140.346569][ T7528] netlink: 12 bytes leftover after parsing attributes in process `syz.1.471'. [ 141.004852][ T7554] netlink: 348 bytes leftover after parsing attributes in process `syz.1.481'. [ 141.346195][ T7568] netlink: 12 bytes leftover after parsing attributes in process `syz.0.490'. [ 142.860944][ T28] audit: type=1326 audit(1755887062.882:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 142.904235][ T28] audit: type=1326 audit(1755887062.882:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 142.927625][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 142.966165][ T28] audit: type=1326 audit(1755887062.882:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 142.998089][ T28] audit: type=1326 audit(1755887062.882:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 143.010457][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 143.026860][ T28] audit: type=1326 audit(1755887062.882:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 143.055905][ T28] audit: type=1326 audit(1755887062.882:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 143.084823][ T28] audit: type=1326 audit(1755887062.882:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 143.108209][ T28] audit: type=1326 audit(1755887062.882:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 143.135160][ T28] audit: type=1326 audit(1755887062.882:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f504958ec23 code=0x7ffc0000 [ 143.161712][ T28] audit: type=1326 audit(1755887062.882:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7595 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f504958d69f code=0x7ffc0000 [ 144.810467][ T7622] loop0: detected capacity change from 0 to 512 [ 144.890481][ T7622] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 144.933643][ T7622] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 145.283186][ T7622] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2244: inode #15: comm syz.0.509: corrupted in-inode xattr: overlapping e_value [ 145.575957][ T7622] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.509: couldn't read orphan inode 15 (err -117) [ 145.635590][ T7622] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 145.790339][ T7632] netlink: 12 bytes leftover after parsing attributes in process `syz.0.509'. [ 146.000105][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.444218][ T7648] loop0: detected capacity change from 0 to 2048 [ 148.335837][ T7648] loop0: p1 < > p3 p4 < > [ 148.358594][ T7648] loop0: p3 start 4284289 is beyond EOD, truncated [ 148.664294][ T7661] netlink: 12 bytes leftover after parsing attributes in process `syz.3.525'. [ 148.891790][ T7671] syzkaller0: entered promiscuous mode [ 148.897485][ T7671] syzkaller0: entered allmulticast mode [ 151.814465][ T7693] netlink: 12 bytes leftover after parsing attributes in process `syz.3.538'. [ 152.954139][ T7701] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 152.976268][ T7701] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 153.030338][ T7701] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 153.061634][ T7701] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 153.077687][ T7701] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 153.099351][ T7701] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 153.122886][ T7701] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 153.130750][ T7701] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 153.146432][ T7701] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 153.158041][ T7701] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 153.184258][ T7701] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 153.195776][ T7701] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 153.203360][ T7703] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 153.422136][ T28] kauditd_printk_skb: 11 callbacks suppressed [ 153.422153][ T28] audit: type=1326 audit(1755887073.412:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7734 comm="syz.0.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 153.514007][ T28] audit: type=1326 audit(1755887073.412:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7734 comm="syz.0.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 153.561722][ T28] audit: type=1326 audit(1755887073.412:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7734 comm="syz.0.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 153.620071][ T7743] syz.0.560[7743] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 153.620219][ T7743] syz.0.560[7743] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 153.634345][ T28] audit: type=1326 audit(1755887073.412:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7734 comm="syz.0.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 153.675279][ T7747] netlink: 12 bytes leftover after parsing attributes in process `syz.0.560'. [ 153.685009][ T7747] netlink: 4 bytes leftover after parsing attributes in process `syz.0.560'. [ 153.700608][ T7747] bridge0: port 3(macsec1) entered blocking state [ 153.708306][ T28] audit: type=1326 audit(1755887073.412:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7734 comm="syz.0.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 153.731866][ T7747] bridge0: port 3(macsec1) entered disabled state [ 153.742293][ T7747] macsec1: entered allmulticast mode [ 153.760991][ T7747] macsec1: left allmulticast mode [ 153.850727][ T7748] syzkaller0: entered promiscuous mode [ 153.862774][ T7748] syzkaller0: entered allmulticast mode [ 154.043930][ T5798] Bluetooth: hci1: command 0x0c1a tx timeout [ 155.094069][ T5798] Bluetooth: hci2: command 0x0c1a tx timeout [ 155.167736][ T5798] Bluetooth: hci0: command 0x0c1a tx timeout [ 155.243821][ T5798] Bluetooth: hci3: command 0x0c1a tx timeout [ 156.113921][ T5798] Bluetooth: hci1: command 0x0c1a tx timeout [ 157.156808][ T5798] Bluetooth: hci2: command 0x0c1a tx timeout [ 157.247879][ T5798] Bluetooth: hci0: command 0x0c1a tx timeout [ 157.314994][ T5798] Bluetooth: hci3: command 0x0c1a tx timeout [ 157.556533][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805cc66800: rx timeout, send abort [ 157.566840][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805cd9b400: rx timeout, send abort [ 157.575507][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805cc66800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 157.590472][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805cd9b400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 157.623692][ T7772] netlink: 4 bytes leftover after parsing attributes in process `syz.3.569'. [ 157.702880][ T7775] netlink: 12 bytes leftover after parsing attributes in process `syz.1.570'. [ 158.203626][ T5798] Bluetooth: hci1: command 0x0c1a tx timeout [ 159.233857][ T5798] Bluetooth: hci2: command 0x0c1a tx timeout [ 159.274070][ T7805] syzkaller0: entered promiscuous mode [ 159.283093][ T7805] syzkaller0: entered allmulticast mode [ 159.314399][ T5798] Bluetooth: hci0: command 0x0c1a tx timeout [ 159.394484][ T5798] Bluetooth: hci3: command 0x0c1a tx timeout [ 163.946859][ T7860] netlink: 68 bytes leftover after parsing attributes in process `syz.3.598'. [ 163.962537][ T7864] netlink: 'syz.1.600': attribute type 10 has an invalid length. [ 165.073671][ T7880] syzkaller0: entered promiscuous mode [ 165.079207][ T7880] syzkaller0: entered allmulticast mode [ 169.799447][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 169.807565][ T5790] Bluetooth: hci4: command 0x1003 tx timeout [ 170.127829][ T1077] tipc: Subscription rejected, illegal request [ 170.183988][ T7919] netlink: 12 bytes leftover after parsing attributes in process `syz.0.616'. [ 170.436390][ T28] audit: type=1326 audit(1755887090.462:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.4.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 170.461217][ T28] audit: type=1326 audit(1755887090.462:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.4.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 170.748068][ T28] audit: type=1326 audit(1755887090.462:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.4.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 171.077251][ T28] audit: type=1326 audit(1755887090.462:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.4.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 171.600986][ T7942] syzkaller0: entered promiscuous mode [ 171.610051][ T7942] syzkaller0: entered allmulticast mode [ 173.386210][ T7979] netlink: 24 bytes leftover after parsing attributes in process `syz.4.641'. [ 174.141455][ T7989] netlink: 12 bytes leftover after parsing attributes in process `syz.4.645'. [ 175.869682][ T28] audit: type=1326 audit(1755887095.892:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.3.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 175.922049][ T28] audit: type=1326 audit(1755887095.912:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.3.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 175.949829][ T28] audit: type=1326 audit(1755887095.922:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.3.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 176.017591][ T28] audit: type=1326 audit(1755887095.922:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.3.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 176.049744][ T28] audit: type=1326 audit(1755887095.922:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.3.