last executing test programs: 1m56.958656639s ago: executing program 1 (id=3326): r0 = syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r0, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d80000001b00010000000000fdfffffffc000000000000000000000000000000200100000000000000000000000000004e240000000000010000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000ffffffffffffff7ffcffffffffffffff04000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000006fcffff00000000000003000000000000000000000000000c0008"], 0xd8}}, 0x20008004) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'bond0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="400d0000000000003000128008000100687372002400028008000200", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r2], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) 1m56.534979638s ago: executing program 1 (id=3331): sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x9880) r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) r2 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc) setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f"], 0x57) setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) 1m56.135848032s ago: executing program 1 (id=3336): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0) sendmsg$NFC_CMD_DEV_UP(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r1, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0) 1m55.894655814s ago: executing program 1 (id=3339): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x14010, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000380)='./file0/../file0\x00', &(0x7f0000000440)='.\x00') 1m55.438227773s ago: executing program 1 (id=3343): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0xe, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}]}, 0x0}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="05"], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r1, &(0x7f0000000440), &(0x7f0000000040)=@udp=r0}, 0x20) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x21) syz_emit_ethernet(0x2a, &(0x7f00000005c0)={@local, @random, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4, 0x4e20, 0x8}}}}}, 0x0) recvmmsg(r0, &(0x7f0000004280)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/232, 0xe8}], 0x1}, 0x1ff}], 0x1, 0x2, 0x0) 1m54.546696095s ago: executing program 1 (id=3351): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB, @ANYBLOB], 0x50) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e4000000000000000805000400030000000900020073797a3100000000050005000200000014000300686173683a69702c706f72742c6970000500010007"], 0x4c}, 0x1, 0x0, 0x0, 0x20044095}, 0x8042) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80) 1m54.244340386s ago: executing program 32 (id=3351): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB, @ANYBLOB], 0x50) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e4000000000000000805000400030000000900020073797a3100000000050005000200000014000300686173683a69702c706f72742c6970000500010007"], 0x4c}, 0x1, 0x0, 0x0, 0x20044095}, 0x8042) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80) 4.484328951s ago: executing program 5 (id=4308): syz_emit_ethernet(0x86, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$binfmt_format(r2, &(0x7f00000002c0)='-1\x00', 0x3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c000000bca30000000000002403000020feffff620af8fff8ffffff71a4f8ff000000001f03000000000000e5000300000000002604fdffff02000014010000033800001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0x1}, 0x48) 4.179114787s ago: executing program 5 (id=4310): syz_open_dev$tty1(0xc, 0x4, 0x2) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x9, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) ioctl$USBDEVFS_FORBID_SUSPEND(0xffffffffffffffff, 0x5521) r2 = socket$inet6(0xa, 0x1, 0x0) creat(&(0x7f00000002c0)='./file0\x00', 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = gettid() bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1, 0x0, r4}}, 0x3c) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000004b9cc90a108000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_clone(0x40000080, 0x0, 0x0, 0x0, 0x0, 0x0) r8 = socket$rds(0x15, 0x5, 0x0) bind$rds(r8, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r8, &(0x7f0000000580)={&(0x7f00000005c0)={0x2, 0x4, @rand_addr=0x64010101}, 0x10, 0x0, 0x0, &(0x7f0000003a80)=[@rdma_args={0x48, 0x114, 0x1, {{0x0, 0xffffffff}, {0x0}, &(0x7f0000003a00), 0x0, 0x3e}}], 0x48, 0x4000000}, 0x8000) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18) connect$vsock_stream(0xffffffffffffffff, &(0x7f00000000c0)={0x28, 0x0, 0xffffffff, @local}, 0x10) socket$nl_rdma(0x10, 0x3, 0x14) 1.752001655s ago: executing program 4 (id=4325): setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x220, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x188, 0xffffffff, 0xffffffff, 0x188, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x6, 0xa8, 0xf0, 0x0, {}, [@common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}, {{@ip={@local, @local, 0x0, 0x0, 'veth0_to_team\x00', 'veth1_virt_wifi\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE0={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280) r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000140)=ANY=[@ANYBLOB="e0000001ac1414aa0000000003"], 0x1c) syz_emit_ethernet(0x0, 0x0, 0x0) 1.622758288s ago: executing program 4 (id=4327): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00'}, 0x10) r0 = syz_open_dev$usbfs(0x0, 0x77, 0x141341) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000000c0)={0x80, 0x6, 0x2fe, 0x0, 0xfe, 0xfffffff9, 0x0}) 1.384317319s ago: executing program 4 (id=4330): r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000480)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) socket$nl_sock_diag(0x10, 0x3, 0x4) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000640)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0xa) 1.38342787s ago: executing program 0 (id=4331): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = dup(r2) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000"], 0x64}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000306090100008000000004000200000a0500"], 0x1c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4) 1.327329823s ago: executing program 2 (id=4332): r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r0, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d80000001b00010000000000fdfffffffc000000000000000000000000000000200100000000000000000000000000004e240000000000010000000000000000", @ANYRES32, @ANYBLOB="0000000000000000ffffffffffffff7ffcffffffffffffff04000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000006fcffff00000000000003000000000000000000000000000c0008"], 0xd8}}, 0x20008004) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'bond0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'gretap0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="400d0000000000003000128008000100687372002400028008000200", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r2], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) 1.255327447s ago: executing program 5 (id=4333): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) flistxattr(0xffffffffffffffff, &(0x7f0000000280)=""/183, 0xb7) 1.143328804s ago: executing program 0 (id=4335): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_sctp_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000440)={0x0, 0x8, 0xb9, "bd4c6b552af324a57a119171d7431b22336794cd2f71352b495f8d035bbb1ddfd139cc0197c33353feeb6ad9362bde64482bc58847b45108464825903677c8d630d0ed2f756060ee2f7d0f796591382f6d718ced19239c00ce007f76b43fa76ad4ab4415e3e3a962bccfd79bee14de93beba40e276145fa696b27fee69425242751541b6e5f8b815f584403a17ece858f89b9217aae2f0997a9a9cbbaf789fa7701dd19b4888a8518f6a05d1a6996ef1fa422a8f4a7c64c8a2"}, 0xc1) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="120000000f0000000400000002"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, 0xffffffffffffffff}, 0x0, &(0x7f0000000380)=r0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r2, &(0x7f0000000500), 0x0}, 0x20) 1.107669362s ago: executing program 5 (id=4336): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x8c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x64, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x4}}}, {0x4c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x4}, @NFTA_BITWISE_MASK={0x1c, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x15, 0x1, "321dafb6c4d92e0124621913e73ac618b1"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x100}}, 0x0) 947.090811ms ago: executing program 0 (id=4337): setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x220, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x188, 0xffffffff, 0xffffffff, 0x188, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x6, 0xa8, 0xf0, 0x0, {}, [@common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}, {{@ip={@local, @local, 0x0, 0x0, 'veth0_to_team\x00', 'veth1_virt_wifi\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE0={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280) r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000140)=ANY=[@ANYBLOB="e0000001ac1414aa0000000003"], 0x1c) syz_emit_ethernet(0x0, 0x0, 0x0) 938.569337ms ago: executing program 4 (id=4338): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffff9, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000110b00088500000072000000"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000007c0)=@newtfilter={0x38, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xb, 0x4}, {}, {0xfff2, 0x300}}, [@filter_kind_options=@f_bpf={{0x8}, {0xc, 0x2, [@TCA_BPF_FD={0x8, 0x6, r3}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20041090}, 0x0) 896.933007ms ago: executing program 2 (id=4339): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000400)={r0, 0x0, 0x0}, 0x10) 857.304895ms ago: executing program 3 (id=4340): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00'}, 0x10) r0 = syz_open_dev$usbfs(0x0, 0x77, 0x141341) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000000c0)={0x80, 0x6, 0x2fe, 0x0, 0xfe, 0xfffffff9, 0x0}) 855.10468ms ago: executing program 5 (id=4341): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000000c0)=@filter={'filter\x00', 0xe, 0x4, 0x460, 0xffffffff, 0x298, 0x0, 0x298, 0xffffffff, 0xffffffff, 0x390, 0x390, 0x390, 0xffffffff, 0x4, &(0x7f0000000080), {[{{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x16, 0x3, 0x4, 0x0, 0x6, @local, @mcast2, @local, [0x0, 0x0, 0xffffff00, 0xff000000], [0x0, 0xff000000, 0xff, 0xffffff00], [0xff, 0xff, 0xff, 0xff000000], 0x1900, 0x2480}}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x56, 0x6, 0x2, 0x9, 0x80, 0xd86c]}}}, {{@uncond, 0x0, 0xd8, 0x120, 0x0, {}, [@common=@ah={{0x30}, {[0x4d6, 0x4d5], 0x8, 0x7f, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private2, 'vlan0\x00', {0x616e}}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast1, [0xffffffff, 0xff000000, 0xffffffff], [0xff000000, 0xff], 'veth0\x00', 'rose0\x00', {}, {0xff}, 0x6c, 0xd, 0x2, 0x62}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@eui64={{0x28}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x4}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c0) r1 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x200003, 0x1af}, &(0x7f00000001c0)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SYMLINKAT={0x26, 0x18, 0x0, 0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x1}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) io_uring_enter(r1, 0x47f8, 0x4003, 0x2, 0x0, 0x0) 759.190009ms ago: executing program 3 (id=4342): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000840)={{0xa, 0x0, 0x8, @local, 0xc}, {0xa, 0x4e24, 0x0, @empty}, 0x1, {[0x0, 0x0, 0x7]}}, 0x5c) setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0xfffffffc, @empty}, 0x1, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xe3]}}, 0x5c) 751.317012ms ago: executing program 0 (id=4343): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x76, 0x41341) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200)) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) 673.865864ms ago: executing program 3 (id=4344): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x2, [{0xc}]}, @ptr={0x0, 0x0, 0x0, 0x2, 0x2}]}}, &(0x7f0000000200)=""/224, 0x3a, 0xe0, 0x1}, 0x28) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f00000007c0)={0x400000000000000, 0x0, &(0x7f0000000700)={&(0x7f0000000000)=ANY=[@ANYBLOB="020f000015000000000000000000000005000500000000000a00000000000000000000000000000000432e0000000000000000000000000008001200000002000000f1edc4ea00000600000000000000000000000000000000000000000000000000000000000000fc01000000000000000000000000810005000600000000000a00000000000000ff0200000000000000000000000000010000000000000000010018"], 0xa8}}, 0x40080) r3 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) openat$cgroup_procs(r4, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0) ioctl$SG_SET_KEEP_ORPHAN(r4, 0x2287, &(0x7f0000000180)=0x100) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0xfffc, 0x2fd, 0x4, 0x101}}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x18) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x1ffffdc1, &(0x7f0000000440)=ANY=[@ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000057000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x40, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/time\x00') bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x18) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c20000000180c200000086dd6001012000103afffe8000"/35], 0x0) fallocate(r0, 0x3a, 0x0, 0x62c1e2f) 620.343773ms ago: executing program 2 (id=4345): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = dup(r2) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000"], 0x64}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000306090100008000000004000200000a0500"], 0x1c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4) 446.221435ms ago: executing program 2 (id=4346): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ffffff}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='module_request\x00', r1}, 0x10) socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0)) 445.855582ms ago: executing program 0 (id=4347): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400)) setsockopt$inet_sctp_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000440)={0x0, 0x8, 0xb9, "bd4c6b552af324a57a119171d7431b22336794cd2f71352b495f8d035bbb1ddfd139cc0197c33353feeb6ad9362bde64482bc58847b45108464825903677c8d630d0ed2f756060ee2f7d0f796591382f6d718ced19239c00ce007f76b43fa76ad4ab4415e3e3a962bccfd79bee14de93beba40e276145fa696b27fee69425242751541b6e5f8b815f584403a17ece858f89b9217aae2f0997a9a9cbbaf789fa7701dd19b4888a8518f6a05d1a6996ef1fa422a8f4a7c64c8a2"}, 0xc1) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="120000000f0000000400000002"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0, 0xffffffffffffffff}, &(0x7f0000000080), 0x0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r1, &(0x7f0000000500), 0x0}, 0x20) 383.191276ms ago: executing program 3 (id=4348): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) flistxattr(0xffffffffffffffff, &(0x7f0000000280)=""/183, 0xb7) 316.900308ms ago: executing program 4 (id=4349): r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000480)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) socket$nl_sock_diag(0x10, 0x3, 0x4) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0xa) 194.151367ms ago: executing program 0 (id=4350): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="7800000002060108000000000000000000000000050005000a0000001400078008001140000000000500150000000000050001000700000005000400000000000900020073797a310000000011000300686173683a6e65742c6e65740000000015000300686173683a69702c706f72742c6e6574"], 0x78}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10040003}, 0x0) 183.988017ms ago: executing program 2 (id=4351): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) rt_sigsuspend(0x0, 0x0) mount_setattr(0xffffffffffffffff, 0x0, 0x8800, 0x0, 0x0) 171.814499ms ago: executing program 3 (id=4352): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00'}, 0x10) r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, 0x0) 126.515971ms ago: executing program 4 (id=4353): setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x220, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x188, 0xffffffff, 0xffffffff, 0x188, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x6, 0xa8, 0xf0, 0x0, {}, [@common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}, {{@ip={@local, @local, 0x0, 0x0, 'veth0_to_team\x00', 'veth1_virt_wifi\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE0={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280) r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000140)=ANY=[@ANYBLOB="e0000001ac1414aa0000000003"], 0x1c) syz_emit_ethernet(0x0, 0x0, 0x0) 14.548937ms ago: executing program 5 (id=4354): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$MRT6_DEL_MFC(r1, 0x29, 0xcd, &(0x7f0000000200)={{0xa, 