last executing test programs: 7.579808637s ago: executing program 3 (id=16595): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r3, &(0x7f00000075c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=ANY=[], 0x50}}], 0x1, 0x40804) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$sock(r5, &(0x7f0000000240)={&(0x7f00000000c0)=@ax25={{0x3, @default, 0x7}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default]}, 0x80, 0x0}, 0x8) 7.423510762s ago: executing program 3 (id=16598): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x800, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, 0x0) 7.233311672s ago: executing program 3 (id=16601): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) 5.144418842s ago: executing program 2 (id=16624): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto(r5, 0x0, 0x0, 0x1, 0x0, 0x0) unshare(0x62020680) 5.101115616s ago: executing program 3 (id=16625): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x529ae000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) ioctl$F2FS_IOC_GET_FEATURES(r2, 0x8004f50c, &(0x7f0000000080)) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000100000027bf0000000500"], 0x48) mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x3, 0x13, r3, 0x0) mremap(&(0x7f0000fa4000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000fa2000/0x1000)=nil) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x0) syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x10000, &(0x7f00000003c0)=ANY=[], 0x3, 0x18c, &(0x7f00000004c0)="$eJzskr9OKkEUxr9Zln83wL03saKBgvinUJZFjYWJltjbaUNgReKiwpIohGKNMRQWxtLGzvAgvoAWhgegpiDWZs3MnF1X4hs4v4Jvzpk5Z74z7LHTduIAPmaDGnYhiCCDV5aEDiDHZG6qSb0nfSO9k4IXOrdH+WvSbBoBefwHsk6vf1K1bauTB/AuckHK2bnSMBWtxrNBjS8eQw3qAD+OFKaMmxtHZL4NwPM8T1yoAwtiCC/ow8/yYAlAsds6Lzq9/mqzVW1YDevUjJQ3jXXD2DCLR03bMuQvC9mgUcB15SmFMHw/CuDGf7o5mG8tKeM/AEviIKiNAU1ejwybLxX4Y/mapmt4bRxfl+5jEQkAFy4LZQvCtQ4xUgUM24cyKOkhf3K2hNhYq53Z9SEYmF82gs57kH9Eg4bmJBSUt1zyhiGdLJBWSEekE9Lc3Ceju9z0LUXLLhDDZbXb7ZRiAK2YvzKDnPnPRegP4rc+aN+G+/us/fi24sEUCoVCoVAoFAqF4pfwGQAA///wlW0A") 4.779293349s ago: executing program 2 (id=16629): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r5 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000380)={'team_slave_0\x00', 0x0}) 4.56979083s ago: executing program 2 (id=16630): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = userfaultfd(0x801) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298}) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 3.197205288s ago: executing program 3 (id=16635): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) 3.133044655s ago: executing program 2 (id=16636): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0xb, 0x84) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/fscaps', 0x40, 0x114) 2.958136862s ago: executing program 2 (id=16637): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0) ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') sendmmsg$inet6(r4, &(0x7f0000000700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) rt_tgsigqueueinfo(0x0, 0x0, 0xb, &(0x7f0000000000)={0x200c, 0x3, 0x4}) 2.640701074s ago: executing program 1 (id=16642): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x10000002]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, &(0x7f00000000c0)={@local, 0x23}) 2.497370929s ago: executing program 1 (id=16644): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = getpid() r5 = syz_pidfd_open(r4, 0x0) r6 = pidfd_getfd(r5, r5, 0x0) setns(r6, 0x66020000) syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0) 2.412368917s ago: executing program 0 (id=16645): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c010000150001002cbd7000fbdbdf256401010100000000000000000000000000000000000000000000ffff7f0000014e240a874e210009020020a02f", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="0000000002"], 0x15c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 2.033946825s ago: executing program 0 (id=16647): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES8, @ANYRES8=r1, @ANYRES32=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r5 = fcntl$dupfd(r4, 0x0, r2) sendmsg$nl_generic(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x4040841) getresgid(0x0, 0x0, 0x0) 1.745020414s ago: executing program 0 (id=16649): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x88fd537e5c114b6c, 0x11, r6, 0x0) 1.673720292s ago: executing program 4 (id=16650): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0) 1.372122192s ago: executing program 0 (id=16651): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r3, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_clone3(&(0x7f0000000140)={0x4000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x2}, 0x7a) 1.296902569s ago: executing program 1 (id=16652): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6f, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r3, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) accept$inet6(r6, 0x0, 0x0) 1.059152384s ago: executing program 4 (id=16653): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r3, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_clone3(&(0x7f0000000140)={0x4000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x2}, 0x7a) 1.031847096s ago: executing program 1 (id=16654): rt_sigaction(0xd, 0x0, 0x0, 0x8, &(0x7f0000000300)) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(r4, 0x891a, &(0x7f0000000080)={'veth0\x00', {0x2, 0x4e20, @rand_addr=0x64010101}}) 710.637699ms ago: executing program 4 (id=16655): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r2, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r4, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r4, 0x0, 0x0, 0x80, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) 646.420155ms ago: executing program 3 (id=16656): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) 533.768686ms ago: executing program 0 (id=16657): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_udp(0xa, 0x2, 0x0) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, r4, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x6, @private0}}}, 0x3a) r6 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}, 0x1, 0x1}}, 0x2e) 486.302791ms ago: executing program 2 (id=16658): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r4, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) 440.994396ms ago: executing program 1 (id=16659): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x80) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x4206, r4) ptrace(0x4207, r4) ptrace(0x4208, r4) 419.270358ms ago: executing program 4 (id=16660): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = dup(r0) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4004}, 0x10000) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r3, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet_tcp(0x2, 0x1, 0x0) 221.652888ms ago: executing program 0 (id=16661): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x4000) setresuid(r4, r4, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) 172.886713ms ago: executing program 4 (id=16662): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r2, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) times(0x0) 61.471534ms ago: executing program 1 (id=16663): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000000200), 0x1, 0x4) socket$pppl2tp(0x18, 0x1, 0x1) 0s ago: executing program 4 (id=16664): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000500)={0xa, 0x4e22, 0xc, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5}, 0x1c) connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) r5 = fcntl$dupfd(r4, 0x406, r4) sendmsg$AUDIT_DEL_RULE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[], 0x420}, 0x1, 0x0, 0x0, 0x4810}, 0x400c890) read$FUSE(r5, &(0x7f00000036c0)={0x2020}, 0x2020) kernel console output (not intermixed with test programs): ode [ 959.213568][T27528] overlayfs: missing 'lowerdir' [ 961.874998][T27546] overlayfs: overlapping lowerdir path [ 962.836162][T27584] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10124'. [ 963.089663][T27591] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 963.105949][T27594] 9pnet_fd: Insufficient options for proto=fd [ 963.763257][T27597] tmpfs: Bad value for 'mpol' [ 963.825912][T27600] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10132'. [ 963.913744][T27606] overlayfs: failed to clone lowerpath [ 964.245623][T27611] can: request_module (can-proto-0) failed. [ 964.753083][ T26] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 964.957197][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 964.977138][ T26] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 964.991956][ T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 965.002353][ T26] usb 3-1: config 0 descriptor?? [ 965.083726][T27669] 9pnet_fd: Insufficient options for proto=fd [ 965.181268][T27673] netlink: 140 bytes leftover after parsing attributes in process `syz.0.10165'. [ 965.220074][ T26] usbhid 3-1:0.0: can't add hid device: -71 [ 965.240258][ T26] usbhid: probe of 3-1:0.0 failed with error -71 [ 965.248890][ T26] usb 3-1: USB disconnect, device number 12 [ 965.270752][T27676] loop4: detected capacity change from 0 to 1024 [ 965.281422][T27676] EXT4-fs: Ignoring removed nomblk_io_submit option [ 965.294835][T27676] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 965.308361][T27676] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 965.316978][T27676] System zones: 0-1, 3-36 [ 965.326306][T27676] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 965.395306][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 965.500422][T27687] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10169'. [ 965.719321][T27695] tmpfs: Bad value for 'mpol' [ 965.803519][ T27] audit: type=1326 audit(2000000913.089:3003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27696 comm="syz.0.10174" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f98d498f6c9 code=0x0 [ 965.879305][T27703] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10176'. [ 966.195339][T27718] loop2: detected capacity change from 0 to 512 [ 966.211947][T27718] EXT4-fs: Ignoring removed mblk_io_submit option [ 966.223761][T27718] EXT4-fs: inline encryption not supported [ 966.229813][T27718] EXT4-fs: Ignoring removed mblk_io_submit option [ 966.255418][T27718] EXT4-fs (loop2): Test dummy encryption mode enabled [ 966.277811][T27718] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 966.335847][T27718] EXT4-fs (loop2): 1 truncate cleaned up [ 966.341605][T27718] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 967.071780][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 967.702823][ T26] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 967.768001][T27750] tipc: Failed to remove unknown binding: 66,1,1/4:857075398/857075400 [ 967.915749][T27752] tipc: Failed to remove unknown binding: 66,1,1/4:857075398/857075400 [ 967.968869][T27752] tipc: Failed to remove unknown binding: 66,1,1/4:857075398/857075400 [ 968.455490][ T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 968.476840][ T26] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 968.493403][ T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 968.519953][ T26] usb 5-1: config 0 descriptor?? [ 968.659947][T27766] loop2: detected capacity change from 0 to 512 [ 968.693098][T27766] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 968.731856][ T26] usbhid 5-1:0.0: can't add hid device: -71 [ 968.746472][ T26] usbhid: probe of 5-1:0.0 failed with error -71 [ 968.754596][T27766] EXT4-fs (loop2): orphan cleanup on readonly fs [ 968.761158][T27766] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:511: comm syz.2.10207: Block bitmap for bg 0 marked uninitialized [ 968.771021][ T26] usb 5-1: USB disconnect, device number 8 [ 968.833224][T27766] EXT4-fs (loop2): Remounting filesystem read-only [ 968.852868][T27766] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 968.892147][T27766] EXT4-fs (loop2): Remounting filesystem read-only [ 968.923313][T27766] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:511: comm syz.2.10207: Block bitmap for bg 0 marked uninitialized [ 968.947327][T27766] EXT4-fs (loop2): Remounting filesystem read-only [ 968.956054][T27766] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 968.966464][T27766] EXT4-fs (loop2): Remounting filesystem read-only [ 968.974163][T27766] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:511: comm syz.2.10207: Block bitmap for bg 0 marked uninitialized [ 969.113468][T27766] EXT4-fs (loop2): Remounting filesystem read-only [ 969.120066][T27766] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 969.138661][T27766] EXT4-fs (loop2): Remounting filesystem read-only [ 969.145441][T27766] EXT4-fs (loop2): 1 orphan inode deleted [ 969.151331][T27766] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 969.953082][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 970.051224][T27792] overlayfs: failed to clone upperpath [ 970.683744][T27827] tipc: Failed to remove unknown binding: 66,1,1/0:3884047939/3884047941 [ 970.694073][T27827] tipc: Failed to remove unknown binding: 66,1,1/0:3884047939/3884047941 [ 970.702547][T27827] tipc: Failed to remove unknown binding: 66,1,1/0:3884047939/3884047941 [ 972.048196][T27853] random: crng reseeded on system resumption [ 972.955004][T27891] netlink: 148 bytes leftover after parsing attributes in process `syz.3.10261'. [ 973.135006][T27897] netlink: 'syz.2.10263': attribute type 12 has an invalid length. [ 973.380527][T27909] random: crng reseeded on system resumption [ 974.389420][T27924] netlink: 236 bytes leftover after parsing attributes in process `syz.4.10276'. [ 977.611939][T27984] loop4: detected capacity change from 0 to 2048 [ 977.659017][T27984] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 977.748503][T27981] 9pnet: Could not find request transport: 0x0000000000000004 [ 978.285124][T28005] netlink: 40 bytes leftover after parsing attributes in process `syz.4.10307'. [ 980.122028][T28045] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10325'. [ 980.133223][T28045] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10325'. [ 980.190622][T28050] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10327'. [ 980.263685][T28054] 9pnet_fd: Insufficient options for proto=fd [ 981.500550][T28072] netlink: 192 bytes leftover after parsing attributes in process `syz.0.10336'. [ 981.785340][T28082] 9p: Unknown access argument a: -22 [ 983.241117][T28136] 9pnet: Could not find request transport: 0x0000000000000004 [ 983.451254][T28145] netlink: 'syz.2.10371': attribute type 4 has an invalid length. [ 983.461398][T28145] netlink: 152 bytes leftover after parsing attributes in process `syz.2.10371'. [ 983.510972][T28145] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 984.281381][T28175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10383'. [ 986.372595][T28231] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10410'. [ 986.382163][T28231] netlink: 24 bytes leftover after parsing attributes in process `syz.1.10410'. [ 986.410010][T28231] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10410'. [ 986.419192][T28231] netlink: 24 bytes leftover after parsing attributes in process `syz.1.10410'. [ 986.924174][T28251] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10419'. [ 986.953073][T28251] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10419'. [ 987.176695][ T27] audit: type=1326 audit(2000000934.459:3004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28264 comm="syz.1.10427" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3f1238f6c9 code=0x0 [ 987.617391][T28284] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10437'. [ 987.636995][T28284] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10437'. [ 988.185031][T28301] loop4: detected capacity change from 0 to 128 [ 988.593314][ T27] audit: type=1800 audit(2000000935.549:3005): pid=28301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.10441" name="bus" dev="loop4" ino=1048734 res=0 errno=0 [ 990.891256][T28333] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10455'. [ 991.520560][ T27] audit: type=1326 