last executing test programs: 6m35.537322828s ago: executing program 3 (id=4113): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = fsopen(&(0x7f0000000140)='ext3\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000000240)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0) 6m35.439093918s ago: executing program 3 (id=4117): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e24, 0x4, @private2, 0x2}, 0x1c) 6m35.353105557s ago: executing program 3 (id=4120): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) symlink(&(0x7f0000000080)='.\x00', 0x0) 6m35.294516472s ago: executing program 3 (id=4123): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) 6m35.237487918s ago: executing program 3 (id=4124): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) 6m34.322980741s ago: executing program 3 (id=4155): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_buf(r2, 0x6, 0x23, &(0x7f0000000080)=""/24, &(0x7f0000000000)=0x18) 6m19.194556267s ago: executing program 32 (id=4155): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_buf(r2, 0x6, 0x23, &(0x7f0000000080)=""/24, &(0x7f0000000000)=0x18) 1m19.016778092s ago: executing program 4 (id=9236): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001"], 0x13c}}, 0x20040880) 1m18.820406722s ago: executing program 4 (id=9241): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000100)={0x0, 0x0}, 0x10) 1m18.793226165s ago: executing program 4 (id=9243): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x7fffffffffffffff}) 1m17.880373637s ago: executing program 4 (id=9256): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) signalfd4(0xffffffffffffffff, &(0x7f0000002140)={[0xfffffffffffffff5]}, 0x8, 0x0) 1m17.727773152s ago: executing program 4 (id=9260): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x200000, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='proc\x00', 0x0, 0x0) setpgid(0x0, r0) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) 1m17.588795376s ago: executing program 4 (id=9265): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r3, 0x1, 0x2a, &(0x7f00000001c0)=0xe, 0x4) 1m2.274867659s ago: executing program 33 (id=9265): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r3, 0x1, 0x2a, &(0x7f00000001c0)=0xe, 0x4) 3.954159882s ago: executing program 2 (id=10528): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r3, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) 3.807849216s ago: executing program 2 (id=10533): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, 0x0, 0x0) 3.761041541s ago: executing program 2 (id=10536): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0xfcee) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000640)=0x1) pwritev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="80", 0x1}], 0x1, 0x9, 0x0) 3.586579829s ago: executing program 2 (id=10543): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) readlinkat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000240)={[{@noblock_validity}, {}, {@sysvgroups}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@grpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) lgetxattr(&(0x7f0000000a00)='./file0\x00', &(0x7f0000000a40)=@known='trusted.overlay.upper\x00', 0x0, 0x0) 3.160052692s ago: executing program 2 (id=10555): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) 2.136287855s ago: executing program 0 (id=10561): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x15) 2.043660164s ago: executing program 2 (id=10563): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x30d4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 1.579979921s ago: executing program 0 (id=10578): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e21, 0xc63c, @dev={0xfe, 0x80, '\x00', 0x28}, 0x3}, 0x1c) 1.473497631s ago: executing program 0 (id=10584): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2) ftruncate(r2, 0x80079a0) prlimit64(0x0, 0x7, &(0x7f0000000180)={0x1, 0x8}, 0x0) syz_io_uring_setup(0x3b48, &(0x7f0000000000)={0x0, 0xc5fa, 0x1, 0x1, 0xc3}, 0x0, 0x0) sendfile(r2, r2, 0x0, 0x7e78a6f1) 1.248289524s ago: executing program 1 (id=10589): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x800000000ff, 0x0) 1.021302167s ago: executing program 1 (id=10602): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000000)={0x24, 0x11, 0x1, 0x0, 0x25dfdbff, "", [@nested={0x14, 0x0, 0x0, 0x0, [@typed={0xd, 0x0, 0x0, 0x0, @binary="56ccabf869c2d60338"}]}]}, 0x24}], 0x1, 0x0, 0x0, 0xc010}, 0x40080) 954.383444ms ago: executing program 6 (id=10595): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) timer_create(0x7, &(0x7f0000000040)={0x0, 0xc, 0x1, @thr={0x0, 0x0}}, &(0x7f00000001c0)=0x0) timer_settime(r4, 0x0, &(0x7f0000000240)={{}, {0x0, 0x989680}}, &(0x7f0000000280)) 889.26123ms ago: executing program 1 (id=10596): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x12, r2, 0x2000) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r3 = socket(0x8000000010, 0x2, 0x0) write(r3, &(0x7f00000002c0)="fc00", 0x2) 836.378025ms ago: executing program 6 (id=10597): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) futex(&(0x7f0000000000)=0x2, 0x8, 0x1, 0x0, 0x0, 0x2) 836.139925ms ago: executing program 5 (id=10598): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r3, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) 792.76691ms ago: executing program 1 (id=10599): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) 792.34244ms ago: executing program 6 (id=10600): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) write(r2, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac) 768.292432ms ago: executing program 5 (id=10601): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000080)={'veth0_vlan\x00', &(0x7f0000000040)=@ethtool_sfeatures={0x3b, 0x2, [{0x9, 0xfff}, {0xd8, 0x8}]}}) 672.314902ms ago: executing program 6 (id=10603): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000100), 0x1, 0x44) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r3, 0x107, 0x11, &(0x7f0000000140)=0x5, 0x4) 672.089542ms ago: executing program 1 (id=10604): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x15) 613.589248ms ago: executing program 5 (id=10605): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = dup(r0) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4004}, 0x10000) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r3, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 613.278618ms ago: executing program 6 (id=10606): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) fchdir(r3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) 172.992953ms ago: executing program 0 (id=10607): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet_icmp(0x2, 0x2, 0x1) sendmmsg$inet(r3, &(0x7f00000053c0)=[{{&(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)='\b\x00\x00\x00(\x00\x00\x00', 0x8}], 0x1}}], 0x1, 0x4800) recvfrom(r3, 0x0, 0x0, 0x40000040, 0x0, 0x0) 172.773553ms ago: executing program 1 (id=10608): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000040)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000080)={r5, 0x8001}, &(0x7f00000000c0)=0x8) 172.622473ms ago: executing program 5 (id=10609): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) clock_settime(0x0, &(0x7f0000000000)={0x77359400}) 172.272722ms ago: executing program 6 (id=10610): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) r4 = socket(0x10, 0x2, 0x0) sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=@ipv4_newrule={0x54, 0x20, 0x1, 0x0, 0x0, {0x2, 0x0, 0x20, 0x0, 0x3}, [@FRA_GENERIC_POLICY=@FRA_OIFNAME={0x14, 0x11, 'veth0_macvtap\x00'}, @FRA_SRC={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, @FRA_GENERIC_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e20, 0x4e24}}, @FRA_GENERIC_POLICY=@FRA_IIFNAME={0x14, 0x3, 'wg0\x00'}]}, 0x54}}, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x40, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IE={0x11, 0x2a, [@random={0xdd, 0xb, 'abcdefghijk'}]}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x40}}, 0x0) nanosleep(&(0x7f0000000080)={0x0, 0x4c4b40}, &(0x7f00000000c0)) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000100)=ANY=[@ANYBLOB="5000000008021100000108021100000008021100000000000000000091f75d64ac5259b4d1646e1105e0fb000000006400010000060202020202fadfec1c7a4dff7e46d2f20789c59d02010882848b960c12"], 0x36) 98.77268ms ago: executing program 5 (id=10611): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) keyctl$clear(0x7, r4) 84.416051ms ago: executing program 0 (id=10612): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6(0xa, 0x3, 0x87) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000300)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2, 0x0, 0x2, 0x4e21, 0x0, 0xa}, {0x0, 0x0, 0x8000000}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x2000000, 0x33}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x0, 0x3, 0x3}}, 0xe8) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r3, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc) connect$inet6(r2, &(0x7f00000000c0), 0x1c) 346.53µs ago: executing program 5 (id=10613): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc) setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f"], 0x57) 0s ago: executing program 0 (id=10614): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6(0xa, 0x3, 0x2f) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000140)={{{@in=@empty, @in6=@loopback, 0x0, 0x0, 0x4, 0x0, 0x2}, {0x0, 0x7ff, 0x913d, 0x0, 0x6, 0xf42, 0x7}, {0x0, 0x0, 0x0, 0xfffefffffffffffe}, 0x0, 0x0, 0x1, 0x0, 0x4, 0x2}, {{@in6=@loopback, 0x0, 0x33}, 0x0, @in6=@empty, 0xfffffffd, 0x0, 0x2, 0x4, 0x0, 0x0, 0x1}}, 0xe8) kernel console output (not intermixed with test programs): ="syz.2.5325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 420.980713][ T26] audit: type=1326 audit(2000000101.467:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16537 comm="syz.2.5325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 421.034421][T16553] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5331'. [ 421.058846][ T26] audit: type=1326 audit(2000000101.467:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16537 comm="syz.2.5325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 421.184809][ T5192] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 421.356234][T16565] netlink: 'syz.0.5335': attribute type 13 has an invalid length. [ 421.586165][T16581] loop2: detected capacity change from 0 to 128 [ 421.597356][ T5192] usb 5-1: unable to get BOS descriptor or descriptor too short [ 421.624504][T16581] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 421.646372][T16581] ext4 filesystem being mounted at /997/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 422.659710][ T5192] usb 5-1: not running at top speed; connect to a high speed hub [ 422.754919][ T5192] usb 5-1: config 1 has an invalid interface number: 138 but max is 0 [ 422.811275][ T5192] usb 5-1: config 1 has no interface number 0 [ 422.831914][ T5192] usb 5-1: config 1 interface 138 has no altsetting 0 [ 422.994842][ T5192] usb 5-1: New USB device found, idVendor=0cb8, idProduct=c90b, bcdDevice= d.ae [ 423.013199][ T5192] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 423.027789][ T5192] usb 5-1: Product: syz [ 423.034464][ T5192] usb 5-1: Manufacturer: syz [ 423.072736][ T5192] usb 5-1: SerialNumber: syz [ 423.140967][T16626] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5360'. [ 424.413238][ T26] audit: type=1326 audit(2000000105.088:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 424.501232][ T5192] usb 5-1: USB disconnect, device number 7 [ 424.530049][ T26] audit: type=1326 audit(2000000105.088:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 424.553918][T16656] netlink: 580 bytes leftover after parsing attributes in process `syz.1.5371'. [ 424.572544][T16638] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5363'. [ 424.647451][ T26] audit: type=1326 audit(2000000105.088:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 424.688736][ T26] audit: type=1326 audit(2000000105.088:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 424.707072][T16663] netlink: 100 bytes leftover after parsing attributes in process `syz.4.5376'. [ 424.724690][ T4289] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 424.731709][ T26] audit: type=1326 audit(2000000105.098:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.5368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 424.805581][T16299] udevd[16299]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.138/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 426.032499][ T4289] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 426.042917][ T4289] usb 1-1: config 220 has 1 interface, different from the descriptor's value: 3 [ 426.052041][ T4289] usb 1-1: config 220 interface 0 has no altsetting 0 [ 426.214737][ T4289] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 426.227069][T16700] netlink: 68 bytes leftover after parsing attributes in process `syz.5.5392'. [ 426.239088][ T4289] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 426.254238][ T4289] usb 1-1: Product: syz [ 426.274870][ T4289] usb 1-1: Manufacturer: syz [ 426.279514][ T4289] usb 1-1: SerialNumber: syz [ 426.744671][ T4289] usb 1-1: Found UVC 0.00 device syz (8086:0b07) [ 426.753698][ T4289] usb 1-1: No valid video chain found. [ 426.791229][ T4289] usb 1-1: USB disconnect, device number 5 [ 426.936269][T16744] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5414'. [ 427.927130][T16757] binder: 16755:16757 ioctl c0306201 0 returned -14 [ 428.205734][T16776] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5427'. [ 428.392701][T16790] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5435'. [ 430.599164][T16839] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5454'. [ 432.553511][T16925] netlink: 100 bytes leftover after parsing attributes in process `syz.1.5495'. [ 433.595143][T16992] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5524'. [ 433.610858][T16992] device bridge_slave_1 left promiscuous mode [ 433.622713][T16992] bridge0: port 2(bridge_slave_1) entered disabled state [ 433.673529][T16992] device bridge_slave_0 left promiscuous mode [ 433.684380][T16992] bridge0: port 