0x4e24, 0x9e, @rand_addr=' \x01\x00', 0x2}, {0xa, 0x4e24, 0xd560000, @mcast1}, 0xffffffffffffffff, {[0x2, 0x3, 0xb014, 0x6, 0x24c, 0x2, 0x7fffffff, 0x7]}}, 0x5c) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r3}, &(0x7f0000000740), &(0x7f0000000780)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x14, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r4, 0x0, 0x2}, 0x18) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'veth1_macvtap\x00', 0x0}) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000280)={@remote, r5}, 0x14) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, r5, {0xfffd, 0x10}, {0x8, 0x4}, {0x6, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x14004804}, 0x8804) dup2(r0, r1) 13.222582ms ago: executing program 3 (id=4355): r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x100, 0x1, 0x40000333}, &(0x7f00000006c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xffffffff, 0x0, 0x4) r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x80044940, &(0x7f00000010c0)) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0) 0s ago: executing program 2 (id=4356): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = dup(r2) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000"], 0x64}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000306090100008000000004000200000a0500"], 0x1c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4) kernel console output (not intermixed with test programs): hsr1: entered promiscuous mode [ 326.221782][T12513] lo speed is unknown, defaulting to 1000 [ 326.224814][T12513] lo speed is unknown, defaulting to 1000 [ 326.863904][T12535] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2843'. [ 327.197612][T12543] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2848'. [ 327.197655][T12543] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2848'. [ 327.419947][ T37] kauditd_printk_skb: 20 callbacks suppressed [ 327.419970][ T37] audit: type=1326 audit(1768386024.908:2018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12553 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f780fcbf749 code=0x7ffc0000 [ 327.420452][ T37] audit: type=1326 audit(1768386024.908:2019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12553 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f780fcbf749 code=0x7ffc0000 [ 327.441686][ T37] audit: type=1326 audit(1768386024.926:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12553 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f780fcbf749 code=0x7ffc0000 [ 327.441966][ T37] audit: type=1326 audit(1768386024.926:2021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12553 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f780fcbf749 code=0x7ffc0000 [ 327.442362][ T37] audit: type=1326 audit(1768386024.926:2022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12553 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f780fcbf749 code=0x7ffc0000 [ 327.442817][ T37] audit: type=1326 audit(1768386024.926:2023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12553 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f780fcc1667 code=0x7ffc0000 [ 327.443263][ T37] audit: type=1326 audit(1768386024.926:2024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12553 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f780fcc15dc code=0x7ffc0000 [ 327.444007][ T37] audit: type=1326 audit(1768386024.926:2025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12553 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f780fcc1514 code=0x7ffc0000 [ 327.444220][ T37] audit: type=1326 audit(1768386024.926:2026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12553 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f780fcc1514 code=0x7ffc0000 [ 327.444403][ T37] audit: type=1326 audit(1768386024.926:2027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12553 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f780fcbe3aa code=0x7ffc0000 [ 327.750883][T12563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2856'. [ 328.194376][ T5816] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 328.222865][ T5816] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 328.226765][ T5816] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 328.243574][ T5816] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 328.269176][ T5816] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 328.342242][T12571] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2859'. [ 328.381005][T12566] lo speed is unknown, defaulting to 1000 [ 328.382448][T12566] lo speed is unknown, defaulting to 1000 [ 328.484110][ T31] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 328.543757][T12576] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2862'. [ 328.543787][T12576] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2862'. [ 328.665248][ T31] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 328.665285][ T31] usb 5-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 328.665311][ T31] usb 5-1: config 0 interface 0 has no altsetting 0 [ 328.665346][ T31] usb 5-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00 [ 328.665370][ T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.723472][ T31] usb 5-1: config 0 descriptor?? [ 328.950346][T12569] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 328.951665][T12569] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 329.157016][ T31] usbhid 5-1:0.0: can't add hid device: -71 [ 329.157167][ T31] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 329.198761][ T31] usb 5-1: USB disconnect, device number 2 [ 329.962060][T12601] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2871'. [ 330.382857][ T1017] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.382900][ T1017] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 57850 - 0 [ 330.450942][ T5816] Bluetooth: hci5: command tx timeout [ 330.462323][T12622] loop2: detected capacity change from 0 to 7 [ 330.463514][T12622] Dev loop2: unable to read RDB block 7 [ 330.463556][T12622] loop2: unable to read partition table [ 330.463790][T12622] loop2: partition table beyond EOD, truncated [ 330.463808][T12622] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 330.523286][T12566] chnl_net:caif_netlink_parms(): no params data found [ 331.252371][ T1017] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.252413][ T1017] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 57850 - 0 [ 331.643287][ T1017] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.643330][ T1017] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 57850 - 0 [ 332.218202][ T1017] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.218244][ T1017] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 57850 - 0 [ 332.313512][T12566] bridge0: port 1(bridge_slave_0) entered blocking state [ 332.313722][T12566] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.313973][T12566] bridge_slave_0: entered allmulticast mode [ 332.317599][T12566] bridge_slave_0: entered promiscuous mode [ 332.380164][T12566] bridge0: port 2(bridge_slave_1) entered blocking state [ 332.381487][T12566] bridge0: port 2(bridge_slave_1) entered disabled state [ 332.381746][T12566] bridge_slave_1: entered allmulticast mode [ 332.404084][T12566] bridge_slave_1: entered promiscuous mode [ 332.674298][ T5816] Bluetooth: hci5: command tx timeout [ 332.760355][T12566] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 332.766543][T12566] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 333.179149][T12566] team0: Port device team_slave_0 added [ 333.201973][T12566] team0: Port device team_slave_1 added [ 333.648511][T12566] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 333.648533][T12566] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 333.648565][T12566] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 333.651368][T12566] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 333.651384][T12566] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 333.651415][T12566] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 334.537232][T12566] hsr_slave_0: entered promiscuous mode [ 334.538949][T12566] hsr_slave_1: entered promiscuous mode [ 334.540096][T12566] debugfs: 'hsr0' already exists in 'hsr' [ 334.540124][T12566] Cannot create hsr debugfs directory [ 334.721629][T12711] netlink: 'syz.4.2915': attribute type 8 has an invalid length. [ 334.721654][T12711] __nla_validate_parse: 2 callbacks suppressed [ 334.721667][T12711] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2915'. [ 334.897817][ T5816] Bluetooth: hci5: command tx timeout [ 334.959599][ T1017] bridge_slave_1: left allmulticast mode [ 334.959704][ T1017] bridge_slave_1: left promiscuous mode [ 334.978109][ T1017] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.071381][ T1017] bridge_slave_0: left allmulticast mode [ 335.071416][ T1017] bridge_slave_0: left promiscuous mode [ 335.072266][ T1017] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.237454][T12720] netlink: 'syz.0.2919': attribute type 4 has an invalid length. [ 335.293773][T12721] netlink: 'syz.0.2919': attribute type 4 has an invalid length. [ 336.427201][ T1017] bond2 (unregistering): (slave geneve3): Releasing backup interface [ 337.136419][ T5813] Bluetooth: hci5: command tx timeout [ 337.850947][ T1017] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 337.917468][ T1017] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 337.957915][ T1017] bond0 (unregistering): Released all slaves [ 339.060420][ T1017] bond1 (unregistering): Released all slaves [ 339.883608][ T1017] bond2 (unregistering): Released all slaves [ 340.751083][ T1017] bond3 (unregistering): Released all slaves [ 341.581353][ T1017] bond4 (unregistering): Released all slaves [ 342.330755][ T1017] bond5 (unregistering): Released all slaves [ 343.121989][ T1017] bond6 (unregistering): Released all slaves [ 343.921639][ T1017] bond7 (unregistering): Released all slaves [ 344.714098][ T1017] bond8 (unregistering): Released all slaves [ 344.980755][ T1017] rxrpc: Call ffff888039406040 still in use (1,Complete,1489,0)! [ 345.100162][T12779] kthread_run failed with err -4 [ 345.276122][ T10] lo speed is unknown, defaulting to 1000 [ 345.277263][ T6914] lo speed is unknown, defaulting to 1000 [ 346.235496][ T37] kauditd_printk_skb: 22 callbacks suppressed [ 346.235520][ T37] audit: type=1326 audit(1768386042.514:2050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12806 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e881f749 code=0x7ffc0000 [ 346.235578][ T37] audit: type=1326 audit(1768386042.514:2051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12806 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57e881f749 code=0x7ffc0000 [ 346.237769][ T37] audit: type=1326 audit(1768386042.514:2052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12806 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e881f749 code=0x7ffc0000 [ 346.237848][ T37] audit: type=1326 audit(1768386042.514:2053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12806 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57e881f749 code=0x7ffc0000 [ 346.237901][ T37] audit: type=1326 audit(1768386042.514:2054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12806 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e881f749 code=0x7ffc0000 [ 346.238044][ T37] audit: type=1326 audit(1768386042.514:2055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12806 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e881f749 code=0x7ffc0000 [ 346.262082][ T37] audit: type=1326 audit(1768386042.542:2056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12806 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f57e881f749 code=0x7ffc0000 [ 346.262140][ T37] audit: type=1326 audit(1768386042.542:2057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12806 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e881f749 code=0x7ffc0000 [ 346.265994][ T37] audit: type=1326 audit(1768386042.542:2058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12806 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7f57e881f749 code=0x7ffc0000 [ 346.749952][ T37] audit: type=1326 audit(1768386042.991:2059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12806 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e881f749 code=0x7ffc0000 [ 347.261939][T12835] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2966'. [ 347.261969][T12835] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2966'. [ 347.637159][T12820] lo speed is unknown, defaulting to 1000 [ 347.716695][T12820] lo speed is unknown, defaulting to 1000 [ 347.723459][T12566] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 347.814936][T12566] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 347.868289][T12566] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 347.921162][T12566] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 348.347545][T12566] 8021q: adding VLAN 0 to HW filter on device bond0 [ 348.431600][T12566] 8021q: adding VLAN 0 to HW filter on device team0 [ 348.520877][ T992] bridge0: port 1(bridge_slave_0) entered blocking state [ 348.522330][ T992] bridge0: port 1(bridge_slave_0) entered forwarding state [ 348.801433][T10791] bridge0: port 2(bridge_slave_1) entered blocking state [ 348.801693][T10791] bridge0: port 2(bridge_slave_1) entered forwarding state [ 349.022344][T12869] loop2: detected capacity change from 0 to 7 [ 349.024113][T12869] Dev loop2: unable to read RDB block 7 [ 349.024159][T12869] loop2: unable to read partition table [ 349.024409][T12869] loop2: partition table beyond EOD, truncated [ 349.024430][T12869] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 349.839162][T12566] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 350.069077][T12566] veth0_vlan: entered promiscuous mode [ 350.096178][T12566] veth1_vlan: entered promiscuous mode [ 350.173645][ T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 350.196162][T12566] veth0_macvtap: entered promiscuous mode [ 350.226645][T12566] veth1_macvtap: entered promiscuous mode [ 350.314942][ T9] usb 3-1: device descriptor read/64, error -71 [ 350.348856][T12566] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 350.404276][T12566] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 350.455410][T10509] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.455465][T10509] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.455504][T10509] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.455543][T10509] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.579168][ T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 350.720465][ T9] usb 3-1: device descriptor read/64, error -71 [ 350.844083][ T9] usb usb3-port1: attempt power cycle [ 351.029066][T10783] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 351.029092][T10783] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 351.196035][T10785] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 351.196060][T10785] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 351.252986][ T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 351.274579][ T9] usb 3-1: device descriptor read/8, error -71 [ 351.530272][ T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 351.555724][ T9] usb 3-1: device descriptor read/8, error -71 [ 351.669776][ T9] usb usb3-port1: unable to enumerate USB device [ 352.106330][T12925] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3003'. [ 352.106364][T12925] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3003'. [ 352.253572][ T5816] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 352.268003][ T5816] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 352.275228][ T5816] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 352.276825][ T5816] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 352.312906][ T5816] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 352.494439][T12926] lo speed is unknown, defaulting to 1000 [ 352.497713][T12926] lo speed is unknown, defaulting to 1000 [ 352.852663][T12942] netlink: 'syz.4.3010': attribute type 10 has an invalid length. [ 353.035655][T12946] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3011'. [ 353.035693][T12946] netlink: 'syz.3.3011': attribute type 30 has an invalid length. [ 353.442120][ T7136] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 353.467944][ T7136] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 353.468004][ T7136] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 353.468046][ T7136] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 353.656838][T12926] chnl_net:caif_netlink_parms(): no params data found [ 354.248182][T12926] bridge0: port 1(bridge_slave_0) entered blocking state [ 354.249374][T12926] bridge0: port 1(bridge_slave_0) entered disabled state [ 354.249737][T12926] bridge_slave_0: entered allmulticast mode [ 354.257846][T12926] bridge_slave_0: entered promiscuous mode [ 354.269934][T12926] bridge0: port 2(bridge_slave_1) entered blocking state [ 354.271046][T12926] bridge0: port 2(bridge_slave_1) entered disabled state [ 354.271265][T12926] bridge_slave_1: entered allmulticast