audit(2000000938.799:3006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28366 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 991.568665][ T27] audit: type=1326 audit(2000000938.799:3007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28366 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 991.597881][ T27] audit: type=1326 audit(2000000938.799:3008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28366 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2e5778f703 code=0x7ffc0000 [ 991.640343][ T27] audit: type=1326 audit(2000000938.799:3009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28366 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2e5778e17f code=0x7ffc0000 [ 991.666871][ T27] audit: type=1326 audit(2000000938.799:3010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28366 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2e5778f757 code=0x7ffc0000 [ 991.768607][ T27] audit: type=1326 audit(2000000938.799:3011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28366 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2e5778df10 code=0x7ffc0000 [ 991.795642][ T27] audit: type=1326 audit(2000000938.799:3012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28366 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2e5778e32a code=0x7ffc0000 [ 991.863276][ T27] audit: type=1326 audit(2000000938.799:3013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28366 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 992.874650][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 992.886483][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.313038][T28420] random: crng reseeded on system resumption [ 994.212174][T28457] netlink: 40 bytes leftover after parsing attributes in process `syz.1.10512'. [ 995.760528][T28477] loop4: detected capacity change from 0 to 2048 [ 995.826596][T28477] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 997.025564][T28489] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10523'. [ 997.279456][T28497] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10528'. [ 997.835191][T28521] lo: Caught tx_queue_len zero misconfig [ 999.899908][T28571] overlayfs: missing 'workdir' [ 1001.126685][ T27] kauditd_printk_skb: 2 callbacks suppressed [ 1001.126699][ T27] audit: type=1326 audit(2000000948.409:3016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28593 comm="syz.4.10571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1001.201397][ T27] audit: type=1326 audit(2000000948.409:3017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28593 comm="syz.4.10571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1001.275341][ T27] audit: type=1326 audit(2000000948.409:3018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28593 comm="syz.4.10571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1001.332788][ T27] audit: type=1326 audit(2000000948.409:3019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28593 comm="syz.4.10571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1001.378243][ T27] audit: type=1326 audit(2000000948.409:3020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28593 comm="syz.4.10571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1001.409375][ T27] audit: type=1326 audit(2000000948.409:3021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28593 comm="syz.4.10571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1001.459066][ T27] audit: type=1326 audit(2000000948.409:3022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28593 comm="syz.4.10571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1001.503609][ T27] audit: type=1326 audit(2000000948.409:3023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28593 comm="syz.4.10571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1001.526135][ C1] vkms_vblank_simulate: vblank timer overrun [ 1001.621025][ T27] audit: type=1326 audit(2000000948.419:3024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28593 comm="syz.4.10571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1001.643588][ C1] vkms_vblank_simulate: vblank timer overrun [ 1001.687532][ T27] audit: type=1326 audit(2000000948.419:3025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28593 comm="syz.4.10571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1001.710050][ C1] vkms_vblank_simulate: vblank timer overrun [ 1001.755388][T28612] loop4: detected capacity change from 0 to 128 [ 1001.785992][T28612] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1001.823789][T28612] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1001.855832][T28616] netlink: 188 bytes leftover after parsing attributes in process `syz.1.10582'. [ 1002.540197][T28639] autofs4:pid:28639:autofs_fill_super: called with bogus options [ 1004.755070][T28672] netlink: 'syz.3.10603': attribute type 4 has an invalid length. [ 1004.771605][T28672] netlink: 17 bytes leftover after parsing attributes in process `syz.3.10603'. [ 1005.157862][T28688] 9pnet_fd: Insufficient options for proto=fd [ 1006.177934][T28727] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10631'. [ 1006.459514][T28743] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10637'. [ 1006.482822][T28743] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10637'. [ 1006.583884][T28743] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10637'. [ 1006.603267][T28743] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10637'. [ 1007.496435][T28787] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1007.513650][T28787] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1007.586518][T28787] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1009.615452][T28801] netlink: 'syz.4.10662': attribute type 4 has an invalid length. [ 1009.635747][T28801] netlink: 17 bytes leftover after parsing attributes in process `syz.4.10662'. [ 1010.602219][T28841] loop2: detected capacity change from 0 to 128 [ 1011.037802][ T27] kauditd_printk_skb: 18 callbacks suppressed [ 1011.038204][ T27] audit: type=1800 audit(2000000958.029:3044): pid=28841 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.10676" name="bus" dev="loop2" ino=1048736 res=0 errno=0 [ 1014.013397][T28874] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10694'. [ 1014.031976][T28874] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10694'. [ 1014.085417][T28874] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10694'. [ 1014.095924][T28874] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10694'. [ 1014.215567][T28885] tipc: Failed to remove unknown binding: 66,1,1/0:712703151/712703153 [ 1014.284804][T28887] tipc: Failed to remove unknown binding: 66,1,1/0:712703151/712703153 [ 1014.306178][T28887] tipc: Failed to remove unknown binding: 66,1,1/0:712703151/712703153 [ 1015.168233][T28908] loop2: detected capacity change from 0 to 8 [ 1015.424067][T28918] syz.4.10715[28918] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1015.424171][T28918] syz.4.10715[28918] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1017.237503][T28963] tipc: Enabled bearer , priority 0 [ 1017.258898][T28963] device syzkaller0 entered promiscuous mode [ 1017.360924][T28971] syz.0.10744[28971] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1017.361078][T28971] syz.0.10744[28971] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1017.368695][T28963] tipc: Resetting bearer [ 1017.449120][T28962] tipc: Resetting bearer [ 1017.496780][T28962] tipc: Disabling bearer [ 1018.551060][T28992] overlayfs: failed to clone lowerpath [ 1019.066904][T29006] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10753'. [ 1020.478537][T29041] autofs4:pid:29041:autofs_fill_super: called with bogus options [ 1030.755281][T29217] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10840'. [ 1031.880766][T29250] netlink: 'syz.0.10856': attribute type 1 has an invalid length. [ 1033.718998][T29314] tipc: Failed to remove unknown binding: 66,1,1/8432298:2164921715/2164921717 [ 1033.792491][T29323] tipc: Failed to remove unknown binding: 66,1,1/8432298:2164921715/2164921717 [ 1033.815013][T29323] tipc: Failed to remove unknown binding: 66,1,1/8432298:2164921715/2164921717 [ 1034.019011][T29335] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10891'. [ 1034.401589][T29350] autofs4:pid:29350:autofs_fill_super: called with bogus options [ 1037.191406][T29402] netlink: 32 bytes leftover after parsing attributes in process `syz.2.10918'. [ 1037.471268][T29418] netlink: 'syz.4.10927': attribute type 4 has an invalid length. [ 1037.489578][T29418] netlink: 17 bytes leftover after parsing attributes in process `syz.4.10927'. [ 1038.044489][T29438] tipc: Failed to remove unknown binding: 66,1,1/4:1347557742/1347557744 [ 1038.133366][T29445] tipc: Failed to remove unknown binding: 66,1,1/4:1347557742/1347557744 [ 1038.162281][T29445] tipc: Failed to remove unknown binding: 66,1,1/4:1347557742/1347557744 [ 1038.283914][T29451] netlink: 'syz.0.10940': attribute type 4 has an invalid length. [ 1038.297594][T29451] netlink: 17 bytes leftover after parsing attributes in process `syz.0.10940'. [ 1038.591233][T29462] loop2: detected capacity change from 0 to 512 [ 1038.608540][T29462] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1039.225160][T29462] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz.2.10945: invalid indirect mapped block 4294967295 (level 0) [ 1039.387382][T29462] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz.2.10945: invalid indirect mapped block 4294967295 (level 1) [ 1039.414999][T29462] EXT4-fs (loop2): 1 orphan inode deleted [ 1039.420851][T29462] EXT4-fs (loop2): 1 truncate cleaned up [ 1039.428294][T29462] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1039.579437][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1039.811874][T29491] autofs4:pid:29491:autofs_fill_super: called with bogus options [ 1040.484969][T29498] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10958'. [ 1040.684121][T29507] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10964'. [ 1040.967527][T29518] netlink: 104 bytes leftover after parsing attributes in process `syz.1.10969'. [ 1041.761367][T29555] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1044.741573][T29599] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11003'. [ 1044.761093][T29599] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11003'. [ 1044.811721][T29599] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11003'. [ 1044.832941][T29599] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11003'. [ 1044.928036][T29611] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11006'. [ 1046.553287][T29661] autofs4:pid:29661:autofs_fill_super: called with bogus options [ 1048.029250][T29699] overlayfs: missing 'workdir' [ 1048.524385][T29725] cgroup: Invalid name [ 1050.041890][T29782] loop4: detected capacity change from 0 to 2048 [ 1050.400025][T29782] Alternate GPT is invalid, using primary GPT. [ 1050.449643][T29782] loop4: p2 p3 p7 [ 1050.728374][T29791] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11087'. [ 1050.752920][T29791] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11087'. [ 1050.793750][T29791] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11087'. [ 1050.807469][T29791] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11087'. [ 1050.868486][T17454] udevd[17454]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory [ 1050.874226][T17606] udevd[17606]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 1050.883128][T20251] udevd[20251]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 1050.960660][T29798] netlink: 76 bytes leftover after parsing attributes in process `syz.3.11091'. [ 1051.334026][T29818] netlink: 'syz.3.11100': attribute type 1 has an invalid length. [ 1051.379240][T29818] 8021q: adding VLAN 0 to HW filter on device bond4 [ 1051.485314][T29825] bond4: (slave veth9): Enslaving as an active interface with a down link [ 1051.583558][T29818] device dummy0 left promiscuous mode [ 1051.607904][T29818] bond4: (slave dummy0): making interface the new active one [ 1051.829197][T29818] device dummy0 entered promiscuous mode [ 1051.935360][T29818] bond4: (slave dummy0): Enslaving as an active interface with an up link [ 1052.064051][T24300] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready [ 1052.342540][T29836] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1052.364203][T29836] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1053.044912][T29864] overlayfs: failed to clone lowerpath [ 1053.096439][T29865] overlayfs: failed to clone lowerpath [ 1054.314814][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.321213][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.966166][T23376] Bluetooth: hci4: unexpected event for opcode 0x080b [ 1055.171333][ T1222] block nbd2: Attempted send on invalid socket [ 1055.177980][ T1222] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2 [ 1055.189643][T29912] XFS (nbd2): SB validate failed with error -5. [ 1055.469270][T29937] netlink: 40 bytes leftover after parsing attributes in process `syz.3.11147'. [ 1055.823219][T29930] netlink: 'syz.4.11143': attribute type 1 has an invalid length. [ 1055.889037][T29949] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11151'. [ 1055.974211][T29949] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11151'. [ 1056.581796][T29984] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11176'. [ 1056.748859][T29992] overlayfs: failed to clone upperpath [ 1056.955469][T30000] netlink: 'syz.4.11172': attribute type 4 has an invalid length. [ 1057.002134][T30000] netlink: 'syz.4.11172': attribute type 5 has an invalid length. [ 1057.032573][T30000] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.11172'. [ 1058.119093][T29991] netlink: 'syz.2.11167': attribute type 1 has an invalid length. [ 1058.479700][T30033] fuse: Bad value for 'fd' [ 1059.033145][T23376] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 1059.042600][T23376] Bluetooth: hci4: Injecting HCI hardware error event [ 1059.051920][ T4286] Bluetooth: hci4: hardware error 0x00 [ 1061.203004][ T4286] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1061.733265][T30119] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11223'. [ 1061.742302][T30119] netlink: 24 bytes leftover after parsing attributes in process `syz.4.11223'. [ 1061.781110][T30119] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11223'. [ 1061.792790][T30119] netlink: 24 bytes leftover after parsing attributes in process `syz.4.11223'. [ 1061.822434][T30102] netlink: 'syz.3.11217': attribute type 1 has an invalid length. [ 1062.487523][T30140] 9pnet: Could not find request transport: 00000000000000000004 [ 1063.200280][T30178] loop2: detected capacity change from 0 to 512 [ 1063.234226][T30178] EXT4-fs: Ignoring removed oldalloc option [ 1063.246268][T30175] 9pnet: Could not find request transport: 0xffffffffffffffff [ 1063.273035][T30178] EXT4-fs error (device loop2): ext4_xattr_inode_iget:400: comm syz.2.11248: Parent and EA inode have the same ino 15 [ 1063.304796][T30178] EXT4-fs (loop2): Remounting filesystem read-only [ 1063.311614][T30178] EXT4-fs (loop2): 1 orphan inode deleted [ 1063.328350][T30178] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1063.395711][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1063.524251][ T4496] device dummy0 left promiscuous mode [ 1063.829728][T30195] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11254'. [ 1063.965207][T30195] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11254'. [ 1066.492872][T30254] netlink: 'syz.0.11281': attribute type 11 has an invalid length. [ 1066.509785][T30254] netlink: 32 bytes leftover after parsing attributes in process `syz.0.11281'. [ 1066.677135][ T27] audit: type=1326 audit(2000001014.967:3045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30261 comm="syz.3.11285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1066.732348][ T27] audit: type=1326 audit(2000001014.987:3046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30261 comm="syz.3.11285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1066.795622][ T27] audit: type=1326 audit(2000001014.987:3047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30261 