1(bridge_slave_0) entered disabled state [ 435.236743][T17012] devtmpfs: Unknown parameter 'usrquota_inode_hardlimit' [ 435.323504][T17022] xt_CT: You must specify a L4 protocol and not use inversions on it [ 435.848949][T17059] binder: 17056:17059 ioctl c0306201 0 returned -14 [ 436.168530][T17083] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5563'. [ 436.449709][T17105] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5575'. [ 437.702038][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 437.702051][ T26] audit: type=1326 audit(2000000118.378:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17180 comm="syz.0.5613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 437.730679][ C0] vkms_vblank_simulate: vblank timer overrun [ 437.805874][ T26] audit: type=1326 audit(2000000118.428:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17180 comm="syz.0.5613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 437.828256][ C0] vkms_vblank_simulate: vblank timer overrun [ 437.896652][ T26] audit: type=1326 audit(2000000118.428:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17180 comm="syz.0.5613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 437.955903][ T26] audit: type=1326 audit(2000000118.428:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17180 comm="syz.0.5613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 437.978290][ C0] vkms_vblank_simulate: vblank timer overrun [ 438.003555][ T26] audit: type=1326 audit(2000000118.428:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17180 comm="syz.0.5613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 438.029175][ T26] audit: type=1326 audit(2000000118.428:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17180 comm="syz.0.5613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 438.093089][ T26] audit: type=1326 audit(2000000118.428:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17180 comm="syz.0.5613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 438.115500][ C0] vkms_vblank_simulate: vblank timer overrun [ 439.179512][ T26] audit: type=1326 audit(2000000118.428:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17180 comm="syz.0.5613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 439.426334][ T26] audit: type=1326 audit(2000000118.428:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17180 comm="syz.0.5613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 439.448686][ C0] vkms_vblank_simulate: vblank timer overrun [ 439.528018][ T26] audit: type=1326 audit(2000000118.428:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17180 comm="syz.0.5613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 439.589565][T17220] loop5: detected capacity change from 0 to 512 [ 439.725016][T17220] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 439.812781][T17220] ext4 filesystem being mounted at /221/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 439.922652][T17220] EXT4-fs error (device loop5): ext4_do_update_inode:5218: inode #2: comm syz.5.5627: corrupted inode contents [ 439.957913][T17236] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5633'. [ 439.976352][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.987117][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.007926][T17220] EXT4-fs error (device loop5): ext4_dirty_inode:6054: inode #2: comm syz.5.5627: mark_inode_dirty error [ 440.034859][T17220] EXT4-fs error (device loop5): ext4_do_update_inode:5218: inode #2: comm syz.5.5627: corrupted inode contents [ 440.074620][T17220] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #2: comm syz.5.5627: mark_inode_dirty error [ 440.127431][T17236] team0 (unregistering): Port device team_slave_0 removed [ 440.187458][T17236] team0 (unregistering): Port device team_slave_1 removed [ 440.748571][T17251] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5649'. [ 443.975961][T17323] netlink: 'syz.2.5672': attribute type 11 has an invalid length. [ 443.999410][T17323] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.5672'. [ 444.102475][T17337] netlink: 96 bytes leftover after parsing attributes in process `syz.1.5675'. [ 444.372617][T17342] loop4: detected capacity change from 0 to 32768 [ 444.443358][T17342] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.5680 (17342) [ 444.479601][T17342] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 444.491221][T17342] BTRFS info (device loop4): using free space tree [ 444.497902][T17342] BTRFS info (device loop4): has skinny extents [ 444.580764][T17356] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5687'. [ 444.726776][T17356] team0 (unregistering): Port device team_slave_0 removed [ 444.745747][T17356] team0 (unregistering): Port device team_slave_1 removed [ 444.787094][T17342] BTRFS info (device loop4): enabling ssd optimizations [ 444.886638][T17356] team0 (unregistering): Port device bridge0 removed [ 445.294258][T17376] netlink: 'syz.0.5689': attribute type 11 has an invalid length. [ 445.302106][T17376] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.5689'. [ 445.367580][T17380] netlink: 140 bytes leftover after parsing attributes in process `syz.5.5690'. [ 446.269572][T17401] netlink: 72 bytes leftover after parsing attributes in process `syz.0.5698'. [ 447.207394][T17422] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5705'. [ 447.385908][T17422] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5705'. [ 447.576986][T17432] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 447.917088][T17450] binder: Unknown parameter 'fscontext?' [ 448.579369][T17491] lo: Caught tx_queue_len zero misconfig [ 449.335238][T17512] ipt_CLUSTERIP: Please specify destination IP [ 450.886740][T17552] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5778'. [ 450.938254][T17555] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5778'. [ 453.391610][T17583] netlink: 165 bytes leftover after parsing attributes in process `syz.0.5780'. [ 454.184062][T17614] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5794'. [ 454.261901][T17615] loop0: detected capacity change from 0 to 16 [ 454.362099][T17615] erofs: (device loop0): mounted with root inode @ nid 36. [ 454.790394][T17648] netlink: 92 bytes leftover after parsing attributes in process `syz.2.5809'. [ 454.839821][T17653] netlink: 'syz.1.5813': attribute type 4 has an invalid length. [ 454.860657][T17653] netlink: 17 bytes leftover after parsing attributes in process `syz.1.5813'. [ 455.041879][T17656] overlayfs: unrecognized mount option "/" or missing value [ 455.351786][T17685] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5829'. [ 455.506761][ T26] kauditd_printk_skb: 14 callbacks suppressed [ 455.506775][ T26] audit: type=1326 audit(2000000136.189:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17692 comm="syz.0.5832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 455.610261][ T26] audit: type=1326 audit(2000000136.229:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17692 comm="syz.0.5832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 455.701171][ T26] audit: type=1326 audit(2000000136.229:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17692 