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 179.543916][ T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 179.702180][ T8095] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.710684][ T8095] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.746574][ T9] usb 2-1: config index 0 descriptor too short (expected 9, got 0) [ 179.757394][ T9] usb 2-1: can't read configurations, error -22 [ 179.913655][ T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 180.044517][ T8095] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 180.081413][ T8095] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 180.106998][ T9] usb 2-1: config index 0 descriptor too short (expected 9, got 0) [ 180.116923][ T9] usb 2-1: can't read configurations, error -22 [ 180.126495][ T9] usb usb2-port1: attempt power cycle [ 180.396667][ T8095] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.405634][ T8095] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.415492][ T8095] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.424427][ T8095] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.540983][ T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 180.603918][ T9] usb 2-1: config index 0 descriptor too short (expected 9, got 0) [ 180.615328][ T9] usb 2-1: can't read configurations, error -22 [ 180.775046][ T9] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 180.830662][ T9] usb 2-1: config index 0 descriptor too short (expected 9, got 0) [ 181.412621][ T9] usb 2-1: can't read configurations, error -22 [ 181.421148][ T9] usb usb2-port1: unable to enumerate USB device [ 181.610823][ T8119] syz.3.696 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 181.671718][ T8123] netlink: 36 bytes leftover after parsing attributes in process `syz.3.698'. [ 181.714116][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 181.939430][ T28] audit: type=1326 audit(1755887101.962:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8130 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 181.940113][ T28] audit: type=1326 audit(1755887101.962:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8130 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 181.940958][ T28] audit: type=1326 audit(1755887101.962:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8130 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 181.941327][ T28] audit: type=1326 audit(1755887101.962:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8130 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 182.033090][ T28] audit: type=1326 audit(1755887102.002:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8130 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 182.033132][ T28] audit: type=1326 audit(1755887102.052:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8130 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 182.033167][ T28] audit: type=1326 audit(1755887102.052:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8130 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 182.062927][ T28] audit: type=1326 audit(1755887102.082:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8130 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 182.126517][ T8131] netlink: 8 bytes leftover after parsing attributes in process `syz.4.702'. [ 182.131031][ T28] audit: type=1326 audit(1755887102.082:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8130 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 182.177417][ T28] audit: type=1326 audit(1755887102.082:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8130 comm="syz.4.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 182.283863][ T8131] syz.4.702 (8131) used greatest stack depth: 17960 bytes left [ 184.043779][ T8173] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0 [ 184.180011][ T8166] IPv4: Oversized IP packet from 127.202.26.0 [ 184.942092][ T5790] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 186.766735][ T3474] Bluetooth: hci4: Frame reassembly failed (-84) [ 186.940897][ T8211] netlink: 12 bytes leftover after parsing attributes in process `syz.0.731'. [ 188.753782][ T5102] Bluetooth: hci4: command 0x1003 tx timeout [ 188.754376][ T5790] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 189.393725][ T5790] Bluetooth: hci5: command 0x1003 tx timeout [ 189.402670][ T5798] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 189.520094][ T8239] netlink: 12 bytes leftover after parsing attributes in process `syz.1.741'. [ 189.690062][ T8246] random: crng reseeded on system resumption [ 190.608459][ T3474] Bluetooth: hci4: Frame reassembly failed (-84) [ 190.634772][ T3474] Bluetooth: hci4: Frame reassembly failed (-84) [ 191.320813][ T8263] syz.4.751 uses obsolete (PF_INET,SOCK_PACKET) [ 191.798931][ T1117] Bluetooth: hci5: Frame reassembly failed (-84) [ 192.674483][ T5795] Bluetooth: hci4: command 0x1003 tx timeout [ 192.681906][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 193.789868][ T8284] 9pnet: Could not find request transport: r [ 193.829746][ T5790] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 194.064050][ T8295] netlink: 12 bytes leftover after parsing attributes in process `syz.4.763'. [ 194.229964][ T8298] netlink: 16 bytes leftover after parsing attributes in process `syz.3.766'. [ 194.659560][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.678202][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.066896][ T8306] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 195.066896][ T8306] program syz.3.769 not setting count and/or reply_len properly [ 195.125908][ T8306] netlink: 'syz.3.769': attribute type 10 has an invalid length. [ 195.233296][ T8312] netlink: 48 bytes leftover after parsing attributes in process `syz.0.772'. [ 196.120608][ T8335] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 196.120608][ T8335] program syz.3.782 not setting count and/or reply_len properly [ 196.186251][ T8335] netlink: 'syz.3.782': attribute type 10 has an invalid length. [ 196.385750][ T8339] netlink: 48 bytes leftover after parsing attributes in process `syz.3.784'. [ 196.674903][ T8347] netlink: 39568 bytes leftover after parsing attributes in process `syz.0.787'. [ 196.704652][ T8347] netlink: 12 bytes leftover after parsing attributes in process `syz.0.787'. [ 196.835307][ T28] kauditd_printk_skb: 76 callbacks suppressed [ 196.835321][ T28] audit: type=1326 audit(1755887116.862:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8350 comm="syz.4.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 196.914421][ T28] audit: type=1326 audit(1755887116.892:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8350 comm="syz.4.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 196.974354][ T28] audit: type=1326 audit(1755887116.892:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8350 comm="syz.4.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 197.025070][ T28] audit: type=1326 audit(1755887116.892:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8350 comm="syz.4.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 197.056698][ T8356] netlink: 12 bytes leftover after parsing attributes in process `syz.4.792'. [ 197.110546][ T28] audit: type=1326 audit(1755887116.892:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8350 comm="syz.4.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 197.190679][ T28] audit: type=1326 audit(1755887117.092:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8353 comm="syz.0.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 197.237353][ T28] audit: type=1326 audit(1755887117.092:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8353 comm="syz.0.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 197.283196][ T28] audit: type=1326 audit(1755887117.092:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8353 comm="syz.0.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 197.320210][ T28] audit: type=1326 audit(1755887117.092:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8353 comm="syz.0.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 197.378056][ T28] audit: type=1326 audit(1755887117.092:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8353 comm="syz.0.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 198.140347][ T8365] syzkaller0: entered promiscuous mode [ 198.149602][ T8365] syzkaller0: entered allmulticast mode [ 198.382268][ T8257] Set syz1 is full, maxelem 65536 reached [ 200.182273][ T8377] netlink: 12 bytes leftover after parsing attributes in process `syz.4.801'. [ 200.204661][ T8382] smc: net device bond0 applied user defined pnetid SYZ0 [ 200.211998][ T8383] smc: net device bond0 erased user defined pnetid SYZ0 [ 200.389289][ T8391] netlink: 48 bytes leftover after parsing attributes in process `syz.0.806'. [ 200.541354][ T3474] Bluetooth: hci4: Frame reassembly failed (-84) [ 202.296816][ T28] kauditd_printk_skb: 37 callbacks suppressed [ 202.296830][ T28] audit: type=1326 audit(1755887122.322:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 202.362114][ T28] audit: type=1326 audit(1755887122.352:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 202.421691][ T28] audit: type=1326 audit(1755887122.352:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 202.565008][ T28] audit: type=1326 audit(1755887122.352:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 202.613675][ T5795] Bluetooth: hci4: command 0x1003 tx timeout [ 202.621589][ T5790] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 202.935512][ T12] Bluetooth: hci5: Frame reassembly failed (-84) [ 203.065365][ T28] audit: type=1326 audit(1755887122.352:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 203.105867][ T28] audit: type=1326 audit(1755887122.352:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 203.138961][ T28] audit: type=1326 audit(1755887122.362:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 203.276974][ T28] audit: type=1326 audit(1755887122.362:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 204.709139][ T5798] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 205.588243][ T8463] netlink: 'syz.3.834': attribute type 10 has an invalid length. [ 205.727917][ T8463] team0: Port device dummy0 removed [ 205.740539][ T8463] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 208.002890][ T8493] netlink: 4 bytes leftover after parsing attributes in process `syz.0.844'. [ 208.425751][ T8501] netlink: 32 bytes leftover after parsing attributes in process `syz.3.848'. [ 208.753788][ T5798] Bluetooth: hci4: command 0x1003 tx timeout [ 208.763753][ T5790] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 209.986849][ T8522] netlink: 4 bytes leftover after parsing attributes in process `syz.0.855'. [ 210.173749][ T28] audit: type=1326 audit(1755887130.192:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8529 comm="syz.3.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 210.200802][ T28] audit: type=1326 audit(1755887130.192:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8529 comm="syz.3.