mode [ 354.285138][T12926] bridge_slave_1: entered promiscuous mode [ 354.537611][T12926] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 354.556061][T12926] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 354.573723][ T5813] Bluetooth: hci0: command tx timeout [ 354.817132][T12926] team0: Port device team_slave_0 added [ 354.843989][T12926] team0: Port device team_slave_1 added [ 355.095132][T12926] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 355.095153][T12926] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 355.095184][T12926] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 355.167028][T12926] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 355.167049][T12926] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 355.167080][T12926] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 355.186318][ T37] kauditd_printk_skb: 118 callbacks suppressed [ 355.186339][ T37] audit: type=1326 audit(1768386050.878:2178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13003 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc99bfbf749 code=0x7ffc0000 [ 355.186518][ T37] audit: type=1326 audit(1768386050.887:2179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13003 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc99bfbf749 code=0x7ffc0000 [ 355.250534][ T37] audit: type=1326 audit(1768386050.887:2180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13003 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc99bfbf749 code=0x7ffc0000 [ 355.250594][ T37] audit: type=1326 audit(1768386050.887:2181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13003 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc99bfbf749 code=0x7ffc0000 [ 355.250640][ T37] audit: type=1326 audit(1768386050.896:2182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13003 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc99bfbf749 code=0x7ffc0000 [ 355.250686][ T37] audit: type=1326 audit(1768386050.896:2183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13003 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc99bfbf749 code=0x7ffc0000 [ 355.250730][ T37] audit: type=1326 audit(1768386050.896:2184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13003 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc99bfbf749 code=0x7ffc0000 [ 355.250775][ T37] audit: type=1326 audit(1768386050.896:2185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13003 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc99bfbf749 code=0x7ffc0000 [ 355.250818][ T37] audit: type=1326 audit(1768386050.896:2186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13003 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc99bfbf749 code=0x7ffc0000 [ 355.250863][ T37] audit: type=1326 audit(1768386050.924:2187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13003 comm="syz.1.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc99bfbf749 code=0x7ffc0000 [ 355.460595][T13008] loop2: detected capacity change from 0 to 7 [ 355.463224][T13008] Dev loop2: unable to read RDB block 7 [ 355.463270][T13008] loop2: unable to read partition table [ 355.463481][T13008] loop2: partition table beyond EOD, truncated [ 355.463501][T13008] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 355.903895][T12926] hsr_slave_0: entered promiscuous mode [ 355.905605][T12926] hsr_slave_1: entered promiscuous mode [ 355.906752][T12926] debugfs: 'hsr0' already exists in 'hsr' [ 355.906781][T12926] Cannot create hsr debugfs directory [ 356.202078][T13032] IPv6: Can't replace route, no match found [ 356.702015][T13050] netlink: 'syz.3.3056': attribute type 10 has an invalid length. [ 356.792219][ T5813] Bluetooth: hci0: command tx timeout [ 356.919660][T13058] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3060'. [ 356.972421][T12926] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 356.972534][T12926] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 57336 - 0 [ 357.458777][T12926] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.458806][T12926] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 57336 - 0 [ 357.915999][T12926] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.916040][T12926] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 57336 - 0 [ 358.076263][T13083] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3070'. [ 358.294208][T12926] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.294252][T12926] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 57336 - 0 [ 358.382976][T13090] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3074'. [ 358.383017][T13090] netlink: 'syz.1.3074': attribute type 30 has an invalid length. [ 358.422857][ T85] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 358.423131][ T85] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 358.423174][ T85] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 358.423212][ T85] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 358.864636][T13096] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 358.864676][T13096] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 358.900546][T13096] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 358.900581][T13096] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 359.012691][ T5813] Bluetooth: hci0: command tx timeout [ 359.182021][T13100] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3078'. [ 359.182053][T13100] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3078'. [ 359.213638][T13102] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3079'. [ 359.399649][T12926] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 359.511821][T12926] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 359.791309][T13125] netlink: 'syz.1.3088': attribute type 4 has an invalid length. [ 359.792310][T13113] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3084'. [ 359.823485][T12926] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 359.842375][T13123] netlink: 'syz.1.3088': attribute type 4 has an invalid length. [ 359.998635][T12926] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 360.056868][T13130] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3089'. [ 360.056899][T13130] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3089'. [ 360.236549][T13141] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3093'. [ 360.430622][T12926] 8021q: adding VLAN 0 to HW filter on device bond0 [ 360.502183][T12926] 8021q: adding VLAN 0 to HW filter on device team0 [ 360.546022][ T7058] bridge0: port 1(bridge_slave_0) entered blocking state [ 360.546301][ T7058] bridge0: port 1(bridge_slave_0) entered forwarding state [ 360.550593][ T7058] bridge0: port 2(bridge_slave_1) entered blocking state [ 360.551094][ T7058] bridge0: port 2(bridge_slave_1) entered forwarding state [ 360.776982][ T43] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 360.915388][ T43] usb 4-1: device descriptor read/64, error -71 [ 361.080618][T13162] netlink: 'syz.2.3101': attribute type 4 has an invalid length. [ 361.126268][ T5809] lo speed is unknown, defaulting to 1000 [ 361.126303][ T5809] syz0: Port: 1 Link DOWN [ 361.131388][T13162] netlink: 'syz.2.3101': attribute type 4 has an invalid length. [ 361.160827][ T5809] lo speed is unknown, defaulting to 1000 [ 361.160860][ T5809] syz0: Port: 1 Link ACTIVE [ 361.198352][ T43] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 361.236676][ T5813] Bluetooth: hci0: command tx timeout [ 361.264750][T12926] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 361.332594][ T43] usb 4-1: device descriptor read/64, error -71 [ 361.450936][ T43] usb usb4-port1: attempt power cycle [ 361.497983][T12926] veth0_vlan: entered promiscuous mode [ 361.500123][T13177] siw: device registration error -23 [ 361.552244][T12926] veth1_vlan: entered promiscuous mode [ 361.742508][T12926] veth0_macvtap: entered promiscuous mode [ 361.761840][T12926] veth1_macvtap: entered promiscuous mode [ 361.824262][ T43] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 361.846550][ T43] usb 4-1: device descriptor read/8, error -71 [ 361.883624][T12926] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 361.915324][T12926] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 361.977314][T10509] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.978651][T10509] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.981769][T10509] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.982762][T10509] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.102232][ T43] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 362.124231][ T43] usb 4-1: device descriptor read/8, error -71 [ 362.253885][ T43] usb usb4-port1: unable to enumerate USB device [ 362.458721][T10785] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 362.458759][T10785] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 362.583270][T10785] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 362.583295][T10785] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 362.885936][T13193] netlink: 'syz.2.3112': attribute type 4 has an invalid length. [ 362.895129][ T805] lo speed is unknown, defaulting to 1000 [ 362.895156][ T805] syz0: Port: 1 Link DOWN [ 363.190862][T13201] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3115'. [ 363.216710][T13201] bond0: entered promiscuous mode [ 363.216737][T13201] bond_slave_0: entered promiscuous mode [ 363.217011][T13201] bond_slave_1: entered promiscuous mode [ 363.219675][T13201] gretap0: entered promiscuous mode [ 363.221277][T13201] debugfs: 'hsr1' already exists in 'hsr' [ 363.221306][T13201] Cannot create hsr debugfs directory [ 363.221327][T13201] hsr1: entered promiscuous mode [ 363.451151][ T5816] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 363.457194][ T5816] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 363.484794][ T5816] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 363.486624][ T5816] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 363.487477][ T5816] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 363.668918][T13206] lo speed is unknown, defaulting to 1000 [ 363.672801][T13206] lo speed is unknown, defaulting to 1000 [ 364.317851][T13219] netlink: 'syz.1.3122': attribute type 8 has an invalid length. [ 364.317875][T13219] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3122'. [ 364.375553][T13219] bond0: entered promiscuous mode [ 364.375579][T13219] bond_slave_0: entered promiscuous mode [ 364.375982][T13219] bond_slave_1: entered promiscuous mode [ 364.384067][T13219] gretap0: entered promiscuous mode [ 364.385960][T13219] debugfs: 'hsr1' already exists in 'hsr' [ 364.385988][T13219] Cannot create hsr debugfs directory [ 364.386009][T13219] hsr1: entered promiscuous mode [ 364.890160][T13206] chnl_net:caif_netlink_parms(): no params data found [ 364.986957][ T37] kauditd_printk_skb: 192 callbacks suppressed [ 364.986978][ T37] audit: type=1326 audit(1768386060.046:2380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13230 comm="syz.0.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 364.987352][ T37] audit: type=1326 audit(1768386060.046:2381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13230 comm="syz.0.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 365.043601][ T37] audit: type=1326 audit(1768386060.111:2382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13230 comm="syz.0.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 365.043902][ T37] audit: type=1326 audit(1768386060.111:2383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13230 comm="syz.0.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 365.044162][ T37] audit: type=1326 audit(1768386060.111:2384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13230 comm="syz.0.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 365.044427][ T37] audit: type=1326 audit(1768386060.111:2385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13230 comm="syz.0.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 365.045993][ T37] audit: type=1326 audit(1768386060.111:2386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13230 comm="syz.0.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde33dddf90 code=0x7ffc0000 [ 365.047195][ T37] audit: type=1326 audit(1768386060.111:2387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13230 comm="syz.0.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 365.047505][ T37] audit: type=1326 audit(1768386060.111:2388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13230 comm="syz.0.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 365.047805][ T37] audit: type=1326 audit(1768386060.111:2389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13230 comm="syz.0.3125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 365.206961][T13232] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 365.207653][ T5873] IPVS: starting estimator thread 0... [ 365.324332][T13234] IPVS: using max 8 ests per chain, 19200 per kthread [ 365.544937][T13243] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3129'. [ 365.545451][T13241] netlink: 'syz.3.3128': attribute type 30 has an invalid length. [ 365.685512][ T5816] Bluetooth: hci3: command tx timeout [ 365.745773][T13206] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.746037][T13206] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.746324][T13206] bridge_slave_0: entered allmulticast mode [ 365.750105][T13206] bridge_slave_0: entered promiscuous mode [ 365.761223][T13206] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.768720][T13206] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.768988][T13206] bridge_slave_1: entered allmulticast mode [ 365.771779][T13206] bridge_slave_1: entered promiscuous mode [ 366.124395][T13206] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 366.148288][T13206] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 366.363817][T13256] loop2: detected capacity change from 0 to 7 [ 366.376640][T13256] Dev loop2: unable to read RDB block 7 [ 366.376689][T13256] loop2: unable to read partition table [ 366.376940][T13256] loop2: partition table beyond EOD, truncated [ 366.376962][T13256] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 366.738084][T13206] team0: Port device team_slave_0 added [ 366.751816][T13206] team0: Port device team_slave_1 added [ 366.967100][T13267] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3139'. [ 367.143157][T13206] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 367.143179][T13206] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 367.143209][T13206] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 367.149175][T13206] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 367.149194][T13206] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 367.149220][T13206] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 367.604759][T13275] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3142'. [ 367.687166][T13206] hsr_slave_0: entered promiscuous mode [ 367.698395][T13206] hsr_slave_1: entered promiscuous mode [ 367.700166][T13206] debugfs: 'hsr0' already exists in 'hsr' [ 367.700195][T13206] Cannot create hsr debugfs directory [ 367.913873][ T5816] Bluetooth: hci3: command tx timeout [ 368.079328][T13283] loop2: detected capacity change from 0 to 7 [ 368.085349][T13283] Dev loop2: unable to read RDB block 7 [ 368.085385][T13283] loop2: AHDI p1 p2 p3 [ 368.085415][T13283] loop2: partition table partially beyond EOD, truncated [ 368.085537][T13283] loop2: p1 start 1601398130 is beyond EOD, truncated [ 368.085557][T13283] loop2: p2 start 1702059890 is beyond EOD, truncated [ 368.501371][T13295] netlink: 'syz.3.3151': attribute type 30 has an invalid length. [ 368.813271][T13289] lo speed is unknown, defaulting to 1000 [ 368.864345][T13289] lo speed is unknown, defaulting to 1000 [ 368.976734][T13206] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 368.976774][T13206] netdevsim netdevsim4 eth3 (unregistering): unset [1, 1] type 2 family 0 port 43388 - 0 [ 369.297955][T13206] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 369.297994][T13206] netdevsim netdevsim4 eth2 (unregistering): unset [1, 1] type 2 family 0 port 43388 - 0 [ 369.557904][T13206] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 369.557945][T13206] netdevsim netdevsim4 eth1 (unregistering): unset [1, 1] type 2 family 0 port 43388 - 0 [ 369.676952][T13310] loop2: detected capacity change from 0 to 7 [ 369.686434][T13310] Dev loop2: unable to read RDB block 7 [ 369.686471][T13310] loop2: AHDI p1 p2 p3 [ 369.686502][T13310] loop2: partition table partially beyond EOD, truncated [ 369.686621][T13310] loop2: p1 start 1601398130 is beyond EOD, truncated [ 369.686638][T13310] loop2: p2 start 1702059890 is beyond EOD, truncated [ 369.869354][T13206] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 369.869391][T13206] netdevsim netdevsim4 eth0 (unregistering): unset [1, 1] type 2 family 0 port 43388 - 0 [ 370.140039][ T5816] Bluetooth: hci3: command tx timeout [ 370.840292][T13206] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 370.901531][T13206] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 