comm="syz.0.5832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 455.805673][ T26] audit: type=1326 audit(2000000136.229:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17692 comm="syz.0.5832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 455.906098][T17718] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5843'. [ 455.921263][ T26] audit: type=1326 audit(2000000136.229:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17692 comm="syz.0.5832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 455.961539][T17723] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5843'. [ 455.994136][ T26] audit: type=1326 audit(2000000136.229:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17692 comm="syz.0.5832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 456.094760][ T26] audit: type=1326 audit(2000000136.229:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17692 comm="syz.0.5832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 456.515710][T17755] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5859'. [ 456.521629][T17759] netlink: 'syz.1.5861': attribute type 16 has an invalid length. [ 456.533429][T17759] netlink: 64130 bytes leftover after parsing attributes in process `syz.1.5861'. [ 456.602417][T17765] netlink: 'syz.0.5864': attribute type 4 has an invalid length. [ 456.725203][ T26] audit: type=1326 audit(2000000137.409:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17775 comm="syz.5.5868" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x0 [ 457.061191][T17798] loop2: detected capacity change from 0 to 512 [ 457.107766][T17800] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5882'. [ 457.127168][T17800] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5882'. [ 457.154198][T17798] EXT4-fs (loop2): Mount option "nodioread_nolock" incompatible with ext2 [ 457.532205][T17820] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5898'. [ 457.561865][T17820] netlink: 67 bytes leftover after parsing attributes in process `syz.0.5898'. [ 457.666224][T17825] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5891'. [ 458.863627][T17856] tipc: Enabling of bearer rejected, failed to enable media [ 459.930183][T17874] overlayfs: failed to clone upperpath [ 460.164218][T17886] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5917'. [ 461.756409][T17934] __nla_validate_parse: 1 callbacks suppressed [ 461.756425][T17934] netlink: 128 bytes leftover after parsing attributes in process `syz.5.5941'. [ 461.842683][T17934] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5941'. [ 461.872539][T17934] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5941'. [ 462.439010][T17947] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5946'. [ 462.965174][T17953] 9pnet: Insufficient options for proto=fd [ 463.000984][T17954] loop5: detected capacity change from 0 to 7 [ 463.038427][T17954] Dev loop5: unable to read RDB block 7 [ 463.054177][T17954] loop5: unable to read partition table [ 463.060384][T17954] loop5: partition table beyond EOD, truncated [ 463.108565][T17954] loop_reread_partitions: partition scan of loop5 () failed (rc=-5) [ 465.052419][ T26] audit: type=1326 audit(2000000145.730:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17999 comm="syz.1.5968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7fc00000 [ 465.125110][T18005] Invalid ELF header magic: != ELF [ 465.730936][T18052] netlink: 128 bytes leftover after parsing attributes in process `syz.4.5987'. [ 465.768500][T18052] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5987'. [ 465.789773][T18052] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5987'. [ 465.842627][T18059] loop0: detected capacity change from 0 to 256 [ 465.926681][T18068] netlink: 72 bytes leftover after parsing attributes in process `syz.5.5994'. [ 466.174309][ T5193] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 466.191051][T18087] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6005'. [ 466.205227][T18088] netlink: 'syz.1.6004': attribute type 28 has an invalid length. [ 466.422321][ T5193] usb 5-1: Using ep0 maxpacket: 8 [ 466.548108][T18104] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6012'. [ 466.557275][ T5193] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 466.591113][ T5193] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 466.653925][T18104] team0 (unregistering): Port device team_slave_0 removed [ 466.675019][ T5193] pvrusb2: Hardware description: Terratec Grabster AV400 [ 466.687030][ T5193] pvrusb2: ********** [ 466.691304][ T5193] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 466.749251][ T5193] pvrusb2: Important functionality might not be entirely working. [ 466.770428][ T5193] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 466.780342][T18110] netlink: 80 bytes leftover after parsing attributes in process `syz.0.6015'. [ 466.791089][ T5193] pvrusb2: ********** [ 466.832883][T18104] team0 (unregistering): Port device team_slave_1 removed [ 466.895836][ T2421] pvrusb2: Invalid write control endpoint [ 467.004555][ T2421] pvrusb2: Invalid write control endpoint [ 467.010731][ T2421] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 467.051215][ T2421] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 467.074484][ T2421] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 467.111508][ T2421] pvrusb2: Device being rendered inoperable [ 467.126268][ T23] usb 5-1: USB disconnect, device number 8 [ 467.136591][ T2421] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 467.145645][ T2421] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 467.178958][ T2421] pvrusb2: Attached sub-driver cx25840 [ 467.203452][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 467.224034][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 467.652262][ T5193] Bluetooth: hci5: command 0x0406 tx timeout [ 467.915181][T18143] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6028'. [ 468.371509][T18162] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6038'. [ 471.417646][T18256] loop2: detected capacity change from 0 to 128 [ 471.463685][T18256] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 471.510568][T18256] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 471.566154][T18266] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6070'. [ 472.126104][ T26] audit: type=1326 audit(2000000152.810:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18309 comm="syz.5.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 472.204347][ T26] audit: type=1326 audit(2000000152.850:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18309 comm="syz.5.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f96f147717f code=0x7ffc0000 [ 472.227323][T18315] 9pnet: p9_errstr2errno: server reported unknown error 1844674 [ 472.295350][ T26] audit: type=1326 audit(2000000152.850:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18309 comm="syz.5.