last executing test programs: 17.188211049s ago: executing program 3 (id=730): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071122000000000009500000700000000b2cb84ff207ccfcc9cf2f9a56840a4d4e80cccc206b2ddc23cc89823b6bf6ffcc913f889c96ac7bb9dd3d853a542bec792b4b0221dc95a698ddc3796da1df5f7712abb55d7de3c65139bc5668bc699c17cab7a5a29df877bc6933cf1fa437c82aad12e1c265f45d061db04e68399330c9261371e7aeeea4b4e376517ec1c66b464ab79c7bb2b7e5f4849651b077a53eae8923da161bc8e157c71a3ed5e05d34b49f86c84020d08f5fc8d2fe0cf78558d6e412e45f1a8ddc0c1b054bbb0bf8b6c718ac0a3927199a1912594aaa1c6fb266312933db9e2dd3bb63dc7066a471b7791c1b7d062e6c4aa274f9e074234bbfa"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80) 15.680543401s ago: executing program 3 (id=733): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000340)=@loop={'/dev/loop', 0x0}, 0xee01, &(0x7f0000000100)={0x3, 0x0, 0x246, 0x7fffffffffffffff, 0xd00, 0xfffffbffffffffff, 0x0, 0x7fff, 0x2}) 14.303141623s ago: executing program 3 (id=747): capset(&(0x7f0000000080)={0x20071026}, &(0x7f00000000c0)={0x200000, 0x200000, 0x80000000, 0x0, 0x0, 0x8}) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x3, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 13.491037269s ago: executing program 3 (id=753): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/current\x00') write$P9_RLERROR(r0, &(0x7f0000000240)=ANY=[], 0xa) ioctl$TIOCGPGRP(r0, 0x540f, 0x0) 13.326326152s ago: executing program 3 (id=754): openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, 0x0, 0x0) r2 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x218, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400"], 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0) r5 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%(,c\xbe\xfbL:', 0x0) r6 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%.,:', 0x0) write$binfmt_format(r2, &(0x7f0000000100)='-1\x00', 0x2) close_range(r2, 0xffffffffffffffff, 0x0) sendmmsg$unix(r0, &(0x7f0000000b40), 0x42, 0x80) close(r0) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0xcb) r7 = socket(0x10, 0x3, 0x0) write(r7, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000fe000040000a0000", 0x1c) 5.676126491s ago: executing program 2 (id=813): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) r2 = socket$l2tp6(0xa, 0x2, 0x73) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x0, 0x0, 0x0, 0x8}, &(0x7f0000000240)=0x20) sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x101001a, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',allow_other,\x00'], 0xfb, 0x0, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r4, &(0x7f0000004100)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_usb_disconnect(0xffffffffffffffff) clock_gettime(0x0, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r8, 0x29, 0xb, 0x0, 0x0) statx(r4, &(0x7f0000000180)='./file0\x00', 0x800, 0x8, 0x0) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000c80)={0x158, 0x0, r5, [{{0x6, 0x1, 0x8, 0x9, 0x8000, 0xffffffff, {0x6, 0x0, 0x400, 0x7, 0x1805, 0xa, 0x3, 0x1, 0x600, 0xa000, 0x40c, 0xee00, r7, 0xb0}}, {0x5, 0x0, 0x1, 0xfffffffb, '%'}}, {{0x1, 0x1, 0x8001, 0x361, 0x4, 0x9, {0x0, 0x100, 0x88, 0xf9, 0x8, 0x100, 0x2, 0xc37, 0x10000, 0xc000, 0x8, r6, 0x0, 0x7, 0x8}}, {0x0, 0x9, 0xa, 0x8, '/dev/fuse\x00'}}]}, 0x158) bind$inet6(r8, &(0x7f0000000240)={0xa, 0x4e20, 0xf, @empty, 0x5}, 0x1c) sendmmsg$inet6(r8, &(0x7f0000000ac0)=[{{&(0x7f0000000440)={0xa, 0x4e20, 0x2, @empty, 0x6}, 0x1c, &(0x7f0000000c40)}}], 0x1, 0x200c0858) r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) close_range(r9, 0xffffffffffffffff, 0x0) r10 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r10, 0x40405514, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0xfffffffffffffe00, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x40, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x2, 0x0, 0x22820adc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) syz_open_dev$dri(&(0x7f00000000c0), 0x4d9, 0x2) mount_setattr(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={0x8}, 0x20) 3.870504097s ago: executing program 2 (id=824): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x32}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x12}}, {@i_version}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=") syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) symlinkat(0x0, 0xffffffffffffff9c, 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x210008, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x322020, 0x0, 0x1, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') mremap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) getdents64(r0, &(0x7f0000002f40)=""/4098, 0x1002) 3.3437408s ago: executing program 4 (id=826): openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x33b, 0x4000000) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5865, 0x10, 0x2, 0x24d}, 0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_setup(0x7f5b, &(0x7f0000000400)={0x0, 0xd898, 0x800, 0x0, 0x1a9, 0x0, r2}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r5}, 0x10) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000580)={0x1, 0x1, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil}) ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"]) ioctl$KVM_SET_LAPIC(r7, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"}) ioctl$KVM_RUN(r7, 0xae80, 0x0) io_uring_enter(r2, 0x100847c0, 0x0, 0x1, 0x0, 0x0) 3.309577613s ago: executing program 0 (id=827): r0 = add_key$user(&(0x7f00000001c0), &(0x7f0000000a00)={'syz', 0x2}, &(0x7f0000000c00)="eb4d63c1", 0x4, 0xffffffffffffffff) keyctl$update(0x2, r0, &(0x7f0000000b40)="9920", 0x2) 3.213747541s ago: executing program 0 (id=828): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x28}}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000580)="b19ccccf84f531d9ec4cda81a3ef2ca8", 0x10) sendmmsg$alg(r1, &(0x7f0000001bc0)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}], 0x1, 0x20041000) recvmsg(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x40012143) 3.171886284s ago: executing program 2 (id=829): openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f", 0x7, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f00000000c0)={{0xa, 0x4e23, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8}, {0xa, 0x4e24, 0x0, @local, 0x7}, 0xffffffffffffffff, {[0x6, 0x8, 0x1ff, 0x2e, 0x2, 0x7, 0x2, 0x81]}}, 0x5c) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 3.157832805s ago: executing program 1 (id=830): syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000240)='./file0\x00', 0x4006, &(0x7f0000002440)=ANY=[], 0xff, 0xc0a, &(0x7f0000001040)="$eJzs3VFsXeddAPD/d2zHdoa2S9ek3aim2yJ1IWOZ7axNK0+iocZiLGtNHW9AeehN7IRLnOsr2+nSCrbw1AeQMEPihSEhoaGKh8kI7QGehoTEq4X2hpACjFKEkO7Dqr2gGp1zvxtfO04T6jhOmt9PSv7nnvP/zvnO952cc+757lECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIj4xV86PTaeDroWAMC99NLsK2MTrv8A8FA56/s/AAAAAAAAAAAAAADc71IU8W6k+MYTnfRa9blr5EyzdeXq3NT07sVGU1VyoMov/4yMT5z84jPPnnquFz+4/N32qXh59uzp+otLl9vLCysrC/P1uVbz/NL8wh2vYa/ldzpeNUD98qUr8xcurNQnTpzctvhq7Z3hjx2tTZ4af/VIL3duanp6ti9ncOhDb/0mt3rD41AUcSFSXHr73dSIiCL23ha3OXb222i1E8ernZibmq52ZLHZaK2WC2d6DVFE1PoKvdBro3vQF3tSj7hWVr+s8PFy92bbjeXGucWF+kxjebW52lxqzaRubVOVXsRzKaIdEZ3hm1c3FEV8M1K89Z1OOhcRA712+Fz1YvDt61Pswz7egcGIqA1FbBQPQJ/dx4ajiO9Fim9/ayzO53atmu3piK+W8WjElTJej1gr42ciUnmAPBrx3i7HEw+WwSji9yPFjyc7ab7X99V55czX6l9uXVjqy+2dVx7468O9dJ+fm0aiiEZ1xu+kD3+zAwAAAADA/aeIP4oUT/7wWGpH/5his3WxfrZxbrH7VLj37L+eS21ubm7WUjeO5TiTYzvHtRzXc9woY2ytoFbk8jnO5NjOcS3H9Rw3cuzkWBvI5XOcybGd41qO6zlu5NjJsTaYy+c4M1jV7Fo7f17LcT3HjRw7gwfRTwAAAAAAAABwa6NRxNcjxdNfeL16rziq99I/MXnqlRO/0v/O+OO3WU+ZeyIi1os7eyf3UH51eCbNpHRA7xDTff/vd/P7f7930JUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOVBFFPBUpXv9+J0WKiHrEa9GN14cPunYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDdMJKKeC9S/MlXRqrPG0XEb0TE+5vvb0bE9fc377aD3mMAAAAAAAAA+AhKRbwRKZ56pZNqEXG19s7wx47WJk+Nv3pkIAYilSn9+S/Pnj1df3Hpcnt5YWVlYb4+12qeX5pfuNPNjZxptq5cnZua3pedua3Rfa7/6MiLS+03lpsXf2t11+WHR06fW1ldbpzffXGMRhFR759zvKrw3NR0VenFZqNVFZ1Jd1pjAAAAAAAAAB4GQ6mI9yPFW3/59o1x58HumP/gztzvfimiyNNTefz5xjB09buBj1e/G+hOf2Ly1K9OfLp/etch6+PVgHp9bmp6erZv9uDQzakjebtje9tl+pT9vxop/uDP6unJPG97/w/cyP3u72z197WdK7pFn/8/+n9bj/f6/6f75pXbTKmIv44UP/Nrj8eTVT0Px02/mch5X4kUv77+RM6LQ2XeU3n5I9XfIxeaiwtjZe7VSPH3V7bnPp1zP7mVO36n7fqgKPv/qUjx37+5fqNtcv/nHtjqtf7+//TOo2Pv/b/rv/9H+ubV8nZ/9u7sOhGx8sablxqLiwvLD+PEwP1RDRMmdp+Iawe39YM+M3EvlNf/r0eKv/vjf75xv5Ov/z8V1W3V1v3fT765df2f3Lmifbr+f7Jv3mS+GxkajBhZvdweeixiZOWNNz/fvNy4uHBxoXXy1PPPTow9Pz52cuhQ7+Zua2rnlm/6fvMwKvv/tyPF9/7tr+Kzed72+7/d7/8P71zRPvX/o33zDm+7X9nzrpP7/38jxT9O/SCO5XkfdP/f+/5/LN+E37g/36f+P9I3r/qO9/GIn+ubd+xIxEfuSxkAAADcZSkV8YM8njp2m/HUf4gUb/7Xz+e8dLTMeyEvr1V/j7y01Pr86cXFpfON1ca5xYX6bLtxfqEs+6NI0fmLJ3LZohpf7Y03d8d4t8Zi/ylSPP/LvdzuWGzv2dSjW7njZe6JSPGHL23P7T3HOLKVO1Hm/kukGH9199yjW7lfKHP/M1L85E/rvdzDZe6Xcu5jW7knzi8tzu9DtwAAAAAAwJ4MpSKejRR/e3Iw9Z5v38nvP2966L1Pv/97rG/e/D16X2XPjQoA97ny+n+svKr/wp/fGMvffv3fek+m//q/U///G3Cr6Q9z/a/dnd0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOikKGIpUnzjiU66Plx+7ho502xduTo3Nb17sdFUlRyo8ss/I+MTJ7/4zLOnnuvFDy5/t30qXp49e7r+4tLl9vLCysrCfH2u1Ty/NL9wx2vYa/mdjlcNUL986cr8hQsREydOblt8tfbO8MeO1iZPjb96pJc7NzU9PduXMzj0obd+k16/FjvmH4oi/idSXHr73fSvw3n5HtviNsfOfhuNIv4mIsqdmJuarnZksdlorZYLZ/oaotZX6IVeG92DvtiTesS1svplhY+Xuzfbbiw3zi0u1Gcay6vN1eZSayZ1a5uq9CKeSxHtiOgM37y6oShiKFK89Z3OaG9e1Q6fe2n2lbGJW1RiZGty5wF1jwxGRG0oYqN4APrsPjYcRTwTKb79rbH49+Fuu1bN9nTEV8t4NOJKGa9HrJXxMxGpPEAejXhvl+OJB8tgFPFIpPjxZCf9aDj3fXVeOfO1+pdbF5b6cnvnlQf++nAv3efnppEo4t3qjN9J/+HfMwAAAADAR0gRj0eKJ394LFXjgzfGFJuti/WzjXOL3cf6vWf/9Vxqc3Nzs5a6cSzHmRzbOa7luJ7jRo6dHGtFLp/jTI7tHNdyXM9xI8dOjrWBXD7HmRzbOa7luJ7jRo6dHGuDuXyOMzm2c1zLcT3HjRw7gwfZXwAAAAAAAAC7K6KIz0aK17/fSZvD3QHe16Ibr3sf6CPv/wIAAP//CqhQjw==") socket(0x10, 0x803, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0x4e00, 0x0, 0x730, 0xbdff, 0x10, "feeeff000000001b"}) write$binfmt_aout(r0, &(0x7f0000001ac0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"}) r1 = syz_open_pts(r0, 0x8182) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17) 3.107814939s ago: executing program 0 (id=831): syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000180)={[{@map_acorn}, {@block={'block', 0x3d, 0x400}, 0x0}, {@unhide}, {@nocompress}, {@map_normal}, {@map_off, 0x41}, {@showassoc}], [{@dont_hash}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}]}, 0x0, 0x633, &(0x7f0000000280)="$eJzs3U1v28gdx/EfZdlWXCAo2mIRBNlkNukCDpoqkrxxYKSHstTI5lYSBZIubKDAIt3YiyBytk1SoPFl4UsfgO0b6KXYSw99EQV67rvoscCivRXoRQVJ0U96dCLb3e73IzgckX/O/Id0OKAlkgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHK8eqVSddT025tbZjSvHgatMcuz2uZ1Nyvcndiu5CQ/KpV0LZt17TtHi99J/rmtG9m7Gyolk5L2v/HONx99u1jI1x+T0JvQWSt8+Xr/2eNud+fFjBO5YI812HMVplhx3bb9KPBb7ro1fhSYtdXVyv2NRmQaftNG21FsW8YLbSEOQrPs3TXVtbUVY8vbwWZ7ve42bT7z4fdrlcqq+XCxv/vvf1iOvA2/2fTb62lMsjiJeWg+/2kWYt2WMbtPuzsrk5JMgqrTBNUmBdUqtVq1WqtVVx+sPXhYqRQHZlRO0UDEzH9p8RUzu4M38JYKyfj/d0dqqqS2NrUlM/Tlqa5QgVojlvfl4//79+3Ydo+P//kof+1o8XWl4//N7N3NUeP/iFyMTLrCsCXOiPlv9nqp19rXMz1WV13t6MVs6r01uwzP8VWQ1qWi5CtSIF8tuVqXlenPMVrTqlZV0UfaUEORjBry1ZRVpG1FimXVSvdJKCtXsQKFMlqWp7syqmpNa1qRkVVZ2wq0qbbWVZerf/d6vV09Tbf7ypg8lQdVpwmqjQkaNf7/7LPs95Tx/+suP35NEwNcul7//P+Mbp1PNgAAAAAA4Dw46V/fnfSz+3cl9dTwm7Zy2WkBAAAAAIAZSj/5v5FM5pPSu3JGnP/3Lj43AAAAAAAwG056jZ0jaWm+Pyu/EmqaLwHMnXN6AAAAAABgBtLP/28uSL303mu35Jzp/B8AAAAAAHwF/PbYPfaL+T12e/nH+gVJUWfR+cs/FxXOOwedre86e26yxN3rxwx8AyBuXHeu9m/Um04WJKXvPDvvHD0YwEl/StmbL3cn3evfCU8lsDCX//liUgKrxf47fa73spj3+u0+2S8oXZK1stTwm7bsBc1HVbnu1UJst+JfPn/6Kyk87Ofu0+5O+eNPu0/SXA6SWQd7SR6fnUinMCmXV+n9FtJrLob1+IoaeZO/a7eWnLTdSt7/Obl7heMNTdf/X+t2FnN7KZsu7ed7IO1/Kel/tZzusqPep3eHcI6yqJ7u+bAdMSKLUprFnSzmzvKdbJLn18/ie3NSrTy4D8LjWdSOZzF5Wzj/GtgWE7JItsVKksVfk4pGZLFytiwG9ggAXJbdo1EovYn54D32T4+7b3KUmzy6//BkK6/+0MsuOJyTiv3PJsa2UlJyRF/OYhaUHliL14cc0Sv9caWkEUf0yluMbklbfz56BlI/7YEs/tPr9R5V03Z/f2pU/SJZ4YuR7UbN2lyyCe+/2vt5egP8xCc7n+w8r9VWVisfVCoPappPu9GfMPYAAIaY/IydiRHOB4dn1U/+8X5WOjHifevwKwVlfaxP1dUT3csfIXBreK1Lx76GcG/wrDWJvSKdiv3jvO6NPKtLx9Jj9dYOY/MLH06fAR7FrpzzXgAA4GLdnjAOTzP+38vPu5evDz3vPjmWn35C8KjY6gVvCQAAvj5s+KWzFP/GCUO/81F1ba3qxhvWhIH3YxP69XVr/HZsQ2/Dba9b0wmDOPCCpumEWvTrNjLRZqcThLFpBKHpBJG/lT753fQf/R7ZltuOfS/qNK0bWeMF7dj1YlP3I890Nn/U9KMNG6YrRx3r+Q3fc2M/aJso2Aw9WzYmsvZYoF+37dhv+EmxbTqh33LDbfOToLnZsqZuIy/0O3GQVZi35bcbQdhKqy2rd+YHHQIA8P/o5ev9Z4+73Z0XYwoHmhzTLywMq/Cy+wgAAE5ilAYAAAAAAAAAAAAAAAAAAAAA4H/fNNf/nakwP+xiQelwzi+uTlWPo1kndpZC4c1X/9uYmCuHc/LNfzzm4BJ6qqxQnH3NV6TpLxudQeEHu9kWHRmTLBy6aPFwXxRn/98hKTz/04hFvV6vN371xZPbcGFcB08WipJeLLzFLric4xGAi/PfAAAA//8Us0P7") creat(&(0x7f0000000140)='./bus\x00', 0x80) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000180)='./bus\x00', 0x0, 0x63d014, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) 2.707803462s ago: executing program 0 (id=832): socket$packet(0x11, 0x2, 0x300) socket$inet6_sctp(0xa, 0x5, 0x84) socket(0x11, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) syz_open_dev$vim2m(&(0x7f0000000500), 0x1, 0x2) socket$nl_route(0x10, 0x3, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_open_dev$video4linux(&(0x7f0000000000), 0xf, 0x101800) socket$inet6_sctp(0xa, 0x1, 0x84) syz_usb_connect(0x6, 0x24, &(0x7f00000001c0)=ANY=[], 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) socket$inet_smc(0x2b, 0x1, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$nl_route(0x10, 0x3, 0x0) unshare(0x6a040000) mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = gettid() write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, &(0x7f00000002c0)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(0xffffffffffffffff, &(0x7f00000000c0), 0x2) write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0xfe}, 0x2) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r0, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r2], 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x0) 2.655032896s ago: executing program 3 (id=833): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x3000010, &(0x7f00000000c0)={[{@errors_remount}, {@nobh}]}, 0x1, 0x513, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOt7rW1aSpOmNOk6LYt28T8QQcEnn3wR/AOEZR78A2RgQF/EB1FRRGf0QVDnSpIbp5Mmbd1pm07z+cBpzrn35n7PuSEn98fpvQGMrRci4o2ImIiIlyOimE9P87TYLux3l7t/753ldkoiy976axJJPq23rnZ5MiKud98SUxHxtS9HfDM5HLe5u7exVKtVt/NypVXfqjR3926u15fWqmvVzfn5udcWXl94dWE2yz1WO0u9zE++9Pn3Pv2t3y3++ca329X63EeiEH3tOE3dphc626KnvY22zyLYCEzk7SmMuiIAAJxIex//gxHxic7+fzEmOntzfSZGUTMAAADgtGRfmI5/JxEZAAAAcGmlETEdSVrOxwJMR5peyc8NfDiupbVGs/Wp1cbO5kp7XkQpCunqeq06m48VLkUhaZfn8jG2vfIrfeX5iHgmIr5fvNopl5cbtZURn/sAAACAcXG97/j/H8W0kz/egP8TAAAAAC6u0tACAAAAcFk45AcAAIDLr//4/70R1QMAAAA4E1958812ynrPv155e3dno/H2zZVqc6Nc31kuLze2t8prjcZa55599ePWV2s0tj4Tmzu3Kq1qs1Vp7u4t1hs7m63F9UcegQ0AAACco2c+fvvXSUTsf/ZqJ0V+H0CAR/xh1BUATtPEqCsAjIy7eMP4Koy6AsDIJcfMN3gHAACefDMfPXz9v/f8f+cG4HIz1gcAxo/r/zC+CkYAwlhLI+ID3exTw5YZev3/lyeNkmURd4oHpzi/CAAA52u6k5K0nB8HTEealssRT0ekpSgkq+u16mx+fPCrYuGpdnmu887k2DHDAAAAAAAAAAAAAAAAAAAAAAAAAEBXliWRAQAAAJdaRPqnpHM3/4iZ4kvT/ecHriT/LMYf88KP3vrBraVWa3uuPf1vnWd5XYmI1g/z6a8MfXwYAAAAcNqS/aGzusfp+evcudYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDFw/947y710nnH/8sWIKA2KPxlTndepKETEtb8nMXngfUlETJxC/P13I+LZQfGTeJBlWSmvxaD4V884fqmzaQbHTyPi+inEh3F2u93/vDHo+5fGC53Xwd+/yTw9ruH9X5pHfrbTzw3qf54+tLb6wBjP3f1ZZWj8dyOemxzc//T632RI/BcPre1fWZYdjvGNr+/tDYuf/ThiZuDvT/JIrEqrvlVp7u7dXK8vrVXXqpvz83OvLby+8OrCbGV1vVbN/w6M8b2P/fzBUe2/NiD+b3/T7X+Pav9Lw1ba5z93b937UDdbGBT/xosDf3+nYkj8NP/t+2Seb8+f6eX3u/mDnv/pneePav/KkO1/3Od/44Ttf/mr3/39CRcFAM5Bc3dvY6lWq24fkZk6wTJPYuYXUxeiGv9nJvtO95O7KPV5v5n23urDKb1WXYCKHchk5xZrIi5Ik/+XGWm3BAAAnIGHO/2jrgkAAAAAAAAAAAAAAAAAAACMr/O4nVh/zP3RNBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ej/DQAA///M/t/r") lchown(&(0x7f00000006c0)='./file0\x00', 0x0, 0xee01) 2.207540342s ago: executing program 1 (id=834): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@bridge_getneigh={0x28, 0x1e, 0x3c964e403b131b43, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}]}, 0x28}}, 0x0) r1 = dup(r0) read$FUSE(r1, &(0x7f0000003680)={0x2020}, 0x2020) 2.040335705s ago: executing program 2 (id=835): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) r2 = socket$l2tp6(0xa, 0x2, 0x73) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x0, 0x0, 0x0, 0x8}, &(0x7f0000000240)=0x20) sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x101001a, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',allow_other,\x00'], 0xfb, 0x0, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r4, &(0x7f0000004100)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_usb_disconnect(0xffffffffffffffff) clock_gettime(0x0, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r8, 0x29, 0xb, 0x0, 0x0) statx(r4, &(0x7f0000000180)='./file0\x00', 0x800, 0x8, 0x0) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000c80)={0x158, 0x0, r5, [{{0x6, 0x1, 0x8, 0x9, 0x8000, 0xffffffff, {0x6, 0x0, 0x400, 0x7, 0x1805, 0xa, 0x3, 0x1, 0x600, 0xa000, 0x40c, 0xee00, r7, 0xb0}}, {0x5, 0x0, 0x1, 0xfffffffb, '%'}}, {{0x1, 0x1, 0x8001, 0x361, 0x4, 0x9, {0x0, 0x100, 0x88, 0xf9, 0x8, 0x100, 0x2, 0xc37, 0x10000, 0xc000, 0x8, r6, 0x0, 0x7, 0x8}}, {0x0, 0x9, 0xa, 0x8, '/dev/fuse\x00'}}]}, 0x158) bind$inet6(r8, &(0x7f0000000240)={0xa, 0x4e20, 0xf, @empty, 0x5}, 0x1c) sendmmsg$inet6(r8, &(0x7f0000000ac0)=[{{&(0x7f0000000440)={0xa, 0x4e20, 0x2, @empty, 0x6}, 0x1c, &(0x7f0000000c40)}}], 0x1, 0x200c0858) r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) close_range(r9, 0xffffffffffffffff, 0x0) r10 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r10, 0x40405514, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0xfffffffffffffe00, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x40, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x2, 0x0, 0x22820adc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}) syz_open_dev$dri(&(0x7f00000000c0), 0x4d9, 0x2) mount_setattr(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={0x8}, 0x20) 1.931610454s ago: executing program 1 (id=836): syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000240)='./file0\x00', 0x2004010, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRES16=0x0, @ANYRES32, @ANYRESDEC], 0x1, 0x1cc, &(0x7f0000000600)="$eJzs281qE10YB/Bn+rbpx4ukC1fiYpauStsraJEKYkBQslAQFNtA6UjBQkAXtjsX3oQX48KtXonLgsKRZvJtLG3UDjS/3yYPM+d/5pwTJskJzPPbrw52D49az1qfYynLYm4r8jjNYjXmouckAIDr5DSl+JZSSosnsfwxUkpVjwgA+Nd8/wPA7Hn85OmD7UZj51GeL0UU79vNdrN8Lc9vt2I/itiL9ajHjzj7gdBV1vfuN3bW847V+FAcd/PH7eZ/o/mNqMfq5PxGmc9H8wuxMpzfjHrcnJzfnJivxZ1aP78QEfX4+jIOo4jdOMsO8u828vzuw8ZY/v9OOwAAALgO1vK+zv69FqP797W10fOD/XGZ384u/P/A2P56Pm7NVzt3AJhVR2/eHrwoir3XUxRL3T5+0+Z7SmnKnoeKLyvlRf60n4sW+4vl9S4f7y1p/8jW+etTTVEbHuFYsTzFUG9cYoLz57bpPXHyN6ecRURVC/4pIip/u6e6qTvFlX4MARUY3P2DY1mVAwIAAAAAAAAAAAAAAH5xFc8VVT1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGbPzwAAAP//t8F8mQ==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x189800, 0x0) r1 = fsopen(&(0x7f0000000c40)='devtmpfs\x00', 0x1) fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b0000000000000000000000008000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x19, &(0x7f000001b000)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xdc0f}}, @call={0x85, 0x0, 0x0, 0x50}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r4 = inotify_init() inotify_add_watch(r4, &(0x7f0000000400)='.