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 210.223949][ T28] audit: type=1326 audit(1755887130.192:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8529 comm="syz.3.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 210.251914][ T28] audit: type=1326 audit(1755887130.212:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8529 comm="syz.3.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 210.302895][ T28] audit: type=1326 audit(1755887130.212:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8529 comm="syz.3.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b5258d550 code=0x7ffc0000 [ 210.349381][ T28] audit: type=1326 audit(1755887130.212:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8529 comm="syz.3.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 210.386090][ T28] audit: type=1326 audit(1755887130.212:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8529 comm="syz.3.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 210.409169][ T28] audit: type=1326 audit(1755887130.212:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8529 comm="syz.3.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 210.431775][ T28] audit: type=1326 audit(1755887130.212:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8529 comm="syz.3.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 210.600615][ T28] audit: type=1326 audit(1755887130.212:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8529 comm="syz.3.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 211.194745][ T8541] netlink: 20 bytes leftover after parsing attributes in process `syz.0.862'. [ 211.240002][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 211.528919][ T8552] netlink: 4 bytes leftover after parsing attributes in process `syz.0.867'. [ 213.319330][ T5798] Bluetooth: hci4: command 0x1003 tx timeout [ 213.329343][ T5790] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 215.324827][ T1318] Bluetooth: hci4: Frame reassembly failed (-84) [ 217.021260][ T8623] sd 0:0:1:0: device reset [ 217.316889][ T5790] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 217.603174][ T28] kauditd_printk_skb: 41 callbacks suppressed [ 217.603189][ T28] audit: type=1326 audit(1755887137.622:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8632 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 217.683875][ T1318] Bluetooth: hci4: Frame reassembly failed (-84) [ 217.691932][ T28] audit: type=1326 audit(1755887137.622:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8632 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 217.749277][ T28] audit: type=1326 audit(1755887137.622:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8632 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 217.913147][ T28] audit: type=1326 audit(1755887137.622:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8632 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 217.957199][ T28] audit: type=1326 audit(1755887137.622:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8632 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 217.980542][ T28] audit: type=1326 audit(1755887137.622:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8632 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 219.713786][ T5798] Bluetooth: hci4: command 0x1003 tx timeout [ 219.721410][ T5790] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 220.078491][ T8650] netlink: 4 bytes leftover after parsing attributes in process `syz.1.904'. [ 220.201130][ T8650] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 220.404983][ T8650] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 220.435289][ T8650] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 220.467556][ T8650] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 220.652779][ T28] audit: type=1326 audit(1755887140.672:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8655 comm="syz.0.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 220.719352][ T28] audit: type=1326 audit(1755887140.672:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8655 comm="syz.0.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 220.786905][ T28] audit: type=1326 audit(1755887140.702:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8655 comm="syz.0.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 220.863836][ T28] audit: type=1326 audit(1755887140.702:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8655 comm="syz.0.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 221.137909][ T8662] mmap: syz.0.905 (8662) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 221.164079][ T8663] netlink: 8 bytes leftover after parsing attributes in process `syz.3.908'. [ 221.606086][ T8656] netlink: 4 bytes leftover after parsing attributes in process `syz.0.905'. [ 221.796205][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 223.563427][ T8608] Set syz1 is full, maxelem 65536 reached [ 223.796892][ T5790] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 226.274392][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 226.281057][ T5790] Bluetooth: hci4: command 0x1003 tx timeout [ 227.467836][ T8757] hub 9-0:1.0: USB hub found [ 227.472948][ T8757] hub 9-0:1.0: 1 port detected [ 227.524574][ T8759] netlink: 204 bytes leftover after parsing attributes in process `syz.4.942'. [ 228.058877][ T28] kauditd_printk_skb: 37 callbacks suppressed [ 228.058891][ T28] audit: type=1326 audit(1755887148.082:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8788 comm="syz.1.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 228.133675][ T28] audit: type=1326 audit(1755887148.112:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8788 comm="syz.1.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 228.184850][ T28] audit: type=1326 audit(1755887148.112:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8788 comm="syz.1.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 228.238862][ T28] audit: type=1326 audit(1755887148.122:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8788 comm="syz.1.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 228.288631][ T28] audit: type=1326 audit(1755887148.122:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8788 comm="syz.1.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 228.312940][ T28] audit: type=1326 audit(1755887148.122:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8788 comm="syz.1.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 228.356813][ T28] audit: type=1326 audit(1755887148.122:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8788 comm="syz.1.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 228.422609][ T28] audit: type=1326 audit(1755887148.122:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8788 comm="syz.1.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 228.456397][ T1077] Bluetooth: hci4: Frame reassembly failed (-84) [ 229.635200][ T8818] ªªªªªª: renamed from wg2 [ 230.174112][ T8837] smc: net device bond0 applied user defined pnetid SYZ0 [ 230.182908][ T8837] smc: net device bond0 erased user defined pnetid SYZ0 [ 230.513804][ T5790] Bluetooth: hci4: command 0x1003 tx timeout [ 230.516081][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 231.445488][ T8867] netlink: 4 bytes leftover after parsing attributes in process `syz.3.984'. [ 232.017810][ T8894] 9pnet_fd: Insufficient options for proto=fd [ 233.047222][ T8910] netlink: 4 bytes leftover after parsing attributes in process `syz.3.997'. [ 233.550981][ T8920] syz_tun: entered allmulticast mode [ 235.155831][ T28] audit: type=1326 audit(1755887155.182:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8972 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 235.179847][ T28] audit: type=1326 audit(1755887155.182:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8972 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 235.203316][ T28] audit: type=1326 audit(1755887155.182:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8972 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 235.226757][ T28] audit: type=1326 audit(1755887155.182:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8972 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 235.249558][ T5790] Bluetooth: hci4: command 0x1003 tx timeout [ 235.263726][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 235.292135][ T28] audit: type=1326 audit(1755887155.182:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8972 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 235.365461][ T28] audit: type=1326 audit(1755887155.182:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8972 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 235.416979][ T28] audit: type=1326 audit(1755887155.182:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8972 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 235.559599][ T8979] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 235.559599][ T8979] program syz.3.1023 not setting count and/or reply_len properly [ 235.608607][ T8979] netlink: 'syz.3.1023': attribute type 10 has an invalid length. [ 235.633053][ T8979] bond0: (slave dummy0): Releasing backup interface [ 235.651859][ T8979] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 235.668423][ T8979] team0: Failed to send options change via netlink (err -105) [ 235.676934][ T8979] team0: Port device dummy0 added [ 236.463752][ T9010] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 236.463752][ T9010] program syz.1.1034 not setting count and/or reply_len properly [ 236.537427][ T9010] netlink: 'syz.1.1034': attribute type 10 has an invalid length. [ 236.834201][ T9023] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1039'. [ 236.844335][ T9023] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1039'. [ 237.643973][ T9034] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1042'. [ 237.699070][ T9036] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 237.818744][ T9038] syzkaller0: entered promiscuous mode [ 237.837765][ T9038] syzkaller0: entered allmulticast mode [ 237.848809][ T9043] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 237.848809][ T9043] program syz.1.1046 not setting count and/or reply_len properly [ 238.071331][ T28] audit: type=1326 