comm="syz.3.11285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1066.939957][T30274] netlink: 88 bytes leftover after parsing attributes in process `syz.4.11291'. [ 1067.006844][ T27] audit: type=1326 audit(2000001015.297:3048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30261 comm="syz.3.11285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1067.049959][ T27] audit: type=1326 audit(2000001015.317:3049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30261 comm="syz.3.11285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1068.658530][T30316] loop2: detected capacity change from 0 to 512 [ 1068.688639][T30316] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1068.739414][T30316] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz.2.11308: invalid indirect mapped block 4294967295 (level 0) [ 1068.760114][T30316] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz.2.11308: invalid indirect mapped block 4294967295 (level 1) [ 1068.775465][T30316] EXT4-fs (loop2): 1 orphan inode deleted [ 1068.781223][T30316] EXT4-fs (loop2): 1 truncate cleaned up [ 1068.787282][T30316] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1068.834697][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1070.211234][T30394] mkiss: ax0: crc mode is auto. [ 1073.984389][T30442] device vlan2 entered promiscuous mode [ 1073.989985][T30442] device bridge0 entered promiscuous mode [ 1074.118891][T30449] netlink: 24 bytes leftover after parsing attributes in process `syz.4.11365'. [ 1074.171859][T30453] 9pnet_fd: Insufficient options for proto=fd [ 1074.368188][T30461] netlink: 536 bytes leftover after parsing attributes in process `syz.4.11370'. [ 1074.530414][T30469] overlayfs: overlapping lowerdir path [ 1076.780310][T30548] overlayfs: unrecognized mount option "uuid=null" or missing value [ 1077.297222][T30582] 9pnet_fd: Insufficient options for proto=fd [ 1079.237953][T30666] loop2: detected capacity change from 0 to 128 [ 1079.579590][T30676] 9pnet_fd: Insufficient options for proto=fd [ 1081.339388][T30705] 9pnet: p9_errstr2errno: server reported unknown error 1844674407 [ 1081.813196][T30726] fuse: Bad value for 'fd' [ 1084.301167][T30795] loop2: detected capacity change from 0 to 4096 [ 1084.335412][T30795] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1084.391965][T30795] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1084.518561][T30795] EXT4-fs (loop2): re-mounted. Quota mode: writeback. [ 1084.599195][T30807] netlink: 64 bytes leftover after parsing attributes in process `syz.0.11516'. [ 1085.183400][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1086.584189][T30832] loop4: detected capacity change from 0 to 4096 [ 1086.603307][T30832] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1086.634361][T30832] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1086.665964][T30832] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 1086.825290][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1089.943937][T30949] xt_socket: unknown flags 0x50 [ 1092.765607][T31037] netlink: 'syz.4.11617': attribute type 1 has an invalid length. [ 1093.674683][T31042] bond6: (slave gretap1): making interface the new active one [ 1093.698746][T31042] bond6: (slave gretap1): Enslaving as an active interface with an up link [ 1093.749752][T31056] tipc: Started in network mode [ 1093.784218][T31056] tipc: Node identity ac14140f, cluster identity 4711 [ 1093.813337][T31056] tipc: New replicast peer: 255.255.255.255 [ 1093.832024][T31056] tipc: Enabled bearer , priority 10 [ 1093.861698][T31064] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11622'. [ 1093.903065][T31064] tipc: Disabling bearer [ 1094.944765][ T27] audit: type=1326 audit(2000001043.237:3050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31109 comm="syz.3.11656" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x0 [ 1099.812099][T31202] overlayfs: unrecognized mount option "fsname=}[#*\!. " or missing value [ 1100.622553][T31241] netlink: 192 bytes leftover after parsing attributes in process `syz.2.11703'. [ 1101.138615][T31250] netlink: 64 bytes leftover after parsing attributes in process `syz.2.11705'. [ 1102.323648][T31273] loop2: detected capacity change from 0 to 2048 [ 1102.414958][T31273] Alternate GPT is invalid, using primary GPT. [ 1102.433508][T31273] loop2: p2 p3 p7 [ 1102.724396][T20251] udevd[20251]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 1102.724862][T31293] udevd[31293]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 1102.749258][T17606] udevd[17606]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 1103.158501][ T27] audit: type=1326 audit(2000001051.447:3051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31320 comm="syz.3.11738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1103.338095][ T27] audit: type=1326 audit(2000001051.447:3052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31320 comm="syz.3.11738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1103.372517][ T27] audit: type=1326 audit(2000001051.577:3053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31320 comm="syz.3.11738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1103.851180][ T27] audit: type=1326 audit(2000001051.577:3054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31320 comm="syz.3.11738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1103.977001][ T27] audit: type=1326 audit(2000001051.577:3055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31320 comm="syz.3.11738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1104.091400][ T27] audit: type=1326 audit(2000001051.577:3056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31320 comm="syz.3.11738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1104.130458][ T27] audit: type=1326 audit(2000001051.577:3057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31320 comm="syz.3.11738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1104.233285][ T27] audit: type=1326 audit(2000001051.577:3058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31320 comm="syz.3.11738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1104.299841][ T27] audit: type=1326 audit(2000001051.577:3059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31320 comm="syz.3.11738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1104.371710][ T27] audit: type=1326 audit(2000001051.577:3060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31320 comm="syz.3.11738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1105.584725][T31372] netlink: 68 bytes leftover after parsing attributes in process `syz.2.11764'. [ 1107.563134][T31426] netlink: 120 bytes leftover after parsing attributes in process `syz.2.11786'. [ 1107.586708][T31426] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11786'. [ 1107.823546][T31438] netlink: 68 bytes leftover after parsing attributes in process `syz.3.11791'. [ 1107.989050][T31448] tipc: Enabling of bearer rejected, already enabled [ 1109.469117][T31477] netlink: 68 bytes leftover after parsing attributes in process `syz.1.11809'. [ 1109.479323][T31475] cgroup: Unknown subsys name 'fowner>00000000000000060929' [ 1110.826757][T31517] netlink: 68 bytes leftover after parsing attributes in process `syz.0.11825'. [ 1110.971889][T31521] netlink: 136 bytes leftover after parsing attributes in process `syz.2.11830'. [ 1111.324650][T31544] netlink: 60 bytes leftover after parsing attributes in process `syz.3.11840'. [ 1111.907776][T31575] netlink: 64 bytes leftover after parsing attributes in process `syz.3.11848'. [ 1113.583641][T31604] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11862'. [ 1113.632134][T31605] netlink: 64 bytes leftover after parsing attributes in process `syz.3.11864'. [ 1113.673598][T31604] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11862'. [ 1115.498614][T31640] 9pnet: p9_errstr2errno: server reported unknown error 18446744073 [ 1115.755078][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1115.761456][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1116.250781][T31670] atomic_op ffff88801ffc6998 conn xmit_atomic 0000000000000000 [ 1117.495070][T31702] "syz.1.11911" (31702) uses obsolete ecb(arc4) skcipher [ 1119.272916][T31728] xt_socket: unknown flags 0x50 [ 1120.323858][T31740] tmpfs: Unknown parameter 'noswap' [ 1122.275601][T31779] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11933'. [ 1122.284829][T31779] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11933'. [ 1122.298679][T31779] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11933'. [ 1122.307989][T31779] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11933'. [ 1123.555716][T31809] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11946'. [ 1123.592832][T31809] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11946'. [ 1123.744710][T31822] netlink: 16 bytes leftover after parsing attributes in process `syz.4.11952'. [ 1123.963861][T31833] 9pnet_fd: Insufficient options for proto=fd [ 1124.099984][T31843] tipc: Failed to remove unknown binding: 66,1,1/4:2224908316/2224908318 [ 1124.224692][T31844] 9pnet: Could not find request transport: f [ 1124.896015][T31875] loop2: detected capacity change from 0 to 1764 [ 1125.373549][T17606] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1126.631265][T31912] netlink: 'syz.1.11992': attribute type 13 has an invalid length. [ 1126.788647][T31912] erspan0: refused to change device tx_queue_len [ 1127.354901][ T27] kauditd_printk_skb: 38 callbacks suppressed [ 1127.354914][ T27] audit: type=1326 audit(2000000003.949:3099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31915 comm="syz.1.11993" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3f1238f6c9 code=0x0 [ 1128.679708][T31959] futex_wake_op: syz.1.12013 tries to shift op by 32; fix this program [ 1128.860205][T31967] netlink: 104 bytes leftover after parsing attributes in process `syz.4.12018'. [ 1128.985246][T31969] overlayfs: failed to clone upperpath [ 1129.142398][ T27] audit: type=1326 audit(2000000005.729:3100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31975 comm="syz.3.12021" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x0 [ 1129.453864][T31985] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12014'. [ 1129.474341][T31988] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1129.493107][T31988] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 1129.505148][T31988] overlayfs: missing 'lowerdir' [ 1129.729830][T32004] 9pnet_fd: Insufficient options for proto=fd [ 1130.169314][T32032] netlink: 44 bytes leftover after parsing attributes in process `syz.3.12048'. [ 1130.262737][ T8511] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 1130.482724][ T8511] usb 5-1: Using ep0 maxpacket: 16 [ 1130.489596][ T8511] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1130.510899][ T8511] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 2 [ 1130.541735][ T8511] usb 5-1: New USB device found, idVendor=056e, idProduct=b338, bcdDevice=7f.56 [ 1130.571413][ T8511] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1130.580821][ T8511] usb 5-1: Product: syz [ 1130.589345][ T8511] usb 5-1: Manufacturer: syz [ 1130.594312][ T8511] usb 5-1: SerialNumber: syz [ 1130.600570][ T8511] usb 5-1: config 0 descriptor?? [ 1130.826428][ T8511] usb 5-1: USB disconnect, device number 9 [ 1131.459558][T32067] netlink: 'syz.3.12066': attribute type 11 has an invalid length. [ 1131.606245][T32067] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.12066'. [ 1132.038763][T32079] loop4: detected capacity change from 0 to 1764 [ 1132.107416][T17606] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1133.049209][T32120] binder: 32117:32120 ioctl c00c620f 0 returned -14 [ 1136.352501][T32206] overlayfs: failed to resolve './file1': -2 [ 1136.367906][T32211] netlink: 'syz.2.12129': attribute type 4 has an invalid length. [ 1136.404181][T32211] netlink: 'syz.2.12129': attribute type 4 has an invalid length. [ 1138.985066][T32255] delete_channel: no stack [ 1139.131712][T32272] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370 [ 1139.940517][T32309] xt_l2tp: v2 doesn't support IP mode [ 1140.333091][ T8511] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 1140.582790][ T8511] usb 3-1: Using ep0 maxpacket: 8 [ 1140.695971][ T8511] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1140.714623][ T8511] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 1140.724668][ T8511] usb 3-1: can't read configurations, error -71 [ 1141.247534][T32347] netlink: 'syz.4.12189': attribute type 4 has an invalid length. [ 1141.315269][T32351] netlink: 'syz.4.12189': attribute type 4 has an invalid length. [ 1142.354710][T32358] delete_channel: no stack [ 1144.034264][T32431] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12229'. [ 1144.226867][T32437] netlink: 72 bytes leftover after parsing attributes in process `syz.3.12232'. [ 1144.320166][T32440] fuse: Unknown parameter ''' [ 1144.945274][T32459] delete_channel: no stack [ 1146.315555][T32480] netlink: 36 bytes leftover after parsing attributes in process `syz.0.12251'. [ 1147.414189][T32484] delete_channel: no stack [ 1148.120363][T32522] netlink: 'syz.3.12266': attribute type 3 has an invalid length. [ 1148.128619][T32522] netlink: 52 bytes leftover after parsing attributes in process `syz.3.12266'. [ 1150.765559][T32597] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1150.796625][T32597] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 1150.831955][T32597] overlayfs: missing 'lowerdir' [ 1151.974324][T32650] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1152.898161][T32686] netlink: 152 bytes leftover after parsing attributes in process `syz.0.12345'. [ 1153.196807][T32693] fuse: Bad value for 'fd' [ 1155.328553][ T300] overlayfs: failed to clone upperpath [ 1155.767085][ T314] 9pnet: Could not find request transport: ›b“5àèv²xÈ}§YD­i°·°Ü("¾lûò_±H"o¹¯iÒ[òÈòÛ½p¨aÿéäþÌƤº}ßTy8ZÛ»jMf¶ [ 1156.613128][ T339] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12400'. [ 1156.766729][ T345] overlayfs: failed to resolve './file1': -2 [ 1158.506222][ T402] netlink: 100 bytes leftover after parsing attributes in process `syz.2.12427'. [ 1160.919912][ T465] syz.1.12455[465] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1160.920009][ T465] syz.1.12455[465] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1162.398193][ T494] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12466'. [ 1164.703506][ T557] netlink: 48 bytes leftover after parsing attributes in process `syz.4.12496'. [ 1164.756627][ T557] netlink: 48 bytes leftover after parsing attributes in process `syz.4.12496'. [ 1168.605383][ T642] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12533'. [ 1170.933849][ T695] binder: 694:695 ioctl 4018620d 0 returned -22 [ 1171.301435][ T708] netlink: 104 bytes leftover after parsing attributes in process `syz.1.12562'. [ 1172.392803][T15840] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 1172.599423][T15840] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 1172.622871][T15840] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1172.633231][T15840] usb 3-1: config 220 has 2 interfaces, different from the descriptor's value: 3 [ 1172.642371][T15840] usb 3-1: config 220 has no interface number 1 [ 1172.663037][T15840] usb 3-1: config 220 interface 0 has no altsetting 0 [ 1172.669876][T15840] usb 3-1: config 220 interface 76 has no altsetting 0 [ 1172.694446][T15840] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1172.712868][T15840] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1172.720906][T15840] usb 3-1: Product: syz [ 1172.732736][T15840] usb 3-1: Manufacturer: syz [ 1172.737394][T15840] usb 3-1: SerialNumber: syz [ 1173.103215][T15840] usb 3-1: Found UVC 7.01 device syz (8086:0b07) [ 1173.119900][T15840] usb 3-1: No valid video chain found. [ 1173.140318][T15840] usb 3-1: USB disconnect, device number 15 [ 1176.117478][ T845] netlink: 20 bytes leftover after parsing attributes in process `syz.4.12620'. [ 1177.194297][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.200651][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.401455][ T865] loop2: detected capacity change from 0 to 512 [ 1177.438698][ T865] EXT4-fs: Ignoring removed mblk_io_submit option [ 1177.453793][ T865] EXT4-fs: inline encryption not supported [ 1177.472844][ T865] EXT4-fs: Ignoring removed mblk_io_submit option [ 1177.514198][ T865] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1177.521039][ T865] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1177.598912][ T865] EXT4-fs (loop2): 1 truncate cleaned up [ 1177.612808][ T865] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1177.754560][ T877] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12632'. [ 1177.772004][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1177.838604][ T884] overlayfs: failed to clone upperpath [ 1178.889394][ T943] netlink: 104 bytes leftover after parsing attributes in process `syz.2.12656'. [ 1180.437507][ T980] loop4: detected capacity change from 0 to 512 [ 1180.455311][ T980] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1180.494431][ T980] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1181.235163][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1187.637384][ T1063] loop4: detected capacity change from 0 to 512 [ 1187.653601][ T1063] EXT4-fs: Ignoring removed mblk_io_submit option [ 1187.671957][ T1063] EXT4-fs: inline encryption not supported [ 1187.722817][ T1063] EXT4-fs: Ignoring removed mblk_io_submit option [ 1187.743304][ T1063] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1187.750281][ T1063] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1187.798481][ T1063] EXT4-fs (loop4): 1 truncate cleaned up [ 1187.807323][ T1063] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1187.937188][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1189.524859][ T1124] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1189.681578][ T1135] overlayfs: failed to clone lowerpath [ 1190.095192][ T1146] xt_cgroup: path and classid specified [ 1191.028644][ T1166] loop2: detected capacity change from 0 to 512 [ 1191.048421][ T1166] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1191.220361][ T1166] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1191.926642][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1192.176296][ T1183] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1192.200224][ T1186] netlink: 156 bytes leftover after parsing attributes in process `syz.4.12750'. [ 1192.216536][ T1186] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12750'. [ 1193.420816][ T1211] loop4: detected capacity change from 0 to 512 [ 1193.444602][ T1211] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1193.508185][ T1211] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1194.235897][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1194.444266][ T1229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1194.714921][ T1243] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1194.715067][ T1244] netlink: 20 bytes leftover after parsing attributes in process `syz.1.12774'. [ 1194.732844][ T1243] overlayfs: missing 'lowerdir' [ 1194.789150][ T27] audit: type=1804 audit(2000000071.379:3101): pid=1248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.12775" name="bus" dev="ramfs" ino=166168 res=1 errno=0 [ 1196.084953][ T1272] loop4: detected capacity change from 0 to 128 [ 1196.111669][ T1272] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1196.157923][ T1272] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1196.176271][ T1272] ext4 filesystem being mounted at /2473/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1196.256348][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1196.589154][ T1292] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1196.808234][ T1303] loop2: detected capacity change from 0 to 512 [ 1196.828419][ T1303] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1196.846811][ T1303] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1196.968151][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1198.309184][ T1362] 9pnet_fd: Insufficient options for proto=fd [ 1198.935375][ T1375] binder: 1374:1375 ioctl c0306201 200000000180 returned -14 [ 1199.324376][ T1383] loop4: detected capacity change from 0 to 512 [ 1199.356934][ T1383] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1199.404462][ T1383] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1199.558768][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1200.724822][ T1416] netlink: 56 bytes leftover after parsing attributes in process `syz.2.12846'. [ 1201.385116][ T1439] No such timeout policy "syz0" [ 1205.600322][ T1478] 9pnet_fd: Insufficient options for proto=fd [ 1206.727386][ T1507] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1206.746724][ T1507] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1207.342300][ T1538] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12900'. [ 1210.003183][ T1596] No such timeout policy "syz0" [ 1211.088841][ T1623] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12938'. [ 1211.131351][ T1627] loop4: detected capacity change from 0 to 512 [ 1211.217133][ T1627] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1211.237807][ T1627] ext4 filesystem being mounted at /2505/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1211.294666][ T1627] EXT4-fs error (device loop4): ext4_do_update_inode:5268: inode #2: comm syz.4.12940: corrupted inode contents [ 1211.322749][ T1627] EXT4-fs error (device loop4): ext4_dirty_inode:6133: inode #2: comm syz.4.12940: mark_inode_dirty error [ 1211.359493][ T1627] EXT4-fs error (device loop4): ext4_do_update_inode:5268: inode #2: comm syz.4.12940: corrupted inode contents [ 1211.403305][ T1627] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.12940: mark_inode_dirty error [ 1211.477104][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1212.152873][T24230] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 1212.345496][T24230] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1212.366865][T24230] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 1212.386534][T24230] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1212.423154][T24230] usb 5-1: config 0 descriptor?? [ 1212.508388][ T1691] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12969'. [ 1212.634007][T24230] usbhid 5-1:0.0: can't add hid device: -71 [ 1212.643359][T24230] usbhid: probe of 5-1:0.0 failed with error -71 [ 1212.666607][T24230] usb 5-1: USB disconnect, device number 10 [ 1214.928964][ T1742] tmpfs: Unknown parameter 'no' [ 1216.860454][ T27] audit: type=1326 audit(2000000093.449:3102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1793 comm="syz.1.13013" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3f1238f6c9 code=0x0 [ 1220.403125][ T1864] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13045'. [ 1221.614996][ T1889] loop2: detected capacity change from 0 to 512 [ 1221.693993][ T1889] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1221.703432][ T1889] ext4 filesystem being mounted at /2605/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1221.721777][ T1898] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13059'. [ 1221.735647][ T1889] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #2: comm syz.2.13055: corrupted inode contents [ 1221.764750][ T1889] EXT4-fs error (device loop2): ext4_dirty_inode:6133: inode #2: comm syz.2.13055: mark_inode_dirty error [ 1221.823980][ T1889] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #2: comm syz.2.13055: corrupted inode contents [ 1221.858728][ T1889] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.13055: mark_inode_dirty error [ 1221.941442][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1222.774569][ T1940] 9pnet_fd: Insufficient options for proto=fd [ 1222.948609][ T1945] device veth0 entered promiscuous mode [ 1222.982928][ T1945] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13079'. [ 1223.435055][ T1959] overlayfs: failed to clone upperpath [ 1223.476369][ T1963] netlink: 92 bytes leftover after parsing attributes in process `syz.1.13088'. [ 1226.122396][ T2013] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13108'. [ 1227.525597][ T2040] overlayfs: unrecognized mount option "uuid=null" or missing value [ 1228.000120][ T2062] netlink: 'syz.1.13129': attribute type 1 has an invalid length. [ 1228.318984][ T2075] netlink: 156 bytes leftover after parsing attributes in process `syz.2.13136'. [ 1228.478084][ T27] audit: type=1326 audit(2000000105.069:3103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2078 comm="syz.1.13137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f1238f6c9 code=0x7ffc0000 [ 1228.548749][ T27] audit: type=1326 audit(2000000105.099:3104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2078 comm="syz.1.13137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f1238f6c9 code=0x7ffc0000 [ 1228.592286][ T27] audit: type=1326 audit(2000000105.099:3105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2078 comm="syz.1.13137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f3f1238f6c9 code=0x7ffc0000 [ 1228.629334][ T2085] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1228.639759][ T27] audit: type=1326 audit(2000000105.099:3106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2078 comm="syz.1.13137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f1238f6c9 code=0x7ffc0000 [ 1228.703257][ T27] audit: type=1326 audit(2000000105.099:3107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2078 comm="syz.1.13137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f1238f6c9 code=0x7ffc0000 [ 1228.862354][ T2097] netlink: 40 bytes leftover after parsing attributes in process `syz.2.13147'. [ 1229.003362][ T2104] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1229.416769][ T2120] overlayfs: failed to clone upperpath [ 1229.705673][ T2134] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 1230.073688][ C0] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1230.748066][ T2150] netlink: 'syz.2.13172': attribute type 10 has an invalid length. [ 1230.773710][ T2150] wlan1: mtu less than device minimum [ 1230.789449][ T2150] bond0: (slave wlan1): Error -22 calling dev_set_mtu [ 1231.682003][ T2176] cgroup: Invalid name [ 1233.152199][ T2214] overlayfs: missing 'lowerdir' [ 1233.594700][ T2230] 9pnet_fd: Insufficient options for proto=fd [ 1234.274926][ T2256] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13203'. [ 1236.437986][ T2324] xt_TCPMSS: Only works on TCP SYN packets [ 1236.986456][ T2332] loop4: detected capacity change from 0 to 256 [ 1237.013981][ T2332] exfat: Unknown parameter 'ÿÿÿÿÿ' [ 1237.091434][ T2333] loop2: detected capacity change from 0 to 4096 [ 1237.132413][ T2333] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1237.602534][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1237.823276][ T2363] overlayfs: missing 'lowerdir' [ 1238.105819][ T2379] netlink: 68 bytes leftover after parsing attributes in process `syz.4.13273'. [ 1238.634618][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.641015][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1238.793070][ T2424] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1238.879769][ T2428] loop2: detected capacity change from 0 to 512 [ 1238.903527][ T2428] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1238.912489][ T2428] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1238.920083][ T2428] EXT4-fs: Ignoring removed i_version option [ 1238.937099][ T2428] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a816c099, mo2=0002] [ 1238.946879][ T2428] System zones: 1-12 [ 1238.952079][ T2428] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.13292: inode #1: comm syz.2.13292: iget: illegal inode # [ 1238.966401][ T2428] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.13292: error while reading EA inode 1 err=-117 [ 1238.981157][ T2428] EXT4-fs (loop2): 1 orphan inode deleted [ 1238.987647][ T2428] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1239.045342][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1239.254762][ T2448] 9pnet_fd: Insufficient options for proto=fd [ 1239.269868][ T2455] loop2: detected capacity change from 0 to 512 [ 1239.288160][ T2455] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1239.334728][ T2455] EXT4-fs (loop2): 1 truncate cleaned up [ 1239.349558][ T2455] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1239.377599][ T27] audit: type=1800 audit(2000000115.969:3108): pid=2455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.13302" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 1239.488993][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1239.919330][ T2481] overlayfs: missing 'workdir' [ 1240.067459][ T2492] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1240.579161][ T2518] xt_TCPMSS: Only works on TCP SYN packets [ 1241.799490][ T2557] netlink: 156 bytes leftover after parsing attributes in process `syz.0.13339'. [ 1242.666634][ T2580] overlayfs: failed to clone upperpath [ 1242.747414][ T2575] loop4: detected capacity change from 0 to 256 [ 1242.848709][ T2590] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13352'. [ 1242.969111][ T2575] syz.4.13343: attempt to access beyond end of device [ 1242.969111][ T2575] loop4: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 1243.015369][ T2590] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13352'. [ 1244.528811][ T27] audit: type=1326 audit(2000000121.109:3109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2631 comm="syz.1.13366" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3f1238f6c9 code=0x0 [ 1244.742630][ T2645] netlink: 56 bytes leftover after parsing attributes in process `syz.0.13371'. [ 1247.030594][ T2693] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13384'. [ 1248.393968][ T2721] netlink: 'syz.3.13391': attribute type 1 has an invalid length. [ 1251.914549][ T2818] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13420'. [ 1254.267058][ T2846] netlink: 112 bytes leftover after parsing attributes in process `syz.1.13442'. [ 1255.423638][ T2891] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 1256.851921][ T2928] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13465'. [ 1257.076994][ T2935] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 1257.996656][ T2943] overlayfs: failed to clone upperpath [ 1258.348380][ T2964] netlink: 112 bytes leftover after parsing attributes in process `syz.4.13482'. [ 1258.621658][ T2978] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1260.871955][ T3020] 9pnet_fd: Insufficient options for proto=fd [ 1261.285836][ T3040] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 1262.858377][ T3089] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 1264.597621][ T3142] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 1265.351958][ T3160] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13566'. [ 1266.114459][ T3190] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13579'. [ 1266.262594][ T3195] loop2: detected capacity change from 0 to 256 [ 1266.316737][ T3195] FAT-fs (loop2): Directory bread(block 64) failed [ 1266.333414][ T3195] FAT-fs (loop2): Directory bread(block 65) failed [ 1266.356656][ T3195] FAT-fs (loop2): Directory bread(block 66) failed [ 1266.378818][ T3195] FAT-fs (loop2): Directory bread(block 67) failed [ 1266.398849][ T3195] FAT-fs (loop2): Directory bread(block 68) failed [ 1266.414388][ T3195] FAT-fs (loop2): Directory bread(block 69) failed [ 1266.424340][ T3195] FAT-fs (loop2): Directory bread(block 70) failed [ 1266.431319][ T3195] FAT-fs (loop2): Directory bread(block 71) failed [ 1266.439515][ T3195] FAT-fs (loop2): Directory bread(block 72) failed [ 1266.447517][ T3195] FAT-fs (loop2): Directory bread(block 73) failed [ 1266.580388][ T27] audit: type=1800 audit(2000000143.169:3110): pid=3195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.13581" name="bus" dev="loop2" ino=1048752 res=0 errno=0 [ 1268.818096][ T3248] device batadv_slave_1 entered promiscuous mode [ 1268.853733][ T3245] device batadv_slave_1 left promiscuous mode [ 1269.664620][ T3271] loop2: detected capacity change from 0 to 256 [ 1271.208122][ T3309] tipc: Failed to remove unknown binding: 66,1,1/8432298:3603511198/3603511200 [ 1272.029087][ T3308] tipc: Failed to remove