370.966180][T13206] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 370.990312][T13206] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 371.205710][T13342] loop2: detected capacity change from 0 to 7 [ 371.222162][T13342] Dev loop2: unable to read RDB block 7 [ 371.222206][T13342] loop2: AHDI p1 p2 p3 [ 371.222241][T13342] loop2: partition table partially beyond EOD, truncated [ 371.222387][T13342] loop2: p1 start 1601398130 is beyond EOD, truncated [ 371.222408][T13342] loop2: p2 start 1702059890 is beyond EOD, truncated [ 371.410691][T13206] 8021q: adding VLAN 0 to HW filter on device bond0 [ 371.517110][T13206] 8021q: adding VLAN 0 to HW filter on device team0 [ 371.579804][T10786] bridge0: port 1(bridge_slave_0) entered blocking state [ 371.604119][T10786] bridge0: port 1(bridge_slave_0) entered forwarding state [ 371.681891][ T3505] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.699875][ T3505] bridge0: port 2(bridge_slave_1) entered forwarding state [ 371.942429][T13354] netlink: 'syz.0.3172': attribute type 10 has an invalid length. [ 372.083622][T13354] team0: Port device dummy0 added [ 372.149091][T13360] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3173'. [ 372.149125][T13360] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3173'. [ 372.353002][ T5816] Bluetooth: hci3: command tx timeout [ 372.640472][T13206] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 372.764077][T13374] loop2: detected capacity change from 0 to 7 [ 372.783617][T13374] Dev loop2: unable to read RDB block 7 [ 372.783655][T13374] loop2: AHDI p1 p2 p3 [ 372.783690][T13374] loop2: partition table partially beyond EOD, truncated [ 372.783819][T13374] loop2: p1 start 1601398130 is beyond EOD, truncated [ 372.783839][T13374] loop2: p2 start 1702059890 is beyond EOD, truncated [ 372.897282][T13377] netlink: 'syz.3.3179': attribute type 8 has an invalid length. [ 372.897306][T13377] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3179'. [ 372.977145][T13377] bond0: entered promiscuous mode [ 372.977172][T13377] bond_slave_0: entered promiscuous mode [ 372.977457][T13377] bond_slave_1: entered promiscuous mode [ 372.977794][T13377] dummy0: entered promiscuous mode [ 373.106149][T13377] gretap0: entered promiscuous mode [ 373.123930][T13377] debugfs: 'hsr1' already exists in 'hsr' [ 373.123966][T13377] Cannot create hsr debugfs directory [ 373.123991][T13377] hsr1: entered promiscuous mode [ 373.669196][T13386] netlink: 'syz.3.3183': attribute type 10 has an invalid length. [ 373.778280][T13386] bond0: (slave dummy0): Releasing backup interface [ 373.871634][T13386] dummy0: left promiscuous mode [ 373.935683][T13386] team0: Port device dummy0 added [ 374.242690][T13405] loop2: detected capacity change from 0 to 7 [ 374.243732][T13405] Dev loop2: unable to read RDB block 7 [ 374.243766][T13405] loop2: AHDI p1 p2 p3 [ 374.243795][T13405] loop2: partition table partially beyond EOD, truncated [ 374.243907][T13405] loop2: p1 start 1601398130 is beyond EOD, truncated [ 374.243929][T13405] loop2: p2 start 1702059890 is beyond EOD, truncated [ 374.611974][T13206] veth0_vlan: entered promiscuous mode [ 374.646256][T13206] veth1_vlan: entered promiscuous mode [ 374.995526][T13206] veth0_macvtap: entered promiscuous mode [ 375.007855][T13206] veth1_macvtap: entered promiscuous mode [ 375.062797][T13424] netlink: 'syz.0.3198': attribute type 10 has an invalid length. [ 375.118566][ T5873] Process accounting resumed [ 375.147836][T13206] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 375.191151][T13206] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 375.287214][T10786] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.287269][T10786] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.287319][T10786] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.287357][T10786] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.365176][T13431] loop2: detected capacity change from 0 to 7 [ 375.375447][T13431] Dev loop2: unable to read RDB block 7 [ 375.375481][T13431] loop2: AHDI p1 p2 p3 [ 375.375511][T13431] loop2: partition table partially beyond EOD, truncated [ 375.375625][T13431] loop2: p1 start 1601398130 is beyond EOD, truncated [ 375.375647][T13431] loop2: p2 start 1702059890 is beyond EOD, truncated [ 376.104914][T13450] netlink: 'syz.1.3209': attribute type 10 has an invalid length. [ 376.247807][T13450] team0: Port device dummy0 added [ 376.364942][T13455] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3211'. [ 376.372698][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 376.372719][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 376.566697][T13461] loop2: detected capacity change from 0 to 7 [ 376.569512][T13461] Dev loop2: unable to read RDB block 7 [ 376.569547][T13461] loop2: AHDI p1 p2 p3 [ 376.569583][T13461] loop2: partition table partially beyond EOD, truncated [ 376.569731][T13461] loop2: p1 start 1601398130 is beyond EOD, truncated [ 376.569752][T13461] loop2: p2 start 1702059890 is beyond EOD, truncated [ 376.608061][T13460] capability: warning: `syz.3.3213' uses 32-bit capabilities (legacy support in use) [ 376.675997][ T3459] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 376.676022][ T3459] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 377.171907][T13481] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3221'. [ 377.637503][T13488] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3223'. [ 377.790014][ T5813] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 377.829495][ T5813] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 377.831372][ T5813] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 377.832937][ T5813] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 377.834469][ T5813] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 378.167126][T13489] lo speed is unknown, defaulting to 1000 [ 378.202066][T13489] lo speed is unknown, defaulting to 1000 [ 378.790370][T13489] chnl_net:caif_netlink_parms(): no params data found [ 380.049340][ T5813] Bluetooth: hci4: command tx timeout [ 380.290338][T13489] bridge0: port 1(bridge_slave_0) entered blocking state [ 380.290681][T13489] bridge0: port 1(bridge_slave_0) entered disabled state [ 380.290974][T13489] bridge_slave_0: entered allmulticast mode [ 380.306092][T13489] bridge_slave_0: entered promiscuous mode [ 380.309917][T13489] bridge0: port 2(bridge_slave_1) entered blocking state [ 380.317552][T13489] bridge0: port 2(bridge_slave_1) entered disabled state [ 380.317833][T13489] bridge_slave_1: entered allmulticast mode [ 380.327075][T13489] bridge_slave_1: entered promiscuous mode [ 380.666379][T13489] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 380.681930][T13489] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 380.841400][T13558] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3251'. [ 381.152376][T13489] team0: Port device team_slave_0 added [ 381.194490][T13489] team0: Port device team_slave_1 added [ 381.310681][ T37] kauditd_printk_skb: 36 callbacks suppressed [ 381.310701][ T37] audit: type=1326 audit(1768386075.323:2426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13569 comm="syz.4.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 381.310752][ T37] audit: type=1326 audit(1768386075.332:2427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13569 comm="syz.4.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 381.311335][ T37] audit: type=1326 audit(1768386075.332:2428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13569 comm="syz.4.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 381.311859][ T37] audit: type=1326 audit(1768386075.332:2429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13569 comm="syz.4.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 381.312525][ T37] audit: type=1326 audit(1768386075.332:2430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13569 comm="syz.4.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 381.313274][ T37] audit: type=1326 audit(1768386075.332:2432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13569 comm="syz.4.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 381.313326][ T37] audit: type=1326 audit(1768386075.332:2431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13569 comm="syz.4.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 381.314369][ T37] audit: type=1326 audit(1768386075.332:2433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13569 comm="syz.4.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 381.314421][ T37] audit: type=1326 audit(1768386075.332:2434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13569 comm="syz.4.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 381.315218][ T37] audit: type=1326 audit(1768386075.332:2435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13569 comm="syz.4.3255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 382.090858][T13489] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 382.090879][T13489] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 382.090910][T13489] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 382.093830][T13489] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 382.093847][T13489] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 382.093878][T13489] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 382.283662][ T5813] Bluetooth: hci4: command tx timeout [ 382.311901][T13588] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3264'. [ 382.313596][T13588] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3264'. [ 382.668910][T13489] hsr_slave_0: entered promiscuous mode [ 382.673246][T13489] hsr_slave_1: entered promiscuous mode [ 382.682543][T13489] debugfs: 'hsr0' already exists in 'hsr' [ 382.682573][T13489] Cannot create hsr debugfs directory [ 383.595678][T13620] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3276'. [ 384.500213][ T5813] Bluetooth: hci4: command tx timeout [ 384.581548][T13489] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 384.581584][T13489] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 43994 - 0 [ 385.423105][T13489] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.423150][T13489] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 43994 - 0 [ 385.947543][T13489] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.947585][T13489] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 43994 - 0 [ 386.719962][ T5813] Bluetooth: hci4: command tx timeout [ 386.724138][T13489] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 386.724180][T13489] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 43994 - 0 [ 386.882232][T13677] geneve2: entered promiscuous mode [ 386.884129][ T12] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 55255 - 0 [ 386.884230][ T12] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 55255 - 0 [ 386.884281][ T12] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 55255 - 0 [ 386.884317][ T12] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 55255 - 0 [ 389.249255][T13489] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 389.324374][T13710] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 389.342347][T13489] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 389.350853][T13707] IPVS: stopping master sync thread 13710 ... [ 389.505707][T13489] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 389.534841][T13714] netlink: 'syz.4.3310': attribute type 298 has an invalid length. [ 389.639867][T13489] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 389.849541][ T1322] ieee802154 phy0 wpan0: encryption failed: -22 [ 389.849630][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 390.094862][T13730] bond1 (unregistering): Released all slaves [ 390.533450][T13489] 8021q: adding VLAN 0 to HW filter on device bond0 [ 390.553077][T13738] netlink: 'syz.1.3317': attribute type 4 has an invalid length. [ 390.584451][T13738] netlink: 'syz.1.3317': attribute type 4 has an invalid length. [ 390.654951][T13489] 8021q: adding VLAN 0 to HW filter on device team0 [ 390.695737][T13728] bridge0: port 1(bridge_slave_0) entered blocking state [ 390.695986][T13728] bridge0: port 1(bridge_slave_0) entered forwarding state [ 390.753878][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 390.753975][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 390.938308][T13751] netlink: 'syz.3.3321': attribute type 2 has an invalid length. [ 391.296231][T13761] netlink: 'syz.1.3326': attribute type 8 has an invalid length. [ 391.296255][T13761] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3326'. [ 391.383534][T13765] netlink: 'syz.3.3328': attribute type 298 has an invalid length. [ 391.664744][T13489] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 391.710001][T13776] netlink: 'syz.1.3331': attribute type 4 has an invalid length. [ 391.756349][T13776] netlink: 'syz.1.3331': attribute type 4 has an invalid length. [ 391.921435][T13489] veth0_vlan: entered promiscuous mode [ 391.955459][T13489] veth1_vlan: entered promiscuous mode [ 392.037605][T13489] veth0_macvtap: entered promiscuous mode [ 392.064084][T13489] veth1_macvtap: entered promiscuous mode [ 392.093078][T13489] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 392.118117][T13489] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 392.235828][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.247490][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.273431][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.274887][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.742377][ T3459] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 392.742411][ T3459] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 392.860981][T13799] netlink: 'syz.4.3345': attribute type 4 has an invalid length. [ 392.885576][ T3459] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 392.885601][ T3459] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 392.886362][T13799] netlink: 'syz.4.3345': attribute type 4 has an invalid length. [ 394.211763][ T5816] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 394.238973][ T5816] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 394.241016][ T5816] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 394.303391][ T37] kauditd_printk_skb: 4 callbacks suppressed [ 394.303421][ T37] audit: type=1326 audit(1768386087.485:2440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13824 comm="syz.2.3356" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa1ed45f749 code=0x0 [ 394.305769][ T5816] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 394.307065][ T5816] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 394.429533][T13828] lo speed is unknown, defaulting to 1000 [ 394.432640][T13828] lo speed is unknown, defaulting to 1000 [ 394.525678][T13836] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3359'. [ 395.099004][T13828] chnl_net:caif_netlink_parms(): no params data found [ 395.256159][T13864] validate_nla: 2 callbacks suppressed [ 395.256181][T13864] netlink: 'syz.4.3367': attribute type 4 has an invalid length. [ 395.315458][T13858] netlink: 'syz.4.3367': attribute type 4 has an invalid length. [ 395.569366][ T37] audit: type=1326 audit(1768386088.663:2441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13872 comm="syz.2.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 395.601951][ T37] audit: type=1326 audit(1768386088.691:2442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13872 comm="syz.2.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 395.602015][ T37] audit: type=1326 audit(1768386088.691:2443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13872 comm="syz.2.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 395.602064][ T37] audit: type=1326 audit(1768386088.691:2444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13872 comm="syz.2.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 395.602112][ T37] audit: type=1326 audit(1768386088.691:2445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13872 comm="syz.2.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 395.608321][ T37] audit: type=1326 audit(1768386088.701:2446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13872 comm="syz.2.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 395.609030][ T37] audit: type=1326 audit(1768386088.701:2447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13872 comm="syz.2.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 395.609335][ T37] audit: type=1326 audit(1768386088.701:2448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13872 comm="syz.2.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 395.609956][ T37] audit: type=1326 audit(1768386088.701:2449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13872 comm="syz.2.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 395.869600][T13828] bridge0: port 1(bridge_slave_0) entered blocking state [ 395.869960][T13828] bridge0: port 1(bridge_slave_0) entered disabled state [ 395.870247][T13828] bridge_slave_0: entered allmulticast mode [ 395.900577][T13828] bridge_slave_0: entered promiscuous mode [ 395.913580][T13828] bridge0: port 2(bridge_slave_1) entered blocking state [ 395.913843][T13828] bridge0: port 2(bridge_slave_1) entered disabled state [ 395.914130][T13828] bridge_slave_1: entered allmulticast mode [ 395.917387][T13828] bridge_slave_1: entered promiscuous mode [ 396.191639][T13890] netlink: 16 bytes leftover after parsing attributes in process `^.'