audit(1755887158.092:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9047 comm="syz.3.1048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 238.141560][ T28] audit: type=1326 audit(1755887158.092:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9047 comm="syz.3.1048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 238.193735][ T7892] Bluetooth: hci4: Frame reassembly failed (-84) [ 238.213159][ T28] audit: type=1326 audit(1755887158.092:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9047 comm="syz.3.1048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 240.194414][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 240.201712][ T5790] Bluetooth: hci4: command 0x1003 tx timeout [ 240.560683][ T9066] netlink: 'syz.4.1053': attribute type 11 has an invalid length. [ 240.997381][ T9043] netlink: 'syz.1.1046': attribute type 10 has an invalid length. [ 241.110164][ T9076] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1056'. [ 241.130517][ T9076] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1056'. [ 241.151552][ T9076] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1056'. [ 241.665683][ T9090] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1059'. [ 241.863833][ T9098] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 241.863833][ T9098] program syz.3.1064 not setting count and/or reply_len properly [ 241.891738][ T9098] netlink: 'syz.3.1064': attribute type 10 has an invalid length. [ 242.071408][ T9102] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1066'. [ 242.084750][ T9102] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1066'. [ 242.096428][ T9102] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1066'. [ 242.551838][ T9125] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 242.551838][ T9125] program syz.1.1074 not setting count and/or reply_len properly [ 242.654611][ T9125] netlink: 'syz.1.1074': attribute type 10 has an invalid length. [ 243.879758][ T5837] IPVS: starting estimator thread 0... [ 243.983919][ T9150] IPVS: using max 19 ests per chain, 45600 per kthread [ 244.165021][ T9161] 9pnet: Could not find request transport: 0xffffffffffffffff [ 244.246259][ T9173] syz.1.1091[9173] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 244.246383][ T9173] syz.1.1091[9173] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 244.433092][ T9179] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1094'. [ 244.603813][ T9179] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1094'. [ 244.616079][ T9185] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1097'. [ 246.164879][ T9236] macvtap1: entered allmulticast mode [ 246.170417][ T9236] veth0_macvtap: entered allmulticast mode [ 246.625905][ T9256] __nla_validate_parse: 5 callbacks suppressed [ 246.625920][ T9256] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1121'. [ 246.664577][ T9256] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1121'. [ 246.683805][ T9256] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1121'. [ 246.877734][ T9270] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1128'. [ 247.060355][ T9279] $Hÿ: renamed from bond0 (while UP) [ 247.096915][ T9279] $Hÿ: entered promiscuous mode [ 247.128325][ T9279] bond_slave_0: entered promiscuous mode [ 247.152657][ T9279] bond_slave_1: entered promiscuous mode [ 247.333195][ T9291] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1135'. [ 247.343387][ T9291] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1135'. [ 247.362378][ T9293] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1136'. [ 247.375812][ T9291] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1135'. [ 248.291855][ T9381] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1145'. [ 248.322818][ T9381] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1145'. [ 250.156136][ T9425] binfmt_misc: register: failed to install interpreter file ./file2 [ 251.828611][ T9458] __nla_validate_parse: 5 callbacks suppressed [ 251.828627][ T9458] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1175'. [ 252.304719][ T1318] Bluetooth: hci4: Frame reassembly failed (-84) [ 254.127005][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 254.568055][ T9527] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1204'. [ 254.873019][ T9537] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 254.873019][ T9537] program syz.0.1209 not setting count and/or reply_len properly [ 254.938775][ T9537] netlink: 'syz.0.1209': attribute type 10 has an invalid length. [ 254.979015][ T9537] team0: Port device dummy0 added [ 254.994316][ T9544] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1212'. [ 255.445857][ T9569] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1224'. [ 255.503584][ T28] kauditd_printk_skb: 15 callbacks suppressed [ 255.503598][ T28] audit: type=1326 audit(1755887175.522:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9571 comm="syz.4.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 255.542579][ T28] audit: type=1326 audit(1755887175.532:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9571 comm="syz.4.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 255.578525][ T28] audit: type=1326 audit(1755887175.532:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9571 comm="syz.4.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 255.614063][ T9574] netlink: 'syz.0.1226': attribute type 10 has an invalid length. [ 255.622459][ T28] audit: type=1326 audit(1755887175.532:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9571 comm="syz.4.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 255.660399][ T28] audit: type=1326 audit(1755887175.532:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9571 comm="syz.4.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 255.685621][ T28] audit: type=1326 audit(1755887175.532:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9571 comm="syz.4.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 255.730387][ T28] audit: type=1326 audit(1755887175.532:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9571 comm="syz.4.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 255.745578][ T9577] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1227'. [ 255.776384][ T28] audit: type=1326 audit(1755887175.532:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9571 comm="syz.4.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 255.799813][ T28] audit: type=1326 audit(1755887175.532:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9571 comm="syz.4.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 255.830156][ T28] audit: type=1326 audit(1755887175.532:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9571 comm="syz.4.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 256.038132][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.075098][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.413767][ T9593] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1234'. [ 256.635943][ T7892] Bluetooth: hci4: Frame reassembly failed (-84) [ 256.913010][ T9598] netlink: 'syz.4.1236': attribute type 10 has an invalid length. [ 257.004006][ T9598] team0: Port device dummy0 added [ 258.523842][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 258.834220][ T9622] syz.4.1246[9622] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 258.834352][ T9622] syz.4.1246[9622] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 259.724909][ T9646] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1257'. [ 260.362877][ T9654] netlink: 'syz.0.1260': attribute type 10 has an invalid length. [ 260.754557][ T9669] bond_slave_1: entered promiscuous mode [ 260.777936][ T9669] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1267'. [ 260.859822][ T9669] bond0: (slave bond_slave_1): Releasing backup interface [ 260.889320][ T9669] bond_slave_1 (unregistering): left promiscuous mode [ 261.353681][ T9678] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1270'. [ 261.610473][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 261.610506][ T28] audit: type=1326 audit(1755887181.622:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 261.856902][ T28] audit: type=1326 audit(1755887181.672:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 261.903692][ T1318] Bluetooth: hci4: Frame reassembly failed (-84) [ 261.943645][ T28] audit: type=1326 audit(1755887181.682:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 261.986725][ T28] audit: type=1326 audit(1755887181.732:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 262.032198][ T9691] netlink: 'syz.1.1272': attribute type 10 has an invalid length. [ 262.033558][ T28] audit: type=1326 audit(1755887181.732:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.3.1271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 262.660627][ T9709] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1281'. [ 263.689291][ T9719] netlink: 'syz.3.1285': attribute type 10 has an invalid length. [ 263.954710][ T5790] Bluetooth: hci4: command 0x1003 tx timeout [ 263.961640][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 263.962672][ T9737] syzkaller0: entered promiscuous mode [ 264.003567][ T9737] syzkaller0: entered allmulticast mode [ 265.222927][ T28] audit: type=1326 audit(1755887185.242:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9747 comm="syz.4.1297" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x0 [ 267.255537][ T9752] netlink: 'syz.1.1298': attribute type 10 has an invalid length. [ 267.436457][ T9769] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1303'. [ 267.475144][ T9770] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1304'. [ 267.500757][ T9770] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1304'. [ 267.520169][ T9770] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1304'. [ 267.540192][ T9770] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1304'. [ 267.554346][ T9770] netlink: 'syz.3.1304': attribute type 6 has an invalid length. [ 268.690232][ T9788] netlink: 'syz.1.1311': attribute type 10 has an invalid length. [ 268.814038][ T9795] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1314'. [ 268.814787][ T9793] syzkaller0: entered promiscuous mode [ 268.830998][ T9793] syzkaller0: entered