\x00', 0x20) openat$sw_sync(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x40047211, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nodioread_nolock}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x563, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbDbp6+/XFEpREQn0YKU2aRJfKnioR9FiQe91SaahdNMt2U1pYsH2YC9epAgiFsS73j0W/wH/ioIWipSgBy+R2czmpdlNtukmu+1+PjDheWZm93memfk+eZ6dWTaAvjWS/SlEvBwR3yQRRyIiybcVI984srLf0uObU9mSxPLyp38l9f2yfOO9Gq87lGdeiojfvoo4VdhcbnVh8UqpXE7n8vxYbfbaWHVh8fTl2dJMOpNenZicPPv25MR7777Tsba+ceGf7z+5/+HZr08sfffLw6N3kzgXh/Nt69vxDG6tz4zESH5MBuPcEzuOd6CwXpJ0uwLsyEAe54OR9QFHYiCPeuDF92VELAN9KhH/0Kca44DG3L5D8+DnxqMPViZAm9tfXPlsJPbX50YHl5INM6NsvjvcgfKzMn79897dbInOfQ4BsK1btyPiTLG4uf9L8v5v5860sc+TZej/YO/cz8Y/bzYb/xRWxz/RZPxzqEns7sT28V942IFiWsrGf+/n5e7fUP7qTavhgTz3v/qYbzC5dLmcZn3b/yPiZAzuy/Jb3c85u/RgudW29eO/bMnKb4wF83o8LO7b+JrpUq30LG1e79HtiFeajn+T1fOfNDn/2fG40GYZx9N7r7Xatn37d9fyTxGvN53/rN3RSra+PzlWvx7GGlfFZn/fOf77xjVrR7Lb7c/O/8Gt2z+crL9fW336Mn7c/2/aatuG9kf71/9Q8lk9PZSvu1Gq1ebGI4aSjzevn1h7bSPf2D9r/8kTW/d/za7/AxHxeZvtv3Ps51fban+Xzv/0U53/p088+OiLH1qV317/91Y9dTJf007/124Fn+XYAQAAAAAAQK8pRMThSAqjq+lCYXR05fmOY3GwUK5Ua6cuVeavTkf9u7LDMVho3Ok+su55iPH8edhGfuKJ/GREHI2IbwcO1POjU5XydLcbDwAAAAAAAAAAAAAAAAAAAD3iUIvv/2f+GOh27YBd18ZPfg/tRT2Avbdt/Hfil56AntTG/3/gBSX+oX+Jf+hf4h/6l/iH/iX+oX+Jf+hf4h8AAAAAAAAAAAAAAAAAAAAAAAAAAAA66sL589myvPT45lSWn76+MH+lcv30dFot5LvMXRudqVRmyunoVGV2u/crVyrXxidi/sZYLa3WxqoLixdnK/NXaxcvz5Zm0ovp4K63CAAAAAAAAAAAAAAAAAAAAJ4/1YXFK6VyOZ2TkNhRotgb1ehSotgb1diFRLd7JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY818AAAD//0h7Mcc=") r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2, 0x96) pwrite64(r5, &(0x7f0000000080)='2', 0x1, 0x40008) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0}, 0x50) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x9, &(0x7f0000000040)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r7}, {}, {0x85, 0x0, 0x0, 0x9b}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r8, 0x0, 0xe, 0x0, &(0x7f0000000000)="c1188e19b95d02ff4284860151b0", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) sendfile(r6, r6, 0x0, 0xe3aa6ea) truncate(&(0x7f00000002c0)='./file1\x00', 0x42d9) r9 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) write$P9_RREADLINK(r9, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) 1.774062277s ago: executing program 4 (id=837): r0 = syz_open_dev$rtc(&(0x7f0000000140), 0x0, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_AIE_ON(r0, 0x7001) ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000780)={0x1b, 0x6, 0x6, 0x19, 0x8, 0x7ff, 0x5, 0x13b, 0xffffffffffffffff}) 1.73500365s ago: executing program 4 (id=838): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000002c0)={[{0x6, 0x4, 0x7, 0x8, 0x8, 0xff, 0x40, 0x4, 0x7f, 0xbe, 0x4, 0x6, 0xfffffffffffffffe}, {0x80, 0x8, 0x4, 0xf7, 0x5, 0x3, 0x1, 0x7, 0x4c, 0x3, 0xfc, 0x7}, {0x9b7, 0x84, 0xba, 0x1, 0x2, 0xc, 0x4, 0x2, 0x7, 0x6, 0x0, 0x0, 0x6}], 0x1}) 1.49068614s ago: executing program 4 (id=839): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=") r0 = open(&(0x7f0000000480)='.\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000500)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x0, 0x0, 0x3}, {0xffffffff}]}) 1.345645352s ago: executing program 1 (id=840): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, 0x0) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x2000018, &(0x7f00000013c0)=ANY=[], 0xf, 0x6b4, &(0x7f00000000c0)="$eJzs3c9vHGf9B/D3rNcbO98qX6dN2ggVESVSQYpInFgphAsBIZRDhapy4IqVOI2VjVPZLnIrBC5FcELi0D+gIPmGOCBxDwrncuvVx0pIXCIOERyMZnbWXnvX8Tr+GXi9ovHzzDzPPPPZzz4z411ntQH+Z926lOajFLl16a2lcn11Zaq9ujJ1om5uJynrjaTZKVLMJcXj5GbZXvQs6Sn7fDJ7453Pn6x+0Vlr1kvVv/Gs/QYY0He5XnI+yUhd9hsd9hCbxrud5KW+Lq1hx2plbGOlTNrFuoQjt9ZneTe77+a8BY6Z7m2s6Nw3+0wkJ5PqFlb9TlBfHRqHF+HB2NVVDgAAAF5Qnz086ggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgxVN//39RL426zPkU3e//b3W31fUX2qOjDgAAAAAAAAAA9sFXnuZplnKqu75WVH/zv1CtnMm/1pL/y/tZyEzmczlLmc5iFjOfq0kmegZqLU0vLs5fXd+zNHjPawP3vHZYjxgAAAAAAAAA/iv9Irc2/v4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHQZGMdIpqOdOtT6TR7FTTKn8sJ3/r1l8QxaCNjw4/DgAAANiTsefY5/+f5mmWcirJH8v1taJ6zf9q9Xp5LO9nLouZzWLamcmd+jV0+aq/sboy1V5dmXpQLv3jfucfuwqjGjGd9x4GH/lc1WM8dzNbbbmc21Uwd9Ko9iyd68YzOK6PypiKb9eGjKxZp7U82G+3exdhX+z2rYiJMrhkPSOTdWxlNk53MlBUb9QkWzPx7Gfn3wOOlEZG1490NY31d37OHEDOT9Zl+Xh+daA53631TDRSZeJaz+x79dmZSL765z/86F577v69uwuXjs9D2sHINtu3zompnky8NigTvQMd60w0d9l/ssrE2fX1W/l+fphLOZ+3M5/Z/CTTWcxM1ur26Xo+lz8nnj1nbm5ae3unSFr189JJ9TAxnc/3qtp0LlT7nspsijzMnczkzerftVzNN3I913Oj5xk+u23c1WOrzvrG1rO++0z/ZWDwF79WV8aT/Lou+3KwxXazc790rv1lXk/35LUz65+s9zrdcx5M9mTp5W52RgcO/jzXxuaX6kp5jI/r8niYqDNRnkDdu0Q3ulc6mWhW96L+ef676txYaM/dn783/d424y9vWX+jLstptfLlYaMc/FTsr3K+vJyx+kqyeXaUba+sX2VOb7qrtuq/uHTaGn1tZ6u2ouieqT/oO1PL+Vqeqa36d7j+ka5Vba8NbJuq2s71tG36fSsP086dQ8gfAHs0kZOt8b+Pfzb+6fgvx++NvzX23RPfPPF6K6N/Hf1Wc3LkjcbrxZ/yaX5Wvf4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2aOGDD+9Pt9sz84Mrje2bdqjsNPKWSlF/oc+we/34ZPJ8gR1OZSzJpi2j5YZ9O8THQ3Ye3xpGX2Xt58mh56f7JYKD+/ymrDQzzIA3d+rz0ZHPhGNZGd040UYyeAIc8YUJOHBXFh+8d2Xhgw+/Pvtg+t2Zd2fmRq9fvzF54/qbU1fuzrZnJjs/jzpK4CBs3PSPOhIAAAAAAAAAAABgWIM+IXDhpZ0+NDLUZzz8z0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX9y6lOajFLk6eXmyXF9dmWqXS7e+0bOZpNFIip8mxePkZjpLJnqGK/L7x1kbcJxPZm+88/mT1S82xmp2+ieNutyD5XrJ+SQjdblf493e83jFP7uPsEzYxW7i4Kj9JwAA//93mPQP") mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 1.24414201s ago: executing program 4 (id=841): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x34, 0x0, 0x8, 0x5, 0x0, 0x0, {0x3, 0x0, 0x9}, [@CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @tcp}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048000) sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x14, 0x2, 0x8, 0x201, 0x0, 0x0, {0x5, 0x0, 0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x4000010}, 0x20004004) 965.256022ms ago: executing program 2 (id=842): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, 0x0) ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x0, 0x41, &(0x7f00000002c0)="c26bca8b7597f49c865a04", 0xb, 0x0, 0xfffffffe, 0xfffffffe, 0x5, 0x71a8, 0x0}) ioctl$USBDEVFS_SETINTERFACE(r4, 0x80085504, &(0x7f0000000000)={0x0, 0xf}) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r5 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200, 0xd4}}, 0xe8) sendmmsg(r5, &(0x7f0000000480), 0x2e9, 0x0) 929.776245ms ago: executing program 4 (id=843): openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, 0x0, 0x0) r2 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x24132, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x218, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400"], 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0) r5 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%(,c\xbe\xfbL:', 0x0) r6 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%.,:', 0x0) write$binfmt_format(r2, &(0x7f0000000100)='-1\x00', 0x2) close_range(r2, 0xffffffffffffffff, 0x0) sendmmsg$unix(r0, &(0x7f0000000b40), 0x42, 0x80) close(r0) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0xcb) r7 = socket(0x10, 0x3, 0x0) write(r7, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000fe000040000a0000", 0x1c) 929.044465ms ago: executing program 0 (id=844): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f000000b780), 0x2, 0x0) readv(r0, &(0x7f0000002380)=[{&(0x7f00000001c0)=""/4096, 0x1000}], 0x1) 872.03133ms ago: executing program 1 (id=845): mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = socket(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4c, &(0x7f0000000000)=0xfffffffe, 0x4) 285.832988ms ago: executing program 1 (id=846): openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f", 0x7, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f00000000c0)={{0xa, 0x4e23, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8}, {0xa, 0x4e24, 0x0, @local, 0x7}, 0xffffffffffffffff, {[0x6, 0x8, 0x1ff, 0x2e, 0x2, 0x7, 0x2, 0x81]}}, 0x5c) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 148.724138ms ago: executing program 0 (id=847): openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x33b, 0x4000000) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5865, 0x10, 0x2, 0x24d}, &(0x7f00000006c0)=0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, 0x0, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_setup(0x7f5b, &(0x7f0000000400)={0x0, 0xd898, 0x800, 0x0, 0x1a9, 0x0, r2}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r5}, 0x10) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000580)={0x1, 0x1, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil}) ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"]) ioctl$KVM_SET_LAPIC(r7, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"}) ioctl$KVM_RUN(r7, 0xae80, 0x0) io_uring_enter(r2, 0x100847c0, 0x0, 0x1, 0x0, 0x0) 0s ago: executing program 2 (id=848): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r2, 0x0, 0x7, 0x0) setns(r2, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) unshare(0x62040200) socket$inet_tcp(0x2, 0x1, 0x0) kernel console output (not intermixed with test programs): entered disabled state [ 154.427953][ T4209] device bridge_slave_1 entered promiscuous mode [ 154.445933][ T4217] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.453326][ T4217] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.461332][ T4217] device bridge_slave_1 entered promiscuous mode [ 154.518251][ T4208] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 154.535525][ T4217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 154.547870][ T4213] team0: Port device team_slave_0 added [ 154.555227][ T4209] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 154.567551][ T4208] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 154.583910][ T4217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 154.595778][ T4213] team0: Port device team_slave_1 added [ 154.610625][ T4209] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 154.628285][ T4205] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.636994][ T4205] bridge0: port 1(bridge_slave_0) entered disabled state [ 154.646743][ T4205] device bridge_slave_0 entered promiscuous mode [ 154.696604][ T4208] team0: Port device team_slave_0 added [ 154.702924][ T4205] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.710368][ T4205] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.718838][ T4205] device bridge_slave_1 entered promiscuous mode [ 154.727155][ T4213] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 154.734733][ T4213] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.761596][ T4213] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 154.775798][ T4217] team0: Port device team_slave_0 added [ 154.782002][ T4213] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 154.789199][ T4213] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.815619][ T4213] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 154.834113][ T4208] team0: Port device team_slave_1 added [ 154.853880][ T4217] team0: Port device team_slave_1 added [ 154.862963][ T4209] team0: Port device team_slave_0 added [ 154.872167][ T4209] team0: Port device team_slave_1 added [ 154.901589][ T4205] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 154.940565][ T4208] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 154.947968][ T4208] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.978229][ T4208] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 154.996887][ T4205] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 155.006938][ T4217] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 155.014447][ T4217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.043037][ T4217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 155.061754][ T4208] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 155.070161][ T4208] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.109266][ T4208] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 155.139255][ T4217] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 155.150165][ T4217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.178214][ T4217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 155.190289][ T4209] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 155.197720][ T4209] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.226037][ T4209] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 155.244061][ T4213] device hsr_slave_0 entered promiscuous mode [ 155.251008][ T4213] device hsr_slave_1 entered promiscuous mode [ 155.269823][ T4209] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 155.277801][ T4209] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.310011][ T4209] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 155.353262][ T4205] team0: Port device team_slave_0 added [ 155.362995][ T4205] team0: Port device team_slave_1 added [ 155.392255][ T4209] device hsr_slave_0 entered promiscuous mode [ 155.399340][ T4209] device hsr_slave_1 entered promiscuous mode [ 155.407155][ T4209] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 155.415349][ T4209] Cannot create hsr debugfs directory [ 155.467294][ T4208] device hsr_slave_0 entered promiscuous mode [ 155.474379][ T4208] device hsr_slave_1 entered promiscuous mode [ 155.481392][ T4208] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 155.489304][ T4208] Cannot create hsr debugfs directory [ 155.498236][ T4217] device hsr_slave_0 entered promiscuous mode [ 155.505412][ T4217] device hsr_slave_1 entered promiscuous mode [ 155.512142][ T4217] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 155.520494][ T4217] Cannot create hsr debugfs directory [ 155.526672][ T4205] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 155.533960][ T4205] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.562476][ T4205] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 155.594815][ T4205] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 155.602422][ T4205] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.604208][ T1107] Bluetooth: hci1: command 0x0409 tx timeout [ 155.635894][ T4205] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 155.637991][ T1107] Bluetooth: hci0: command 0x0409 tx timeout [ 155.663319][ T1107] Bluetooth: hci3: command 0x0409 tx timeout [ 155.680429][ T1107] Bluetooth: hci2: command 0x0409 tx timeout [ 155.687104][ T1107] Bluetooth: hci4: command 0x0409 tx timeout [ 155.758529][ T4205] device hsr_slave_0 entered promiscuous mode [ 155.766549][ T4205] device hsr_slave_1 entered promiscuous mode [ 155.773722][ T4205] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 155.781505][ T4205] Cannot create hsr debugfs directory [ 155.994990][ T4213] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 156.026153][ T4213] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 156.035339][ T4213] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 156.048261][ T4213] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 156.064316][ T4208] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 156.080302][ T4208] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 156.093694][ T4208] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 156.107026][ T4208] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 156.197448][ T4209] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 156.208602][ T4209] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 156.221621][ T4209] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 156.236874][ T4217] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 156.248223][ T4209] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 156.276776][ T4217] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 156.286992][ T4217] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 156.312450][ T4208] 8021q: adding VLAN 0 to HW filter on device bond0 [ 156.322325][ T4217] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 156.352563][ T4208] 8021q: adding VLAN 0 to HW filter on device team0 [ 156.375502][ T1270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 156.386074][ T1270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 156.399935][ T4213] 8021q: adding VLAN 0 to HW filter on device bond0 [ 156.436542][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 156.448248][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 156.458499][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.467197][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.477304][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 