. [ 396.553914][ T5816] Bluetooth: hci2: command tx timeout [ 396.574285][T13828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 396.602295][T13828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 396.890879][T13828] team0: Port device team_slave_0 added [ 396.917861][T13828] team0: Port device team_slave_1 added [ 397.428033][T13906] netlink: 'syz.2.3385': attribute type 4 has an invalid length. [ 397.474613][T13828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 397.474635][T13828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 397.474666][T13828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 397.477567][T13828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 397.477585][T13828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 397.477612][T13828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 397.479256][T13903] netlink: 'syz.2.3385': attribute type 4 has an invalid length. [ 397.646012][T13908] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3387'. [ 397.647694][T13908] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3387'. [ 397.912647][T13828] hsr_slave_0: entered promiscuous mode [ 397.914379][T13828] hsr_slave_1: entered promiscuous mode [ 397.915612][T13828] debugfs: 'hsr0' already exists in 'hsr' [ 397.915641][T13828] Cannot create hsr debugfs directory [ 398.368306][T13936] netlink: 'syz.4.3399': attribute type 4 has an invalid length. [ 398.438238][T13932] netlink: 'syz.4.3399': attribute type 4 has an invalid length. [ 398.777372][ T5816] Bluetooth: hci2: command tx timeout [ 399.423554][T13828] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 399.496438][T13828] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 399.556635][T13828] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 399.638720][T13828] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 399.703816][T13957] netlink: 'syz.4.3411': attribute type 6 has an invalid length. [ 399.720147][T13957] netlink: 'syz.4.3411': attribute type 6 has an invalid length. [ 400.070583][ T37] kauditd_printk_skb: 9 callbacks suppressed [ 400.070602][ T37] audit: type=1326 audit(1768386092.882:2459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13978 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 400.073716][ T37] audit: type=1326 audit(1768386092.882:2460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13978 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 400.074520][ T37] audit: type=1326 audit(1768386092.882:2461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13978 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 400.075200][ T37] audit: type=1326 audit(1768386092.882:2462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13978 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 400.076532][ T37] audit: type=1326 audit(1768386092.882:2463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13978 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 400.087334][T13975] syzkaller0: entered promiscuous mode [ 400.087360][T13975] syzkaller0: entered allmulticast mode [ 400.098840][ T37] audit: type=1326 audit(1768386092.901:2464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13978 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 400.099020][ T37] audit: type=1326 audit(1768386092.901:2465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13978 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 400.099312][ T37] audit: type=1326 audit(1768386092.901:2466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13978 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 400.099494][ T37] audit: type=1326 audit(1768386092.901:2467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13978 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 400.099646][ T37] audit: type=1326 audit(1768386092.901:2468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13978 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 400.400267][T13988] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3421'. [ 400.466153][T13988] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 400.466188][T13988] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 400.500620][T13988] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 400.500912][T13988] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 401.000556][ T5816] Bluetooth: hci2: command tx timeout [ 401.071431][T13828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 401.167956][T13828] 8021q: adding VLAN 0 to HW filter on device team0 [ 401.211773][ T9937] bridge0: port 1(bridge_slave_0) entered blocking state [ 401.212018][ T9937] bridge0: port 1(bridge_slave_0) entered forwarding state [ 401.250921][ T69] bridge0: port 2(bridge_slave_1) entered blocking state [ 401.251177][ T69] bridge0: port 2(bridge_slave_1) entered forwarding state [ 401.661241][T14010] netlink: 'syz.2.3431': attribute type 4 has an invalid length. [ 401.690833][T14010] netlink: 'syz.2.3431': attribute type 4 has an invalid length. [ 402.213461][T13828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 402.602296][T14048] netlink: 'syz.3.3444': attribute type 4 has an invalid length. [ 402.656822][T14048] netlink: 'syz.3.3444': attribute type 4 has an invalid length. [ 402.867291][T13828] veth0_vlan: entered promiscuous mode [ 402.946273][T13828] veth1_vlan: entered promiscuous mode [ 403.091438][T13828] veth0_macvtap: entered promiscuous mode [ 403.143192][T13828] veth1_macvtap: entered promiscuous mode [ 403.204828][T13828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 403.226737][ T5816] Bluetooth: hci2: command tx timeout [ 403.244160][T13828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 403.292117][ T3459] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 403.294768][ T3459] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 403.294816][ T3459] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 403.294856][ T3459] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 403.845644][T10790] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 403.845667][T10790] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 404.025067][ T1003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 404.025093][ T1003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 405.121441][ T5813] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 405.144123][ T5813] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 405.146811][ T5813] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 405.157888][ T5813] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 405.163511][ T5813] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 405.540463][T14122] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3476'. [ 405.784415][T14112] lo speed is unknown, defaulting to 1000 [ 405.787305][T14112] lo speed is unknown, defaulting to 1000 [ 406.626681][ T948] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 406.785131][ T948] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 406.785172][ T948] usb 6-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 406.785202][ T948] usb 6-1: config 0 interface 0 has no altsetting 0 [ 406.785240][ T948] usb 6-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00 [ 406.785266][ T948] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.847378][ T948] usb 6-1: config 0 descriptor?? [ 407.028890][T14112] chnl_net:caif_netlink_parms(): no params data found [ 407.069511][T14149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 407.069951][T14149] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 407.102863][T14149] netlink: 546 bytes leftover after parsing attributes in process `syz.5.3488'. [ 407.125517][ T948] usbhid 6-1:0.0: can't add hid device: -71 [ 407.125682][ T948] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 407.152315][ T948] usb 6-1: USB disconnect, device number 2 [ 407.413569][ T5816] Bluetooth: hci5: command tx timeout [ 407.726984][T14112] bridge0: port 1(bridge_slave_0) entered blocking state [ 407.733090][T14112] bridge0: port 1(bridge_slave_0) entered disabled state [ 407.733439][T14112] bridge_slave_0: entered allmulticast mode [ 407.736445][T14112] bridge_slave_0: entered promiscuous mode [ 407.740520][T14112] bridge0: port 2(bridge_slave_1) entered blocking state [ 407.740718][T14112] bridge0: port 2(bridge_slave_1) entered disabled state [ 407.740936][T14112] bridge_slave_1: entered allmulticast mode [ 407.743720][T14112] bridge_slave_1: entered promiscuous mode [ 407.964489][T14112] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 407.976394][T14112] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 408.312152][T14112] team0: Port device team_slave_0 added [ 408.319003][T14112] team0: Port device team_slave_1 added [ 408.344392][T14211] netlink: 'syz.4.3513': attribute type 10 has an invalid length. [ 408.444592][T14211] team0: Port device dummy0 added [ 408.585033][T14112] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 408.585053][T14112] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 408.585082][T14112] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 408.594976][T14112] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 408.594996][T14112] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 408.595022][T14112] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 408.687540][ T5873] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 408.852217][ T5873] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 408.852256][ T5873] usb 6-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 408.852283][ T5873] usb 6-1: config 0 interface 0 has no altsetting 0 [ 408.852318][ T5873] usb 6-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00 [ 408.852343][ T5873] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 408.878902][ T5873] usb 6-1: config 0 descriptor?? [ 408.891565][ T37] kauditd_printk_skb: 551 callbacks suppressed [ 408.891584][ T37] audit: type=1326 audit(1768386101.134:3020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14224 comm="syz.0.3518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 408.896975][ T37] audit: type=1326 audit(1768386101.134:3021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14224 comm="syz.0.3518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 408.897820][ T37] audit: type=1326 audit(1768386101.134:3022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14224 comm="syz.0.3518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 408.898649][ T37] audit: type=1326 audit(1768386101.134:3023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14224 comm="syz.0.3518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 408.914091][ T37] audit: type=1326 audit(1768386101.134:3024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14224 comm="syz.0.3518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 408.914908][ T37] audit: type=1326 audit(1768386101.152:3025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14224 comm="syz.0.3518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 408.916256][ T37] audit: type=1326 audit(1768386101.152:3026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14224 comm="syz.0.3518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 408.917332][ T37] audit: type=1326 audit(1768386101.152:3027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14224 comm="syz.0.3518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 408.919296][ T37] audit: type=1326 audit(1768386101.152:3028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14224 comm="syz.0.3518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 408.936042][ T37] audit: type=1326 audit(1768386101.171:3029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14224 comm="syz.0.3518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 409.145733][T14216] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 409.149295][T14216] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 409.331185][T14216] netlink: 546 bytes leftover after parsing attributes in process `syz.5.3515'. [ 409.351192][ T5873] usbhid 6-1:0.0: can't add hid device: -71 [ 409.351337][ T5873] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 409.407329][ T5873] usb 6-1: USB disconnect, device number 3 [ 409.408339][T14112] hsr_slave_0: entered promiscuous mode [ 409.410953][T14112] hsr_slave_1: entered promiscuous mode [ 409.412111][T14112] debugfs: 'hsr0' already exists in 'hsr' [ 409.412138][T14112] Cannot create hsr debugfs directory [ 409.617043][T14240] netlink: 'syz.4.3525': attribute type 10 has an invalid length. [ 409.637817][ T5816] Bluetooth: hci5: command tx timeout [ 410.027614][T14246] ªªªªªª: renamed from vlan0 (while UP) [ 410.635133][T14261] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 410.749960][T14265] netlink: 'syz.5.3536': attribute type 10 has an invalid length. [ 410.799964][T14265] team0: Port device dummy0 added [ 411.217959][T14112] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 411.218025][T14112] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 411.218054][T14112] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 56218 - 0 [ 411.218808][ T948] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 411.403053][ T948] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 411.403089][ T948] usb 3-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 411.403115][ T948] usb 3-1: config 0 interface 0 has no altsetting 0 [ 411.403147][ T948] usb 3-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00 [ 411.403170][ T948] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 411.409715][ T948] usb 3-1: config 0 descriptor?? [ 411.686943][T14270] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 411.688037][T14270] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 411.725638][T14112] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 411.725681][T14112] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 411.725710][T14112] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 56218 - 0 [ 411.819121][T14270] netlink: 546 bytes leftover after parsing attributes in process `syz.2.3538'. [ 411.838960][ T948] usbhid 3-1:0.0: can't add hid device: -71 [ 411.839092][ T948] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 411.860211][ T5816] Bluetooth: hci5: command tx timeout [ 411.868878][ T948] usb 3-1: USB disconnect, device number 6 [ 412.229951][T14112] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 412.229992][T14112] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 412.230019][T14112] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 56218 - 0 [ 412.655985][T14112] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 412.656026][T14112] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 412.656057][T14112] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 56218 - 0 [ 412.790829][T14319] netlink: 'syz.5.3560': attribute type 1 has an invalid length. [ 412.791894][T14319] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3560'. [ 412.878278][T14323] loop2: detected capacity change from 0 to 7 [ 412.881664][T14323] Dev loop2: unable to read RDB block 7 [ 412.881713][T14323] loop2: unable to read partition table [ 412.881972][T14323] loop2: partition table beyond EOD, truncated [ 412.881993][T14323] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 413.025610][T14329] IPv6: NLM_F_CREATE should be specified when creating new route [ 413.249810][ T5873] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 413.412625][ T5873] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 413.412667][ T5873] usb 1-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 413.412696][ T5873] usb 1-1: config 0 interface 0 has no altsetting 0 [ 413.412732][ T5873] usb 1-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00 [ 413.412766][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 413.418384][ T5873] usb 1-1: config 0 descriptor?? [ 413.534989][T14112] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 413.709122][T14327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 413.720951][T14327] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 413.961836][T14327] netlink: 546 bytes leftover after parsing attributes in process `syz.0.3565'. [ 413.962270][T14112] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 413.978191][ T5873] usbhid 1-1:0.0: can't add hid device: -71 [ 413.978327][ T5873] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 413.982624][ T5873] usb 1-1: USB disconnect, device number 3 [ 414.042304][T14112] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 414.083636][ T5816] Bluetooth: hci5: command tx timeout [ 414.126452][T14112] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 414.206704][T14350] syzkaller0: entered promiscuous mode [ 414.206737][T14350] syzkaller0: entered allmulticast mode [ 414.551678][T14369] 9p: Bad value for 'rfdno' [ 415.094276][T14112] 8021q: adding VLAN 0 to HW filter on device bond0 [ 415.095953][ T37] kauditd_printk_skb: 55 callbacks suppressed [ 415.095973][ T37] audit: type=1326 audit(1768386106.934:3085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14382 comm="syz.4.