allmulticast mode [ 268.913701][ T5790] Bluetooth: hci4: command 0x1003 tx timeout [ 268.921394][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 269.094015][ T28] audit: type=1326 audit(1755887189.112:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9801 comm="syz.0.1316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 269.152698][ T28] audit: type=1326 audit(1755887189.112:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9801 comm="syz.0.1316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 269.196405][ T9804] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1318'. [ 269.206682][ T28] audit: type=1326 audit(1755887189.112:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9801 comm="syz.0.1316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 269.255601][ T28] audit: type=1326 audit(1755887189.112:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9801 comm="syz.0.1316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 269.287836][ T28] audit: type=1326 audit(1755887189.112:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9801 comm="syz.0.1316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 272.032836][ T9815] netlink: 'syz.1.1323': attribute type 10 has an invalid length. [ 272.047060][ T9822] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1325'. [ 272.278623][ T9832] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1330'. [ 272.464789][ T28] audit: type=1326 audit(1755887192.492:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm=ACED exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 272.534610][ T9838] syzkaller0: entered promiscuous mode [ 272.547703][ T28] audit: type=1326 audit(1755887192.512:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm=ACED exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 272.577253][ T9838] syzkaller0: entered allmulticast mode [ 272.594297][ T28] audit: type=1326 audit(1755887192.512:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm=ACED exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 272.620628][ T28] audit: type=1326 audit(1755887192.512:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm=ACED exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 272.676394][ T28] audit: type=1326 audit(1755887192.512:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm=ACED exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 272.731873][ T9374] Bluetooth: hci4: Frame reassembly failed (-84) [ 274.758018][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 274.851035][ T9847] netlink: 'syz.4.1336': attribute type 10 has an invalid length. [ 274.872927][ T9850] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1337'. [ 275.008389][ T28] audit: type=1326 audit(1755887195.032:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9854 comm="syz.1.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 275.081483][ T28] audit: type=1326 audit(1755887195.032:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9854 comm="syz.1.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 275.151677][ T28] audit: type=1326 audit(1755887195.032:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9854 comm="syz.1.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 275.195602][ T28] audit: type=1326 audit(1755887195.032:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9854 comm="syz.1.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 275.263170][ T28] audit: type=1326 audit(1755887195.052:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9854 comm="syz.1.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 275.307953][ T9870] program syz.4.1344 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 275.425226][ T9876] netlink: 'syz.3.1348': attribute type 10 has an invalid length. [ 275.597378][ T9880] syzkaller0: entered promiscuous mode [ 275.609591][ T9880] syzkaller0: entered allmulticast mode [ 275.965121][ T7892] Bluetooth: hci4: Frame reassembly failed (-84) [ 277.876523][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 278.539781][ T9908] macsec0: entered allmulticast mode [ 278.599093][ T9916] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1360'. [ 279.134780][ T9941] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1371'. [ 279.326573][ T9947] syzkaller0: entered promiscuous mode [ 279.332108][ T9947] syzkaller0: entered allmulticast mode [ 279.671241][ T9965] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1380'. [ 282.812750][ T9339] Bluetooth: hci4: Frame reassembly failed (-84) [ 282.927038][ T9997] netlink: 'syz.1.1392': attribute type 10 has an invalid length. [ 282.936790][ T9997] netlink: 'syz.1.1392': attribute type 10 has an invalid length. [ 282.957774][ T9997] team0: Port device dummy0 removed [ 282.970388][ T9997] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 283.481824][T10009] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1397'. [ 283.683451][T10015] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 283.683451][T10015] program syz.1.1401 not setting count and/or reply_len properly [ 283.752828][T10015] netlink: 'syz.1.1401': attribute type 10 has an invalid length. [ 283.790094][T10015] bond0: (slave dummy0): Releasing backup interface [ 283.896091][T10015] team0: Port device dummy0 added [ 284.833670][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 284.834633][ T5790] Bluetooth: hci4: command 0x1003 tx timeout [ 285.001942][T10040] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 285.001942][T10040] program syz.4.1411 not setting count and/or reply_len properly [ 285.040241][T10040] netlink: 'syz.4.1411': attribute type 10 has an invalid length. [ 285.465351][ T9319] Bluetooth: hci4: Frame reassembly failed (-84) [ 286.769712][T10066] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1419'. [ 286.879712][T10071] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 286.879712][T10071] program syz.3.1421 not setting count and/or reply_len properly [ 286.901219][ T28] audit: type=1326 audit(1755887206.922:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10072 comm="syz.4.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 286.911652][T10071] netlink: 'syz.3.1421': attribute type 10 has an invalid length. [ 286.951199][ T28] audit: type=1326 audit(1755887206.952:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10072 comm="syz.4.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 286.977154][ T28] audit: type=1326 audit(1755887206.952:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10072 comm="syz.4.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 287.000804][ T28] audit: type=1326 audit(1755887206.952:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10072 comm="syz.4.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 287.023568][ T28] audit: type=1326 audit(1755887206.952:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10072 comm="syz.4.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85ffd8ebe9 code=0x7ffc0000 [ 287.393673][ T5102] Bluetooth: hci4: command 0x1003 tx timeout [ 287.402445][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 287.540030][T10097] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 287.540030][T10097] program syz.0.1432 not setting count and/or reply_len properly [ 287.573257][T10097] netlink: 'syz.0.1432': attribute type 10 has an invalid length. [ 288.618459][T10122] syzkaller0: entered promiscuous mode [ 288.629974][T10122] syzkaller0: entered allmulticast mode [ 288.918550][ T9339] Bluetooth: hci4: Frame reassembly failed (-84) [ 290.839537][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 291.569834][T10155] netlink: 'syz.4.1450': attribute type 3 has an invalid length. [ 293.236188][T10181] syzkaller0: entered promiscuous mode [ 293.241883][T10181] syzkaller0: entered allmulticast mode [ 294.154261][T10197] program syz.4.1466 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 294.273266][T10200] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1467'. [ 294.287245][T10200] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1467'. [ 295.059878][ T28] audit: type=1326 audit(1755887215.072:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10208 comm="syz.3.1470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 295.104751][ T28] audit: type=1326 audit(1755887215.072:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10208 comm="syz.3.1470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 295.145874][ T28] audit: type=1326 audit(1755887215.082:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10208 comm="syz.3.1470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 295.190513][ T28] audit: type=1326 audit(1755887215.082:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10208 comm="syz.3.1470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 295.226359][ T28] audit: type=1326 audit(1755887215.082:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10208 comm="syz.3.1470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 295.253053][ T28] audit: type=1326 audit(1755887215.082:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10208 comm="syz.3.1470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 295.281303][ T28] audit: type=1326 audit(1755887215.082:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10208 comm="syz.3.1470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 295.308691][ T28] audit: type=1326 audit(1755887215.082:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10208 comm="syz.3.1470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 295.341939][ T28] audit: type=1326 audit(1755887215.082:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10208 comm="syz.3.1470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 295.366933][ T28] audit: type=1326 audit(1755887215.082:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10208 comm="syz.3.1470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 295.813427][T10221] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 295.813427][T10221] program syz.4.1474 not setting count and/or reply_len properly [ 296.350837][T10221] netlink: 'syz.4.1474': attribute type 10 has an invalid length. [ 296.542139][T10230] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1478'. [ 