156.487409][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 156.499425][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.509393][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.520340][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 156.548172][ T4205] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 156.562341][ T4205] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 156.575726][ T4205] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 156.589272][ T4205] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 156.598939][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 156.609614][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 156.618585][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 156.628131][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 156.640549][ T4213] 8021q: adding VLAN 0 to HW filter on device team0 [ 156.665671][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 156.677348][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 156.686906][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 156.713555][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 156.722877][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 156.734482][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 156.746058][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 156.757554][ T4274] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.765789][ T4274] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.775091][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 156.786367][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 156.796140][ T4274] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.804122][ T4274] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.813734][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 156.828162][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 156.857329][ T4209] 8021q: adding VLAN 0 to HW filter on device bond0 [ 156.870587][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 156.881524][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 156.895696][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 156.904759][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 156.925420][ T4208] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 156.942154][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 156.950266][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 156.978483][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 157.004881][ T4209] 8021q: adding VLAN 0 to HW filter on device team0 [ 157.035105][ T4217] 8021q: adding VLAN 0 to HW filter on device bond0 [ 157.042393][ T1270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 157.059460][ T1270] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 157.069752][ T1270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 157.081730][ T1270] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 157.091111][ T1270] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 157.120450][ T4217] 8021q: adding VLAN 0 to HW filter on device team0 [ 157.141793][ T4213] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 157.154834][ T4213] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 157.169804][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 157.185993][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 157.199597][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.207180][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.220705][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 157.230699][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 157.241724][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 157.250839][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 157.259615][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.267007][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.275159][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 157.283804][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 157.291824][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 157.301032][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 157.309907][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 157.319869][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 157.339695][ T4205] 8021q: adding VLAN 0 to HW filter on device bond0 [ 157.352315][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 157.363828][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 157.372350][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 157.381805][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 157.391804][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.399130][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.414463][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 157.422764][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 157.432285][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 157.442214][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.449733][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.473682][ T4205] 8021q: adding VLAN 0 to HW filter on device team0 [ 157.514577][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 157.522813][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 157.532088][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 157.541748][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 157.551901][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 157.561918][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 157.571135][ T4274] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.578780][ T4274] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.589335][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 157.598666][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 157.609075][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 157.618909][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 157.628416][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 157.637870][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 157.647647][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 157.656371][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 157.665033][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 157.675120][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 157.684011][ T3995] Bluetooth: hci3: command 0x041b tx timeout [ 157.690790][ T3995] Bluetooth: hci0: command 0x041b tx timeout [ 157.697302][ T3995] Bluetooth: hci1: command 0x041b tx timeout [ 157.705623][ T4208] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 157.728797][ T4209] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 157.747346][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 157.756795][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 157.764885][ T4277] Bluetooth: hci4: command 0x041b tx timeout [ 157.771211][ T4277] Bluetooth: hci2: command 0x041b tx timeout [ 157.779371][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 157.790494][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 157.799138][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 157.807370][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 157.821378][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 157.834820][ T4274] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.842269][ T4274] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.852874][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 157.864324][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 157.876094][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 157.885619][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 157.894880][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 157.905179][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 157.915113][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 157.932827][ T4217] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 157.945817][ T4217] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 157.971451][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 157.981555][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 157.996844][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 158.010417][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 158.022377][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 158.033819][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 158.042495][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 158.051411][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 158.060293][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 158.070748][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 158.079076][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 158.115793][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 158.125572][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 158.134968][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 158.148807][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 158.160413][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 158.174110][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 158.185126][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 158.202783][ T4213] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 158.222811][ T4209] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 158.235853][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 158.258114][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 158.284086][ T4208] device veth0_vlan entered promiscuous mode [ 158.303888][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 158.312982][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 158.322036][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 158.339600][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 158.370011][ T4208] device veth1_vlan entered promiscuous mode [ 158.388473][ T4213] device veth0_vlan entered promiscuous mode [ 158.407723][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 158.425300][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 158.434532][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 158.443319][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 158.450944][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 158.481005][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 158.490828][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 158.500145][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 158.508683][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 158.518542][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 158.542082][ T4213] device veth1_vlan entered promiscuous mode [ 158.550924][ T4217] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 158.583138][ T4209] device veth0_vlan entered promiscuous mode [ 158.614650][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 158.625251][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 158.635013][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 158.644281][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 158.652780][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 158.663128][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 158.677696][ T4209] device veth1_vlan entered promiscuous mode [ 158.692081][ T4213] device veth0_macvtap entered promiscuous mode [ 158.700971][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 158.709977][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 158.725399][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 158.735023][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 158.742706][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 158.751511][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 158.760701][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 158.770760][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 158.782953][ T4205] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 158.791617][ T4208] device veth0_macvtap entered promiscuous mode [ 158.804969][ T4213] device veth1_macvtap entered promiscuous mode [ 158.819815][ T4208] device veth1_macvtap entered promiscuous mode [ 158.867508][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 158.876953][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 158.894443][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 158.902472][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 158.911235][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 158.920096][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 158.934012][ T4213] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 158.966042][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 158.977322][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 158.987104][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 158.996627][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 159.006277][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 159.015466][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 159.024789][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 159.032769][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 159.043365][ T4209] device veth0_macvtap entered promiscuous mode [ 159.052518][ T4209] device veth1_macvtap entered promiscuous mode [ 159.063606][ T4205] device veth0_vlan entered promiscuous mode [ 159.078015][ T4213] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 159.090729][ T4205] device veth1_vlan entered promiscuous mode [ 159.108156][ T4209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 159.125772][ T4209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.140822][ T4209] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 159.149749][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 159.158618][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 159.167667][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 159.176217][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 159.185643][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 159.196058][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 159.205830][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 159.226131][ T4208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 159.236901][ T4208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.248394][ T4208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 159.259125][ T4208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.271064][ T4208] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 159.281714][ T4209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 159.301996][ T4209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.316049][ T4209] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 159.323948][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 159.332922][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 159.349267][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 159.358455][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 159.369620][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 159.378237][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 159.390870][ T4213] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.400193][ T4213] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.409585][ T4213] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.418651][ T4213] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.455534][ T4208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 159.466715][ T4208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.477891][ T4208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 159.489433][ T4208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.501777][ T4208] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 159.513359][ T4208] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.522338][ T4208] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.532346][ T4208] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.541576][ T4208] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.556181][ T4217] device veth0_vlan entered promiscuous mode [ 159.565522][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 159.574356][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 159.582836][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 159.591952][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 159.601342][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 159.610750][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 159.625301][ T4209] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.634591][ T4209] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.643946][ T4209] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.652818][ T4209] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.688948][ T4217] device veth1_vlan entered promiscuous mode [ 159.703545][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 159.711886][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 159.725378][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 159.750620][ T4205] device veth0_macvtap entered promiscuous mode [ 159.763496][ T4316] Bluetooth: hci0: command 0x040f tx timeout [ 159.763621][ T4267] Bluetooth: hci1: command 0x040f tx timeout [ 159.769653][ T4316] Bluetooth: hci3: command 0x040f tx timeout [ 159.827543][ T4205] device veth1_macvtap entered promiscuous mode [ 159.845264][ T4277] Bluetooth: hci2: command 0x040f tx timeout [ 159.865612][ T4277] Bluetooth: hci4: command 0x040f tx timeout [ 159.916584][ T4217] device veth0_macvtap entered promiscuous mode [ 159.928406][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 159.938147][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 159.946830][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 159.956992][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 159.966108][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 159.981144][ T4205] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 159.992827][ T4205] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.006426][ T4205] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.017620][ T4205] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.027937][ T4205] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.038833][ T4205] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.050946][ T4205] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 160.079371][ T4217] device veth1_macvtap entered promiscuous mode [ 160.087783][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 160.097301][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 160.106817][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 160.118119][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 160.140697][ T4205] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.152212][ T4205] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.165239][ T4205] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.176266][ T4205] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.187134][ T4205] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.197938][ T4205] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.210041][ T4205] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 160.227454][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 160.245457][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.246349][ T4274] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 160.254547][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 160.261579][ T4274] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.280185][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 160.294859][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 160.296536][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 160.312471][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 160.318116][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.322527][ T4205] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.340738][ T4205] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.350489][ T4205] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.359936][ T4205] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.372710][ T4217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.383954][ T4217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.395873][ T4217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.407282][ T4217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.417811][ T4217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.428607][ T4217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.438836][ T4217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 160.449837][ T4217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.462343][ T4217] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 160.480592][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 160.499073][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 160.508060][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 160.534269][ T4217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.545161][ T4217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.555893][ T4217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.569578][ T4217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.581053][ T4217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.592992][ T4217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.603517][ T4217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 160.614427][ T4217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 160.626394][ T4217] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 160.655441][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 160.665864][ T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 160.679250][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 160.687920][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.718851][ T4217] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.729617][ T4217] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.738790][ T4217] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.747923][ T4217] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.759616][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 160.786852][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 160.795894][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.833205][ T161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 160.834409][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 160.841301][ T161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.896290][ T4274] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 160.917829][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 160.925406][ T4274] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.969811][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 161.040020][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.049111][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.049166][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.094878][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.102925][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 161.143345][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 161.198822][ T1270] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.226923][ T1270] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.258457][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 161.583597][ T4287] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 161.656671][ T4344] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 161.875344][ T4316] Bluetooth: hci3: command 0x0419 tx timeout [ 161.881573][ T4316] Bluetooth: hci0: command 0x0419 tx timeout [ 161.893418][ T4316] Bluetooth: hci1: command 0x0419 tx timeout [ 161.930748][ T4353] Bluetooth: hci4: command 0x0419 tx timeout [ 161.941845][ T4353] Bluetooth: hci2: command 0x0419 tx timeout [ 161.989430][ T4355] netlink: 168 bytes leftover after parsing attributes in process `syz.3.11'. [ 162.033701][ T4250] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 162.115432][ T4287] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 162.149527][ T4287] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.153271][ T1107] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 162.200234][ T4361] tipc: Started in network mode [ 162.221231][ T4287] usb 3-1: config 0 descriptor?? [ 162.232127][ T4361] tipc: Node identity f27a267bc758, cluster identity 4711 [ 162.262572][ T4361] tipc: Enabled bearer , priority 0 [ 162.297111][ T4287] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 162.321505][ T4363] device syzkaller0 entered promiscuous mode [ 162.348629][ T4361] tipc: Resetting bearer [ 162.404073][ T1107] usb 1-1: Using ep0 maxpacket: 32 [ 162.416561][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #108!!! [ 162.465389][ T4250] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 162.477454][ T4360] tipc: Resetting bearer [ 162.498479][ T4250] usb 2-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 162.523373][ T1107] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 162.538912][ T4250] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 162.541168][ T4360] tipc: Disabling bearer [ 162.554337][ T1107] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 162.556756][ T4365] program syz.2.6 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 162.588232][ T4250] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.588239][ T1107] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 162.623463][ T1107] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.674380][ T1107] usb 1-1: config 0 descriptor?? [ 162.784826][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 162.819772][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 162.831177][ T4250] snd-usb-audio: probe of 2-1:27.0 failed with error -2 [ 162.849116][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 162.890890][ T4317] udevd[4317]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 162.892531][ T4328] device bridge_slave_0 left promiscuous mode [ 162.961546][ T4328] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.030182][ T4328] device bridge_slave_1 left promiscuous mode [ 163.043397][ T4328] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.071253][ T4328] bond0: (slave bond_slave_0): Releasing backup interface [ 163.086785][ T4328] bond0: (slave bond_slave_1): Releasing backup interface [ 163.150209][ T4328] team0: Port device team_slave_0 removed [ 163.168134][ T1107] ft260 0003:0403:6030.0001: unknown main item tag 0x7 [ 163.193737][ T4328] team0: Port device team_slave_1 removed [ 163.224101][ T1107] ft260 0003:0403:6030.0001: hidraw0: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.0-1/input0 [ 163.242301][ T26] audit: type=1326 audit(1755007836.564:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4330 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e575d5be9 code=0x7ffc0000 [ 163.266828][ T4328] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 163.274613][ T4287] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 163.291654][ T4287] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 163.301597][ T4328] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 163.327925][ T26] audit: type=1326 audit(1755007836.634:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4330 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e575d5be9 code=0x7ffc0000 [ 163.359466][ T4328] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 163.382097][ T4355] syz.3.11 (4355): drop_caches: 2 [ 163.399048][ T4328] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.406866][ T26] audit: type=1326 audit(1755007836.714:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4330 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f0e575d5be9 code=0x7ffc0000 [ 163.430870][ T1107] ft260 0003:0403:6030.0001: chip code: 6424 8183 [ 163.530635][ T4336] udc-core: couldn't find an available UDC or it's busy [ 163.543922][ T4336] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 163.608495][ T26] audit: type=1326 audit(1755007836.714:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4330 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e575d5be9 code=0x7ffc0000 [ 163.666758][ T23] usb 3-1: USB disconnect, device number 2 [ 163.673932][ T26] audit: type=1326 audit(1755007836.714:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4330 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e575d5be9 code=0x7ffc0000 [ 163.695954][ C0] vkms_vblank_simulate: vblank timer overrun [ 163.717520][ T26] audit: type=1326 audit(1755007836.714:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4330 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f0e575d5be9 code=0x7ffc0000 [ 163.746273][ T26] audit: type=1326 audit(1755007836.714:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4330 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e575d5be9 code=0x7ffc0000 [ 163.776707][ T26] audit: type=1326 audit(1755007836.714:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4330 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e575d5be9 code=0x7ffc0000 [ 163.805754][ T26] audit: type=1326 audit(1755007836.714:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4330 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0e575d5be9 code=0x7ffc0000 [ 163.828501][ C0] vkms_vblank_simulate: vblank timer overrun [ 163.847599][ T26] audit: type=1326 audit(1755007836.714:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4330 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e575d5be9 code=0x7ffc0000 [ 163.853401][ T1107] ft260 0003:0403:6030.0001: failed to retrieve status: -32 [ 163.953178][ T4264] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 164.023374][ T4353] usb 2-1: USB disconnect, device number 2 [ 164.030448][ T4336] delete_channel: no stack [ 164.308579][ T4375] netlink: 16 bytes leftover after parsing attributes in process `syz.2.15'. [ 164.354425][ T4264] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 164.390575][ T4264] usb 5-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 164.417104][ T4264] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 164.427432][ T4264] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.552196][ T4381] fuse: Bad value for 'fd' [ 164.593232][ T1107] usb 1-1: reset high-speed USB device number 2 using dummy_hcd [ 164.634949][ T4348] ft260 0003:0403:6030.0001: ft260_i2c_read: failed to start transaction, ret -38 [ 164.687329][ T4383] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 164.712255][ T4371] kAFS: unable to lookup cell '.,' [ 164.732255][ T23] usb 5-1: USB disconnect, device number 2 [ 164.797854][ T4381] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 165.495741][ T4264] usb 1-1: USB disconnect, device number 2 [ 165.603424][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 165.623368][ T4318] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 165.765551][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 165.795038][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!! [ 165.995788][ T4318] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 166.012846][ T4318] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.044427][ T4318] usb 2-1: config 0 descriptor?? [ 166.115731][ T4318] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 166.249836][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 166.476375][ T4401] kvm [4400]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 166.544769][ T4318] cpia1 2-1:0.0: unexpected state after lo power cmd: 00 [ 166.730470][ T4406] kvm [4405]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 166.734320][ T4413] tipc: Started in network mode [ 166.750184][ T4413] tipc: Node identity e6882e65e95f, cluster identity 4711 [ 166.760467][ T4413] tipc: Enabled bearer , priority 0 [ 166.781848][ T4413] device syzkaller0 entered promiscuous mode [ 166.808507][ T4413] tipc: Resetting bearer [ 166.830375][ T4412] tipc: Resetting bearer [ 166.857259][ T4412] tipc: Disabling bearer [ 166.917585][ T4420] futex_wake_op: syz.3.29 tries to shift op by 32; fix this program [ 167.003929][ T4420] loop8: detected capacity change from 0 to 7 [ 167.028795][ T4317] Dev loop8: unable to read RDB block 7 [ 167.036067][ T4317] loop8: unable to read partition table [ 167.045810][ T4317] loop8: partition table beyond EOD, truncated [ 167.083383][ T4420] Dev loop8: unable to read RDB block 7 [ 167.094596][ T4420] loop8: unable to read partition table [ 167.108986][ T4420] loop8: partition table beyond EOD, truncated [ 167.131980][ T4420] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 167.251895][ T4427] fuse: Bad value for 'fd' [ 167.555324][ T4427] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 167.616467][ T4318] gspca_cpia1: usb_control_msg 01, error -110 [ 167.628525][ T4318] cpia1 2-1:0.0: only firmware version 1 is supported (got: 0) [ 168.391783][ T4264] usb 2-1: USB disconnect, device number 3 [ 168.862621][ T4452] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 169.073246][ T4462] tipc: Started in network mode [ 169.120175][ T4462] tipc: Node identity b212a50ca24, cluster identity 4711 [ 169.173289][ T4318] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 169.187441][ T4462] tipc: Enabled bearer , priority 0 [ 169.236253][ T4463] device syzkaller0 entered promiscuous mode [ 169.286187][ T4462] tipc: Resetting bearer [ 169.329673][ T4461] tipc: Resetting bearer [ 169.563262][ T4318] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 169.583876][ T4318] usb 4-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 169.706037][ T4318] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 169.716311][ T4318] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.864258][ T4461] tipc: Disabling bearer [ 170.148807][ T4455] kAFS: unable to lookup cell '.,' [ 170.914496][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 171.592144][ T4503] fuse: Bad value for 'fd' [ 171.624477][ T4497] kvm [4496]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 171.721613][ T4250] usb 4-1: USB disconnect, device number 2 [ 171.822901][ T4509] tipc: Started in network mode [ 171.842394][ T4509] tipc: Node identity 6e82a90453c7, cluster identity 4711 [ 171.875763][ T4509] tipc: Enabled bearer , priority 0 [ 171.898885][ T4503] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 171.901894][ T4511] device syzkaller0 entered promiscuous mode [ 171.964378][ T4509] tipc: Resetting bearer [ 172.007024][ T4508] tipc: Resetting bearer [ 172.056666][ T4508] tipc: Disabling bearer [ 172.330536][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 172.339571][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #0a!!! [ 172.348786][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!! [ 172.358935][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!! [ 173.318736][ T4534] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 173.423186][ T4353] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 173.665552][ T4537] kvm [4536]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 173.703141][ T4353] usb 1-1: Using ep0 maxpacket: 16 [ 173.788864][ T4542] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 173.817910][ T4542] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 173.828008][ T4353] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 173.851874][ T4353] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 173.864747][ T4353] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 173.880057][ T4353] usb 1-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 173.895296][ T4353] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.910770][ T4353] usb 1-1: config 0 descriptor?? [ 174.043381][ T4264] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 174.280925][ T4560] tipc: Enabled bearer , priority 0 [ 174.309205][ T4560] device syzkaller0 entered promiscuous mode [ 174.339252][ T4555] kvm [4554]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc1 data 0x4000 [ 174.341147][ T4560] tipc: Resetting bearer [ 174.364394][ T4555] kvm [4554]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 174.392449][ T4559] tipc: Resetting bearer [ 174.415831][ T4559] tipc: Disabling bearer [ 174.418545][ T4555] kvm [4554]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 174.432846][ T4264] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 174.453180][ T4264] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 174.492645][ T4264] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 174.507815][ T4555] kvm [4554]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 174.523165][ T4264] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.722876][ T4566] kvm: pic: non byte write [ 174.797608][ T4548] kAFS: unable to lookup cell '.,' [ 175.102790][ T4569] [U]  [ 175.375313][ T4579] fuse: Bad value for 'fd' [ 175.723563][ T4586] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 176.193316][ T4353] usbhid 1-1:0.0: can't add hid device: -71 [ 176.201699][ T4353] usbhid: probe of 1-1:0.0 failed with error -71 [ 176.269591][ T4353] usb 1-1: USB disconnect, device number 3 [ 176.395931][ T4599] tipc: Enabled bearer , priority 0 [ 176.456163][ T4599] device syzkaller0 entered promiscuous mode [ 176.540384][ T4599] tipc: Resetting bearer [ 176.590707][ T4598] tipc: Resetting bearer [ 176.668326][ T4598] tipc: Disabling bearer [ 176.678485][ T4605] kvm: pic: non byte write [ 176.719329][ T4277] usb 2-1: USB disconnect, device number 4 [ 177.063970][ T4610] kvm [4609]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc1 data 0x4000 [ 177.098921][ T4610] kvm [4609]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 177.251243][ T4610] kvm [4609]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 177.370769][ T4610] kvm [4609]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 177.427058][ T4625] kvm [4624]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 178.296062][ T4647] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 178.369227][ T4634] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 178.403250][ T4264] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 178.443328][ T4634] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 178.603705][ T4651] tipc: Enabled bearer , priority 0 [ 178.628789][ T4651] device syzkaller0 entered promiscuous mode [ 178.677897][ T4651] tipc: Resetting bearer [ 178.718332][ T4650] tipc: Resetting bearer [ 178.765790][ T4650] tipc: Disabling bearer [ 178.774643][ T4264] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 178.805588][ T4264] usb 5-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 178.843220][ T4264] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 178.861306][ T4264] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.159989][ T4643] kAFS: unable to lookup cell '.,' [ 179.408046][ T4662] kvm [4661]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 179.621431][ T4679] netlink: 'syz.0.107': attribute type 2 has an invalid length. [ 179.657382][ T4679] netlink: 20 bytes leftover after parsing attributes in process `syz.0.107'. [ 179.662613][ T4672] kvm [4671]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc1 data 0x4000 [ 179.727546][ T4672] kvm [4671]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 179.812005][ T4672] kvm [4671]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 179.880219][ T4672] kvm [4671]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 179.968718][ T4686] device veth1_macvtap left promiscuous mode [ 181.085071][ T4277] usb 5-1: USB disconnect, device number 3 [ 181.192157][ T4694] tipc: Enabled bearer , priority 0 [ 181.290042][ T4698] device syzkaller0 entered promiscuous mode [ 181.384611][ T4694] tipc: Resetting bearer [ 181.450790][ T4700] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 181.547543][ T4693] tipc: Resetting bearer [ 181.575865][ T4693] tipc: Disabling bearer [ 181.688133][ T4712] netlink: 12 bytes leftover after parsing attributes in process `syz.1.116'. [ 181.746722][ T4712] Dropped outbound packet type=0 [ 181.951784][ T4712] syz.1.116 (4712) used greatest stack depth: 20832 bytes left [ 182.082170][ T4720] kvm [4719]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 182.393174][ T4353] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 182.818485][ T4353] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 182.840941][ T4353] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 182.880511][ T4353] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 182.913249][ T4353] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.200332][ T4730] kAFS: unable to lookup cell '.,' [ 183.589779][ T4753] tipc: Started in network mode [ 183.621687][ T4753] tipc: Node identity 5644c58d88c7, cluster identity 4711 [ 183.647405][ T4753] tipc: Enabled bearer , priority 0 [ 183.678719][ T4756] device syzkaller0 entered promiscuous mode [ 183.723563][ T4753] tipc: Resetting bearer [ 183.762927][ T4752] tipc: Resetting bearer [ 183.827784][ T4752] tipc: Disabling bearer [ 183.893191][ T4353] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 184.280364][ T4770] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 184.303378][ T4353] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 184.327842][ T4353] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 184.411475][ T4353] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 184.442188][ T4353] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.497055][ T4353] usb 3-1: config 0 descriptor?? [ 184.567705][ T4353] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 185.031206][ T4353] usb 2-1: USB disconnect, device number 5 [ 185.388420][ T4777] kvm [4775]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 186.252634][ T4798] fuse: Bad value for 'fd' [ 186.636416][ T4287] usb 3-1: USB disconnect, device number 3 [ 186.752692][ T4804] tipc: Enabled bearer , priority 0 [ 186.772778][ T4804] device syzkaller0 entered promiscuous mode [ 186.844646][ T4804] tipc: Resetting bearer [ 186.920645][ T4803] tipc: Resetting bearer [ 186.951671][ T4803] tipc: Disabling bearer [ 187.534339][ T4287] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 187.614654][ T4818] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 187.973432][ T4287] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 188.003221][ T4287] usb 3-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 188.051415][ T4287] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 188.096823][ T4287] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.269302][ T4826] kvm [4825]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 188.422991][ T4814] kAFS: unable to lookup cell '.,' [ 188.839840][ T4851] tipc: Enabled bearer , priority 0 [ 188.882779][ T4851] device syzkaller0 entered promiscuous mode [ 188.927466][ T4851] tipc: Resetting bearer [ 189.419000][ T4865] fuse: Bad value for 'fd' [ 189.566381][ T4862] kvm [4860]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 189.626264][ T4862] kvm [4860]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000 [ 189.639013][ T4865] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 189.671453][ T4862] kvm [4860]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 189.954404][ T4287] tipc: Node number set to 1027975428 [ 190.171125][ T4353] usb 3-1: USB disconnect, device number 4 [ 190.441048][ T4879] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 190.694849][ T4884] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 190.705862][ T4881] kvm [4880]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 190.723781][ T4884] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 190.994675][ T4897] program syz.3.171 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 191.024955][ T4896] tipc: Enabled bearer , priority 0 [ 191.051521][ T4896] device syzkaller0 entered promiscuous mode [ 191.147042][ T4896] tipc: Resetting bearer [ 191.204306][ T4895] tipc: Resetting bearer [ 191.238089][ T4895] tipc: Disabling bearer [ 191.532617][ T4905] device bridge1 entered promiscuous mode [ 191.650298][ T4905] team0: Port device bridge1 added [ 191.700884][ T4908] kvm [4907]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 191.717632][ T4919] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 191.737639][ T4920] fuse: Bad value for 'fd' [ 191.763307][ T4918] IPVS: stopping master sync thread 4919 ... [ 191.787358][ T4908] kvm [4907]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000 [ 191.828039][ T4908] kvm [4907]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 192.661293][ T4930] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 192.685290][ T4930] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 192.882507][ T4936] kvm [4935]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 193.296670][ T4956] tipc: Enabled bearer , priority 0 [ 193.348801][ T4960] device syzkaller0 entered promiscuous mode [ 193.379078][ T4956] Zero length message leads to an empty skb [ 193.427695][ T4956] tipc: Resetting bearer [ 193.504872][ T4954] tipc: Resetting bearer [ 193.548802][ T4954] tipc: Disabling bearer [ 193.751270][ T4965] netlink: 4 bytes leftover after parsing attributes in process `syz.1.189'. [ 194.156373][ T4974] kvm [4973]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 194.221080][ T4974] kvm [4973]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000 [ 194.294478][ T4974] kvm [4973]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 194.370382][ T4985] fuse: Bad value for 'fd' [ 194.613232][ T4287] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 194.725837][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.733838][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.063315][ T4287] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 195.096336][ T4287] usb 3-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 195.121045][ T5000] tipc: Enabling of bearer rejected, already enabled [ 195.163696][ T4287] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 195.198359][ T4287] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.536539][ T4984] kAFS: unable to lookup cell '.,' [ 196.210105][ T5021] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 196.261635][ T5029] fuse: Bad value for 'fd' [ 196.753614][ T5037] tipc: Enabled bearer , priority 0 [ 196.787973][ T5037] device syzkaller0 entered promiscuous mode [ 196.832222][ T5037] tipc: Resetting bearer [ 196.851932][ T5036] tipc: Resetting bearer [ 196.901389][ T5036] tipc: Disabling bearer [ 197.445509][ T5042] netlink: 'syz.1.214': attribute type 2 has an invalid length. [ 197.483265][ T5042] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.214'. [ 197.795282][ T5044] kvm [5043]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 197.833032][ T5044] kvm [5043]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 197.861724][ T5055] netlink: 12 bytes leftover after parsing attributes in process `syz.4.218'. [ 197.876365][ T5044] kvm [5043]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000 [ 198.017267][ T1107] usb 3-1: USB disconnect, device number 5 [ 198.044584][ T5057] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 198.069446][ T5057] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 198.090708][ T5057] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 198.100145][ T5057] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 198.111962][ T5057] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 198.122515][ T5060] netlink: 28 bytes leftover after parsing attributes in process `syz.4.218'. [ 198.140380][ T5060] 8021q: adding VLAN 0 to HW filter on device bond1 [ 198.290258][ T5065] kvm [5064]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000 [ 198.326659][ T5065] kvm [5064]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 198.361629][ T5065] kvm [5064]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 198.463277][ T4318] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 198.484364][ T23] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 198.600880][ T5076] tipc: Enabled bearer , priority 0 [ 198.626399][ T5076] device syzkaller0 entered promiscuous mode [ 198.668843][ T5076] tipc: Resetting bearer [ 198.689949][ T5075] tipc: Resetting bearer [ 198.715746][ T5075] tipc: Disabling bearer [ 198.733198][ T4318] usb 2-1: Using ep0 maxpacket: 8 [ 198.845797][ T23] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 198.877407][ T23] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 198.903349][ T4318] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 198.926791][ T4318] usb 2-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5 [ 198.938482][ T23] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 198.960551][ T4318] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.971793][ T23] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.017557][ T4318] usb 2-1: config 0 descriptor?? [ 199.031281][ T23] usb 5-1: config 0 descriptor?? [ 199.361186][ T5086] fuse: Bad value for 'fd' [ 199.527577][ T23] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0 [ 199.549951][ T23] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0 [ 199.576834][ T23] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0D8C:0022.0002/input/input5 [ 199.612415][ T23] cm6533_jd 0003:0D8C:0022.0002: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0 [ 199.751205][ T4318] usb 5-1: USB disconnect, device number 4 [ 199.868904][ T5096] fido_id[5096]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory [ 200.033169][ T4287] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 200.443349][ T4287] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 200.465647][ T4287] usb 4-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 200.511601][ T4287] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 200.542244][ T4287] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.858084][ T5095] kAFS: unable to lookup cell '.,' [ 200.873718][ T1110] usb 2-1: USB disconnect, device number 6 [ 201.039331][ T5108] kvm [5102]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 201.076753][ T5108] kvm [5102]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 201.119947][ T5108] kvm [5102]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000 [ 201.269872][ T5110] kvm [5109]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000 [ 201.341536][ T5110] kvm [5109]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 201.464021][ T5110] kvm [5109]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 201.588568][ T5117] tipc: Enabled bearer , priority 0 [ 201.627124][ T5117] device syzkaller0 entered promiscuous mode [ 201.720158][ T5117] tipc: Resetting bearer [ 201.760601][ T5120] device netdevsim0 entered promiscuous mode [ 201.853415][ T5120] device netdevsim0 left promiscuous mode [ 201.954909][ T5116] tipc: Resetting bearer [ 201.966005][ T5116] tipc: Disabling bearer [ 201.968831][ T5123] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 202.282204][ T4318] usb 4-1: USB disconnect, device number 3 [ 202.348473][ T5128] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 202.388994][ T5128] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 202.551971][ T5143] fuse: Bad value for 'fd' [ 203.282243][ T5158] kvm [5155]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 203.408794][ T5158] kvm [5155]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 203.528195][ T5158] kvm [5155]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000 [ 203.618809][ T5164] kvm [5163]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000 [ 203.674985][ T5164] kvm [5163]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 203.720260][ T5164] kvm [5163]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 203.821563][ T5168] tipc: Enabled bearer , priority 0 [ 203.837338][ T5168] device syzkaller0 entered promiscuous mode [ 203.903750][ T5168] tipc: Resetting bearer [ 203.952628][ T5167] tipc: Resetting bearer [ 204.012019][ T5167] tipc: Disabling bearer [ 204.067124][ T5170] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 204.087156][ C0] vkms_vblank_simulate: vblank timer overrun [ 204.381148][ T5173] kvm [5172]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000 [ 204.406988][ T5173] kvm [5172]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 204.486503][ T5185] kAFS: unable to lookup cell '.,' [ 204.504973][ T5173] kvm [5172]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 205.221229][ T5203] fuse: Bad value for 'fd' [ 205.437539][ T5200] kvm [5199]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0xffffffff000006ed [ 205.515579][ T5200] kvm [5199]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc1 data 0xffffffff000046ed [ 205.515681][ T5200] kvm [5199]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0xffffffff00000101 [ 205.515711][ T5200] kvm [5199]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0xffffffff00004101 [ 205.539089][ T5200] kvm [5199]: vcpu0, guest rIP: 0x18e ignored wrmsr: 0x11e data 0xc004022 [ 205.539146][ T5200] kvm [5199]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xc000022 [ 205.576832][ T5200] kvm [5199]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0x52 [ 205.620667][ T5200] kvm [5199]: vcpu0, guest rIP: 0x18e vmx_set_msr: BTF|LBR in IA32_DEBUGCTLMSR 0x52, nop [ 206.305565][ T5222] tipc: Enabled bearer , priority 0 [ 206.333921][ T5222] device syzkaller0 entered promiscuous mode [ 206.413312][ T4250] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 206.441380][ T5222] tipc: Resetting bearer [ 206.504844][ T5221] tipc: Resetting bearer [ 206.539784][ T5221] tipc: Disabling bearer [ 206.589592][ T5226] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 206.823565][ T4250] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 206.852507][ T4250] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 206.866944][ T4250] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 206.876484][ T4250] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 206.888591][ T4250] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 206.964505][ T5230] kvm [5228]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 207.015282][ T5230] kvm [5228]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe706111 [ 207.028748][ T5233] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 207.042839][ T4250] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 207.059345][ T4250] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 207.070184][ T5233] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 207.086792][ T4250] usb 2-1: Product: syz [ 207.091035][ T4250] usb 2-1: Manufacturer: syz [ 207.194489][ T4250] cdc_wdm 2-1:1.0: skipping garbage [ 207.205303][ T4250] cdc_wdm 2-1:1.0: skipping garbage [ 207.294340][ T4250] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 207.300396][ T4250] cdc_wdm 2-1:1.0: Unknown control protocol [ 207.504965][ T1107] usb 2-1: USB disconnect, device number 7 [ 207.728450][ T5261] kAFS: unable to lookup cell '.,' [ 208.356078][ T5273] tipc: Enabled bearer , priority 0 [ 208.378990][ T5278] fuse: Bad value for 'fd' [ 208.457243][ T5276] device syzkaller0 entered promiscuous mode [ 208.595554][ T5273] tipc: Resetting bearer [ 208.669738][ T5270] tipc: Resetting bearer [ 208.716920][ T5270] tipc: Disabling bearer [ 211.148055][ T5316] kvm_set_msr_common: 5 callbacks suppressed [ 211.148073][ T5316] kvm [5315]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 211.485153][ T5321] tipc: Enabled bearer , priority 0 [ 211.502990][ T5321] device syzkaller0 entered promiscuous mode [ 211.557346][ T5321] tipc: Resetting bearer [ 211.599233][ T5320] tipc: Resetting bearer [ 211.691062][ T5320] tipc: Disabling bearer [ 212.377300][ T4264] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 212.653720][ T4264] usb 5-1: Using ep0 maxpacket: 16 [ 212.723463][ T4353] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 212.783548][ T4264] usb 5-1: config 0 has no interfaces? [ 212.789547][ T4264] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 212.824852][ T4264] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.858689][ T4264] usb 5-1: config 0 descriptor?? [ 212.970079][ T5350] fuse: Bad value for 'fd' [ 213.193396][ T4264] usb 5-1: string descriptor 0 read error: -71 [ 213.212997][ T4264] usb 5-1: USB disconnect, device number 5 [ 213.373430][ T4353] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 213.417330][ T4353] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 213.431351][ T4353] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 213.448865][ T4353] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 213.467957][ T4353] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.636430][ T4353] snd-usb-audio: probe of 1-1:27.0 failed with error -12 [ 213.741517][ T5357] udevd[5357]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 214.780296][ T5376] kAFS: unable to lookup cell '.,' [ 214.846224][ T5378] tipc: Enabled bearer , priority 0 [ 214.863838][ T5378] device syzkaller0 entered promiscuous mode [ 214.911121][ T5378] tipc: Resetting bearer [ 214.951448][ T5377] tipc: Resetting bearer [ 215.003966][ T5377] tipc: Disabling bearer [ 215.285298][ T23] usb 1-1: USB disconnect, device number 4 [ 216.529009][ T5392] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 217.143024][ T5392] syz.0.313 (5392) used greatest stack depth: 19296 bytes left [ 217.766516][ T5422] tipc: Enabling of bearer rejected, already enabled [ 217.855917][ T5424] fuse: Bad value for 'fd' [ 217.922015][ T5416] kvm [5415]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000 [ 219.175490][ T5460] tipc: Enabled bearer , priority 0 [ 219.202650][ T5460] device syzkaller0 entered promiscuous mode [ 219.320340][ T5460] tipc: Resetting bearer [ 219.401761][ T5459] tipc: Resetting bearer [ 219.494465][ T5459] tipc: Disabling bearer [ 219.705306][ T5446] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 219.775031][ T5465] tipc: Enabled bearer , priority 0 [ 219.828471][ T5465] device syzkaller0 entered promiscuous mode [ 219.888922][ T5465] tipc: Resetting bearer [ 219.926433][ T5464] tipc: Resetting bearer [ 219.993775][ T5464] tipc: Disabling bearer [ 220.334555][ T4287] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 220.533274][ T4287] usb 2-1: device descriptor read/64, error -71 [ 220.803434][ T4287] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 221.005999][ T4287] usb 2-1: device descriptor read/64, error -71 [ 221.119329][ T5499] tipc: Enabled bearer , priority 0 [ 221.146649][ T4287] usb usb2-port1: attempt power cycle [ 221.167705][ T5499] device syzkaller0 entered promiscuous mode [ 221.231281][ T5503] fuse: Bad value for 'fd' [ 221.353922][ T5499] tipc: Resetting bearer [ 221.398721][ T5498] tipc: Resetting bearer [ 221.448710][ T5498] tipc: Disabling bearer [ 221.583208][ T4287] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 221.673240][ T4287] usb 2-1: device descriptor read/8, error -71 [ 221.699382][ T5515] netlink: 'syz.2.352': attribute type 4 has an invalid length. [ 221.943186][ T4287] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 222.043350][ T4287] usb 2-1: device descriptor read/8, error -71 [ 222.167109][ T4287] usb usb2-port1: unable to enumerate USB device [ 223.612761][ T5550] tipc: Enabled bearer , priority 0 [ 223.712658][ T5554] device syzkaller0 entered promiscuous mode [ 223.840179][ T5550] tipc: Resetting bearer [ 223.859058][ T5548] tipc: Resetting bearer [ 223.865661][ T5560] netlink: 4 bytes leftover after parsing attributes in process `syz.0.364'. [ 223.881926][ T5548] tipc: Disabling bearer [ 224.368884][ T5578] syz.3.369 uses obsolete (PF_INET,SOCK_PACKET) [ 224.403840][ T5578] device syzkaller1 entered promiscuous mode [ 225.506314][ T5605] tipc: Enabling of bearer rejected, already enabled [ 225.603286][ T4287] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 225.853175][ T4287] usb 5-1: device descriptor read/64, error -71 [ 226.123350][ T4287] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 226.443137][ T4287] usb 5-1: device descriptor read/64, error -71 [ 226.573430][ T4287] usb usb5-port1: attempt power cycle [ 227.003176][ T4287] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 227.153229][ T4287] usb 5-1: device descriptor read/8, error -71 [ 227.463183][ T4287] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 227.583214][ T4287] usb 5-1: device descriptor read/8, error -71 [ 227.713355][ T4287] usb usb5-port1: unable to enumerate USB device [ 228.998600][ T5646] tipc: Enabled bearer , priority 0 [ 229.063721][ T5648] device syzkaller0 entered promiscuous mode [ 229.139379][ T5646] tipc: Resetting bearer [ 229.157153][ T5645] tipc: Resetting bearer [ 229.181574][ T5645] tipc: Disabling bearer [ 230.040276][ T5671] netlink: set zone limit has 8 unknown bytes [ 230.356811][ T5677] fuse: Bad value for 'fd' [ 230.903177][ T1110] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 230.963212][ T13] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 231.126175][ T1110] usb 3-1: device descriptor read/64, error -71 [ 231.223198][ T13] usb 1-1: Using ep0 maxpacket: 16 [ 231.363851][ T13] usb 1-1: config 0 has an invalid interface number: 48 but max is 0 [ 231.413225][ T1110] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 231.422854][ T13] usb 1-1: config 0 has no interface number 0 [ 231.464611][ T13] usb 1-1: too many endpoints for config 0 interface 48 altsetting 48: 48, using maximum allowed: 30 [ 231.532932][ T13] usb 1-1: config 0 interface 48 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 48 [ 231.633139][ T1110] usb 3-1: device descriptor read/64, error -71 [ 231.663329][ T13] usb 1-1: config 0 interface 48 has no altsetting 0 [ 231.708304][ T26] kauditd_printk_skb: 42 callbacks suppressed [ 231.708315][ T26] audit: type=1800 audit(1755008161.031:54): pid=5692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.402" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 231.763772][ T1110] usb usb3-port1: attempt power cycle [ 231.943407][ T13] usb 1-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 231.966745][ T13] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 231.999215][ T13] usb 1-1: Product: syz [ 232.022966][ T13] usb 1-1: Manufacturer: syz [ 232.041835][ T13] usb 1-1: SerialNumber: syz [ 232.065482][ T13] usb 1-1: config 0 descriptor?? [ 232.203214][ T1110] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 232.337581][ T5685] netlink: 8 bytes leftover after parsing attributes in process `syz.0.400'. [ 232.375840][ T1110] usb 3-1: device descriptor read/8, error -71 [ 232.576456][ T5697] tipc: Enabled bearer , priority 0 [ 232.645920][ T5701] device syzkaller0 entered promiscuous mode [ 232.653449][ T1110] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 232.753341][ T1110] usb 3-1: device descriptor read/8, error -71 [ 232.791343][ T5697] tipc: Resetting bearer [ 232.846071][ T5696] tipc: Resetting bearer [ 232.886357][ T1110] usb usb3-port1: unable to enumerate USB device [ 232.911040][ T5696] tipc: Disabling bearer [ 233.441399][ T5716] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 233.471754][ T5716] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 233.851054][ T13] usb 1-1: USB disconnect, device number 5 [ 235.744514][ T5754] tipc: Enabled bearer , priority 0 [ 235.779842][ T5754] device syzkaller0 entered promiscuous mode [ 235.838720][ T5754] tipc: Resetting bearer [ 235.897056][ T5752] tipc: Resetting bearer [ 235.922174][ T5752] tipc: Disabling bearer [ 236.779239][ T5766] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 236.830292][ T5766] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 237.083244][ T1107] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 237.283436][ T1107] usb 1-1: device descriptor read/64, error -71 [ 237.451950][ T5779] fuse: Bad value for 'fd' [ 237.553303][ T1107] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 237.624402][ T5784] tipc: Failed to remove unknown binding: 66,1,1/0:81970199/81970201 [ 237.624491][ T5784] tipc: Failed to remove unknown binding: 66,1,1/0:81970199/81970201 [ 237.743247][ T1107] usb 1-1: device descriptor read/64, error -71 [ 237.857074][ T5786] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 237.875378][ T1107] usb usb1-port1: attempt power cycle [ 238.080787][ T26] audit: type=1326 audit(1755008167.401:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5790 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64de845be9 code=0x7ffc0000 [ 238.160240][ T26] audit: type=1326 audit(1755008167.441:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5790 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f64de845be9 code=0x7ffc0000 [ 238.293989][ T1107] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 238.302802][ T26] audit: type=1326 audit(1755008167.441:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5790 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64de845be9 code=0x7ffc0000 [ 238.347522][ T26] audit: type=1326 audit(1755008167.441:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5790 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64de845be9 code=0x7ffc0000 [ 238.433270][ T1107] usb 1-1: device descriptor read/8, error -71 [ 238.483565][ T26] audit: type=1326 audit(1755008167.451:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5790 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f64de845be9 code=0x7ffc0000 [ 238.514720][ T5793] tipc: Enabled bearer , priority 0 [ 238.559029][ T5793] device syzkaller0 entered promiscuous mode [ 238.630529][ T26] audit: type=1326 audit(1755008167.451:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5790 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64de845be9 code=0x7ffc0000 [ 238.672096][ T5793] tipc: Resetting bearer [ 238.727130][ T5792] tipc: Resetting bearer [ 238.743216][ T1107] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 238.771877][ T26] audit: type=1326 audit(1755008167.451:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5790 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64de845be9 code=0x7ffc0000 [ 238.802934][ T5792] tipc: Disabling bearer [ 238.843274][ T1107] usb 1-1: device descriptor read/8, error -71 [ 238.930296][ T26] audit: type=1326 audit(1755008167.451:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5790 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f64de845be9 code=0x7ffc0000 [ 238.973705][ T1107] usb usb1-port1: unable to enumerate USB device [ 239.122653][ T26] audit: type=1326 audit(1755008167.451:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5790 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64de845be9 code=0x7ffc0000 [ 239.386869][ T26] audit: type=1326 audit(1755008167.451:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5790 comm="syz.2.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64de845be9 code=0x7ffc0000 [ 240.101097][ T5824] capability: warning: `syz.3.440' uses deprecated v2 capabilities in a way that may be insecure [ 240.832506][ T5832] fuse: Bad value for 'fd' [ 241.770376][ T5840] tipc: Enabled bearer , priority 0 [ 241.784148][ T5840] device syzkaller0 entered promiscuous mode [ 241.874041][ T5840] tipc: Resetting bearer [ 241.906255][ T5839] tipc: Resetting bearer [ 242.001582][ T5839] tipc: Disabling bearer [ 242.433185][ T4318] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 242.623309][ T4318] usb 3-1: device descriptor read/64, error -71 [ 242.903224][ T4318] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 243.313224][ T4318] usb 3-1: device descriptor read/64, error -71 [ 243.450180][ T5872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.455'. [ 243.484041][ T4318] usb usb3-port1: attempt power cycle [ 243.734374][ T5879] fuse: Bad value for 'fd' [ 243.893223][ T4318] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 243.993308][ T4318] usb 3-1: device descriptor read/8, error -71 [ 244.273260][ T4318] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 244.383274][ T4318] usb 3-1: device descriptor read/8, error -71 [ 244.518374][ T4318] usb usb3-port1: unable to enumerate USB device [ 244.910608][ T5893] tipc: Enabled bearer , priority 0 [ 244.921298][ T5893] device syzkaller0 entered promiscuous mode [ 244.959918][ T5893] tipc: Resetting bearer [ 244.981236][ T5892] tipc: Resetting bearer [ 245.006957][ T5892] tipc: Disabling bearer [ 245.754962][ T5904] loop6: detected capacity change from 0 to 7 [ 245.879497][ T5904] Dev loop6: unable to read RDB block 7 [ 245.893330][ T5904] loop6: unable to read partition table [ 245.923505][ T5904] loop6: partition table beyond EOD, truncated [ 245.960550][ T5904] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5) [ 246.230690][ T5921] fuse: Bad value for 'fd' [ 246.886398][ T5933] tipc: Enabled bearer , priority 0 [ 246.955616][ T5934] device syzkaller0 entered promiscuous mode [ 247.002669][ T5932] tipc: Resetting bearer [ 247.062850][ T5932] tipc: Disabling bearer [ 248.163371][ T4318] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 248.363184][ T4318] usb 4-1: device descriptor read/64, error -71 [ 248.633204][ T4318] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 248.703731][ T5967] tipc: Enabled bearer , priority 0 [ 248.731796][ T5967] device syzkaller0 entered promiscuous mode [ 248.775997][ T5966] tipc: Resetting bearer [ 248.811352][ T5966] tipc: Disabling bearer [ 248.853305][ T4318] usb 4-1: device descriptor read/64, error -71 [ 248.973454][ T4318] usb usb4-port1: attempt power cycle [ 249.012963][ T5970] fuse: Bad value for 'fd' [ 249.350441][ T5976] process 'syz.1.491' launched '/dev/fd/3' with NULL argv: empty string added [ 249.393387][ T4318] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 249.503373][ T4318] usb 4-1: device descriptor read/8, error -71 [ 249.803198][ T4318] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 249.893295][ T4318] usb 4-1: device descriptor read/8, error -71 [ 250.015501][ T4318] usb usb4-port1: unable to enumerate USB device [ 250.053544][ T13] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 250.187207][ T5991] netlink: 4 bytes leftover after parsing attributes in process `syz.0.496'. [ 250.289092][ T5991] device bridge_slave_1 left promiscuous mode [ 250.303346][ T5991] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.347688][ T5991] device bridge_slave_0 left promiscuous mode [ 250.393409][ T5991] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.444312][ T13] usb 3-1: config 0 has an invalid interface number: 117 but max is 0 [ 250.463762][ T13] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 250.503301][ T13] usb 3-1: config 0 has no interface number 0 [ 250.540364][ T13] usb 3-1: too many endpoints for config 0 interface 117 altsetting 0: 239, using maximum allowed: 30 [ 250.612926][ T13] usb 3-1: config 0 interface 117 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 239 [ 250.843264][ T13] usb 3-1: New USB device found, idVendor=0742, idProduct=2009, bcdDevice=61.46 [ 250.879598][ T6002] tipc: Enabled bearer , priority 0 [ 250.894107][ T13] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.902192][ T13] usb 3-1: Product: syz [ 250.921245][ T6002] device syzkaller0 entered promiscuous mode [ 250.970084][ T6001] tipc: Resetting bearer [ 250.991546][ T13] usb 3-1: Manufacturer: syz [ 251.003224][ T13] usb 3-1: SerialNumber: syz [ 251.055666][ T13] usb 3-1: config 0 descriptor?? [ 251.068501][ T6001] tipc: Disabling bearer [ 251.155612][ T13] HFC-S_USB: probe