unknown binding: 66,1,1/8432298:3603511198/3603511200 [ 1272.113209][ T3308] tipc: Failed to remove unknown binding: 66,1,1/8432298:3603511198/3603511200 [ 1272.386335][ T3339] netlink: 'syz.1.13646': attribute type 23 has an invalid length. [ 1272.397712][ T3339] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13646'. [ 1272.481111][ T3343] 8021q: adding VLAN 0 to HW filter on device bond4 [ 1272.517019][ T3351] bond4: (slave macvlan2): Error -22 calling dev_set_mtu [ 1274.887276][ T3423] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1274.912950][ T3423] overlayfs: missing 'lowerdir' [ 1276.540585][ T3449] overlayfs: failed to clone upperpath [ 1278.852482][ T3522] overlayfs: failed to clone upperpath [ 1279.397718][ T27] audit: type=1326 audit(2000000155.989:3111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3550 comm="syz.3.13737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1279.468508][ T27] audit: type=1326 audit(2000000156.019:3112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3550 comm="syz.3.13737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1279.527282][ T27] audit: type=1326 audit(2000000156.019:3113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3550 comm="syz.3.13737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1279.592828][ T27] audit: type=1326 audit(2000000156.019:3114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3550 comm="syz.3.13737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1279.616002][ T27] audit: type=1326 audit(2000000156.019:3115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3550 comm="syz.3.13737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1279.668477][ T27] audit: type=1326 audit(2000000156.019:3116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3550 comm="syz.3.13737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1279.752815][ T27] audit: type=1326 audit(2000000156.019:3117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3550 comm="syz.3.13737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1279.796797][ T27] audit: type=1326 audit(2000000156.019:3118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3550 comm="syz.3.13737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1279.842759][ T27] audit: type=1326 audit(2000000156.019:3119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3550 comm="syz.3.13737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1279.893086][ T27] audit: type=1326 audit(2000000156.019:3120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3550 comm="syz.3.13737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1280.266083][ T3577] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13749'. [ 1281.122189][ T3587] overlayfs: unrecognized mount option "appraise" or missing value [ 1283.811366][ T3679] loop4: detected capacity change from 0 to 512 [ 1283.895072][ T3679] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1283.912949][ T3679] ext4 filesystem being mounted at /2644/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1284.081004][ T3691] tipc: Failed to remove unknown binding: 66,1,1/0:3160373983/3160373985 [ 1284.143776][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1284.878784][ T3690] tipc: Failed to remove unknown binding: 66,1,1/0:3160373983/3160373985 [ 1284.908041][ T3690] tipc: Failed to remove unknown binding: 66,1,1/0:3160373983/3160373985 [ 1285.431594][ T3734] netlink: 32 bytes leftover after parsing attributes in process `syz.0.13814'. [ 1285.951954][ T3752] loop2: detected capacity change from 0 to 512 [ 1285.983211][ T3752] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.13823: inode has both inline data and extents flags [ 1286.003094][ T3752] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.13823: couldn't read orphan inode 15 (err -117) [ 1286.037530][ T3752] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1286.189859][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1287.795539][ T3791] netlink: 9 bytes leftover after parsing attributes in process `syz.2.13837'. [ 1289.106454][ T3832] overlayfs: missing 'lowerdir' [ 1291.097729][ T3887] netlink: 9 bytes leftover after parsing attributes in process `syz.3.13883'. [ 1291.113065][ T3887] device gretap0 entered promiscuous mode [ 1291.538525][ T3899] loop4: detected capacity change from 0 to 2048 [ 1291.566875][ T3899] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1291.646736][ T3899] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1291.790534][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1291.797906][ T3908] binder: 3907:3908 ioctl c018620c 0 returned -14 [ 1293.696051][ T3950] loop5: detected capacity change from 0 to 7 [ 1293.718179][ T3950] Dev loop5: unable to read RDB block 7 [ 1293.746985][ T3950] loop5: unable to read partition table [ 1293.774938][ T3950] loop5: partition table beyond EOD, truncated [ 1293.813654][ T3950] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1293.850385][ T3637] Dev loop5: unable to read RDB block 7 [ 1293.862798][ T3637] loop5: unable to read partition table [ 1293.878934][ T3637] loop5: partition table beyond EOD, truncated [ 1294.765400][ T3957] netlink: 9 bytes leftover after parsing attributes in process `syz.0.13909'. [ 1296.652264][ T4007] loop2: detected capacity change from 0 to 2048 [ 1296.675794][ T4007] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1296.764322][ T4007] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1296.849510][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1298.183662][ T4038] netlink: 156 bytes leftover after parsing attributes in process `syz.3.13939'. [ 1298.222803][ T4038] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13939'. [ 1298.242223][ T4038] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13939'. [ 1298.255148][ T4038] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13939'. [ 1298.378649][ T4045] loop2: detected capacity change from 0 to 2048 [ 1298.405093][ T4045] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1298.454645][ T4045] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1298.506583][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1300.143184][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.149582][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1300.934129][ T4089] netlink: 72 bytes leftover after parsing attributes in process `syz.4.13959'. [ 1305.334203][ T4212] 9pnet_fd: Insufficient options for proto=fd [ 1307.138006][ T4339] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14044'. [ 1307.630150][ T4365] 9pnet_fd: Insufficient options for proto=fd [ 1309.850533][ T4426] netlink: 596 bytes leftover after parsing attributes in process `syz.4.14080'. [ 1314.039788][ T4499] netlink: 'syz.1.14108': attribute type 4 has an invalid length. [ 1314.107400][ T4499] netlink: 'syz.1.14108': attribute type 5 has an invalid length. [ 1314.142805][ T4499] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.14108'. [ 1314.562784][ T4511] netlink: 104 bytes leftover after parsing attributes in process `syz.3.14113'. [ 1314.593405][ T4513] netlink: 120 bytes leftover after parsing attributes in process `syz.1.14114'. [ 1314.622381][ T4513] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14114'. [ 1314.651848][ T4513] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14114'. [ 1314.682104][ T4513] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14114'. [ 1314.985863][ T4529] netlink: 'syz.2.14122': attribute type 4 has an invalid length. [ 1315.022817][ T4529] netlink: 'syz.2.14122': attribute type 5 has an invalid length. [ 1315.030705][ T4529] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.14122'. [ 1315.057224][ T4531] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14123'. [ 1317.398346][ T27] kauditd_printk_skb: 15 callbacks suppressed [ 1317.398360][ T27] audit: type=1326 audit(2000000193.989:3136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4565 comm="syz.3.14133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1317.822567][ T4575] device syzkaller0 entered promiscuous mode [ 1317.921265][ T4578] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14137'. [ 1318.181735][ T4575] 0: reclassify loop, rule prio 0, protocol 800 [ 1318.596368][ T4583] overlayfs: missing 'workdir' [ 1318.953959][ T4601] loop4: detected capacity change from 0 to 512 [ 1318.986146][ T4601] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1319.044305][ T4601] EXT4-fs (loop4): 1 truncate cleaned up [ 1319.053542][ T4601] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1319.086151][ T4611] overlayfs: failed to clone lowerpath [ 1319.207636][ T4613] netlink: 60 bytes leftover after parsing attributes in process `syz.1.14156'. [ 1319.252357][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1319.752577][ T4632] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14165'. [ 1319.811755][ T4632] device veth0_macvtap left promiscuous mode [ 1320.081798][ T4646] binder: 4645:4646 ioctl 4018620d 0 returned -22 [ 1321.916389][ T4700] netlink: 'syz.1.14196': attribute type 4 has an invalid length. [ 1325.073121][ T4811] netlink: 5 bytes leftover after parsing attributes in process `syz.4.14248'. [ 1325.100810][ T4811] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1325.314747][ T4823] netlink: 'syz.0.14253': attribute type 14 has an invalid length. [ 1325.333004][ T4823] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14253'. [ 1325.351156][ T4823] netlink: 'syz.0.14253': attribute type 14 has an invalid length. [ 1325.366395][ T4823] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14253'. [ 1325.478474][ T4829] loop2: detected capacity change from 0 to 512 [ 1325.783888][ T4829] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.14254: couldn't read orphan inode 26 (err -116) [ 1325.798045][ T4829] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1325.807446][ T4829] ext4 filesystem being mounted at /2840/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1326.331527][ T4837] netlink: 40 bytes leftover after parsing attributes in process `syz.0.14256'. [ 1326.396507][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1326.686186][ T4850] netlink: 104 bytes leftover after parsing attributes in process `syz.2.14263'. [ 1326.728312][ T4851] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1329.667907][ T4932] netlink: 5 bytes leftover after parsing attributes in process `syz.2.14298'. [ 1329.679309][ T4932] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1329.868328][ T4936] loop4: detected capacity change from 0 to 256 [ 1329.921467][ T4936] FAT-fs (loop4): Directory bread(block 64) failed [ 1329.932427][ T4936] FAT-fs (loop4): Directory bread(block 65) failed [ 1329.945271][ T4936] FAT-fs (loop4): Directory bread(block 66) failed [ 1329.959689][ T4936] FAT-fs (loop4): Directory bread(block 67) failed [ 1329.977218][ T4936] FAT-fs (loop4): Directory bread(block 68) failed [ 1329.990997][ T4936] FAT-fs (loop4): Directory bread(block 69) failed [ 1330.004887][ T4936] FAT-fs (loop4): Directory bread(block 70) failed [ 1330.018267][ T4936] FAT-fs (loop4): Directory bread(block 71) failed [ 1330.032945][ T4936] FAT-fs (loop4): Directory bread(block 72) failed [ 1330.046443][ T4936] FAT-fs (loop4): Directory bread(block 73) failed [ 1330.255234][ T27] audit: type=1800 audit(2000000206.849:3137): pid=4936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.14301" name="bus" dev="loop4" ino=1048780 res=0 errno=0 [ 1330.588596][ T4957] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14308'. [ 1330.634449][ T4957] device veth0_macvtap left promiscuous mode [ 1331.272411][ T4988] netlink: 'syz.1.14321': attribute type 14 has an invalid length. [ 1331.294312][ T4988] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14321'. [ 1331.323231][ T4988] netlink: 'syz.1.14321': attribute type 14 has an invalid length. [ 1331.331185][ T4988] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14321'. [ 1331.951358][ T5010] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14326'. [ 1335.975130][ T5049] loop2: detected capacity change from 0 to 512 [ 1336.027688][ T5049] EXT4-fs (loop2): unable to read superblock [ 1336.520079][ T5072] loop4: detected capacity change from 0 to 128 [ 1336.674885][ T5072] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1336.693153][ T5072] ext4 filesystem being mounted at /2763/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1336.885143][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1339.824804][ T5194] loop4: detected capacity change from 0 to 512 [ 1339.840916][ T5194] EXT4-fs (loop4): unable to read superblock [ 1344.204838][ T5236] overlayfs: missing 'lowerdir' [ 1347.692490][ T27] audit: type=1326 audit(2000000224.279:3138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5287 comm="syz.3.14452" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x0 [ 1349.344923][ T5308] overlayfs: missing 'lowerdir' [ 1349.384218][ T5313] netlink: 'syz.1.14464': attribute type 4 has an invalid length. [ 1350.653103][ T5378] loop2: detected capacity change from 0 to 512 [ 1350.673360][ T5378] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1350.701912][ T5378] EXT4-fs (loop2): 1 truncate cleaned up [ 1350.707969][ T5378] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1350.834093][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1351.198697][ T5405] fuse: Bad value for 'fd' [ 1351.451031][ T5417] netlink: 16 bytes leftover after parsing attributes in process `syz.4.14510'. [ 1351.605635][ T5421] loop4: detected capacity change from 0 to 512 [ 1351.625641][ T5421] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1351.673382][ T5421] EXT4-fs (loop4): 1 truncate cleaned up [ 1351.686817][ T5423] netlink: 104 bytes leftover after parsing attributes in process `syz.2.14513'. [ 1351.697505][ T5421] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1351.798673][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1352.553892][ T5457] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1354.769561][ T5527] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 1356.938643][ T5544] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1356.962857][ T5544] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 1356.971148][ T5544] overlayfs: missing 'lowerdir' [ 1359.407495][ T5670] netlink: 20 bytes leftover after parsing attributes in process `syz.2.14626'. [ 1359.797222][ T5686] dns_resolver: Unsupported content type (6) [ 1360.316511][ T5708] netlink: 'syz.0.14644': attribute type 4 has an invalid length. [ 1360.865628][ T5727] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 1361.521347][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.531485][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1361.778077][ T5744] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1361.826516][ T5744] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1362.293811][ T5766] fuse: Bad value for 'fd' [ 1362.504948][ T5778] device macvtap0 entered promiscuous mode [ 1362.512389][ T5778] device macvtap0 left promiscuous mode [ 1362.717264][ T5784] overlayfs: failed to clone upperpath [ 1363.061989][ T5800] dns_resolver: Unsupported content type (6) [ 1363.168943][ T5805] device macvtap0 entered promiscuous mode [ 1363.185473][ T5805] device macvtap0 left promiscuous mode [ 1363.365723][ T5813] loop2: detected capacity change from 0 to 512 [ 1363.373224][ T5813] EXT4-fs: Ignoring removed mblk_io_submit option [ 1363.379809][ T5813] EXT4-fs: inline encryption not supported [ 1363.398790][ T5813] EXT4-fs: Ignoring removed mblk_io_submit option [ 1363.406628][ T5813] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1363.414087][ T5813] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1363.450940][ T5813] EXT4-fs (loop2): 1 truncate cleaned up [ 1363.458207][ T5813] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1363.551644][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1364.015983][ T5831] netlink: 24 bytes leftover after parsing attributes in process `syz.3.14698'. [ 1364.262885][ T5650] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 1364.456073][ T5650] usb 5-1: config 0 has no interfaces? [ 1364.474102][ T5650] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1364.502965][ T5650] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1364.524620][ T5650] usb 5-1: Product: syz [ 1364.563082][ T5650] usb 5-1: Manufacturer: syz [ 1364.567740][ T5650] usb 5-1: SerialNumber: syz [ 1364.603122][ T5650] usb 5-1: config 0 descriptor?? [ 1364.817210][ T5650] usb 5-1: USB disconnect, device number 11 [ 1370.632843][ T4267] usb 3-1: new full-speed USB device number 16 using dummy_hcd [ 1370.825039][ T4267] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1370.845448][ T4267] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1370.875153][ T4267] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1370.901439][ T4267] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1370.923068][ T4267] usb 3-1: Product: syz [ 1370.927284][ T4267] usb 3-1: Manufacturer: syz [ 1370.931893][ T4267] usb 3-1: SerialNumber: syz [ 1371.168337][ T4267] usb 3-1: cannot find UAC_HEADER [ 1371.233771][ T4267] snd-usb-audio: probe of 3-1:1.0 failed with error -22 [ 1371.261654][ T4267] usb 3-1: USB disconnect, device number 16 [ 1371.299314][T17606] udevd[17606]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1374.993580][ T6208] tipc: Enabling of bearer rejected, failed to enable media [ 1378.781865][ T6310] netlink: 'syz.3.14913': attribute type 4 has an invalid length. [ 1378.802811][ T6309] netlink: 96 bytes leftover after parsing attributes in process `syz.4.14915'. [ 1379.085487][ T6321] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14919'. [ 1380.177404][ T27] audit: type=1326 audit(2000000256.769:3139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6346 comm="syz.3.14932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1380.229372][ T6352] netlink: 192 bytes leftover after parsing attributes in process `syz.4.14933'. [ 1380.262752][ T27] audit: type=1326 audit(2000000256.789:3140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6346 comm="syz.3.14932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1380.376075][ T27] audit: type=1326 audit(2000000256.789:3141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6346 comm="syz.3.14932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1380.412069][ T27] audit: type=1326 audit(2000000256.789:3142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6346 comm="syz.3.14932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2e5778f703 code=0x7ffc0000 [ 1380.434829][ T27] audit: type=1326 audit(2000000256.789:3143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6346 comm="syz.3.14932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2e5778e17f code=0x7ffc0000 [ 1380.458297][ T27] audit: type=1326 audit(2000000256.799:3144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6346 comm="syz.3.14932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2e5778f757 code=0x7ffc0000 [ 1380.519151][ T27] audit: type=1326 audit(2000000256.799:3145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6346 comm="syz.3.14932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2e5778df10 code=0x7ffc0000 [ 1380.556403][ T27] audit: type=1326 audit(2000000256.799:3146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6346 comm="syz.3.14932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2e5778e32a code=0x7ffc0000 [ 1380.595956][ T27] audit: type=1326 audit(2000000256.799:3147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6346 comm="syz.3.14932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1380.638969][ T27] audit: type=1326 audit(2000000256.819:3148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6346 comm="syz.3.14932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1383.554454][ T6445] netlink: 104 bytes leftover after parsing attributes in process `syz.0.14970'. [ 1383.724884][ T6449] loop2: detected capacity change from 0 to 512 [ 1383.924938][ T6455] netlink: 'syz.4.14975': attribute type 4 has an invalid length. [ 1384.791365][ T6473] loop2: detected capacity change from 0 to 128 [ 1385.762448][ T6515] netlink: 12 bytes leftover after parsing attributes in process `syz.1.15001'. [ 1386.830188][ T6536] netlink: 'syz.1.15012': attribute type 1 has an invalid length. [ 1386.892621][ T6536] 8021q: adding VLAN 0 to HW filter on device bond12 [ 1386.963977][ T6536] bond12: (slave erspan0): making interface the new active one [ 1386.996668][ T6536] bond12: (slave erspan0): Enslaving as an active interface with an up link [ 1387.021770][T18406] IPv6: ADDRCONF(NETDEV_CHANGE): bond12: link becomes ready [ 1387.057397][ T6544] bond12: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 1391.995890][ T6675] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1392.042729][ T6675] overlayfs: missing 'lowerdir' [ 1392.496258][ T6698] netlink: 'syz.1.15082': attribute type 4 has an invalid length. [ 1392.521745][ T6698] netlink: 17 bytes leftover after parsing attributes in process `syz.1.15082'. [ 1394.890465][ T6784] netlink: 'syz.0.15122': attribute type 1 has an invalid length. [ 1395.698792][ T6823] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1395.722943][ T6823] overlayfs: missing 'lowerdir' [ 1395.895962][ T6836] loop2: detected capacity change from 0 to 512 [ 1395.994466][ T6836] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1396.016956][ T6836] ext4 filesystem being mounted at /3025/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1396.325008][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1398.050437][ T6864] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1398.072861][ T6864] overlayfs: missing 'lowerdir' [ 1398.564088][ T6890] netlink: 28 bytes leftover after parsing attributes in process `syz.4.15168'. [ 1399.723754][ T6945] netlink: 104 bytes leftover after parsing attributes in process `syz.3.15195'. [ 1400.991128][ T6984] netlink: 'syz.1.15212': attribute type 1 has an invalid length. [ 1401.082073][ T6987] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 1401.091306][ T6987] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 1401.102813][ T6987] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 1401.132806][ T6987] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 1401.153647][ T6987] bond13: (slave geneve2): making interface the new active one [ 1401.177916][ T6987] bond13: (slave geneve2): Enslaving as an active interface with an up link [ 1401.228671][ T6984] bond13: (slave ip6gretap1): Enslaving as an active interface with an up link [ 1401.289908][ T6984] netlink: 28 bytes leftover after parsing attributes in process `syz.1.15212'. [ 1401.314063][ T6984] 8021q: adding VLAN 0 to HW filter on device bond13 [ 1402.153194][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): bond13: link becomes ready [ 1402.455222][ T7030] netlink: 68 bytes leftover after parsing attributes in process `syz.2.15234'. [ 1408.169113][ T7101] loop4: detected capacity change from 0 to 512 [ 1408.222339][ T7101] EXT4-fs: quotafile must be on filesystem root [ 1408.445553][ T7109] cgroup: Unknown subsys name 'fowner>00000000000000060929' [ 1412.344555][ T7168] 9pnet_fd: Insufficient options for proto=fd [ 1413.028968][ T7186] netlink: 28 bytes leftover after parsing attributes in process `syz.4.15305'. [ 1413.733666][ T7199] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 1415.729568][ T7224] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15323'. [ 1416.001142][ T7238] 9pnet_fd: Insufficient options for proto=fd [ 1419.886730][ T7333] netlink: 76 bytes leftover after parsing attributes in process `syz.4.15364'. [ 1420.109268][ T7337] 9pnet_fd: Insufficient options for proto=fd [ 1420.433258][ T7339] loop2: detected capacity change from 0 to 512 [ 1420.500596][ T7339] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.15366: inode has both inline data and extents flags [ 1420.563052][ T7339] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.15366: couldn't read orphan inode 15 (err -117) [ 1420.646053][ T7339] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1420.819154][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1421.329575][ T7367] loop4: detected capacity change from 0 to 512 [ 1421.356910][ T7367] EXT4-fs: Ignoring removed oldalloc option [ 1421.387644][ T7367] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.15378: inode #15947535: comm syz.4.15378: iget: illegal inode # [ 1421.490066][ T7367] EXT4-fs (loop4): Remounting filesystem read-only [ 1421.529129][ T7367] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.15378: error while reading EA inode 15947535 err=-117 [ 1421.563118][ T7367] EXT4-fs (loop4): Remounting filesystem read-only [ 1421.580026][ T7367] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.15378: inode #261888: comm syz.4.15378: iget: illegal inode # [ 1421.623170][ T7367] EXT4-fs (loop4): Remounting filesystem read-only [ 1421.632999][ T7367] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.15378: error while reading EA inode 261888 err=-117 [ 1421.668476][ T7367] EXT4-fs (loop4): Remounting filesystem read-only [ 1421.695303][ T7367] EXT4-fs (loop4): 1 orphan inode deleted [ 1421.701098][ T7367] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1421.996597][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1424.105791][ T7394] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 1424.740671][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1424.758956][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1430.266749][ T7487] netlink: 'syz.1.15423': attribute type 1 has an invalid length. [ 1431.780301][ T7524] loop4: detected capacity change from 0 to 512 [ 1431.855502][ T7524] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1431.903123][ T7524] ext4 filesystem being mounted at /3007/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1432.093573][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1435.340893][ T7612] binder: Unknown parameter 'con' [ 1435.739738][ T27] kauditd_printk_skb: 5 callbacks suppressed [ 1435.739751][ T27] audit: type=1326 audit(2000000312.323:3154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7629 comm="syz.4.15491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1435.814849][ T27] audit: type=1326 audit(2000000312.373:3155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7629 comm="syz.4.15491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1435.888360][ T27] audit: type=1326 audit(2000000312.373:3156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7629 comm="syz.4.15491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1435.954377][ T27] audit: type=1326 audit(2000000312.373:3157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7629 comm="syz.4.15491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1436.033285][ T27] audit: type=1326 audit(2000000312.373:3158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7629 comm="syz.4.15491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1436.118578][ T27] audit: type=1326 audit(2000000312.373:3159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7629 comm="syz.4.15491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1436.204708][ T27] audit: type=1326 audit(2000000312.373:3160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7629 comm="syz.4.15491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1436.271905][ T27] audit: type=1326 audit(2000000312.373:3161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7629 comm="syz.4.15491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1436.346918][ T27] audit: type=1326 audit(2000000312.373:3162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7629 comm="syz.4.15491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1436.404408][ T27] audit: type=1326 audit(2000000312.373:3163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7629 comm="syz.4.15491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7ffc0000 [ 1436.572933][ T7655] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1436.800928][ T7662] loop2: detected capacity change from 0 to 1024 [ 1436.886947][ T7662] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1436.901403][ T7662] ext4 filesystem being mounted at /3090/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1436.939804][ T7667] netlink: 188 bytes leftover after parsing attributes in process `syz.1.15508'. [ 1437.070264][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1437.139377][ T7674] netlink: 4 bytes leftover after parsing attributes in process `syz.4.15510'. [ 1440.342082][ T7737] loop4: detected capacity change from 0 to 40427 [ 1440.390575][ T7737] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1440.512594][ T7737] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1440.826557][ T7770] netlink: 20 bytes leftover after parsing attributes in process `syz.4.15551'. [ 1442.669173][ T7795] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1443.095161][ T7810] loop4: detected capacity change from 0 to 512 [ 1443.163633][ T7810] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1443.194145][ T7810] ext4 filesystem being mounted at /3032/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1443.296652][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1443.740469][ T7842] netlink: 4 bytes leftover after parsing attributes in process `syz.4.15582'. [ 1443.801607][ T7844] netlink: 28 bytes leftover after parsing attributes in process `syz.3.15583'. [ 1445.863634][ T7899] netlink: 76 bytes leftover after parsing attributes in process `syz.1.15605'. [ 1445.875919][ T7899] netlink: 76 bytes leftover after parsing attributes in process `syz.1.15605'. [ 1445.919635][ T7901] 9pnet_fd: Insufficient options for proto=fd [ 1446.430136][ T7927] netlink: 76 bytes leftover after parsing attributes in process `syz.2.15619'. [ 1446.480097][ T7927] netlink: 76 bytes leftover after parsing attributes in process `syz.2.15619'. [ 1447.893386][ T7985] tipc: Failed to remove unknown binding: 66,1,1/4:923954563/923954565 [ 1448.002648][ T27] kauditd_printk_skb: 28 callbacks suppressed [ 1448.002661][ T27] audit: type=1326 audit(2000000324.599:3192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.1.15649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f1238f6c9 code=0x7ffc0000 [ 1448.112178][ T27] audit: type=1326 audit(2000000324.659:3193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.1.15649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f1238f6c9 code=0x7ffc0000 [ 1448.195381][ T27] audit: type=1326 audit(2000000324.659:3194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.1.15649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3f1238f6c9 code=0x7ffc0000 [ 1448.270098][ T27] audit: type=1326 audit(2000000324.659:3195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.1.15649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f1238f6c9 code=0x7ffc0000 [ 1448.355941][ T27] audit: type=1326 audit(2000000324.659:3196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.1.15649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f1238f6c9 code=0x7ffc0000 [ 1448.394334][ T7999] 9pnet: Could not find request transport: 00000000000000000004 [ 1448.432271][ T27] audit: type=1326 audit(2000000324.659:3197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.1.15649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3f1238f6c9 code=0x7ffc0000 [ 1448.499364][ T27] audit: type=1326 audit(2000000324.659:3198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.1.15649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3f1238f703 code=0x7ffc0000 [ 1448.541331][ T8007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15657'. [ 1448.576079][ T27] audit: type=1326 audit(2000000324.929:3199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.1.15649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3f1238e17f code=0x7ffc0000 [ 1448.601308][ T8011] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15659'. [ 1448.774606][ T27] audit: type=1326 audit(2000000325.370:3200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.1.15649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3f1238f757 code=0x7ffc0000 [ 1448.821275][ T27] audit: type=1326 audit(2000000325.380:3201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.1.15649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3f1238df10 code=0x7ffc0000 [ 1450.316413][ T8080] netlink: 'syz.2.15690': attribute type 11 has an invalid length. [ 1450.343176][ T8080] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.15690'. [ 1450.674792][ T8088] netlink: 24 bytes leftover after parsing attributes in process `syz.3.15694'. [ 1453.812505][ T27] kauditd_printk_skb: 20 callbacks suppressed [ 1453.812518][ T27] audit: type=1326 audit(2000000330.402:3222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8183 comm="syz.2.