297.483131][T10249] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 297.483131][T10249] program syz.0.1484 not setting count and/or reply_len properly [ 297.598349][T10252] syzkaller0: entered promiscuous mode [ 297.605990][T10252] syzkaller0: entered allmulticast mode [ 297.613024][T10249] netlink: 'syz.0.1484': attribute type 10 has an invalid length. [ 300.557593][T10264] pimreg: entered allmulticast mode [ 300.563798][T10269] pimreg: left allmulticast mode [ 300.658021][T10289] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 300.658021][T10289] program syz.1.1496 not setting count and/or reply_len properly [ 300.685424][T10289] netlink: 'syz.1.1496': attribute type 10 has an invalid length. [ 301.057646][T10305] syzkaller0: entered promiscuous mode [ 301.069342][T10305] syzkaller0: entered allmulticast mode [ 301.351223][T10316] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 301.351223][T10316] program syz.1.1508 not setting count and/or reply_len properly [ 304.105018][T10316] netlink: 'syz.1.1508': attribute type 10 has an invalid length. [ 305.509457][T10394] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 305.509457][T10394] program syz.3.1534 not setting count and/or reply_len properly [ 305.547856][T10394] netlink: 'syz.3.1534': attribute type 10 has an invalid length. [ 305.697498][T10402] lo: entered allmulticast mode [ 305.741284][T10406] syz.3.1540[10406] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 305.741418][T10406] syz.3.1540[10406] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 307.340263][T10449] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 307.340263][T10449] program syz.1.1556 not setting count and/or reply_len properly [ 307.380751][T10449] netlink: 'syz.1.1556': attribute type 10 has an invalid length. [ 307.665678][T10463] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1561'. [ 307.737445][T10465] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1562'. [ 308.158722][ T28] kauditd_printk_skb: 57 callbacks suppressed [ 308.158740][ T28] audit: type=1326 audit(1755887228.172:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 308.232507][ T28] audit: type=1326 audit(1755887228.172:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 308.258222][T10486] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1572'. [ 308.261432][ T28] audit: type=1326 audit(1755887228.172:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 308.763106][T10512] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1584'. [ 309.134399][T10531] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1592'. [ 309.709206][ T9312] Bluetooth: hci4: Frame reassembly failed (-84) [ 310.372048][T10558] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1604'. [ 310.500588][T10565] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 310.500588][T10565] program syz.3.1608 not setting count and/or reply_len properly [ 310.526345][T10565] netlink: 'syz.3.1608': attribute type 10 has an invalid length. [ 311.634169][ T5102] Bluetooth: hci4: command 0x1003 tx timeout [ 311.641615][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 311.826399][T10592] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 311.826399][T10592] program syz.4.1619 not setting count and/or reply_len properly [ 311.891163][T10592] netlink: 'syz.4.1619': attribute type 10 has an invalid length. [ 311.934203][T10596] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1621'. [ 312.953581][T10624] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 312.953581][T10624] program syz.0.1632 not setting count and/or reply_len properly [ 313.022391][T10623] syzkaller0: entered promiscuous mode [ 313.059378][T10623] syzkaller0: entered allmulticast mode [ 313.102025][T10624] netlink: 'syz.0.1632': attribute type 10 has an invalid length. [ 313.156891][T10628] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1633'. [ 314.262773][T10653] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 314.262773][T10653] program syz.3.1643 not setting count and/or reply_len properly [ 315.779494][T10651] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1642'. [ 315.811365][T10653] netlink: 'syz.3.1643': attribute type 10 has an invalid length. [ 315.934674][ T28] audit: type=1326 audit(1755887235.962:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10659 comm="syz.3.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 316.003631][ T28] audit: type=1326 audit(1755887235.982:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10659 comm="syz.3.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 316.061016][ T28] audit: type=1326 audit(1755887235.982:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10659 comm="syz.3.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 316.105093][ T28] audit: type=1326 audit(1755887235.982:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10659 comm="syz.3.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 316.127870][ T28] audit: type=1326 audit(1755887235.982:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10659 comm="syz.3.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 316.151132][ T28] audit: type=1326 audit(1755887235.982:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10659 comm="syz.3.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 316.211255][ T28] audit: type=1326 audit(1755887235.982:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10659 comm="syz.3.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 316.309785][ T28] audit: type=1326 audit(1755887235.982:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10659 comm="syz.3.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 316.332474][ T28] audit: type=1326 audit(1755887235.982:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10659 comm="syz.3.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 316.355664][ T28] audit: type=1326 audit(1755887235.982:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10659 comm="syz.3.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 316.492727][T10674] syzkaller0: entered promiscuous mode [ 316.503002][T10674] syzkaller0: entered allmulticast mode [ 317.482330][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.491093][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 321.154572][ T9340] Bluetooth: hci4: Frame reassembly failed (-84) [ 322.366086][T10743] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 322.366086][T10743] program syz.3.1678 not setting count and/or reply_len properly [ 322.397726][T10743] netlink: 'syz.3.1678': attribute type 10 has an invalid length. [ 322.538914][T10747] syzkaller0: entered promiscuous mode [ 322.544848][T10747] syzkaller0: entered allmulticast mode [ 323.155678][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 323.163572][ T5102] Bluetooth: hci4: command 0x1003 tx timeout [ 323.559926][T10762] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 323.559926][T10762] program syz.1.1687 not setting count and/or reply_len properly [ 325.267501][ T9342] Bluetooth: hci4: Frame reassembly failed (-84) [ 326.218513][T10762] netlink: 'syz.1.1687': attribute type 10 has an invalid length. [ 326.970469][T10801] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 326.970469][T10801] program syz.1.1702 not setting count and/or reply_len properly [ 327.024447][T10802] netlink: 'syz.1.1702': attribute type 10 has an invalid length. [ 327.224688][T10804] syzkaller0: entered promiscuous mode [ 327.234710][T10804] syzkaller0: entered allmulticast mode [ 327.243776][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 329.760412][ T28] kauditd_printk_skb: 19 callbacks suppressed [ 329.760430][ T28] audit: type=1326 audit(1755887249.772:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10838 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 329.799411][ T28] audit: type=1326 audit(1755887249.772:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10838 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 329.832007][ T28] audit: type=1326 audit(1755887249.772:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10838 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 329.873585][ T28] audit: type=1326 audit(1755887249.772:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10838 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 329.939525][T10843] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1718'. [ 329.943023][ T28] audit: type=1326 audit(1755887249.772:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10838 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 329.972906][ T28] audit: type=1326 audit(1755887249.782:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10838 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 330.023870][ T28] audit: type=1326 audit(1755887249.782:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10838 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 330.062054][ T28] audit: type=1326 audit(1755887249.782:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10838 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 330.241824][ T28] audit: type=1326 audit(1755887250.262:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10838 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 330.264797][ T28] audit: type=1326 audit(1755887250.262:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10838 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa41cd8ebe9 code=0x7ffc0000 [ 332.048540][T10866] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1728'. [ 332.243256][T10870] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1730'. [ 332.821710][T10883] capability: warning: `syz.3.1736' uses deprecated v2 capabilities in a way that may be insecure [ 333.100311][T10887] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1738'. [ 333.204803][T10891] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1739'. [ 334.268863][T10905] syzkaller0: entered promiscuous mode [ 334.324747][T10905] syzkaller0: entered allmulticast mode [ 334.917040][T10927] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1751'. [ 334.977402][ T28] kauditd_printk_skb: 82 callbacks suppressed [ 334.977416][ T28] audit: type=1326 audit(1755887255.002:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 