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 415.106743][ T37] audit: type=1326 audit(1768386106.934:3086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14382 comm="syz.4.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 415.109265][ T37] audit: type=1326 audit(1768386106.943:3087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14382 comm="syz.4.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 415.109325][ T37] audit: type=1326 audit(1768386106.943:3088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14382 comm="syz.4.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 415.109382][ T37] audit: type=1326 audit(1768386106.943:3089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14382 comm="syz.4.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 415.113480][ T37] audit: type=1326 audit(1768386106.953:3090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14382 comm="syz.4.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 415.114096][ T37] audit: type=1326 audit(1768386106.953:3091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14382 comm="syz.4.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 415.117992][ T37] audit: type=1326 audit(1768386106.953:3092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14382 comm="syz.4.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 415.118603][ T37] audit: type=1326 audit(1768386106.953:3093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14382 comm="syz.4.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 415.119041][ T37] audit: type=1326 audit(1768386106.953:3094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14382 comm="syz.4.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 415.401075][T14112] 8021q: adding VLAN 0 to HW filter on device team0 [ 415.442786][ T3459] bridge0: port 1(bridge_slave_0) entered blocking state [ 415.442945][ T3459] bridge0: port 1(bridge_slave_0) entered forwarding state [ 415.477946][ T3459] bridge0: port 2(bridge_slave_1) entered blocking state [ 415.478173][ T3459] bridge0: port 2(bridge_slave_1) entered forwarding state [ 415.761108][ T5809] IPVS: starting estimator thread 0... [ 415.761276][T14395] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 415.847360][T14401] IPVS: using max 8 ests per chain, 19200 per kthread [ 416.423663][T14419] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3598'. [ 416.451611][T14112] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 416.621854][T14112] veth0_vlan: entered promiscuous mode [ 416.683336][T14112] veth1_vlan: entered promiscuous mode [ 416.710439][T14422] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3600'. [ 416.726101][T14422] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3600'. [ 416.726508][T14422] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3600'. [ 416.729460][T14422] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3600'. [ 417.017330][T14112] veth0_macvtap: entered promiscuous mode [ 417.066673][T14112] veth1_macvtap: entered promiscuous mode [ 417.116161][T14433] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3603'. [ 417.282131][T14112] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 417.344660][T14112] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 417.387438][ T69] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.390813][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.422619][T10965] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.427299][T10965] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.570928][T14446] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3607'. [ 417.610364][T14446] bond0: entered promiscuous mode [ 417.610387][T14446] bond_slave_0: entered promiscuous mode [ 417.610593][T14446] bond_slave_1: entered promiscuous mode [ 417.617321][T14446] gretap0: entered promiscuous mode [ 417.621340][T14446] debugfs: 'hsr1' already exists in 'hsr' [ 417.621370][T14446] Cannot create hsr debugfs directory [ 417.621392][T14446] hsr1: entered promiscuous mode [ 418.437820][T10965] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.437839][T10965] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.587737][T10509] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.587762][T10509] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 421.430422][ T37] kauditd_printk_skb: 92 callbacks suppressed [ 421.431349][ T37] audit: type=1326 audit(1768386112.856:3187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14515 comm="syz.3.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 421.431416][ T37] audit: type=1326 audit(1768386112.856:3188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14515 comm="syz.3.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 421.527866][ T37] audit: type=1326 audit(1768386112.931:3189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14515 comm="syz.3.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 421.527927][ T37] audit: type=1326 audit(1768386112.931:3190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14515 comm="syz.3.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 421.527975][ T37] audit: type=1326 audit(1768386112.931:3191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14515 comm="syz.3.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 421.528023][ T37] audit: type=1326 audit(1768386112.931:3192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14515 comm="syz.3.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 421.528068][ T37] audit: type=1326 audit(1768386112.931:3193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14515 comm="syz.3.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 421.528114][ T37] audit: type=1326 audit(1768386112.931:3194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14515 comm="syz.3.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 421.528158][ T37] audit: type=1326 audit(1768386112.949:3195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14515 comm="syz.3.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 421.528204][ T37] audit: type=1326 audit(1768386112.949:3196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14515 comm="syz.3.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 422.115104][T14520] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3637'. [ 422.386081][T14522] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3639'. [ 422.386116][T14522] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3639'. [ 422.787828][T14532] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3643'. [ 424.312305][T14546] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3650'. [ 424.948182][T14557] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3652'. [ 424.948215][T14557] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3652'. [ 425.692441][T14565] netlink: 'syz.2.3656': attribute type 12 has an invalid length. [ 426.576576][T14579] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3663'. [ 427.025387][T14592] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3669'. [ 427.992065][T14605] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3674'. [ 428.870351][T14633] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3688'. [ 428.871803][T14629] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3686'. [ 429.000401][T14629] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3686'. [ 429.235359][T14641] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3692'. [ 430.482947][T14655] lo speed is unknown, defaulting to 1000 [ 430.615247][T14655] lo speed is unknown, defaulting to 1000 [ 431.153651][T14656] lo speed is unknown, defaulting to 1000 [ 431.156610][T14656] lo speed is unknown, defaulting to 1000 [ 431.707659][T14670] netlink: 'syz.5.3701': attribute type 1 has an invalid length. [ 431.877778][T14670] bond1: (slave bridge1): making interface the new active one [ 431.892895][T14670] bond1: (slave bridge1): Enslaving as an active interface with an up link [ 432.020368][T14680] __nla_validate_parse: 1 callbacks suppressed [ 432.020393][T14680] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3705'. [ 432.056355][ T37] kauditd_printk_skb: 27 callbacks suppressed [ 432.056379][ T37] audit: type=1326 audit(1768386122.800:3224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14682 comm="syz.4.3706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 432.056525][ T37] audit: type=1326 audit(1768386122.800:3225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14682 comm="syz.4.3706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 432.057061][ T37] audit: type=1326 audit(1768386122.800:3226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14682 comm="syz.4.3706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 432.057244][ T37] audit: type=1326 audit(1768386122.800:3227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14682 comm="syz.4.3706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 432.114784][T14670] macvlan2: entered promiscuous mode [ 432.114821][T14670] macvlan2: entered allmulticast mode [ 432.116096][T14670] bond1: entered promiscuous mode [ 432.116114][T14670] bridge1: entered promiscuous mode [ 432.129669][T14670] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 432.133786][T14670] bond1: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 432.146490][T14670] bond1: left promiscuous mode [ 432.146515][T14670] bridge1: left promiscuous mode [ 432.425606][T14689] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3709'. [ 432.573214][T14694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3711'. [ 432.597543][T14694] bridge0: port 2(bridge_slave_1) entered disabled state [ 432.883004][T14694] bridge_slave_1 (unregistering): left allmulticast mode [ 432.883040][T14694] bridge_slave_1 (unregistering): left promiscuous mode [ 432.883149][T14694] bridge0: port 2(bridge_slave_1) entered disabled state [ 433.481917][T14719] netlink: 'syz.5.3722': attribute type 1 has an invalid length. [ 433.671337][T14728] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3727'. [ 434.024410][T14733] syzkaller0: entered promiscuous mode [ 434.024445][T14733] syzkaller0: entered allmulticast mode [ 434.151312][T14744] bridge0: port 1(bridge_slave_0) entered disabled state [ 434.257674][T14747] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3735'. [ 434.387745][T14752] netlink: 35 bytes leftover after parsing attributes in process `syz.2.3737'. [ 434.387779][T14752] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3737'. [ 448.839287][T14747] bond0: entered promiscuous mode [ 448.839314][T14747] bond_slave_0: entered promiscuous mode [ 448.839583][T14747] bond_slave_1: entered promiscuous mode [ 448.842325][T14747] gretap0: entered promiscuous mode [ 448.844025][T14747] debugfs: 'hsr1' already exists in 'hsr' [ 448.844054][T14747] Cannot create hsr debugfs directory [ 448.844078][T14747] hsr1: entered promiscuous mode [ 448.850733][T14754] netlink: 64 bytes leftover after parsing attributes in process `syz.5.3738'. [ 449.135174][ T37] audit: type=1326 audit(1768386138.770:3228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14767 comm="syz.5.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 449.135236][ T37] audit: type=1326 audit(1768386138.770:3229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14767 comm="syz.5.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 449.135278][ T37] audit: type=1326 audit(1768386138.770:3230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14767 comm="syz.5.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 449.135319][ T37] audit: type=1326 audit(1768386138.770:3231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14767 comm="syz.5.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 449.439889][T14791] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3753'. [ 449.567438][T14794] netlink: 64 bytes leftover after parsing attributes in process `syz.5.3754'. [ 449.598675][T14797] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3755'. [ 449.702658][ T37] audit: type=1326 audit(1768386139.312:3232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14798 comm="syz.4.3756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 449.702726][ T37] audit: type=1326 audit(1768386139.312:3233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14798 comm="syz.4.3756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 449.710106][ T37] audit: type=1326 audit(1768386139.312:3234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14798 comm="syz.4.3756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 449.711926][ T37] audit: type=1326 audit(1768386139.312:3235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14798 comm="syz.4.3756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 449.711979][ T37] audit: type=1326 audit(1768386139.312:3236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14798 comm="syz.4.3756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 449.712020][ T37] audit: type=1326 audit(1768386139.322:3237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14798 comm="syz.4.3756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 449.808136][T14800] IPv6: Can't replace route, no match found [ 449.918945][T14803] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3758'. [ 450.326155][T14819] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3766'. [ 450.526565][T14822] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3767'. [ 450.646525][T14832] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3770'. [ 450.832251][T14842] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3772'. [ 451.417584][T14854] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3779'. [ 452.146436][T14881] netem: incorrect ge model size [ 452.146474][T14881] netem: change failed [ 453.730283][T14920] RDS: rds_bind could not find a transport for ::ffff:172.30.1.3, load rds_tcp or rds_rdma? [ 453.748684][T14919] veth0: entered promiscuous mode [ 453.920606][T14923] netlink: 'syz.3.3806': attribute type 10 has an invalid length. [ 453.976385][T14925] netlink: 'syz.3.3806': attribute type 10 has an invalid length. [ 454.373760][T14934] __nla_validate_parse: 6 callbacks suppressed [ 454.373783][T14934] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3808'. [ 454.574729][T14923] team0: Failed to send options change via netlink (err -105) [ 454.574760][T14923] team0: Port device dummy0 added [ 454.576335][T14925] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 454.716086][T14925] team0: Port device dummy0 removed [ 454.746592][T14925] dummy0: entered promiscuous mode [ 454.784706][T14925] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 455.373284][T14955] netlink: 'syz.5.3818': attribute type 7 has an invalid length. [ 455.482317][ T1322] ieee802154 phy0 wpan0: encryption failed: -22 [ 455.482398][ T1322] ieee802154 phy1 wpan1: encryption failed: -22 [ 456.131713][T14972] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3825'. [ 456.207751][T14971] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 456.207802][T14971] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 456.248346][ T5809] IPVS: starting estimator thread 0... [ 456.248450][T14976] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 456.316510][T14971] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 456.316544][T14971] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 456.366373][T14981] IPVS: using max 8 ests per chain, 19200 per kthread [ 456.731602][T15000] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3834'. [ 457.132934][T15016] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 457.259342][T15019] sch_tbf: peakrate 4294967295 is lower than or equals to rate 9923815347532251725 ! [ 457.331411][T15025] netlink: 'syz.2.3845': attribute type 7 has an invalid length. [ 457.458259][T15031] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3848'. [ 457.540068][T15033] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3849'. [ 457.563373][T15035] Driver unsupported XDP return value 0 on prog (id 1148) dev N/A, expect packet loss! [ 458.794663][T15043] veth0_to_team: entered promiscuous mode [ 459.269389][T15058] netlink: 'syz.3.3858': attribute type 7 has an invalid length. [ 460.466513][T15077] netlink: 6068 bytes leftover after parsing attributes in process `syz.4.3865'. [ 460.975609][T15092] netlink: 'syz.5.3871': attribute type 7 has an invalid length. [ 461.611587][T15098] netlink: 'syz.5.3874': attribute type 3 has an invalid length. [ 462.102688][T15107] netlink: 6068 bytes leftover after parsing attributes in process `syz.2.3878'. [ 462.439207][T15116] netlink: 'syz.3.3882': attribute type 6 has an invalid length. [ 462.442572][T15116] netlink: 'syz.3.3882': attribute type 6 has an invalid length. [ 463.327546][ T37] kauditd_printk_skb: 134 callbacks suppressed [ 463.327568][ T37] audit: type=1326 audit(1768386152.054:3372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15137 comm="syz.4.