of 3-1:0.117 failed with error -5 [ 251.359859][ T13] usb 3-1: USB disconnect, device number 14 [ 251.758967][ T6023] fuse: Bad value for 'fd' [ 252.078027][ T6027] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 252.663136][ T4287] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 252.825740][ T6068] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 252.953332][ T4287] usb 3-1: no configurations [ 252.960946][ T4287] usb 3-1: can't read configurations, error -22 [ 253.145500][ T6081] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.153168][ T4287] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 253.153283][ T6081] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.433583][ T4287] usb 3-1: no configurations [ 253.441547][ T4287] usb 3-1: can't read configurations, error -22 [ 253.460010][ T4287] usb usb3-port1: attempt power cycle [ 253.584181][ T6092] fuse: Bad value for 'fd' [ 253.913151][ T4287] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 254.072269][ T6105] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 254.117455][ T4287] usb 3-1: no configurations [ 254.124087][ T4287] usb 3-1: can't read configurations, error -22 [ 254.333229][ T4287] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 254.524790][ T4287] usb 3-1: no configurations [ 254.533610][ T4287] usb 3-1: can't read configurations, error -22 [ 254.551061][ T4287] usb usb3-port1: unable to enumerate USB device [ 256.165848][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.173288][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.513229][ T4318] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 257.717664][ T6206] sock: sock_set_timeout: `syz.1.576' (pid 6206) tries to set negative timeout [ 257.823392][ T4318] usb 3-1: no configurations [ 257.828304][ T4318] usb 3-1: can't read configurations, error -22 [ 258.023235][ T4318] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 258.343507][ T4318] usb 3-1: no configurations [ 258.348157][ T4318] usb 3-1: can't read configurations, error -22 [ 258.388042][ T4318] usb usb3-port1: attempt power cycle [ 258.409063][ T6224] fuse: Bad value for 'fd' [ 258.873170][ T4318] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 259.033338][ T4318] usb 3-1: no configurations [ 259.038021][ T4318] usb 3-1: can't read configurations, error -22 [ 259.263274][ T4318] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 259.413313][ T4318] usb 3-1: no configurations [ 259.418297][ T4318] usb 3-1: can't read configurations, error -22 [ 259.454469][ T4318] usb usb3-port1: unable to enumerate USB device [ 260.351276][ T6257] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 260.452569][ T6258] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 260.497382][ T6258] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 260.947738][ T6284] fuse: Bad value for 'fd' [ 262.413322][ T1110] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 262.447436][ T6301] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 262.486864][ T6301] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 262.703449][ T1110] usb 2-1: no configurations [ 262.708546][ T1110] usb 2-1: can't read configurations, error -22 [ 262.819851][ T6323] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 262.903186][ T1110] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 263.234166][ T1110] usb 2-1: no configurations [ 263.241351][ T1110] usb 2-1: can't read configurations, error -22 [ 263.256286][ T6339] syzkaller0: tun_chr_ioctl cmd 2147767507 [ 263.287018][ T6340] fuse: Bad value for 'fd' [ 263.291884][ T1110] usb usb2-port1: attempt power cycle [ 263.768079][ T1110] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 264.304421][ T1110] usb 2-1: no configurations [ 264.310450][ T1110] usb 2-1: can't read configurations, error -22 [ 264.504793][ T1110] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 264.653313][ T1110] usb 2-1: no configurations [ 264.659649][ T1110] usb 2-1: can't read configurations, error -22 [ 264.685527][ T1110] usb usb2-port1: unable to enumerate USB device [ 265.167501][ T6380] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 265.489796][ T6394] tap0: tun_chr_ioctl cmd 1074812117 [ 265.761714][ T6403] fuse: Bad value for 'fd' [ 266.783583][ T6202] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 266.849198][ T6432] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 267.363610][ T6202] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 267.385552][ T6440] loop3: detected capacity change from 0 to 512 [ 267.420090][ T6202] usb 5-1: can't read configurations, error -61 [ 267.629006][ T6442] loop2: detected capacity change from 0 to 256 [ 267.635896][ T6202] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 267.734877][ T6440] EXT4-fs (loop3): Ignoring removed orlov option [ 267.828426][ T6445] loop0: detected capacity change from 0 to 16 [ 267.886118][ T6440] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 267.909403][ T6445] erofs: (device loop0): mounted with root inode @ nid 36. [ 267.976949][ T6440] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 268.056066][ T6440] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2228: inode #15: comm syz.3.662: corrupted in-inode xattr [ 268.086941][ T6440] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.662: couldn't read orphan inode 15 (err -117) [ 268.100405][ T6440] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none. [ 268.343285][ T6202] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 268.350932][ T6202] usb 5-1: can't read configurations, error -61 [ 268.374025][ T6202] usb usb5-port1: attempt power cycle [ 268.833429][ T6202] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 268.900136][ T6472] loop2: detected capacity change from 0 to 256 [ 269.163229][ T6202] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 269.199728][ T6202] usb 5-1: can't read configurations, error -61 [ 269.434679][ T26] kauditd_printk_skb: 60 callbacks suppressed [ 269.434696][ T26] audit: type=1800 audit(1755008198.761:125): pid=6472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.670" name="file1" dev="loop2" ino=1048590 res=0 errno=0 [ 269.688477][ T6202] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 270.019518][ T6495] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 270.183336][ T6202] usb 5-1: device descriptor read/8, error -71 [ 270.214690][ T6502] netlink: 4 bytes leftover after parsing attributes in process `syz.2.677'. [ 270.330058][ T6202] usb usb5-port1: unable to enumerate USB device [ 270.380842][ T6506] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 271.128842][ T6506] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 271.503320][ T1110] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 271.593902][ T6518] loop2: detected capacity change from 0 to 2048 [ 271.716639][ T6518] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 271.768289][ T1110] usb 2-1: Using ep0 maxpacket: 16 [ 271.855776][ T6518] EXT4-fs error (device loop2): ext4_lookup:1858: inode #16: comm syz.2.683: iget: bad i_size value: 8796093031208 [ 271.874755][ T6519] loop3: detected capacity change from 0 to 2048 [ 271.893398][ T1110] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 271.950006][ T6519] loop3: p1 < > p3 [ 272.063442][ T1110] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 272.087245][ T1110] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 272.096980][ T1110] usb 2-1: Product: syz [ 272.101507][ T1110] usb 2-1: Manufacturer: syz [ 272.123537][ T1110] usb 2-1: SerialNumber: syz [ 272.124254][ T6519] loop3: p3 size 134217728 extends beyond EOD, [ 272.164986][ T1110] usb 2-1: config 0 descriptor?? [ 272.234882][ T1110] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 272.244257][ T6519] truncated [ 272.254349][ T1110] usb 2-1: Detected FT232RL [ 272.327042][ T6533] loop2: detected capacity change from 0 to 128 [ 272.394299][ T6533] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 272.453330][ T1110] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 272.467397][ T6533] ext4 filesystem being mounted at /116/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 272.483280][ T1110] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 272.503253][ T1110] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71 [ 272.521407][ T1110] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 272.533927][ T1110] usb 2-1: USB disconnect, device number 16 [ 272.566771][ T1110] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 272.582390][ T1110] ftdi_sio 2-1:0.0: device disconnected [ 272.630831][ T6533] syz.2.687 (pid 6533) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 273.115875][ T6546] loop0: detected capacity change from 0 to 1024 [ 273.183382][ T4250] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 273.335440][ T6547] loop1: detected capacity change from 0 to 1024 [ 273.643261][ T4250] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 273.662568][ T4250] usb 5-1: can't read configurations, error -61 [ 273.823172][ T4250] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 273.872326][ T6573] fuse: Bad value for 'fd' [ 274.233439][ T4250] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 274.243438][ T4250] usb 5-1: can't read configurations, error -61 [ 274.275187][ T4250] usb usb5-port1: attempt power cycle [ 274.478211][ T6581] loop3: detected capacity change from 0 to 1024 [ 274.599271][ T6581] ======================================================= [ 274.599271][ T6581] WARNING: The mand mount option has been deprecated and [ 274.599271][ T6581] and is ignored by this kernel. Remove the mand [ 274.599271][ T6581] option from the mount to silence this warning. [ 274.599271][ T6581] ======================================================= [ 274.703323][ T4250] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 275.008178][ T6585] loop1: detected capacity change from 0 to 128 [ 275.103423][ T4250] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 275.111513][ T4250] usb 5-1: can't read configurations, error -61 [ 275.303257][ T4250] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 275.361605][ T6596] loop2: detected capacity change from 0 to 512 [ 275.481038][ T6596] EXT4-fs (loop2): Ignoring removed nobh option [ 275.514526][ T6596] EXT4-fs (loop2): Test dummy encryption mode enabled [ 275.532006][ T6596] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 275.617431][ T6596] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.707: iget: bad i_size value: 38620345925642 [ 275.644678][ T6581] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodelalloc,nodioread_nolock,,errors=continue. Quota mode: none. [ 275.660005][ T4250] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 275.729686][ T6596] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.707: couldn't read orphan inode 15 (err -117) [ 275.744047][ T4250] usb 5-1: can't read configurations, error -61 [ 275.763609][ T6581] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 275.780472][ T4250] usb usb5-port1: unable to enumerate USB device [ 275.791337][ T6596] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,debug_want_extra_isize=0x0000000000000004,data_err=ignore,nojournal_checksum,dioread_nolock,test_dummy_encryption=v1,,errors=continue. Quota mode: writeback. [ 276.255720][ T6611] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 276.327675][ T6581] EXT4-fs error (device loop3): ext4_map_blocks:739: inode #15: block 1: comm syz.3.701: lblock 1 mapped to illegal pblock 1 (length 1) [ 276.544489][ T6624] fuse: Bad value for 'fd' [ 276.682441][ T6581] EXT4-fs error (device loop3): ext4_ext_remove_space:2929: inode #15: comm syz.3.701: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 276.842990][ T26] audit: type=1804 audit(1755008206.161:126): pid=6625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.701" name="/newroot/137/file1/file1" dev="loop3" ino=15 res=1 errno=0 [ 277.073385][ T4277] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 277.160580][ T6636] xt_hashlimit: max too large, truncated to 1048576 [ 277.453449][ T4277] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 277.633419][ T4277] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 277.657787][ T4277] usb 5-1: New USB device strings: Mfr=32, Product=0, SerialNumber=9 [ 277.683170][ T4277] usb 5-1: Manufacturer: syz [ 277.693437][ T4277] usb 5-1: SerialNumber: syz [ 277.710533][ T4277] usb 5-1: config 0 descriptor?? [ 277.965319][ T6651] loop2: detected capacity change from 0 to 8192 [ 277.976552][ T4277] usb 5-1: USB disconnect, device number 18 [ 278.026001][ T6651] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 278.036568][ T6651] UDF-fs: Scanning with blocksize 512 failed [ 278.063142][ T1110] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 278.078955][ T6651] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 278.098236][ T6651] UDF-fs: Scanning with blocksize 1024 failed [ 278.138339][ T6651] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 278.156899][ T6651] UDF-fs: Scanning with blocksize 2048 failed [ 278.188965][ T6651] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 278.324036][ T1110] usb 2-1: Using ep0 maxpacket: 32 [ 278.443477][ T1110] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 278.461400][ T1110] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 278.504979][ T1110] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 278.532287][ T1110] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 278.589932][ T1110] usb 2-1: config 0 descriptor?? [ 278.654275][ T1110] hub 2-1:0.0: USB hub found [ 278.723277][ T4250] Bluetooth: hci1: command 0x0406 tx timeout [ 278.733224][ T6202] Bluetooth: hci0: command 0x0406 tx timeout [ 278.745682][ T6202] Bluetooth: hci3: command 0x0406 tx timeout [ 278.760370][ T6661] loop3: detected capacity change from 0 to 1024 [ 278.766972][ T4250] Bluetooth: hci4: command 0x0406 tx timeout [ 278.789322][ T6667] loop4: detected capacity change from 0 to 256 [ 278.820892][ T4250] Bluetooth: hci2: command 0x0406 tx timeout [ 278.883254][ T1110] hub 2-1:0.0: 1 port detected [ 278.993250][ T4250] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 279.055546][ T6661] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 279.073439][ T6661] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 279.439747][ T26] audit: type=1800 audit(1755008208.761:127): pid=6675 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.725" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 279.655042][ T6678] netlink: 104 bytes leftover after parsing attributes in process `syz.4.729'. [ 279.723347][ T1110] hub 2-1:0.0: activate --> -90 [ 279.753293][ T4250] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 279.763351][ T4250] usb 3-1: can't read configurations, error -61 [ 279.902700][ T6681] fuse: Bad value for 'fd' [ 279.934459][ T4250] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 280.138938][ T4277] usb 2-1: USB disconnect, device number 17 [ 280.367614][ T6686] loop0: detected capacity change from 0 to 512 [ 281.207588][ T6686] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback. [ 281.223860][ T6686] ext4 filesystem being mounted at /syzcgroup/unified/syz0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 281.242333][ T4250] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 281.251506][ T4250] usb 3-1: can't read configurations, error -61 [ 281.258616][ T4250] usb usb3-port1: attempt power cycle [ 281.298286][ T6693] loop3: detected capacity change from 0 to 512 [ 281.390929][ T6686] EXT4-fs warning (device loop0): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 448 [ 281.418859][ T6686] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6183: Out of memory [ 281.439775][ T6686] EXT4-fs warning (device loop0): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 8192 [ 281.457446][ T6686] EXT4-fs error (device loop0) in ext4_free_inode:362: Out of memory [ 281.683233][ T4250] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 281.793356][ T6693] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback. [ 281.849488][ T6693] ext4 filesystem being mounted at /141/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 282.343215][ T4250] usb 3-1: device descriptor read/8, error -71 [ 282.718130][ T6731] fuse: Bad value for 'fd' [ 282.793211][ T7] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 283.121985][ T6738] netlink: 'syz.4.749': attribute type 4 has an invalid length. [ 283.140072][ T6738] netlink: 17 bytes leftover after parsing attributes in process `syz.4.749'. [ 283.233785][ T7] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 283.403422][ T7] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 283.431179][ T7] usb 1-1: New USB device strings: Mfr=32, Product=0, SerialNumber=9 [ 283.449893][ T7] usb 1-1: Manufacturer: syz [ 283.460862][ T7] usb 1-1: SerialNumber: syz [ 283.502067][ T7] usb 1-1: config 0 descriptor?? [ 283.512856][ T6745] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 283.530851][ T6745] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 283.615558][ T6754] cgroup: noprefix used incorrectly [ 283.776561][ T7] usb 1-1: USB disconnect, device number 10 [ 284.093406][ T4318] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 284.536499][ T6773] tipc: Resetting bearer [ 284.703335][ T4267] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 284.733436][ T4318] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 284.749380][ T4318] usb 4-1: config 0 has no interfaces? [ 284.755708][ T4318] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 284.765472][ T4318] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.782888][ T4318] usb 4-1: config 0 descriptor?? [ 285.107906][ T4267] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 285.201042][ T4267] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 285.231281][ T4267] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 285.252681][ T4267] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 285.269433][ T4267] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 285.281183][ T4267] usb 1-1: config 0 descriptor?? [ 285.443670][ T6688] EXT4-fs warning (device loop0): kmmpd:170: kmmpd being stopped since MMP feature has been disabled. [ 285.518044][ T6806] loop1: detected capacity change from 0 to 8 [ 285.630063][ T6803] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 285.651775][ T6803] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 285.766670][ T4267] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 285.829217][ T6812] loop1: detected capacity change from 0 to 2048 [ 285.838749][ T4267] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 285.864626][ T6765] kAFS: unable to lookup cell '.,' [ 285.917079][ T6812] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 285.931664][ T6818] loop2: detected capacity change from 0 to 256 [ 285.962886][ T6812] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 285.996998][ T6820] fuse: Bad value for 'fd' [ 286.048054][ T4250] usb 1-1: USB disconnect, device number 11 [ 286.159168][ T6819] fido_id[6819]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 286.215005][ T6818] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 286.307466][ T6818] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 286.402717][ T6818] exFAT-fs (loop2): error, failed to bmap (inode : ffff888074698160 iblock : 8, err : -5) [ 286.462421][ T6818] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 286.490000][ T6818] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 286.768078][ T6841] netlink: 'syz.2.775': attribute type 4 has an invalid length. [ 286.872522][ T6839] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 287.652357][ T6866] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 287.723018][ T6866] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 288.012534][ T6885] loop4: detected capacity change from 0 to 128 [ 288.246030][ T6885] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrjquota=,bsddf,,errors=continue. Quota mode: none. [ 288.263370][ T6885] ext4 filesystem being mounted at /186/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 288.727906][ T6885] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-avx2)" [ 288.750922][ T6904] netlink: 16 bytes leftover after parsing attributes in process `syz.0.789'. [ 288.840032][ T6909] netlink: 'syz.0.789': attribute type 4 has an invalid length. [ 289.160959][ T6921] fuse: Bad value for 'fd' [ 289.562309][ T6929] loop2: detected capacity change from 0 to 8192 [ 289.846308][ T6938] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 289.862711][ T6938] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 290.152602][ T6952] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 290.254509][ T6964] device batadv_slave_1 entered promiscuous mode [ 290.288453][ T6964] device batadv_slave_1 left promiscuous mode [ 290.519563][ T6976] loop2: detected capacity change from 0 to 764 [ 291.347757][ T6998] fuse: Bad value for 'fd' [ 291.623194][ T7000] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 291.632948][ T7000] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 292.876862][ T7021] loop4: detected capacity change from 0 to 512 [ 293.053739][ T7029] loop2: detected capacity change from 0 to 512 [ 293.124917][ T7021] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 293.171063][ T7029] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 293.220976][ T7021] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 293.258531][ T7029] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 293.316864][ T7029] EXT4-fs (loop2): 1 truncate cleaned up [ 293.338446][ T7029] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug_want_extra_isize=0x0000000000000032,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000000012,i_version,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none. [ 293.365651][ C1] vkms_vblank_simulate: vblank timer overrun [ 293.373970][ T26] audit: type=1800 audit(1755008222.701:128): pid=7021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.821" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 293.395038][ C1] vkms_vblank_simulate: vblank timer overrun [ 293.842170][ T7049] loop1: detected capacity change from 0 to 2048 [ 293.975598][ T7049] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 294.061520][ T4267] usb 4-1: USB disconnect, device number 8 [ 294.678651][ T7061] loop3: detected capacity change from 0 to 512 [ 294.984803][ T7067] fuse: Bad value for 'fd' [ 295.018390][ T7061] EXT4-fs (loop3): Ignoring removed nobh option [ 295.034592][ T7068] loop1: detected capacity change from 0 to 128 [ 295.158581][ T7061] EXT4-fs error (device loop3): ext4_do_update_inode:5204: inode #3: comm syz.3.833: corrupted inode contents [ 295.181564][ T7061] EXT4-fs (loop3): Remounting filesystem read-only [ 295.193036][ T7061] EXT4-fs error (device loop3): ext4_dirty_inode:6040: inode #3: comm syz.3.833: mark_inode_dirty error [ 295.220994][ T7061] EXT4-fs (loop3): Remounting filesystem read-only [ 295.263760][ T7061] EXT4-fs error (device loop3): ext4_do_update_inode:5204: inode #3: comm syz.3.833: corrupted inode contents [ 295.291399][ T7061] EXT4-fs (loop3): Remounting filesystem read-only [ 295.303446][ T7061] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #3: comm syz.3.833: mark_inode_dirty error [ 295.357759][ T7081] loop4: detected capacity change from 0 to 128 [ 295.382581][ T7061] EXT4-fs (loop3): Remounting filesystem read-only [ 295.442052][ T7081] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 295.447258][ T7061] Quota error (device loop3): write_blk: dquota write failed [ 295.465207][ T7081] ext4 filesystem being mounted at /196/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 295.484691][ T7061] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 295.495341][ T7061] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.833: Failed to acquire dquot type 0 [ 295.565274][ T7061] EXT4-fs (loop3): Remounting filesystem read-only [ 295.589694][ T7061] EXT4-fs error (device loop3): ext4_do_update_inode:5204: inode #16: comm syz.3.833: corrupted inode contents [ 295.621956][ T7061] EXT4-fs (loop3): Remounting filesystem read-only [ 295.689479][ T7086] loop1: detected capacity change from 0 to 1024 [ 295.708600][ T7061] EXT4-fs error (device loop3): ext4_dirty_inode:6040: inode #16: comm syz.3.833: mark_inode_dirty error [ 295.764811][ T7061] EXT4-fs (loop3): Remounting filesystem read-only [ 295.822868][ T7061] EXT4-fs error (device loop3): ext4_do_update_inode:5204: inode #16: comm syz.3.833: corrupted inode contents [ 295.879470][ T7061] EXT4-fs (loop3): Remounting filesystem read-only [ 295.998337][ T7061] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #16: comm syz.3.833: mark_inode_dirty error [ 296.091851][ T7097] usb usb7: usbfs: process 7097 (syz.2.842) did not claim interface 0 before use [ 296.103391][ T7097] usb usb7: usbfs: process 7097 (syz.2.842) did not claim interface 0 before use [ 296.431101][ T7061] EXT4-fs (loop3): Remounting filesystem read-only [ 296.771735][ T7061] EXT4-fs error (device loop3): ext4_do_update_inode:5204: inode #16: comm syz.3.833: corrupted inode contents [ 296.813285][ T7061] EXT4-fs (loop3): Remounting filesystem read-only [ 296.819834][ T7061] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 296.836496][ T7061] EXT4-fs (loop3): Remounting filesystem read-only [ 317.606800][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.613526][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 404.653207][ C0] ------------[ cut here ]------------ [ 404.660879][ C0] WARNING: CPU: 0 PID: 7101 at kernel/rcu/tree_stall.h:937 rcu_check_gp_start_stall+0x2dc/0x460 [ 404.671415][ C0] Modules linked in: [ 404.675323][ C0] CPU: 0 PID: 7101 Comm: syz.2.848 Not tainted 5.15.189-syzkaller #0 [ 404.683851][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 404.695175][ C0] RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460 [ 404.702335][ C0] Code: ff ff ff 48 c7 c7 00 2c 10 96 be 04 00 00 00 e8 1a fe 57 00 48 89 df b8 01 00 00 00 87 05 0c 01 ac 14 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff c0 07 12 8c 74 47 48 c7 c0 44 a2 69 8d 48 c1 e8 03 [ 404.722786][ C0] RSP: 0018:ffffc90000007bb8 EFLAGS: 00010046 [ 404.728881][ C0] RAX: 0000000000000000 RBX: ffffffff8c1207c0 RCX: ffffffff81642ae6 [ 404.736869][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8c1207c0 [ 404.745352][ C0] RBP: ffffc90000007e10 R08: 0000000000000004 R09: 0000000000000003 [ 404.754080][ C0] R10: fffffbfff2c20580 R11: 1ffffffff2c20580 R12: 0000000000002904 [ 404.762439][ C0] R13: ffffffff8c1207c0 R14: 0000000000000a02 R15: dffffc0000000000 [ 404.770876][ C0] FS: 0000555595126500(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 404.780583][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 404.787534][ C0] CR2: 000020000006b000 CR3: 000000007b1f4000 CR4: 00000000003526f0 [ 404.795777][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 404.803773][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 404.812523][ C0] Call Trace: [ 404.815803][ C0] [ 404.818647][ C0] rcu_core+0x5ef/0x15d0 [ 404.823111][ C0] ? lock_chain_count+0x20/0x20 [ 404.827983][ C0] ? _raw_spin_lock_irq+0xab/0xe0 [ 404.833383][ C0] ? rcu_is_watching+0x11/0xa0 [ 404.838258][ C0] ? _raw_spin_unlock_irq+0x1f/0x40 [ 404.843866][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 404.849752][ C0] ? local_bh_disable+0x20/0x20 [ 404.854641][ C0] ? __run_timers+0x770/0x7c0 [ 404.859527][ C0] ? __run_timers+0x73d/0x7c0 [ 404.864256][ C0] ? detach_timer+0x2b0/0x2b0 [ 404.869114][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 404.875118][ C0] ? detach_timer+0x2b0/0x2b0 [ 404.880017][ C0] ? sched_clock_cpu+0x15/0x3c0 [ 404.885251][ C0] ? ktime_get_real_ts64+0x420/0x420 [ 404.890862][ C0] handle_softirqs+0x328/0x820 [ 404.895909][ C0] ? __irq_exit_rcu+0x12f/0x220 [ 404.900818][ C0] ? do_softirq+0x200/0x200 [ 404.905886][ C0] ? irqtime_account_irq+0xb2/0x1b0 [ 404.911520][ C0] __irq_exit_rcu+0x12f/0x220 [ 404.916935][ C0] ? irq_exit_rcu+0x20/0x20 [ 404.921774][ C0] irq_exit_rcu+0x5/0x20 [ 404.926716][ C0] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 404.934301][ C0] [ 404.937685][ C0] [ 404.941096][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 404.947935][ C0] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40 [ 404.953751][ C0] Code: f6 ff 0f 1f 00 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 7e db aa f7 48 89 df e8 46 b0 ab f7 e8 91 46 cc f7 fb bf 01 00 00 00 76 d4 9f f7 65 8b 05 17 d4 50 76 85 c0 74 02 5b c3 e8 c4 de 4e [ 404.973514][ C0] RSP: 0018:ffffc9000340fbc0 EFLAGS: 00000282 [ 404.979762][ C0] RAX: 644b0a080ffdbf00 RBX: ffff8880736fdc80 RCX: 644b0a080ffdbf00 [ 404.987875][ C0] RDX: dffffc0000000000 RSI: ffffffff8a0b15c0 RDI: 0000000000000001 [ 404.996158][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: ffffed100e6dfb91 [ 405.004321][ C0] R10: ffffed100e6dfb91 R11: 1ffff1100e6dfb90 R12: ffff8880736fdc80 [ 405.012604][ C0] R13: 0000000000000021 R14: dffffc0000000000 R15: 000000001c000004 [ 405.022133][ C0] get_signal+0x11d6/0x12c0 [ 405.026745][ C0] arch_do_signal_or_restart+0xc1/0x1300 [ 405.032407][ C0] ? _copy_from_user+0x111/0x170 [ 405.037655][ C0] ? __ia32_sys_rt_sigreturn+0x660/0x790 [ 405.043736][ C0] ? load_gs_index+0x120/0x120 [ 405.048518][ C0] ? get_sigframe_size+0x10/0x10 [ 405.053695][ C0] ? exit_to_user_mode_loop+0x3b/0x130 [ 405.059368][ C0] exit_to_user_mode_loop+0x9e/0x130 [ 405.065009][ C0] exit_to_user_mode_prepare+0xb1/0x140 [ 405.070563][ C0] syscall_exit_to_user_mode+0x16/0x40 [ 405.076290][ C0] do_syscall_64+0x58/0xa0 [ 405.080906][ C0] ? clear_bhb_loop+0x30/0x80 [ 405.085663][ C0] ? clear_bhb_loop+0x30/0x80 [ 405.090362][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 405.096549][ C0] RIP: 0033:0x7f64de845be9 [ 405.101004][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 405.121253][ C0] RSP: 002b:00007ffd41e0c7a8 EFLAGS: 00000246 [ 405.127402][ C0] RAX: fffffffffffffffc RBX: 000000000004877e RCX: 00007f64de845be9 [ 405.135363][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f64dea6cfac [ 405.143324][ C0] RBP: 0000000000000032 R08: 00310b6f51dcd74c R09: 0000000641e0ca9f [ 405.151289][ C0] R10: 00007ffd41e0c8a0 R11: 0000000000000246 R12: 00007f64dea6cfac [ 405.159862][ C0] R13: 00007ffd41e0c8a0 R14: 00000000000487b0 R15: 00007ffd41e0c8c0 [ 405.167927][ C0] [ 405.170979][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 405.178482][ C0] CPU: 0 PID: 7101 Comm: syz.2.848 Not tainted 5.15.189-syzkaller #0 [ 405.186590][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 405.197095][ C0] Call Trace: [ 405.200374][ C0] [ 405.203207][ C0] dump_stack_lvl+0x168/0x230 [ 405.208002][ C0] ? show_regs_print_info+0x20/0x20 [ 405.213228][ C0] ? load_image+0x3b0/0x3b0 [ 405.217746][ C0] panic+0x2c9/0x7f0 [ 405.221727][ C0] ? bpf_jit_dump+0xd0/0xd0 [ 405.226430][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 405.232234][ C0] __warn+0x248/0x2b0 [ 405.236209][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 405.242127][ C0] report_bug+0x1b7/0x2e0 [ 405.246651][ C0] handle_bug+0x3a/0x70 [ 405.250827][ C0] exc_invalid_op+0x16/0x40 [ 405.255334][ C0] asm_exc_invalid_op+0x16/0x20 [ 405.260311][ C0] RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460 [ 405.266652][ C0] Code: ff ff ff 48 c7 c7 00 2c 10 96 be 04 00 00 00 e8 1a fe 57 00 48 89 df b8 01 00 00 00 87 05 0c 01 ac 14 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff c0 07 12 8c 74 47 48 c7 c0 44 a2 69 8d 48 c1 e8 03 [ 405.286660][ C0] RSP: 0018:ffffc90000007bb8 EFLAGS: 00010046 [ 405.292951][ C0] RAX: 0000000000000000 RBX: ffffffff8c1207c0 RCX: ffffffff81642ae6 [ 405.301138][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8c1207c0 [ 405.309206][ C0] RBP: ffffc90000007e10 R08: 0000000000000004 R09: 0000000000000003 [ 405.317270][ C0] R10: fffffbfff2c20580 R11: 1ffffffff2c20580 R12: 0000000000002904 [ 405.325450][ C0] R13: ffffffff8c1207c0 R14: 0000000000000a02 R15: dffffc0000000000 [ 405.334008][ C0] ? rcu_check_gp_start_stall+0x2c6/0x460 [ 405.340039][ C0] ? rcu_check_gp_start_stall+0x2c6/0x460 [ 405.346207][ C0] rcu_core+0x5ef/0x15d0 [ 405.350547][ C0] ? lock_chain_count+0x20/0x20 [ 405.355570][ C0] ? _raw_spin_lock_irq+0xab/0xe0 [ 405.360919][ C0] ? rcu_is_watching+0x11/0xa0 [ 405.365777][ C0] ? _raw_spin_unlock_irq+0x1f/0x40 [ 405.370974][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 405.376259][ C0] ? local_bh_disable+0x20/0x20 [ 405.381240][ C0] ? __run_timers+0x770/0x7c0 [ 405.386220][ C0] ? __run_timers+0x73d/0x7c0 [ 405.391025][ C0] ? detach_timer+0x2b0/0x2b0 [ 405.395865][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 405.402183][ C0] ? detach_timer+0x2b0/0x2b0 [ 405.406941][ C0] ? sched_clock_cpu+0x15/0x3c0 [ 405.411947][ C0] ? ktime_get_real_ts64+0x420/0x420 [ 405.417215][ C0] handle_softirqs+0x328/0x820 [ 405.422047][ C0] ? __irq_exit_rcu+0x12f/0x220 [ 405.426876][ C0] ? do_softirq+0x200/0x200 [ 405.431359][ C0] ? irqtime_account_irq+0xb2/0x1b0 [ 405.436798][ C0] __irq_exit_rcu+0x12f/0x220 [ 405.441855][ C0] ? irq_exit_rcu+0x20/0x20 [ 405.446464][ C0] irq_exit_rcu+0x5/0x20 [ 405.450962][ C0] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 405.456815][ C0] [ 405.459827][ C0] [ 405.462763][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 405.469039][ C0] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40 [ 405.474955][ C0] Code: f6 ff 0f 1f 00 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 7e db aa f7 48 89 df e8 46 b0 ab f7 e8 91 46 cc f7 fb bf 01 00 00 00 76 d4 9f f7 65 8b 05 17 d4 50 76 85 c0 74 02 5b c3 e8 c4 de 4e [ 405.496465][ C0] RSP: 0018:ffffc9000340fbc0 EFLAGS: 00000282 [ 405.502701][ C0] RAX: 644b0a080ffdbf00 RBX: ffff8880736fdc80 RCX: 644b0a080ffdbf00 [ 405.510820][ C0] RDX: dffffc0000000000 RSI: ffffffff8a0b15c0 RDI: 0000000000000001 [ 405.519443][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: ffffed100e6dfb91 [ 405.527523][ C0] R10: ffffed100e6dfb91 R11: 1ffff1100e6dfb90 R12: ffff8880736fdc80 [ 405.535652][ C0] R13: 0000000000000021 R14: dffffc0000000000 R15: 000000001c000004 [ 405.543642][ C0] get_signal+0x11d6/0x12c0 [ 405.548151][ C0] arch_do_signal_or_restart+0xc1/0x1300 [ 405.554475][ C0] ? _copy_from_user+0x111/0x170 [ 405.559883][ C0] ? __ia32_sys_rt_sigreturn+0x660/0x790 [ 405.565897][ C0] ? load_gs_index+0x120/0x120 [ 405.570665][ C0] ? get_sigframe_size+0x10/0x10 [ 405.575620][ C0] ? exit_to_user_mode_loop+0x3b/0x130 [ 405.581177][ C0] exit_to_user_mode_loop+0x9e/0x130 [ 405.586466][ C0] exit_to_user_mode_prepare+0xb1/0x140 [ 405.592032][ C0] syscall_exit_to_user_mode+0x16/0x40 [ 405.598071][ C0] do_syscall_64+0x58/0xa0 [ 405.603063][ C0] ? clear_bhb_loop+0x30/0x80 [ 405.607915][ C0] ? clear_bhb_loop+0x30/0x80 [ 405.612804][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 405.618903][ C0] RIP: 0033:0x7f64de845be9 [ 405.623338][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 405.643832][ C0] RSP: 002b:00007ffd41e0c7a8 EFLAGS: 00000246 [ 405.650105][ C0] RAX: fffffffffffffffc RBX: 000000000004877e RCX: 00007f64de845be9 [ 405.658068][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f64dea6cfac [ 405.666217][ C0] RBP: 0000000000000032 R08: 00310b6f51dcd74c R09: 0000000641e0ca9f [ 405.674181][ C0] R10: 00007ffd41e0c8a0 R11: 0000000000000246 R12: 00007f64dea6cfac [ 405.682763][ C0] R13: 00007ffd41e0c8a0 R14: 00000000000487b0 R15: 00007ffd41e0c8c0 [ 405.690911][ C0] [ 406.807013][ C0] Shutting down cpus with NMI [ 406.812340][ C0] Kernel Offset: disabled [ 406.817642][ C0] Rebooting in 86400 seconds..