335.033603][ T28] audit: type=1326 audit(1755887255.032:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 335.074980][ T28] audit: type=1326 audit(1755887255.032:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 335.102860][ T28] audit: type=1326 audit(1755887255.032:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 335.153934][ T28] audit: type=1326 audit(1755887255.032:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 335.203594][ T28] audit: type=1326 audit(1755887255.032:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 335.259493][ T28] audit: type=1326 audit(1755887255.032:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 335.326289][ T28] audit: type=1326 audit(1755887255.042:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 335.360942][ T28] audit: type=1326 audit(1755887255.042:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 335.383809][ T28] audit: type=1326 audit(1755887255.042:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 336.928321][T10954] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1761'. [ 337.617965][T10944] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1757'. [ 337.658296][T10944] syz_tun: entered promiscuous mode [ 337.689130][T10944] macvtap2: entered promiscuous mode [ 337.710024][T10944] macvtap2: entered allmulticast mode [ 337.755198][T10945] syz_tun: left promiscuous mode [ 337.767254][T10972] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 337.767254][T10972] program syz.0.1769 not setting count and/or reply_len properly [ 337.826867][T10972] netlink: 'syz.0.1769': attribute type 10 has an invalid length. [ 337.915933][T10977] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1771'. [ 338.298868][T10987] syzkaller0: entered promiscuous mode [ 338.317395][T10987] syzkaller0: entered allmulticast mode [ 339.059836][T11000] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 339.059836][T11000] program syz.4.1779 not setting count and/or reply_len properly [ 340.459294][T11000] netlink: 'syz.4.1779': attribute type 10 has an invalid length. [ 340.467852][T10996] netlink: 'syz.1.1777': attribute type 30 has an invalid length. [ 340.503186][T10996] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 340.512733][T10996] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 340.522218][T10996] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 340.531033][T10996] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 340.548765][T10996] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 340.558161][T10996] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 340.567229][T10996] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 340.576832][T10996] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 340.842039][ T28] kauditd_printk_skb: 124 callbacks suppressed [ 340.842055][ T28] audit: type=1326 audit(1755887260.862:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11012 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 340.873077][ T28] audit: type=1326 audit(1755887260.862:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11012 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 340.899073][ T28] audit: type=1326 audit(1755887260.902:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11012 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 340.922283][ T28] audit: type=1326 audit(1755887260.902:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11012 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 340.947093][ T28] audit: type=1326 audit(1755887260.902:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11012 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 340.973768][ T28] audit: type=1326 audit(1755887260.902:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11012 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 341.019458][ T28] audit: type=1326 audit(1755887260.922:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11012 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 341.062552][ T28] audit: type=1326 audit(1755887260.922:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11012 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 341.092498][ T28] audit: type=1326 audit(1755887260.972:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11012 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 341.119696][ T28] audit: type=1326 audit(1755887260.972:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11012 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 341.353889][T11026] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 341.353889][T11026] program syz.3.1789 not setting count and/or reply_len properly [ 341.382454][T11026] netlink: 'syz.3.1789': attribute type 10 has an invalid length. [ 342.904857][T11052] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 342.904857][T11052] program syz.1.1798 not setting count and/or reply_len properly [ 342.975573][T11052] netlink: 'syz.1.1798': attribute type 10 has an invalid length. [ 343.216908][T11066] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1806'. [ 344.156571][T11090] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 344.156571][T11090] program syz.1.1811 not setting count and/or reply_len properly [ 344.191573][T11090] netlink: 'syz.1.1811': attribute type 10 has an invalid length. [ 344.397158][T11094] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1812'. [ 344.927111][T11114] netlink: 'syz.1.1820': attribute type 1 has an invalid length. [ 344.949723][T11116] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 344.949723][T11116] program syz.0.1821 not setting count and/or reply_len properly [ 344.976645][T11116] netlink: 'syz.0.1821': attribute type 10 has an invalid length. [ 345.848695][ T28] kauditd_printk_skb: 123 callbacks suppressed [ 345.848777][ T28] audit: type=1326 audit(1755887265.872:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11128 comm="syz.3.1824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 345.944065][ T28] audit: type=1326 audit(1755887265.872:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11128 comm="syz.3.1824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 345.998661][ T28] audit: type=1326 audit(1755887265.912:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11128 comm="syz.3.1824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 346.054592][ T28] audit: type=1326 audit(1755887265.912:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11128 comm="syz.3.1824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 346.109550][ T28] audit: type=1326 audit(1755887265.912:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11128 comm="syz.3.1824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 346.173721][ T28] audit: type=1326 audit(1755887265.912:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11128 comm="syz.3.1824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 346.233626][ T28] audit: type=1326 audit(1755887265.912:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11128 comm="syz.3.1824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 346.275184][ T28] audit: type=1326 audit(1755887265.912:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11128 comm="syz.3.1824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 346.304527][T11134] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1826'. [ 346.328026][ T28] audit: type=1326 audit(1755887265.912:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11128 comm="syz.3.1824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 346.377746][ T28] audit: type=1326 audit(1755887265.912:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11128 comm="syz.3.1824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5258ebe9 code=0x7ffc0000 [ 346.625973][T11145] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 346.625973][T11145] program syz.3.1831 not setting count and/or reply_len properly [ 346.670218][T11145] netlink: 'syz.3.1831': attribute type 10 has an invalid length. [ 346.780581][T11154] macsec0: left allmulticast mode [ 346.789153][T11154] batadv1: left promiscuous mode [ 346.819827][ T5837] kernel write not supported for file /1196/clear_refs (pid: 5837 comm: kworker/0:5) [ 346.869201][T11158] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1836'. [ 347.157016][ T5798] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 347.163834][ T5102] Bluetooth: hci4: command 0x1003 tx timeout [ 347.597290][T11183] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1846'. [ 348.888102][T11222] rdma_op ffff888079b901f0 conn xmit_rdma 0000000000000000 [ 349.192819][T11230] team0: Port device dummy0 removed [ 349.201522][T11230] bridge_slave_0: left allmulticast mode [ 349.215613][T11230] bridge_slave_0: left promiscuous mode [ 349.222955][T11230] bridge0: port 1(bridge_slave_0) entered disabled state [ 349.376761][T11230] bridge_slave_1: left allmulticast mode [ 349.408045][T11230] bridge_slave_1: left promiscuous mode [ 349.436362][T11230] bridge0: port 2(bridge_slave_1) entered disabled state [ 349.497478][T11230] $Hÿ: (slave bond_slave_0): Releasing backup interface [ 349.529686][T11230] bond_slave_0: left promiscuous mode [ 349.588878][T11230] $Hÿ: (slave bond_slave_1): Releasing backup interface [ 349.605032][T11235] 9pnet: Could not find request transport: 0xffffffffffffffff [ 349.605952][T11230] bond_slave_1: left promiscuous mode [ 349.656969][T11230] team0: Port device team_slave_0 removed [ 349.702939][T11230] team0: Port device team_slave_1 removed [ 350.225970][T11255] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8) [ 350.232976][T11255] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 350.243394][T11255] vhci_hcd vhci_hcd.0: Device attached [ 350.258456][T11259] vhci_hcd: connection closed [ 350.279615][ T9319] vhci_hcd: stop threads [ 350.294558][ T9319] vhci_hcd: release socket [ 350.299059][ T9319] vhci_hcd: disconnect device [ 350.427636][T11262] syz.4.1875[11262] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 350.427761][T11262] syz.4.1875[11262] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.076731][T11282] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1883'. [ 351.882550][ T28] kauditd_printk_skb: 61 callbacks suppressed [ 