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 472.375513][T18328] netlink: 'syz.4.6101': attribute type 8 has an invalid length. [ 472.726745][T18361] netlink: 'syz.4.6115': attribute type 11 has an invalid length. [ 472.745096][T18361] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6115'. [ 472.979627][T18375] futex_wake_op: syz.2.6119 tries to shift op by 32; fix this program [ 476.082559][T18477] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6155'. [ 476.095734][T18477] netlink: 32 bytes leftover after parsing attributes in process `syz.5.6155'. [ 476.525571][T18511] 9pnet: Insufficient options for proto=fd [ 476.871495][T18539] overlayfs: unrecognized mount option "/" or missing value [ 476.927555][T18547] 9pnet: Insufficient options for proto=fd [ 477.062898][T18555] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6204'. [ 477.199922][T18569] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6200'. [ 478.122615][T18642] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6236'. [ 478.755244][T18687] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6254'. [ 479.217380][T18728] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6277'. [ 481.568481][T18804] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6307'. [ 481.839097][T18823] netlink: 72 bytes leftover after parsing attributes in process `syz.4.6317'. [ 482.051879][ T5193] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 482.319030][T18856] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6332'. [ 482.431155][T18863] loop2: detected capacity change from 0 to 512 [ 482.441565][ T5193] usb 1-1: config 0 has no interfaces? [ 482.522071][T18863] EXT4-fs (loop2): Test dummy encryption mode enabled [ 482.530110][T18863] EXT4-fs (loop2): inline encryption not supported [ 482.563217][T18863] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 482.585163][T18863] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 482.607479][T18863] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 482.611867][ T5193] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 482.630418][T18863] EXT4-fs (loop2): can't mount with commit=255, fs mounted w/o journal [ 482.644139][ T5193] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 482.658398][ T5193] usb 1-1: Product: syz [ 482.667513][ T5193] usb 1-1: Manufacturer: syz [ 482.753674][ T5193] usb 1-1: SerialNumber: syz [ 482.760009][ T5193] usb 1-1: config 0 descriptor?? [ 482.861045][T18885] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6348'. [ 483.028055][ T5193] usb 1-1: USB disconnect, device number 6 [ 484.379319][T18967] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6383'. [ 486.809807][ T5188] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 487.241351][ T5188] usb 3-1: config 0 has no interfaces? [ 487.334809][T19017] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6401'. [ 487.411293][ T5188] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 487.438972][ T5188] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 487.462273][ T5188] usb 3-1: Product: syz [ 487.481218][ T5188] usb 3-1: Manufacturer: syz [ 487.494805][ T5188] usb 3-1: SerialNumber: syz [ 487.550863][ T5188] usb 3-1: config 0 descriptor?? [ 488.618907][ T5193] usb 3-1: USB disconnect, device number 8 [ 489.436382][T19082] device vlan0 entered promiscuous mode [ 489.454070][T19081] netlink: 128 bytes leftover after parsing attributes in process `syz.4.6430'. [ 489.461195][T19082] device bond0 entered promiscuous mode [ 490.014175][ T26] audit: type=1326 audit(2000000170.701:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.5.6450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 490.102986][ T26] audit: type=1326 audit(2000000170.741:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.5.6450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 490.195681][ T26] audit: type=1326 audit(2000000170.751:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.5.6450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 490.287521][ T26] audit: type=1326 audit(2000000170.751:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.5.6450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 490.930928][ T4289] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 491.351314][ T4289] usb 5-1: config 0 has no interfaces? [ 491.531112][ T4289] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 491.544760][ T4289] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 491.567498][ T4289] usb 5-1: Product: syz [ 491.577503][ T4289] usb 5-1: Manufacturer: syz [ 491.585613][ T4289] usb 5-1: SerialNumber: syz [ 491.602660][ T4289] usb 5-1: config 0 descriptor?? [ 491.650111][T19225] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 491.883767][ T5193] usb 5-1: USB disconnect, device number 9 [ 494.770857][T19297] loop0: detected capacity change from 0 to 16 [ 494.851915][T19297] erofs: (device loop0): mounted with root inode @ nid 36. [ 496.055665][T19356] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 496.284671][T19368] netlink: 'syz.2.6561': attribute type 16 has an invalid length. [ 496.306055][T19368] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.6561'. [ 496.392263][T19373] netlink: 308 bytes leftover after parsing attributes in process `syz.5.6563'. [ 500.769576][T19524] xt_CT: You must specify a L4 protocol and not use inversions on it [ 500.805163][T19526] syzkaller0: Caught tx_queue_len zero misconfig [ 500.979182][T19533] loop4: detected capacity change from 0 to 512 [ 501.161764][T19533] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #11: comm syz.4.6635: ea_inode with extended attributes [ 501.190024][T19533] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.6635: error while reading EA inode 11 err=-117 [ 501.200319][T19539] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6639'. [ 501.218084][T19533] EXT4-fs (loop4): 1 orphan inode deleted [ 501.225079][T19533] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue. Quota mode: none. [ 501.412858][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.421576][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.871934][T19582] netlink: 'syz.2.6657': attribute type 4 has an invalid length. [ 502.879704][T19582] netlink: 'syz.2.6657': attribute type 5 has an invalid length. [ 502.908328][T19582] netlink: 'syz.2.6657': attribute type 1 has an invalid length. [ 504.642346][T19680] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6702'. [ 505.038577][T19694] loop0: detected capacity change from 0 to 512 [ 505.107169][T19694] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.6708: ea_inode with extended attributes [ 505.141420][T19694] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.6708: error while reading EA inode 11 err=-117 [ 505.191402][T19694] EXT4-fs (loop0): 1 orphan inode deleted [ 505.237530][T19694] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue. Quota mode: none. [ 505.427727][T19712] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6718'. [ 505.937539][T19740] binder: 19738:19740 ioctl 400c620e 0 returned -14 [ 506.021348][T19743] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6733'. [ 506.080390][T19747] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6735'. [ 506.238190][T19755] tipc: Enabling of bearer rejected, already enabled [ 506.362905][T19765] loop2: detected capacity change from 0 to 512 [ 506.519527][T19765] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #11: comm syz.2.6743: ea_inode with extended attributes [ 506.598646][T19765] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.6743: error while reading EA inode 11 err=-117 [ 506.702584][T19765] EXT4-fs (loop2): 1 orphan inode deleted [ 506.763275][T19765] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue. Quota mode: none. [ 507.991422][T19808] raw_sendmsg: syz.4.6762 forgot to set AF_INET. Fix it! [ 508.361750][T19829] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6772'. [ 509.758474][T19861] loop4: detected capacity change from 0 to 512 [ 509.829350][T19861] EXT4-fs (loop4): orphan cleanup on readonly fs [ 509.904256][T19861] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 509.922169][T19861] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 509.976151][T19861] EXT4-fs error (device loop4): ext4_acquire_dquot:6209: comm syz.4.6784: Failed to acquire dquot type 1 [ 510.076404][T19861] EXT4-fs (loop4): 1 truncate cleaned up [ 510.118293][T19861] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,resuid=0x0000000000000000,nodelalloc,dioread_nolock,quota,,errors=continue. Quota mode: writeback. [ 511.411928][T19903] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6803'. [ 511.452330][T19910] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6804'. [ 511.707690][T19928] device erspan0 entered promiscuous mode [ 511.723034][ T26] audit: type=1326 audit(2000000192.412:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19929 comm="syz.0.6816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 511.766646][T19928] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 511.767924][T19933] tmpfs: Unknown parameter 'noswap' [ 511.788652][ T26] audit: type=1326 audit(2000000192.412:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19929 comm="syz.0.6816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 511.797046][T19928] 8021q: adding VLAN 0 to HW filter on device bond0 [ 511.823120][T19937] overlayfs: overlapping lowerdir path [ 511.839286][ T26] audit: type=1326 audit(2000000192.412:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19929 comm="syz.0.6816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 511.846755][T19928] 8021q: adding VLAN 0 to HW filter on device team0 [ 511.921681][ T26] audit: type=1326 audit(2000000192.412:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19929 comm="syz.0.6816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 511.924694][T19942] loop0: detected capacity change from 0 to 512 [ 511.987921][T19928] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 511.988383][ T26] audit: type=1326 audit(2000000192.412:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19929 comm="syz.0.6816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 512.003829][T19928] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 512.020980][ T26] audit: type=1326 audit(2000000192.412:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19929 comm="syz.0.6816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 512.037149][T19928] net veth1_virt_wifi virt_wifi0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 512.053890][ T26] audit: type=1326 audit(2000000192.412:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19929 comm="syz.0.6816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 512.053927][ T26] audit: type=1326 audit(2000000192.412:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19929 comm="syz.0.6816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 512.116545][T19928] device veth1_vlan left promiscuous mode [ 512.117881][T19942] EXT4-fs (loop0): orphan cleanup on readonly fs [ 512.123447][T19928] device veth0_vlan left promiscuous mode [ 512.135367][T19928] device veth0_vlan entered promiscuous mode [ 512.143210][T19928] device veth1_vlan entered promiscuous mode [ 512.152878][T19942] EXT4-fs error (device loop0): ext4_acquire_dquot:6209: comm syz.0.6822: Failed to acquire dquot type 1 [ 512.155373][T19928] device veth1_macvtap left promiscuous mode [ 512.172747][T19928] device veth0_macvtap left promiscuous mode [ 512.180277][T19928] device veth0_macvtap entered promiscuous mode [ 512.182251][T19942] EXT4-fs (loop0): 1 truncate cleaned up [ 512.187535][T19928] device veth1_macvtap entered promiscuous mode [ 512.198544][T19942] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,resuid=0x0000000000000000,nodelalloc,dioread_nolock,quota,,errors=continue. Quota mode: writeback. [ 512.199954][T19928] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 512.226008][T19928] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 512.234901][T19928] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 512.243655][T19928] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 512.276446][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 512.288838][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 512.308145][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 512.321680][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 512.330467][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 512.341982][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 512.351743][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 512.360883][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 512.370922][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 512.379843][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 512.388412][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1.4: link becomes ready [ 512.397706][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 512.406532][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 512.441298][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 512.460386][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 512.471633][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 512.500353][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 512.515534][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 512.530699][T19952] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6826'. [ 512.545215][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 512.554848][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 512.563283][T19952] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6826'. [ 512.581021][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 512.600669][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 512.623270][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 512.635297][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 512.644607][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 512.654309][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 512.664615][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 512.682400][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 512.713240][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 512.740678][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 512.749930][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 512.768824][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 