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7ebc58e17f code=0x7ffc0000 [ 1454.141784][ T27] audit: type=1326 audit(2000000330.732:3223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8183 comm="syz.2.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f7ebc58f757 code=0x7ffc0000 [ 1454.218786][ T8184] loop2: detected capacity change from 0 to 40427 [ 1454.286169][ T27] audit: type=1326 audit(2000000330.812:3224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8183 comm="syz.2.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7ebc58df10 code=0x7ffc0000 [ 1454.338616][ T27] audit: type=1326 audit(2000000330.812:3225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8183 comm="syz.2.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7ebc58f2cb code=0x7ffc0000 [ 1454.507411][ T8184] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1454.890169][ T27] audit: type=1326 audit(2000000330.852:3226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8183 comm="syz.2.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7ebc58e32a code=0x7ffc0000 [ 1455.062467][ T27] audit: type=1326 audit(2000000330.852:3227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8183 comm="syz.2.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7ebc58e32a code=0x7ffc0000 [ 1455.091614][ T8184] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1455.111892][ T27] audit: type=1326 audit(2000000330.852:3228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8183 comm="syz.2.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f7ebc58de17 code=0x7ffc0000 [ 1455.154033][ T27] audit: type=1326 audit(2000000330.852:3229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8183 comm="syz.2.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f7ebc590e6a code=0x7ffc0000 [ 1455.252447][ T27] audit: type=1326 audit(2000000331.703:3230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8183 comm="syz.2.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7ebc58df10 code=0x7ffc0000 [ 1455.333741][ T27] audit: type=1326 audit(2000000331.703:3231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8183 comm="syz.2.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f7ebc58e417 code=0x7ffc0000 [ 1457.123861][ T8316] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1457.231442][ T8316] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 1457.368455][ T8316] overlayfs: missing 'lowerdir' [ 1458.766842][ T8357] netlink: 28 bytes leftover after parsing attributes in process `syz.3.15814'. [ 1460.058857][ T8387] loop4: detected capacity change from 0 to 512 [ 1460.211790][ T8387] EXT4-fs error (device loop4): ext4_do_update_inode:5268: inode #16: comm syz.4.15829: corrupted inode contents [ 1460.260190][ T8387] EXT4-fs error (device loop4): ext4_dirty_inode:6133: inode #16: comm syz.4.15829: mark_inode_dirty error [ 1460.299897][ T8387] EXT4-fs error (device loop4): ext4_do_update_inode:5268: inode #16: comm syz.4.15829: corrupted inode contents [ 1460.339283][ T8387] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.15829: mark_inode_dirty error [ 1460.369566][ T8387] EXT4-fs error (device loop4): ext4_do_update_inode:5268: inode #16: comm syz.4.15829: corrupted inode contents [ 1460.407526][ T8387] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 1460.439240][ T8387] EXT4-fs error (device loop4): ext4_do_update_inode:5268: inode #16: comm syz.4.15829: corrupted inode contents [ 1460.469693][ T8387] EXT4-fs error (device loop4): ext4_truncate:4318: inode #16: comm syz.4.15829: mark_inode_dirty error [ 1460.499594][ T8387] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 1460.519843][ T8387] EXT4-fs (loop4): 1 truncate cleaned up [ 1460.525617][ T8387] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1460.535398][ T8387] ext4 filesystem being mounted at /3082/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1460.550193][ T6912] __quota_error: 5 callbacks suppressed [ 1460.550207][ T6912] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 1460.595365][ T8387] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.15829: iget: bad i_size value: 1407374883557376 [ 1460.618479][ T6912] EXT4-fs error (device loop4): ext4_release_dquot:6845: comm kworker/u4:16: Failed to release dquot type 1 [ 1460.885918][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1461.184123][ T8428] loop4: detected capacity change from 0 to 128 [ 1461.261727][ T8428] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1461.309325][ T8428] ext4 filesystem being mounted at /3084/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1461.469223][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1462.882008][ T8502] netlink: 12 bytes leftover after parsing attributes in process `syz.4.15878'. [ 1462.908758][ T8502] netlink: 12 bytes leftover after parsing attributes in process `syz.4.15878'. [ 1463.134959][ T27] audit: type=1326 audit(2000000339.737:3237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.0.15879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98d498f6c9 code=0x7ffc0000 [ 1463.238568][ T27] audit: type=1326 audit(2000000339.767:3238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.0.15879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98d498f6c9 code=0x7ffc0000 [ 1463.297864][ T27] audit: type=1326 audit(2000000339.767:3239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.0.15879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98d498f6c9 code=0x7ffc0000 [ 1463.357968][ T27] audit: type=1326 audit(2000000339.767:3240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.0.15879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98d498f6c9 code=0x7ffc0000 [ 1463.489951][ T27] audit: type=1326 audit(2000000339.767:3241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.0.15879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98d498f6c9 code=0x7ffc0000 [ 1463.543531][ T27] audit: type=1326 audit(2000000339.767:3242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.0.15879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f98d498f6c9 code=0x7ffc0000 [ 1465.104158][ T27] audit: type=1326 audit(2000000339.767:3243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.0.15879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f98d498f703 code=0x7ffc0000 [ 1465.199857][ T27] audit: type=1326 audit(2000000341.598:3244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.0.15879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f98d498e17f code=0x7ffc0000 [ 1465.328332][ T27] audit: type=1326 audit(2000000341.938:3245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.0.15879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f98d498f757 code=0x7ffc0000 [ 1466.110840][ T8552] netlink: 192 bytes leftover after parsing attributes in process `syz.2.15899'. [ 1466.389368][ T8558] netlink: 'syz.1.15903': attribute type 4 has an invalid length. [ 1467.565721][ T5649] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 1468.321693][ T5649] usb 5-1: Using ep0 maxpacket: 8 [ 1468.336943][ T5649] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 1468.348260][ T5649] usb 5-1: config 179 has no interface number 0 [ 1468.356784][ T5649] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 1468.372737][ T5649] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 1468.384588][ T5649] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1468.396309][ T5649] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1468.407007][ T5649] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1468.420630][ T5649] usb 5-1: config 179 interface 65 has no altsetting 0 [ 1468.427836][ T5649] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1468.437166][ T5649] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1468.460344][ T5649] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input12 [ 1468.659827][ T5647] usb 5-1: USB disconnect, device number 12 [ 1468.670579][ T5647] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1469.255094][ T4267] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 1469.514936][ T4267] usb 3-1: Using ep0 maxpacket: 8 [ 1469.534913][ T4267] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1469.553081][ T4267] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 1469.571714][ T8645] overlayfs: failed to clone upperpath [ 1469.577357][ T4267] usb 3-1: can't read configurations, error -71 [ 1470.061578][ T8667] loop4: detected capacity change from 0 to 512 [ 1470.086147][ T8667] EXT4-fs: Ignoring removed i_version option [ 1470.113542][ T8667] EXT4-fs: Ignoring removed bh option [ 1470.176362][ T8667] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1470.195537][ T8667] ext4 filesystem being mounted at /3106/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1470.554350][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 1470.554363][ T27] audit: type=1326 audit(2000000347.161:3250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.2.15961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1470.614475][ T8693] netlink: 32 bytes leftover after parsing attributes in process `syz.3.15960'. [ 1470.622102][ T27] audit: type=1326 audit(2000000347.181:3251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.2.15961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1470.657455][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1470.716466][ T27] audit: type=1326 audit(2000000347.191:3252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.2.15961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1470.759999][ T27] audit: type=1326 audit(2000000347.191:3253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.2.15961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1470.833172][ T27] audit: type=1326 audit(2000000347.191:3254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.2.15961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1470.878005][ T8699] netlink: 12 bytes leftover after parsing attributes in process `syz.3.15967'. [ 1470.891502][ T8699] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1470.900530][ T8699] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1470.909300][ T8699] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1470.918054][ T8699] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1470.953206][ T8699] netlink: 12 bytes leftover after parsing attributes in process `syz.3.15967'. [ 1471.727999][ T8726] netlink: 'syz.0.15979': attribute type 4 has an invalid length. [ 1471.746538][ T8726] netlink: 'syz.0.15979': attribute type 5 has an invalid length. [ 1471.763790][ T8726] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.15979'. [ 1475.104015][ T8772] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 1475.175687][ T8772] overlayfs: missing 'lowerdir' [ 1477.431564][ T8817] netlink: 'syz.2.16017': attribute type 2 has an invalid length. [ 1477.677924][ T8827] loop2: detected capacity change from 0 to 128 [ 1477.705246][ T8827] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1477.721187][ T8827] ext4 filesystem being mounted at /3192/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1477.952162][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1480.161519][ T8894] loop2: detected capacity change from 0 to 2048 [ 1480.198719][ T8898] netlink: 104 bytes leftover after parsing attributes in process `syz.3.16055'. [ 1480.210291][ T8894] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1480.352991][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1480.701763][ T8922] netlink: 'syz.2.16065': attribute type 4 has an invalid length. [ 1480.720751][ T8922] netlink: 'syz.2.16065': attribute type 5 has an invalid length. [ 1480.753887][ T8922] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.16065'. [ 1481.113159][ T8946] netlink: 'syz.0.16076': attribute type 10 has an invalid length. [ 1481.136048][ T8946] netlink: 40 bytes leftover after parsing attributes in process `syz.0.16076'. [ 1481.204448][ T8953] overlayfs: missing 'lowerdir' [ 1481.840789][ T8978] loop4: detected capacity change from 0 to 2048 [ 1481.913624][ T8978] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1482.016957][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1484.379163][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1484.389739][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1485.058776][ T27] audit: type=1326 audit(2000000361.678:3255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.4.16119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2e418f6c9 code=0x7fc00000 [ 1487.156933][ T9099] netlink: 'syz.4.16143': attribute type 1 has an invalid length. [ 1487.352920][ T9099] 8021q: adding VLAN 0 to HW filter on device bond9 [ 1487.946179][ T9104] bond9: (slave veth7): Enslaving as an active interface with a down link [ 1488.364561][ T9123] 9p: Unknown access argument a: -22 [ 1488.395103][ T9119] loop2: detected capacity change from 0 to 2048 [ 1488.476432][ T9119] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 1488.484117][ T9119] UDF-fs: Scanning with blocksize 512 failed [ 1488.537686][ T9119] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1488.937737][ T9137] loop2: detected capacity change from 0 to 128 [ 1488.995228][ T9137] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1489.036989][ T9137] ext4 filesystem being mounted at /3212/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1489.216810][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1489.256925][ T9149] netlink: 'syz.0.16163': attribute type 4 has an invalid length. [ 1489.275573][ T9149] netlink: 'syz.0.16163': attribute type 5 has an invalid length. [ 1489.283523][ T9149] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.16163'. [ 1490.131802][ T9159] loop4: detected capacity change from 0 to 2048 [ 1490.208162][ T9159] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 1490.230793][ T9159] UDF-fs: Scanning with blocksize 512 failed [ 1490.258802][ T9159] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1490.453101][ T9177] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16173'. [ 1490.469796][ T9173] 9pnet: Could not find request transport: f [ 1491.604734][ T9237] loop4: detected capacity change from 0 to 2048 [ 1491.649587][ T9237] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 1491.684065][ T9237] UDF-fs: Scanning with blocksize 512 failed [ 1491.722660][ T9237] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1491.767420][ T9246] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16205'. [ 1492.456240][ T9274] loop4: detected capacity change from 0 to 1764 [ 1493.071206][ T9276] netlink: 'syz.2.16217': attribute type 4 has an invalid length. [ 1493.103019][ T9276] netlink: 'syz.2.16217': attribute type 5 has an invalid length. [ 1493.131503][ T9276] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.16217'. [ 1493.274121][ T9282] 9pnet: Could not find request transport: f [ 1493.502783][ T9296] wg0: Caught tx_queue_len zero misconfig [ 1494.489247][ T9315] loop2: detected capacity change from 0 to 256 [ 1494.548381][ T9315] FAT-fs (loop2): Directory bread(block 64) failed [ 1494.576551][ T9315] FAT-fs (loop2): Directory bread(block 65) failed [ 1494.622259][ T9315] FAT-fs (loop2): Directory bread(block 66) failed [ 1494.647285][ T9315] FAT-fs (loop2): Directory bread(block 67) failed [ 1494.673104][ T9315] FAT-fs (loop2): Directory bread(block 68) failed [ 1494.692190][ T9315] FAT-fs (loop2): Directory bread(block 69) failed [ 1494.699750][ T9315] FAT-fs (loop2): Directory bread(block 70) failed [ 1494.729298][ T9315] FAT-fs (loop2): Directory bread(block 71) failed [ 1494.739483][ T9315] FAT-fs (loop2): Directory bread(block 72) failed [ 1494.759660][ T9315] FAT-fs (loop2): Directory bread(block 