351.882564][ T28] audit: type=1326 audit(1755887271.902:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11302 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 351.909276][T11306] syz.4.1892[11306] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.918960][T11306] syz.4.1892[11306] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.941399][ T28] audit: type=1326 audit(1755887271.932:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11302 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 351.984282][ T28] audit: type=1326 audit(1755887271.942:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11302 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 352.016972][ T28] audit: type=1326 audit(1755887271.942:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11302 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 352.085938][ T28] audit: type=1326 audit(1755887271.942:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11302 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 352.127913][ T28] audit: type=1326 audit(1755887271.942:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11302 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 352.152198][ T28] audit: type=1326 audit(1755887271.942:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11302 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 352.195360][ T28] audit: type=1326 audit(1755887271.942:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11302 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 352.256140][ T28] audit: type=1326 audit(1755887271.942:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11302 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 352.279351][ T28] audit: type=1326 audit(1755887271.942:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11302 comm="syz.1.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504958ebe9 code=0x7ffc0000 [ 352.721966][ T9340] Bluetooth: hci4: Frame reassembly failed (-84) [ 353.642937][T11342] netlink: 'syz.3.1905': attribute type 10 has an invalid length. [ 353.678671][T11343] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1904'. [ 353.691015][T11342] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 353.699683][T11343] unsupported nlmsg_type 40 [ 353.755469][T11342] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 354.763628][ T5798] Bluetooth: hci4: command 0x1003 tx timeout [ 354.771381][ T5102] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 354.810894][T11357] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1908'. [ 356.519151][ T9319] Bluetooth: hci4: Frame reassembly failed (-84) [ 357.019203][T11408] netlink: 'syz.1.1931': attribute type 29 has an invalid length. [ 357.030927][T11408] netlink: 'syz.1.1931': attribute type 29 has an invalid length. [ 357.045074][T11408] netlink: 'syz.1.1931': attribute type 29 has an invalid length. [ 357.054605][T11408] netlink: 'syz.1.1931': attribute type 29 has an invalid length. [ 357.063281][T11408] netlink: 'syz.1.1931': attribute type 29 has an invalid length. [ 357.293367][T11420] netlink: 'syz.3.1937': attribute type 10 has an invalid length. [ 357.376748][T11424] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 357.376748][T11424] program syz.3.1939 not setting count and/or reply_len properly [ 357.411247][T11424] netlink: 'syz.3.1939': attribute type 10 has an invalid length. [ 358.041230][T11449] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 358.041230][T11449] program syz.1.1949 not setting count and/or reply_len properly [ 358.070645][T11449] netlink: 'syz.1.1949': attribute type 10 has an invalid length. [ 358.384888][T11461] syzkaller0: entered promiscuous mode [ 358.390439][T11461] syzkaller0: entered allmulticast mode [ 358.440812][ T5102] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 358.721374][T11472] netlink: 4083 bytes leftover after parsing attributes in process `syz.0.1956'. [ 358.786491][T11475] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 358.786491][T11475] program syz.4.1959 not setting count and/or reply_len properly [ 360.614581][T11472] netlink: 4083 bytes leftover after parsing attributes in process `syz.0.1956'. [ 360.628255][T11475] netlink: 'syz.4.1959': attribute type 10 has an invalid length. [ 360.640693][T11475] team0: Port device dummy0 added [ 360.740210][T11479] netlink: 'syz.0.1961': attribute type 29 has an invalid length. [ 360.760637][T11479] netlink: 'syz.0.1961': attribute type 29 has an invalid length. [ 360.770568][T11479] netlink: 'syz.0.1961': attribute type 29 has an invalid length. [ 360.782568][T11479] netlink: 'syz.0.1961': attribute type 29 has an invalid length. [ 360.792352][T11479] netlink: 'syz.0.1961': attribute type 29 has an invalid length. [ 362.063520][T11504] loop0: detected capacity change from 0 to 128 [ 362.227376][T11504] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 362.252700][T11504] ext4 filesystem being mounted at /507/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 362.341828][T11504] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1968'. [ 363.047510][T11508] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in; [ 363.047510][T11508] program syz.3.1970 not setting count and/or reply_len properly [ 363.201651][T11508] netlink: 'syz.3.1970': attribute type 10 has an invalid length. [ 363.263155][T11511] netlink: 'syz.1.1971': attribute type 29 has an invalid length. [ 363.285953][T11511] netlink: 'syz.1.1971': attribute type 29 has an invalid length. [ 363.684237][T11511] netlink: 'syz.1.1971': attribute type 29 has an invalid length. [ 364.169081][ T5783] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 366.064678][ T5798] Bluetooth: hci4: command 0x1003 tx timeout [ 366.073845][ T5102] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 366.444786][T11540] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1981'. [ 366.464710][T11542] validate_nla: 2 callbacks suppressed [ 366.464727][T11542] netlink: 'syz.3.1982': attribute type 29 has an invalid length. [ 366.492797][T11542] netlink: 'syz.3.1982': attribute type 29 has an invalid length. [ 366.523032][T11543] netlink: 'syz.3.1982': attribute type 29 has an invalid length. [ 366.547742][T11542] netlink: 'syz.3.1982': attribute type 29 has an invalid length. [ 367.667229][T11564] netlink: 'syz.0.1989': attribute type 29 has an invalid length. [ 367.682474][T11567] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1991'. [ 367.696631][T11564] netlink: 'syz.0.1989': attribute type 29 has an invalid length. [ 367.726139][T11564] netlink: 'syz.0.1989': attribute type 29 has an invalid length. [ 367.736803][T11564] netlink: 'syz.0.1989': attribute type 29 has an invalid length. [ 367.751262][T11564] netlink: 'syz.0.1989': attribute type 29 has an invalid length. [ 368.153740][T11585] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1997'. [ 368.520209][T11586] pim6reg1: entered promiscuous mode [ 368.742195][T11586] pim6reg1: entered allmulticast mode [ 369.953448][ C0] sched: RT throttling activated [ 371.695905][T11652] [ 371.698701][T11652] ============================= [ 371.703873][T11652] WARNING: suspicious RCU usage [ 371.708757][T11652] 6.6.102-syzkaller #0 Not tainted [ 371.714151][T11652] ----------------------------- [ 371.719029][T11652] kernel/events/callchain.c:161 suspicious rcu_dereference_check() usage! [ 371.727750][T11652] [ 371.727750][T11652] other info that might help us debug this: [ 371.727750][T11652] [ 371.738075][T11652] [ 371.738075][T11652] rcu_scheduler_active = 2, debug_locks = 1 [ 371.746392][T11652] 1 lock held by syz.3.2026/11652: [ 371.751618][T11652] #0: ffffffff8cd2fd80 (rcu_read_lock_trace){....}-{0:0}, at: rcu_read_lock_trace+0x37/0x70 [ 371.761950][T11652] [ 371.761950][T11652] stack backtrace: [ 371.768028][T11652] CPU: 1 PID: 11652 Comm: syz.3.2026 Not tainted 6.6.102-syzkaller #0 [ 371.776205][T11652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 371.786300][T11652] Call Trace: [ 371.789582][T11652] [ 371.792513][T11652] dump_stack_lvl+0x16c/0x230 [ 371.797207][T11652] ? show_regs_print_info+0x20/0x20 [ 371.802411][T11652] ? load_image+0x3b0/0x3b0 [ 371.807038][T11652] lockdep_rcu_suspicious+0x1e1/0x300 [ 371.812603][T11652] get_callchain_entry+0x2a9/0x3c0 [ 371.817716][T11652] get_perf_callchain+0xa3/0x4b0 [ 371.822694][T11652] ? put_callchain_entry+0xb0/0xb0 [ 371.827816][T11652] ? plist_add+0x3d8/0x490 [ 371.832237][T11652] __bpf_get_stack+0x2d7/0x510 [ 371.837097][T11652] ? stack_map_get_build_id_offset+0x720/0x720 [ 371.843341][T11652] ? __cant_sleep+0x210/0x210 [ 371.848024][T11652] ? bpf_prog_2ae546726a474a42+0x45/0x49 [ 371.853838][T11652] bpf_get_stack_raw_tp+0x1a9/0x210 [ 371.859034][T11652] bpf_prog_2ae546726a474a42+0x45/0x49 [ 371.864487][T11652] bpf_prog_run_pin_on_cpu+0xa8/0x140 [ 371.869864][T11652] bpf_prog_test_run_syscall+0x311/0x490 [ 371.875504][T11652] ? sock_gen_cookie+0x60/0x60 [ 371.880270][T11652] ? sock_gen_cookie+0x60/0x60 [ 371.885052][T11652] bpf_prog_test_run+0x321/0x390 [ 371.889986][T11652] __sys_bpf+0x440/0x800 [ 371.894234][T11652] ? bpf_link_show_fdinfo+0x350/0x350 [ 371.899617][T11652] ? lock_chain_count+0x20/0x20 [ 371.904561][T11652] __x64_sys_bpf+0x7c/0x90 [ 371.908971][T11652] do_syscall_64+0x55/0xb0 [ 371.913391][T11652] ? clear_bhb_loop+0x40/0x90 [ 371.918083][T11652] ? clear_bhb_loop+0x40/0x90 [ 371.922836][T11652] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 371.928754][T11652] RIP: 0033:0x7f3b5258ebe9 [ 371.933340][T11652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 371.953120][T11652] RSP: 002b:00007f3b53414038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 371.961810][T11652] RAX: ffffffffffffffda RBX: 00007f3b527b5fa0 RCX: 00007f3b5258ebe9 [ 371.969777][T11652] RDX: 0000000000000010 RSI: 0000200000000740 RDI: 000000000000000a [ 371.977849][T11652] RBP: 00007f3b52611e19 R08: 0000000000000000 R09: 0000000000000000 [ 371.985815][T11652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 371.993786][T11652] R13: 00007f3b527b6038 R14: 00007f3b527b5fa0 R15: 00007ffe9599d8d8 [ 372.001765][T11652] [ 378.916911][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.923573][ T1278] ieee802154 phy1 wpan1: encryption failed: -22