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 463.328093][ T37] audit: type=1326 audit(1768386152.054:3373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15137 comm="syz.4.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 463.328306][ T37] audit: type=1326 audit(1768386152.054:3374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15137 comm="syz.4.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f116bebf749 code=0x7ffc0000 [ 463.363608][T15140] netlink: 6068 bytes leftover after parsing attributes in process `syz.5.3891'. [ 463.705376][T15149] netlink: 'syz.4.3897': attribute type 6 has an invalid length. [ 463.706525][T15149] netlink: 'syz.4.3897': attribute type 6 has an invalid length. [ 464.194875][ T37] audit: type=1326 audit(1768386152.840:3375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15159 comm="syz.5.3904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 464.194940][ T37] audit: type=1326 audit(1768386152.840:3376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15159 comm="syz.5.3904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 464.194988][ T37] audit: type=1326 audit(1768386152.840:3377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15159 comm="syz.5.3904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 464.246116][T15165] netlink: 6068 bytes leftover after parsing attributes in process `syz.4.3905'. [ 464.413385][T15170] netlink: 'syz.5.3906': attribute type 13 has an invalid length. [ 464.432692][T15171] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3910'. [ 464.492100][T15174] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11) [ 464.492134][T15174] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 464.496334][T15174] vhci_hcd vhci_hcd.0: Device attached [ 464.885075][T15170] bridge0: port 2(bridge_slave_1) entered disabled state [ 464.885735][T15170] bridge0: port 1(bridge_slave_0) entered disabled state [ 464.890862][ T805] usb 42-1: SetAddress Request (2) to port 0 [ 464.890944][ T805] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd [ 465.350506][T15176] vhci_hcd: connection reset by peer [ 465.358670][T14984] vhci_hcd vhci_hcd.4: stop threads [ 465.358702][T14984] vhci_hcd vhci_hcd.4: release socket [ 465.358960][T14984] vhci_hcd vhci_hcd.4: disconnect device [ 465.593284][ T37] audit: type=1326 audit(1768386154.168:3378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15192 comm="syz.0.3916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 465.593630][ T37] audit: type=1326 audit(1768386154.168:3379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15192 comm="syz.0.3916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 465.593779][ T37] audit: type=1326 audit(1768386154.168:3380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15192 comm="syz.0.3916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 465.675353][ T37] audit: type=1326 audit(1768386154.253:3381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15194 comm="syz.0.3917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 465.762147][T15170] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 465.785838][T15170] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 466.955711][T15206] netlink: 'syz.0.3922': attribute type 7 has an invalid length. [ 467.299687][T15178] wg2: entered promiscuous mode [ 467.299735][T15178] wg2: entered allmulticast mode [ 467.303887][ T6746] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.341324][ T6746] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.341359][ T6746] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.341382][ T6746] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 468.025218][T15231] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3933'. [ 469.360238][T15242] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3937'. [ 469.360268][T15242] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3937'. [ 469.595667][ T37] kauditd_printk_skb: 66 callbacks suppressed [ 469.599207][ T37] audit: type=1326 audit(1768386157.920:3448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15248 comm="syz.0.3940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 469.599280][ T37] audit: type=1326 audit(1768386157.920:3449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15248 comm="syz.0.3940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 469.599413][ T37] audit: type=1326 audit(1768386157.920:3450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15248 comm="syz.0.3940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 469.599464][ T37] audit: type=1326 audit(1768386157.920:3451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15248 comm="syz.0.3940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 469.599512][ T37] audit: type=1326 audit(1768386157.920:3452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15248 comm="syz.0.3940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 470.277138][ T805] usb 42-1: device descriptor read/8, error -110 [ 470.333443][T15273] netlink: 'syz.3.3950': attribute type 7 has an invalid length. [ 470.371611][T15274] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3951'. [ 470.371638][T15274] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3951'. [ 470.414400][T15277] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3952'. [ 470.555305][ T37] audit: type=1326 audit(1768386158.780:3453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15279 comm="syz.3.3954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 470.555368][ T37] audit: type=1326 audit(1768386158.780:3454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15279 comm="syz.3.3954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 470.555412][ T37] audit: type=1326 audit(1768386158.780:3455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15279 comm="syz.3.3954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 470.945244][ T805] usb usb42-port1: attempt power cycle [ 471.720748][ T805] usb usb42-port1: unable to enumerate USB device [ 471.836617][T15314] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3965'. [ 471.836643][T15314] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3965'. [ 471.998137][ T37] audit: type=1326 audit(1768386160.165:3456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15317 comm="syz.5.3967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 472.010409][ T37] audit: type=1326 audit(1768386160.174:3457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15317 comm="syz.5.3967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 473.146264][T15357] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3982'. [ 474.048124][T15386] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3995'. [ 474.654511][T15398] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4000'. [ 475.003730][T15409] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4006'. [ 475.425712][T15422] IPv6: Can't replace route, no match found [ 476.085862][T15444] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4021'. [ 476.385482][T15455] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4026'. [ 476.860675][T15478] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4034'. [ 476.914181][T15472] lo speed is unknown, defaulting to 1000 [ 476.924438][T15472] lo speed is unknown, defaulting to 1000 [ 477.402178][T15498] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4043'. [ 477.494948][T15501] netlink: 6048 bytes leftover after parsing attributes in process `syz.4.4045'. [ 477.574790][T15494] lo speed is unknown, defaulting to 1000 [ 477.613471][T15494] lo speed is unknown, defaulting to 1000 [ 477.717903][T15510] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4048'. [ 478.572993][T15531] netlink: 6048 bytes leftover after parsing attributes in process `syz.3.4057'. [ 479.352596][ T37] kauditd_printk_skb: 7 callbacks suppressed [ 479.352617][ T37] audit: type=1326 audit(1768386167.050:3465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15555 comm="syz.2.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 479.352813][ T37] audit: type=1326 audit(1768386167.050:3466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15555 comm="syz.2.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 479.363485][ T37] audit: type=1326 audit(1768386167.060:3467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15555 comm="syz.2.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 479.363804][ T37] audit: type=1326 audit(1768386167.060:3468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15555 comm="syz.2.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 479.439268][ T37] audit: type=1326 audit(1768386167.135:3469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15555 comm="syz.2.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa1ed492005 code=0x7ffc0000 [ 479.439624][ T37] audit: type=1326 audit(1768386167.135:3470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15555 comm="syz.2.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 479.440787][ T37] audit: type=1326 audit(1768386167.135:3471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15555 comm="syz.2.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 479.440834][ T37] audit: type=1326 audit(1768386167.135:3472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15555 comm="syz.2.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 479.441654][ T37] audit: type=1326 audit(1768386167.135:3473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15555 comm="syz.2.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 479.682201][T15564] __nla_validate_parse: 1 callbacks suppressed [ 479.682226][T15564] netlink: 6048 bytes leftover after parsing attributes in process `syz.3.4070'. [ 480.951923][T15590] IPv6: NLM_F_CREATE should be specified when creating new route [ 481.204593][T15596] netlink: 6048 bytes leftover after parsing attributes in process `syz.3.4084'. [ 481.277511][ T37] audit: type=1326 audit(1768386168.837:3474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15598 comm="syz.2.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 484.014752][T15645] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4105'. [ 484.026365][T15645] bond0: entered promiscuous mode [ 484.026393][T15645] bond_slave_0: entered promiscuous mode [ 484.026766][T15645] bond_slave_1: entered promiscuous mode [ 484.030161][T15645] gretap0: entered promiscuous mode [ 484.032097][T15645] debugfs: 'hsr1' already exists in 'hsr' [ 484.032127][T15645] Cannot create hsr debugfs directory [ 484.032151][T15645] hsr1: entered promiscuous mode [ 484.328493][T15651] netlink: 6048 bytes leftover after parsing attributes in process `syz.0.4110'. [ 484.437320][T15656] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4108'. [ 485.176523][T15673] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4118'. [ 485.447756][T15677] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4122'. [ 485.548287][T15682] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4120'. [ 485.587967][ T5816] Bluetooth: hci0: command 0x0406 tx timeout [ 485.655371][T15685] netlink: 6012 bytes leftover after parsing attributes in process `syz.0.4123'. [ 485.932242][T15695] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4125'. [ 486.116048][T15704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4131'. [ 486.256245][T15712] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4136'. [ 486.434431][T15719] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4139'. [ 486.468583][T15720] netlink: 6012 bytes leftover after parsing attributes in process `syz.3.4138'. [ 486.536119][T15724] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4141'. [ 488.006132][T15733] IPv6: addrconf: prefix option has invalid lifetime [ 488.617860][T15754] bond0: entered promiscuous mode [ 488.617887][T15754] bond_slave_0: entered promiscuous mode [ 488.618173][T15754] bond_slave_1: entered promiscuous mode [ 488.625318][T15754] gretap0: entered promiscuous mode [ 488.627157][T15754] debugfs: 'hsr1' already exists in 'hsr' [ 488.627186][T15754] Cannot create hsr debugfs directory [ 488.627208][T15754] hsr1: entered promiscuous mode [ 490.254536][ T37] kauditd_printk_skb: 59 callbacks suppressed [ 490.254558][ T37] audit: type=1326 audit(1768386177.238:3534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15783 comm="syz.3.4167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 490.254935][ T37] audit: type=1326 audit(1768386177.238:3535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15783 comm="syz.3.4167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 490.255196][ T37] audit: type=1326 audit(1768386177.238:3536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15783 comm="syz.3.4167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 490.256605][ T37] audit: type=1326 audit(1768386177.248:3537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15783 comm="syz.3.4167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 490.309258][ T37] audit: type=1326 audit(1768386177.304:3538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15783 comm="syz.3.4167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=196 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 490.309319][ T37] audit: type=1326 audit(1768386177.304:3539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15783 comm="syz.3.4167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 490.309521][ T37] audit: type=1326 audit(1768386177.304:3540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15783 comm="syz.3.4167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 490.310248][ T37] audit: type=1326 audit(1768386177.304:3541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15783 comm="syz.3.4167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 490.310406][ T37] audit: type=1326 audit(1768386177.304:3542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15783 comm="syz.3.4167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 491.233035][T15810] __nla_validate_parse: 6 callbacks suppressed [ 491.233061][T15810] netlink: 558 bytes leftover after parsing attributes in process `syz.2.4180'. [ 491.896197][T15822] netlink: 6040 bytes leftover after parsing attributes in process `syz.0.4184'. [ 492.554209][T15839] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4192'. [ 493.589620][T15847] netlink: 6040 bytes leftover after parsing attributes in process `syz.5.4196'. [ 493.855185][T15845] netlink: 558 bytes leftover after parsing attributes in process `syz.2.4195'. [ 493.996070][T15856] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4201'. [ 494.182496][T15867] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4202'. [ 494.398445][T15867] lo speed is unknown, defaulting to 1000 [ 494.412162][T15867] lo speed is unknown, defaulting to 1000 [ 494.988185][ T37] audit: type=1326 audit(1768386181.673:3543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15884 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde33ddf749 code=0x7ffc0000 [ 495.242475][T15892] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4213'. [ 495.363422][T15897] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4212'. [ 495.453627][T15899] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11) [ 495.453659][T15899] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 495.454059][T15899] vhci_hcd vhci_hcd.0: Device attached [ 495.613663][T15900] vhci_hcd: connection closed [ 495.620512][ T12] vhci_hcd vhci_hcd.0: stop threads [ 495.620543][ T12] vhci_hcd vhci_hcd.0: release socket [ 495.624492][ T12] vhci_hcd vhci_hcd.0: disconnect device [ 495.824333][ T8324] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 495.888142][ T37] kauditd_printk_skb: 49 callbacks suppressed [ 495.888164][ T37] audit: type=1326 audit(1768386182.514:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.2.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 495.894758][ T37] audit: type=1326 audit(1768386182.524:3594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.2.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 495.894821][ T37] audit: type=1326 audit(1768386182.524:3595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.2.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 495.895159][ T37] audit: type=1326 audit(1768386182.524:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.2.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 495.895854][ T37] audit: type=1326 audit(1768386182.524:3597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.2.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 495.895900][ T37] audit: type=1326 audit(1768386182.524:3598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.2.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 495.896426][ T37] audit: type=1326 audit(1768386182.524:3599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.2.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 495.896469][ T37] audit: type=1326 audit(1768386182.524:3600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.2.