512.785146][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 512.800298][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 512.839014][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 512.859521][T17199] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 512.892163][ T4255] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 512.920692][T19968] loop4: detected capacity change from 0 to 2048 [ 513.083392][T19968] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 513.285157][T19997] netlink: 'syz.4.6842': attribute type 27 has an invalid length. [ 513.393764][T20004] loop0: detected capacity change from 0 to 512 [ 513.472593][T20004] EXT4-fs (loop0): Ignoring removed orlov option [ 513.479068][T20004] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 513.519447][T20004] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 513.566632][T20004] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2229: inode #15: comm syz.0.6849: corrupted in-inode xattr [ 513.618830][T20004] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.6849: couldn't read orphan inode 15 (err -117) [ 513.688277][T20004] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none. [ 513.727113][T20020] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6856'. [ 513.773789][T20020] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6856'. [ 513.799029][T20020] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6856'. [ 513.826598][T20020] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6856'. [ 514.325780][T20048] dns_resolver: Unsupported content type (240) [ 514.444247][T20055] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 514.482564][T20055] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 514.500625][T20055] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 514.636658][T20055] device veth1_macvtap entered promiscuous mode [ 514.689182][T16636] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 515.203442][T20083] loop4: detected capacity change from 0 to 512 [ 515.243591][T20086] netlink: 'syz.5.6888': attribute type 6 has an invalid length. [ 515.398189][T20091] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6890'. [ 515.584491][T20108] fuse: Bad value for 'fd' [ 515.664177][T20112] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6900'. [ 515.841398][T20123] xt_CT: No such helper "pptp" [ 515.912460][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 515.912475][ T26] audit: type=1326 audit(515.879:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20126 comm="syz.2.6908" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1ede8f36c9 code=0x0 [ 515.971497][T20132] overlayfs: overlapping lowerdir path [ 516.390301][ T4289] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 516.533386][ T26] audit: type=1326 audit(516.499:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20163 comm="syz.5.6924" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x0 [ 516.645297][T20172] loop2: detected capacity change from 0 to 512 [ 516.801861][ T4289] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xB3, skipping [ 516.817115][ T4289] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 516.832520][ T4289] usb 5-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00 [ 516.842127][ T4289] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 516.843981][T20184] lo: Caught tx_queue_len zero misconfig [ 516.852817][ T4289] usb 5-1: config 0 descriptor?? [ 516.902856][ T4289] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 517.099591][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 517.105824][ T4289] usb 5-1: USB disconnect, device number 10 [ 517.445224][ T26] audit: type=1326 audit(517.409:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20188 comm="syz.0.6937" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x0 [ 518.569686][T20220] futex_wake_op: syz.4.6950 tries to shift op by 32; fix this program [ 518.755235][T20234] tipc: Started in network mode [ 518.763611][T20234] tipc: Node identity 4, cluster identity 4711 [ 518.775290][T20234] tipc: Node number set to 4 [ 519.119337][ T7] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 519.243419][T20272] tmpfs: Bad value for 'mpol' [ 519.499412][ T7] usb 5-1: config 1 has an invalid interface number: 105 but max is 0 [ 519.507625][ T7] usb 5-1: config 1 has no interface number 0 [ 519.541534][ T7] usb 5-1: config 1 interface 105 has no altsetting 0 [ 519.711601][ T7] usb 5-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 519.733154][ T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 519.752410][ T7] usb 5-1: Product: syz [ 519.759004][ T7] usb 5-1: Manufacturer: syz [ 519.766291][ T7] usb 5-1: SerialNumber: syz [ 519.833984][T20326] __nla_validate_parse: 1 callbacks suppressed [ 519.833999][T20326] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7003'. [ 520.069592][ T7] aqc111: probe of 5-1:1.105 failed with error -71 [ 520.094512][ T7] usb 5-1: USB disconnect, device number 11 [ 520.689731][T20390] netlink: 'syz.2.7025': attribute type 10 has an invalid length. [ 520.697681][T20390] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7025'. [ 520.718164][T20390] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 523.307718][T20436] netlink: 628 bytes leftover after parsing attributes in process `syz.5.7048'. [ 523.547525][T20440] netlink: 'syz.0.7049': attribute type 10 has an invalid length. [ 523.555589][T20440] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7049'. [ 523.573279][T20440] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 524.386693][T20446] loop0: detected capacity change from 0 to 512 [ 524.967302][T20474] input: syz1 as /devices/virtual/input/input9 [ 525.033851][T20484] loop4: detected capacity change from 0 to 512 [ 525.158953][T20484] EXT4-fs error (device loop4): ext4_orphan_get:1427: comm syz.4.7072: bad orphan inode 11862016 [ 525.209414][T20484] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 525.729344][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 525.907850][T20541] 9pnet: Insufficient options for proto=fd [ 526.034874][T20548] netlink: 100 bytes leftover after parsing attributes in process `syz.2.7101'. [ 526.172541][T20554] hugetlbfs: syz.0.7104 (20554): Using mlock ulimits for SHM_HUGETLB is deprecated [ 526.424220][T20567] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7110'. [ 526.716064][T20587] tmpfs: Unknown parameter 'noswap' [ 527.267633][T20623] netlink: 100 bytes leftover after parsing attributes in process `syz.1.7135'. [ 527.528496][T20640] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7145'. [ 527.565419][T20643] loop2: detected capacity change from 0 to 512 [ 527.662655][T20643] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002] [ 527.731384][T20649] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7149'. [ 527.743678][T20643] System zones: 1-12 [ 527.780138][T20643] EXT4-fs error (device loop2): dx_probe:823: inode #2: comm syz.2.7144: Directory hole found for htree index block 0 [ 527.860091][T20643] EXT4-fs (loop2): Remounting filesystem read-only [ 527.877535][T20643] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 527.886078][T20643] EXT4-fs error (device loop2): dx_probe:823: inode #2: comm syz.2.7144: Directory hole found for htree index block 0 [ 527.942514][T20643] EXT4-fs (loop2): Remounting filesystem read-only [ 527.986435][T20643] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 528.011402][T20643] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=Jdebug,jqfmt=vfsold,noquota,bsdgroups,usrjquota="nojournal_checksum,errors=remount-ro,,. Quota mode: writeback. [ 528.830984][T20643] EXT4-fs (loop2): Unrecognized mount option "r$H3b\$iSP4|7' $}4_;T[?W [ 528.830984][T20643] :non~b!r x dhuNjTes2r8Έ!Q2#c@zO&r\vUA;#}l2cJcDdV#ks=a?