73) failed [ 1496.316091][ T9376] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1498.701483][ T9433] overlayfs: failed to clone upperpath [ 1499.469907][ T5173] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 1499.669764][ T5173] usb 5-1: Using ep0 maxpacket: 32 [ 1499.676486][ T5173] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1499.700164][ T5173] usb 5-1: config 0 has no interfaces? [ 1499.711319][ T5173] usb 5-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 1499.739568][ T5173] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 1499.748287][ T5173] usb 5-1: Product: syz [ 1499.753604][ T5173] usb 5-1: Manufacturer: syz [ 1499.758222][ T5173] usb 5-1: SerialNumber: syz [ 1499.784188][ T5173] usb 5-1: config 0 descriptor?? [ 1500.018092][ T5173] usb 5-1: USB disconnect, device number 13 [ 1500.495147][ T27] audit: type=1326 audit(2000000377.116:3256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9513 comm="syz.3.16319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1500.559152][ T27] audit: type=1326 audit(2000000377.116:3257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9513 comm="syz.3.16319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1500.637434][ T27] audit: type=1326 audit(2000000377.116:3258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9513 comm="syz.3.16319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1500.715068][ T27] audit: type=1326 audit(2000000377.116:3259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9513 comm="syz.3.16319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1500.825076][ T27] audit: type=1326 audit(2000000377.116:3260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9513 comm="syz.3.16319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1500.876391][ T27] audit: type=1326 audit(2000000377.116:3261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9513 comm="syz.3.16319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1500.929101][ T27] audit: type=1326 audit(2000000377.116:3262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9513 comm="syz.3.16319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1500.998162][ T27] audit: type=1326 audit(2000000377.116:3263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9513 comm="syz.3.16319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1501.067425][ T27] audit: type=1326 audit(2000000377.116:3264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9513 comm="syz.3.16319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1501.138452][ T27] audit: type=1326 audit(2000000377.116:3265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9513 comm="syz.3.16319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f2e5778f6c9 code=0x7ffc0000 [ 1501.421274][ T9543] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16333'. [ 1501.457164][ T9546] binder: 9544:9546 ioctl c0306201 0 returned -14 [ 1501.617358][ T9553] netlink: 12 bytes leftover after parsing attributes in process `syz.4.16337'. [ 1504.900244][ T9680] netlink: 36 bytes leftover after parsing attributes in process `syz.1.16391'. [ 1505.000703][ T9682] netlink: 20 bytes leftover after parsing attributes in process `syz.3.16395'. [ 1505.166321][ T9692] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16403'. [ 1507.825995][ T9775] 9pnet_fd: Insufficient options for proto=fd [ 1507.846995][ T27] kauditd_printk_skb: 106 callbacks suppressed [ 1507.847008][ T27] audit: type=1326 audit(2000000384.479:3372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9771 comm="syz.2.16435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1507.903890][ T27] audit: type=1326 audit(2000000384.519:3373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9771 comm="syz.2.16435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1507.973938][ T27] audit: type=1326 audit(2000000384.519:3374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9771 comm="syz.2.16435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1508.038521][ T27] audit: type=1326 audit(2000000384.519:3375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9771 comm="syz.2.16435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1508.063514][ T9784] netlink: 12 bytes leftover after parsing attributes in process `syz.0.16440'. [ 1508.095629][ T27] audit: type=1326 audit(2000000384.519:3376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9771 comm="syz.2.16435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1508.175494][ T27] audit: type=1326 audit(2000000384.519:3377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9771 comm="syz.2.16435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1508.235483][ T27] audit: type=1326 audit(2000000384.519:3378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9771 comm="syz.2.16435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1508.285867][ T27] audit: type=1326 audit(2000000384.519:3379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9771 comm="syz.2.16435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1508.309750][ T27] audit: type=1326 audit(2000000384.519:3380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9771 comm="syz.2.16435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1508.400464][ T27] audit: type=1326 audit(2000000384.519:3381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9771 comm="syz.2.16435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f7ebc58f6c9 code=0x7ffc0000 [ 1509.469850][ T9801] loop2: detected capacity change from 0 to 512 [ 1509.538355][ T9801] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.16446: inode has both inline data and extents flags [ 1509.599527][ T9801] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.16446: couldn't read orphan inode 15 (err -117) [ 1509.622608][ T9801] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1509.817401][ T4276] EXT4-fs (loop2): unmounting filesystem. [ 1510.771644][ T9841] netlink: 16 bytes leftover after parsing attributes in process `syz.3.16466'. [ 1510.795037][ T9843] netlink: 20 bytes leftover after parsing attributes in process `syz.0.16465'. [ 1512.073635][ T14] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 1512.219745][ T9893] loop4: detected capacity change from 0 to 512 [ 1512.235129][ T9896] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16490'. [ 1512.273323][ T14] usb 3-1: Using ep0 maxpacket: 32 [ 1512.280769][ T14] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1512.298012][ T9893] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1512.328032][ T14] usb 3-1: config 0 has no interfaces? [ 1512.343477][ T9893] ext4 filesystem being mounted at /3207/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1512.365485][ T14] usb 3-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 1512.423303][ T14] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 1512.431517][ T14] usb 3-1: Product: syz [ 1512.473750][ T14] usb 3-1: Manufacturer: syz [ 1512.488635][ T14] usb 3-1: SerialNumber: syz [ 1512.520100][ T14] usb 3-1: config 0 descriptor?? [ 1512.531468][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 1512.738628][ T14] usb 3-1: USB disconnect, device number 19 [ 1513.278020][ T9931] netlink: 16 bytes leftover after parsing attributes in process `syz.0.16515'. [ 1513.951384][ T9952] x_tables: ip6_tables: mh match: only valid for protocol 135 [ 1514.057960][ T9956] netlink: 16 bytes leftover after parsing attributes in process `syz.1.16518'. [ 1516.458659][T10026] netlink: 12 bytes leftover after parsing attributes in process `syz.0.16548'. [ 1516.938629][T10040] netlink: 40 bytes leftover after parsing attributes in process `syz.0.16554'. [ 1517.497594][T10050] netlink: 20 bytes leftover after parsing attributes in process `syz.1.16558'. [ 1518.943018][T10073] netlink: 40 bytes leftover after parsing attributes in process `syz.4.16570'. [ 1519.452583][T10087] loop2: detected capacity change from 0 to 2048 [ 1519.516800][T10087] Alternate GPT is invalid, using primary GPT. [ 1519.524206][T10087] loop2: p2 p3 p7 [ 1519.922055][T28027] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1519.932507][T28027] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1519.946643][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1520.617862][T10109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16584'. [ 1520.930397][T10104] syz.4.16582 (10104): drop_caches: 2 [ 1521.429608][T10141] netlink: 192 bytes leftover after parsing attributes in process `syz.1.16600'. [ 1523.489935][T10188] hfsplus: unable to find HFS+ superblock [ 1524.485309][T10208] netlink: 96 bytes leftover after parsing attributes in process `syz.4.16631'. [ 1526.529920][T10246] netlink: 268 bytes leftover after parsing attributes in process `syz.0.16645'. [ 1528.655327][ T9275] ------------[ cut here ]------------ [ 1528.661264][ T9275] intf 08:02:11:00:00:01 [link=0]: bad STA 08:02:11:00:00:00 bandwidth 20 MHz (0) > channel config 1 MHz (8) [ 1528.716323][ T9275] WARNING: CPU: 0 PID: 9275 at drivers/net/wireless/mac80211_hwsim.c:2438 mac80211_hwsim_sta_rc_update+0x541/0x6e0 [ 1528.728797][ T9275] Modules linked in: [ 1528.732730][ T9275] CPU: 0 PID: 9275 Comm: kworker/u4:4 Not tainted syzkaller #0 [ 1528.740537][ T9275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1528.750746][ T9275] Workqueue: phy9 ieee80211_iface_work [ 1528.756469][ T9275] RIP: 0010:mac80211_hwsim_sta_rc_update+0x541/0x6e0 [ 1528.763183][ T9275] Code: e8 c4 0c 00 00 48 c7 c7 60 a3 27 8b 48 8b 74 24 28 89 ea 48 8b 4c 24 10 41 89 d8 45 89 e1 41 57 50 e8 13 d8 60 fb 48 83 c4 10 <0f> 0b e9 8b fe ff ff e8 23 b3 94 fb 0f 0b e9 7f fe ff ff e8 17 b3 [ 1528.782947][ T9275] RSP: 0018:ffffc9000918f638 EFLAGS: 00010282 [ 1528.789100][ T9275] RAX: 381b9e8e10df0e00 RBX: 0000000000000014 RCX: ffff88802c4d5940 [ 1528.797149][ T9275] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002 [ 1528.805179][ T9275] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff52001231e55 [ 1528.813259][ T9275] R10: fffff52001231e55 R11: 1ffff92001231e54 R12: 0000000000000000 [ 1528.821357][ T9275] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000008 [ 1528.829402][ T9275] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 1528.838400][ T9275] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1528.845048][ T9275] CR2: 0000001b2f519ff8 CR3: 00000000258a0000 CR4: 00000000003506f0 [ 1528.853047][ T9275] Call Trace: [ 1528.856388][ T9275] [ 1528.859354][ T9275] ? mac80211_hwsim_sta_rc_update+0x53/0x6e0 [ 1528.865406][ T9275] mac80211_hwsim_sta_add+0x92/0x280 [ 1528.870714][ T9275] ? mac80211_hwsim_sw_scan_complete+0xd0/0xd0 [ 1528.876943][ T9275] drv_sta_state+0x62a/0x1280 [ 1528.881663][ T9275] sta_info_insert_rcu+0xc1e/0x1550 [ 1528.886947][ T9275] ? sta_info_insert_rcu+0x1b0/0x1550 [ 1528.892368][ T9275] ieee80211_ibss_finish_sta+0x27f/0x350 [ 1528.898074][ T9275] ? ieee80211_ibss_work+0x10b0/0x10b0 [ 1528.903565][ T9275] ieee80211_ibss_rx_queued_mgmt+0x1432/0x2b10 [ 1528.909803][ T9275] ? ieee80211_ibss_rx_queued_mgmt+0xdad/0x2b10 [ 1528.916113][ T9275] ? ieee80211_ibss_rx_no_sta+0x770/0x770 [ 1528.921860][ T9275] ? mark_lock+0x94/0x320 [ 1528.926285][ T9275] ? mark_lock+0x94/0x320 [ 1528.930641][ T9275] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 1528.936704][ T9275] ? lock_chain_count+0x20/0x20 [ 1528.941577][ T9275] ? __rwlock_init+0x140/0x140 [ 1528.946434][ T9275] ? lockdep_hardirqs_on+0x94/0x140 [ 1528.951665][ T9275] ? skb_dequeue+0x10a/0x140 [ 1528.956352][ T9275] ieee80211_iface_work+0x726/0xc80 [ 1528.961585][ T9275] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1528.966966][ T9275] ? process_one_work+0x7a1/0x1160 [ 1528.972108][ T9275] process_one_work+0x898/0x1160 [ 1528.977143][ T9275] ? worker_detach_from_pool+0x240/0x240 [ 1528.982815][ T9275] ? _raw_spin_lock_irq+0xab/0xe0 [ 1528.987934][ T9275] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 1528.993348][ T9275] ? kthread_data+0x4b/0xc0 [ 1528.997950][ T9275] worker_thread+0xaa2/0x1250 [ 1529.002680][ T9275] ? _raw_spin_unlock_irqrestore+0xa5/0x100 [ 1529.008675][ T9275] ? __kthread_parkme+0x162/0x1c0 [ 1529.013735][ T9275] kthread+0x29d/0x330 [ 1529.017894][ T9275] ? worker_clr_flags+0x1a0/0x1a0 [ 1529.022943][ T9275] ? kthread_blkcg+0xd0/0xd0 [ 1529.027599][ T9275] ret_from_fork+0x1f/0x30 [ 1529.032050][ T9275] [ 1529.035149][ T9275] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1529.042447][ T9275] CPU: 0 PID: 9275 Comm: kworker/u4:4 Not tainted syzkaller #0 [ 1529.049993][ T9275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1529.060037][ T9275] Workqueue: phy9 ieee80211_iface_work [ 1529.065492][ T9275] Call Trace: [ 1529.068753][ T9275] [ 1529.071705][ T9275] dump_stack_lvl+0x168/0x22e [ 1529.076371][ T9275] ? memcpy+0x3c/0x60 [ 1529.080343][ T9275] ? show_regs_print_info+0x12/0x12 [ 1529.085527][ T9275] ? load_image+0x3b0/0x3b0 [ 1529.090030][ T9275] panic+0x2c9/0x710 [ 1529.093924][ T9275] ? bpf_jit_dump+0xd0/0xd0 [ 1529.098425][ T9275] ? ret_from_fork+0x1f/0x30 [ 1529.103011][ T9275] __warn+0x2f8/0x4f0 [ 1529.106976][ T9275] ? mac80211_hwsim_sta_rc_update+0x541/0x6e0 [ 1529.113030][ T9275] ? mac80211_hwsim_sta_rc_update+0x541/0x6e0 [ 1529.119081][ T9275] report_bug+0x2ba/0x4f0 [ 1529.123396][ T9275] ? mac80211_hwsim_sta_rc_update+0x541/0x6e0 [ 1529.129450][ T9275] handle_bug+0x3a/0x70 [ 1529.133592][ T9275] exc_invalid_op+0x16/0x40 [ 1529.138078][ T9275] asm_exc_invalid_op+0x16/0x20 [ 1529.142912][ T9275] RIP: 0010:mac80211_hwsim_sta_rc_update+0x541/0x6e0 [ 1529.149577][ T9275] Code: e8 c4 0c 00 00 48 c7 c7 60 a3 27 8b 48 8b 74 24 28 89 ea 48 8b 4c 24 10 41 89 d8 45 89 e1 41 57 50 e8 13 d8 60 fb 48 83 c4 10 <0f> 0b e9 8b fe ff ff e8 23 b3 94 fb 0f 0b e9 7f fe ff ff e8 17 b3 [ 1529.169169][ T9275] RSP: 0018:ffffc9000918f638 EFLAGS: 00010282 [ 1529.175226][ T9275] RAX: 381b9e8e10df0e00 RBX: 0000000000000014 RCX: ffff88802c4d5940 [ 1529.183186][ T9275] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002 [ 1529.191141][ T9275] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff52001231e55 [ 1529.199099][ T9275] R10: fffff52001231e55 R11: 1ffff92001231e54 R12: 0000000000000000 [ 1529.207054][ T9275] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000008 [ 1529.215026][ T9275] ? mac80211_hwsim_sta_rc_update+0x53/0x6e0 [ 1529.220998][ T9275] mac80211_hwsim_sta_add+0x92/0x280 [ 1529.226268][ T9275] ? mac80211_hwsim_sw_scan_complete+0xd0/0xd0 [ 1529.232408][ T9275] drv_sta_state+0x62a/0x1280 [ 1529.237079][ T9275] sta_info_insert_rcu+0xc1e/0x1550 [ 1529.242267][ T9275] ? sta_info_insert_rcu+0x1b0/0x1550 [ 1529.247667][ T9275] ieee80211_ibss_finish_sta+0x27f/0x350 [ 1529.253291][ T9275] ? ieee80211_ibss_work+0x10b0/0x10b0 [ 1529.258747][ T9275] ieee80211_ibss_rx_queued_mgmt+0x1432/0x2b10 [ 1529.264900][ T9275] ? ieee80211_ibss_rx_queued_mgmt+0xdad/0x2b10 [ 1529.271134][ T9275] ? ieee80211_ibss_rx_no_sta+0x770/0x770 [ 1529.276841][ T9275] ? mark_lock+0x94/0x320 [ 1529.281168][ T9275] ? mark_lock+0x94/0x320 [ 1529.285486][ T9275] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 1529.291453][ T9275] ? lock_chain_count+0x20/0x20 [ 1529.296289][ T9275] ? __rwlock_init+0x140/0x140 [ 1529.301044][ T9275] ? lockdep_hardirqs_on+0x94/0x140 [ 1529.306232][ T9275] ? skb_dequeue+0x10a/0x140 [ 1529.310819][ T9275] ieee80211_iface_work+0x726/0xc80 [ 1529.316006][ T9275] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1529.321191][ T9275] ? process_one_work+0x7a1/0x1160 [ 1529.326290][ T9275] process_one_work+0x898/0x1160 [ 1529.331222][ T9275] ? worker_detach_from_pool+0x240/0x240 [ 1529.336840][ T9275] ? _raw_spin_lock_irq+0xab/0xe0 [ 1529.341853][ T9275] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 1529.347212][ T9275] ? kthread_data+0x4b/0xc0 [ 1529.351707][ T9275] worker_thread+0xaa2/0x1250 [ 1529.356375][ T9275] ? _raw_spin_unlock_irqrestore+0xa5/0x100 [ 1529.362261][ T9275] ? __kthread_parkme+0x162/0x1c0 [ 1529.367275][ T9275] kthread+0x29d/0x330 [ 1529.371504][ T9275] ? worker_clr_flags+0x1a0/0x1a0 [ 1529.376511][ T9275] ? kthread_blkcg+0xd0/0xd0 [ 1529.381096][ T9275] ret_from_fork+0x1f/0x30 [ 1529.385507][ T9275] [ 1529.388747][ T9275] Kernel Offset: disabled [ 1529.393181][ T9275] Rebooting in 86400 seconds..