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 495.896894][ T37] audit: type=1326 audit(1768386182.524:3601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.2.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 495.896937][ T37] audit: type=1326 audit(1768386182.524:3602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.2.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ed45f749 code=0x7ffc0000 [ 495.982694][T15923] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4225'. [ 495.995469][ T8324] usb 4-1: device descriptor read/64, error -71 [ 496.010794][ T5813] Bluetooth: hci3: command 0x0406 tx timeout [ 496.273411][ T8324] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 496.423056][ T8324] usb 4-1: device descriptor read/64, error -71 [ 496.540845][ T8324] usb usb4-port1: attempt power cycle [ 496.621045][T15942] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4233'. [ 496.925360][ T8324] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 496.970619][ T8324] usb 4-1: device descriptor read/8, error -71 [ 497.224930][ T8324] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 497.246915][ T8324] usb 4-1: device descriptor read/8, error -71 [ 497.361355][T15966] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4244'. [ 497.364249][ T8324] usb usb4-port1: unable to enumerate USB device [ 497.987419][T15992] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4256'. [ 498.275273][T16005] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4262'. [ 498.974509][T16021] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4269'. [ 499.234829][T16023] lo speed is unknown, defaulting to 1000 [ 499.237811][T16023] lo speed is unknown, defaulting to 1000 [ 500.637095][T16044] netlink: 566 bytes leftover after parsing attributes in process `syz.2.4279'. [ 501.516977][ T37] kauditd_printk_skb: 164 callbacks suppressed [ 501.517418][ T37] audit: type=1326 audit(1768386187.781:3767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16072 comm="syz.3.4291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 501.517483][ T37] audit: type=1326 audit(1768386187.781:3768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16072 comm="syz.3.4291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 501.517548][ T37] audit: type=1326 audit(1768386187.781:3769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16072 comm="syz.3.4291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 501.517596][ T37] audit: type=1326 audit(1768386187.781:3770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16072 comm="syz.3.4291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 501.519908][ T37] audit: type=1326 audit(1768386187.781:3771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16072 comm="syz.3.4291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 501.528162][ T37] audit: type=1326 audit(1768386187.791:3772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16072 comm="syz.3.4291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 501.530976][ T37] audit: type=1326 audit(1768386187.791:3773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16072 comm="syz.3.4291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 501.570125][ T37] audit: type=1326 audit(1768386187.828:3774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16072 comm="syz.3.4291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 501.576193][ T37] audit: type=1326 audit(1768386187.838:3775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16072 comm="syz.3.4291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 501.576246][ T37] audit: type=1326 audit(1768386187.838:3776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16072 comm="syz.3.4291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56966cf749 code=0x7ffc0000 [ 501.759337][T16079] serio: Serial port ptm0 [ 501.768364][T16077] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4293'. [ 501.992756][T16073] random: crng reseeded on system resumption [ 503.210958][ T8324] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 503.247657][T16095] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4299'. [ 503.350282][ T8324] usb 5-1: device descriptor read/64, error -71 [ 503.405097][T16101] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4299'. [ 503.606182][ T8324] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 503.708640][T16116] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4309'. [ 503.969011][ T8324] usb 5-1: device descriptor read/64, error -71 [ 505.063147][ T8324] usb usb5-port1: attempt power cycle [ 505.205872][T16125] siw: device registration error -23 [ 505.224232][T16121] lo speed is unknown, defaulting to 1000 [ 505.227277][T16121] lo speed is unknown, defaulting to 1000 [ 505.458505][ T8324] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 505.489107][ T8324] usb 5-1: device descriptor read/8, error -71 [ 505.744416][ T8324] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 505.830861][ T8324] usb 5-1: device descriptor read/8, error -71 [ 505.940403][T16143] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4317'. [ 505.957894][ T8324] usb usb5-port1: unable to enumerate USB device [ 506.898153][T16176] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4332'. [ 506.927073][T16173] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4331'. [ 506.940788][ T37] kauditd_printk_skb: 100 callbacks suppressed [ 506.940808][ T37] audit: type=1326 audit(1768386192.852:3877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.5.4333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 506.943619][ T37] audit: type=1326 audit(1768386192.852:3878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.5.4333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 506.944768][ T37] audit: type=1326 audit(1768386192.861:3879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.5.4333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 506.945235][ T37] audit: type=1326 audit(1768386192.861:3880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.5.4333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 506.945513][ T37] audit: type=1326 audit(1768386192.861:3881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.5.4333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=196 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 506.949725][ T37] audit: type=1326 audit(1768386192.861:3882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.5.4333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 506.950834][ T37] audit: type=1326 audit(1768386192.861:3883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.5.4333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 506.950880][ T37] audit: type=1326 audit(1768386192.861:3884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.5.4333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 506.950923][ T37] audit: type=1326 audit(1768386192.861:3885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.5.4333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 506.950963][ T37] audit: type=1326 audit(1768386192.861:3886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.5.4333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f4618d8f749 code=0x7ffc0000 [ 507.510720][T16198] hub 8-0:1.0: USB hub found [ 507.515092][T16198] hub 8-0:1.0: 1 port detected [ 507.601521][T16202] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4345'. [ 508.159817][ T38] INFO: task kworker/u8:10:1017 blocked for more than 143 seconds. [ 508.159846][ T38] Not tainted syzkaller #0 [ 508.159857][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 508.159868][ T38] task:kworker/u8:10 state:D stack:21048 pid:1017 tgid:1017 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 508.159936][ T38] Workqueue: netns cleanup_net [ 508.159967][ T38] Call Trace: [ 508.159975][ T38] [ 508.159990][ T38] __schedule+0x145f/0x5070 [ 508.160029][ T38] ? __lock_acquire+0x6b6/0x2cf0 [ 508.160073][ T38] ? lockdep_hardirqs_on+0x7b/0x110 [ 508.160108][ T38] ? __pfx___schedule+0x10/0x10 [ 508.160155][ T38] ? schedule+0x91/0x360 [ 508.160193][ T38] schedule+0x165/0x360 [ 508.160229][ T38] rxrpc_destroy_all_calls+0x564/0x660 [ 508.160261][ T38] ? __pfx_rxrpc_destroy_all_calls+0x10/0x10 [ 508.160281][ T38] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 508.160308][ T38] ? __pfx_var_wake_function+0x10/0x10 [ 508.160336][ T38] ? __try_to_del_timer_sync+0x34d/0x3a0 [ 508.160377][ T38] rxrpc_exit_net+0x6f/0xc0 [ 508.160400][ T38] ops_undo_list+0x49a/0x990 [ 508.160436][ T38] ? __pfx_ops_undo_list+0x10/0x10 [ 508.160460][ T38] ? rt_spin_unlock+0x150/0x200 [ 508.160496][ T38] ? rt_spin_unlock+0x161/0x200 [ 508.160530][ T38] cleanup_net+0x4de/0x7b0 [ 508.160561][ T38] ? __pfx_cleanup_net+0x10/0x10 [ 508.160593][ T38] ? process_scheduled_works+0x9ef/0x1770 [ 508.160618][ T38] ? process_scheduled_works+0x9ef/0x1770 [ 508.160654][ T38] process_scheduled_works+0xad1/0x1770 [ 508.160713][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 508.160737][ T38] ? do_raw_spin_lock+0x121/0x290 [ 508.160783][ T38] worker_thread+0x8a0/0xda0 [ 508.160825][ T38] ? __kthread_parkme+0x7b/0x200 [ 508.160865][ T38] kthread+0x711/0x8a0 [ 508.160900][ T38] ? __pfx_worker_thread+0x10/0x10 [ 508.160925][ T38] ? __pfx_kthread+0x10/0x10 [ 508.160952][ T38] ? rt_spin_unlock+0x150/0x200 [ 508.160988][ T38] ? rt_spin_unlock+0x161/0x200 [ 508.161016][ T38] ? __pfx_kthread+0x10/0x10 [ 508.161048][ T38] ret_from_fork+0x510/0xa50 [ 508.161076][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 508.161099][ T38] ? __switch_to+0xc9e/0x1480 [ 508.161136][ T38] ? __pfx_kthread+0x10/0x10 [ 508.161167][ T38] ret_from_fork_asm+0x1a/0x30 [ 508.161216][ T38] [ 508.161372][ T38] [ 508.161372][ T38] Showing all locks held in the system: [ 508.161382][ T38] 4 locks held by rcuc/0/20: [ 508.161397][ T38] 1 lock held by khungtaskd/38: [ 508.161410][ T38] #0: ffffffff8d5ae940 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 508.161483][ T38] 3 locks held by kworker/u8:10/1017: [ 508.161496][ T38] #0: ffff888019ad4938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 508.161549][ T38] #1: ffffc90004b8fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 508.161602][ T38] #2: ffffffff8e898800 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x7b0 [ 508.161681][ T38] 2 locks held by getty/5561: [ 508.161693][ T38] #0: ffff8880345530a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 508.161749][ T38] #1: ffffc90003e7e2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x44f/0x1460 [ 508.161807][ T38] 4 locks held by kworker/u8:17/7058: [ 508.161824][ T38] 3 locks held by kworker/u8:26/10789: [ 508.161838][ T38] 1 lock held by syz-executor/12926: [ 508.161852][ T38] 9 locks held by syz-executor/13489: [ 508.161867][ T38] 9 locks held by syz-executor/14112: [ 508.161881][ T38] 2 locks held by syz.4.4353/16219: [ 508.161893][ T38] [ 508.161898][ T38] ============================================= [ 508.161898][ T38] [ 508.161908][ T38] NMI backtrace for cpu 1 [ 508.161923][ T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 508.161948][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 508.161960][ T38] Call Trace: [ 508.161968][ T38] [ 508.161976][ T38] dump_stack_lvl+0xe8/0x150 [ 508.162007][ T38] nmi_cpu_backtrace+0x274/0x2d0 [ 508.162036][ T38] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 508.162063][ T38] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 508.162095][ T38] sys_info+0x135/0x170 [ 508.162119][ T38] watchdog+0xf95/0xfe0 [ 508.162149][ T38] ? watchdog+0x20a/0xfe0 [ 508.162181][ T38] kthread+0x711/0x8a0 [ 508.162215][ T38] ? __pfx_watchdog+0x10/0x10 [ 508.162239][ T38] ? __pfx_kthread+0x10/0x10 [ 508.162265][ T38] ? rt_spin_unlock+0x150/0x200 [ 508.162300][ T38] ? rt_spin_unlock+0x161/0x200 [ 508.162327][ T38] ? __pfx_kthread+0x10/0x10 [ 508.162359][ T38] ret_from_fork+0x510/0xa50 [ 508.162384][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 508.162405][ T38] ? __switch_to+0xc9e/0x1480 [ 508.162441][ T38] ? __pfx_kthread+0x10/0x10 [ 508.162473][ T38] ret_from_fork_asm+0x1a/0x30 [ 508.162523][ T38] [ 508.162532][ T38] Sending NMI from CPU 1 to CPUs 0: [ 508.162560][ C0] NMI backtrace for cpu 0 [ 508.162576][ C0] CPU: 0 UID: 0 PID: 20 Comm: rcuc/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 508.162596][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 508.162605][ C0] RIP: 0010:__lock_acquire+0x270/0x2cf0 [ 508.162630][ C0] Code: ee 4d 89 ce e8 81 0e 1a 03 4d 89 f1 48 8b 74 24 18 44 8b 74 24 20 48 83 bc 24 20 01 00 00 00 0f 85 ce fe ff ff 44 89 74 24 20 <44> 89 3c 24 8b bc 24 38 01 00 00 4c 8b 84 24 28 01 00 00 4c 8b 74 [ 508.162645][ C0] RSP: 0018:ffffc90000197450 EFLAGS: 00000046 [ 508.162660][ C0] RAX: 0000000000000113 RBX: 0000000000000000 RCX: ffffffff925bc390 [ 508.162673][ C0] RDX: 0000000000000003 RSI: 000000000000000b RDI: ffffffff8d5ae940 [ 508.162684][ C0] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffff8d5ae940 [ 508.162695][ C0] R10: ffffc90000197758 R11: ffffffff81ab9960 R12: 0000000000000000 [ 508.162707][ C0] R13: 0000000000000002 R14: 0000000000000000 R15: 0000000000000000 [ 508.162718][ C0] FS: 0000000000000000(0000) GS:ffff888126cee000(0000) knlGS:0000000000000000 [ 508.162732][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 508.162744][ C0] CR2: 0000555582080808 CR3: 0000000032cfc000 CR4: 00000000003526f0 [ 508.162761][ C0] Call Trace: [ 508.162767][ C0] [ 508.162776][ C0] ? __lock_acquire+0x6b6/0x2cf0 [ 508.162798][ C0] ? unwind_next_frame+0xa5/0x23d0 [ 508.162820][ C0] ? unwind_next_frame+0xa5/0x23d0 [ 508.162842][ C0] ? unwind_next_frame+0xa5/0x23d0 [ 508.162861][ C0] lock_acquire+0x107/0x340 [ 508.162880][ C0] ? unwind_next_frame+0xa5/0x23d0 [ 508.162904][ C0] ? unwind_next_frame+0xa5/0x23d0 [ 508.162923][ C0] ? kasan_save_free_info+0x46/0x50 [ 508.162942][ C0] ? unwind_next_frame+0xa5/0x23d0 [ 508.162962][ C0] unwind_next_frame+0xc2/0x23d0 [ 508.162981][ C0] ? unwind_next_frame+0xa5/0x23d0 [ 508.163014][ C0] ? unwind_next_frame+0xa5/0x23d0 [ 508.163034][ C0] ? kasan_save_track+0x3e/0x80 [ 508.163054][ C0] ? kasan_save_free_info+0x46/0x50 [ 508.163073][ C0] ? slab_free_after_rcu_debug+0x5d/0x490 [ 508.163097][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 508.163118][ C0] arch_stack_walk+0x11c/0x150 [ 508.163140][ C0] ? kasan_save_free_info+0x46/0x50 [ 508.163160][ C0] stack_trace_save+0x9c/0xe0 [ 508.163179][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 508.163199][ C0] ? stack_trace_save+0x9c/0xe0 [ 508.163219][ C0] ? __lock_acquire+0x6b6/0x2cf0 [ 508.163240][ C0] kasan_save_track+0x3e/0x80 [ 508.163260][ C0] ? kasan_save_track+0x3e/0x80 [ 508.163280][ C0] ? kasan_save_free_info+0x46/0x50 [ 508.163317][ C0] kasan_save_free_info+0x46/0x50 [ 508.163335][ C0] __kasan_slab_free+0x5c/0x80 [ 508.163358][ C0] kfree+0x1bd/0x900 [ 508.163385][ C0] ? slab_free_after_rcu_debug+0x5d/0x490 [ 508.163403][ C0] ? __pfx_slab_free_after_rcu_debug+0x10/0x10 [ 508.163420][ C0] slab_free_after_rcu_debug+0x5d/0x490 [ 508.163438][ C0] ? __pfx_slab_free_after_rcu_debug+0x10/0x10 [ 508.163455][ C0] rcu_cpu_kthread+0xba5/0x1af0 [ 508.163481][ C0] ? rcu_cpu_kthread+0x211/0x1af0 [ 508.163509][ C0] ? __pfx_rcu_cpu_kthread+0x10/0x10 [ 508.163532][ C0] ? schedule+0x91/0x360 [ 508.163558][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 508.163577][ C0] smpboot_thread_fn+0x542/0xa60 [ 508.163597][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 508.163620][ C0] kthread+0x711/0x8a0 [ 508.163642][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 508.163662][ C0] ? __pfx_kthread+0x10/0x10 [ 508.163681][ C0] ? rt_spin_unlock+0x150/0x200 [ 508.163704][ C0] ? rt_spin_unlock+0x161/0x200 [ 508.163725][ C0] ? __pfx_kthread+0x10/0x10 [ 508.163746][ C0] ret_from_fork+0x510/0xa50 [ 508.163765][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 508.163790][ C0] ? __switch_to+0xc9e/0x1480 [ 508.163814][ C0] ? __pfx_kthread+0x10/0x10 [ 508.163835][ C0] ret_from_fork_asm+0x1a/0x30 [ 508.163864][ C0] [ 508.164558][ T38] Kernel panic - not syncing: hung_task: blocked tasks [ 508.164575][ T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 508.164598][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 508.164610][ T38] Call Trace: [ 508.164619][ T38] [ 508.164636][ T38] vpanic+0x1e0/0x670 [ 508.164670][ T38] panic+0xb9/0xc0 [ 508.164699][ T38] ? __pfx_panic+0x10/0x10 [ 508.164740][ T38] ? nmi_trigger_cpumask_backtrace+0x234/0x300 [ 508.164775][ T38] watchdog+0xfdf/0xfe0 [ 508.164805][ T38] ? watchdog+0x20a/0xfe0 [ 508.164837][ T38] kthread+0x711/0x8a0 [ 508.164870][ T38] ? __pfx_watchdog+0x10/0x10 [ 508.164893][ T38] ? __pfx_kthread+0x10/0x10 [ 508.164921][ T38] ? rt_spin_unlock+0x150/0x200 [ 508.164955][ T38] ? rt_spin_unlock+0x161/0x200 [ 508.164983][ T38] ? __pfx_kthread+0x10/0x10 [ 508.165014][ T38] ret_from_fork+0x510/0xa50 [ 508.165041][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 508.165063][ T38] ? __switch_to+0xc9e/0x1480 [ 508.165099][ T38] ? __pfx_kthread+0x10/0x10 [ 508.165130][ T38] ret_from_fork_asm+0x1a/0x30 [ 508.165180][ T38] [ 508.165685][ T38] Kernel Offset: disabled