=" or missing value [ 529.367110][T20687] netlink: 'syz.1.7162': attribute type 10 has an invalid length. [ 529.375333][T20687] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7162'. [ 529.396937][T20687] batman_adv: batadv0: Adding interface: virt_wifi0 [ 529.403650][T20687] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 529.429439][T20687] batman_adv: batadv0: Interface activated: virt_wifi0 [ 530.156972][T20694] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7176'. [ 530.576231][T20723] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7183'. [ 531.047945][T20745] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7193'. [ 533.125396][T20822] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7230'. [ 533.237885][T20826] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7241'. [ 533.550859][T20840] netlink: 'syz.5.7231': attribute type 10 has an invalid length. [ 533.558931][T20840] netlink: 40 bytes leftover after parsing attributes in process `syz.5.7231'. [ 533.686887][T20840] batman_adv: batadv0: Adding interface: virt_wifi0 [ 533.693926][T20840] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 533.719665][T20840] batman_adv: batadv0: Interface activated: virt_wifi0 [ 534.589542][T20873] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7263'. [ 534.880773][T20885] netlink: 'syz.4.7253': attribute type 10 has an invalid length. [ 534.888774][T20885] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7253'. [ 534.902768][T20885] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 535.715725][T20901] 9pnet: p9_errstr2errno: server reported unknown error aaaaaaaaa [ 536.246695][T20939] netlink: 'syz.1.7277': attribute type 10 has an invalid length. [ 536.254695][T20939] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7277'. [ 537.051960][T20953] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7288'. [ 537.572823][T20979] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 538.443696][T20984] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7299'. [ 538.964482][T20999] netlink: 'syz.1.7298': attribute type 10 has an invalid length. [ 538.972584][T20999] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7298'. [ 539.399292][T21012] netlink: 104 bytes leftover after parsing attributes in process `syz.1.7315'. [ 539.523063][T21016] loop4: detected capacity change from 0 to 512 [ 539.611085][T21016] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002] [ 539.628214][T21016] System zones: 1-12 [ 539.697909][T21016] EXT4-fs error (device loop4): dx_probe:823: inode #2: comm syz.4.7308: Directory hole found for htree index block 0 [ 539.718402][T21016] EXT4-fs (loop4): Remounting filesystem read-only [ 539.725020][T21016] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 539.798185][T21016] EXT4-fs error (device loop4): dx_probe:823: inode #2: comm syz.4.7308: Directory hole found for htree index block 0 [ 539.842066][T21016] EXT4-fs (loop4): Remounting filesystem read-only [ 539.858981][T21016] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 539.867182][T21016] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=Jdebug,jqfmt=vfsold,noquota,bsdgroups,usrjquota="nojournal_checksum,errors=remount-ro,,. Quota mode: writeback. [ 539.911552][T21039] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 539.979786][T21016] EXT4-fs (loop4): Unrecognized mount option "r$H3b\$iSP4|7' $}4_;T[?W [ 539.979786][T21016] :non~b!r x dhuNjTes2r8Έ!Q2#c@zO&r\vUA;#}l2cJcDdV#ks=a?=" or missing value [ 540.502837][T21070] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7340'. [ 540.544473][T21070] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7340'. [ 540.638490][T21077] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7342'. [ 541.076817][ T26] audit: type=1326 audit(541.041:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21095 comm="syz.5.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 541.135842][ T26] audit: type=1326 audit(541.041:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21095 comm="syz.5.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 541.158887][ T26] audit: type=1326 audit(541.041:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21095 comm="syz.5.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 541.204876][ T26] audit: type=1326 audit(541.041:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21095 comm="syz.5.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 541.293739][ T26] audit: type=1326 audit(541.041:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21095 comm="syz.5.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 541.352258][ T26] audit: type=1326 audit(541.041:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21095 comm="syz.5.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 541.383098][ T26] audit: type=1326 audit(541.091:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21095 comm="syz.5.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 541.472254][ T26] audit: type=1326 audit(541.131:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21095 comm="syz.5.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 541.479998][T21115] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7360'. [ 541.539290][ T26] audit: type=1326 audit(541.211:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21095 comm="syz.5.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 541.661652][ T26] audit: type=1326 audit(541.211:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21095 comm="syz.5.7351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 541.973783][T21144] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7372'. [ 542.368389][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 544.312501][T21288] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7443'. [ 544.871867][T21330] netlink: 68 bytes leftover after parsing attributes in process `syz.4.7464'. [ 544.942232][T21337] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7466'. [ 545.600458][T21375] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 546.176637][T21411] overlayfs: missing 'lowerdir' [ 546.396724][T21419] netlink: 68 bytes leftover after parsing attributes in process `syz.1.7502'. [ 546.449447][T21419] netlink: 'syz.1.7502': attribute type 4 has an invalid length. [ 547.195990][T21459] tmpfs: Bad value for 'nr_inodes' [ 547.259505][T21463] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 547.722039][T21485] tmpfs: Bad value for 'nr_inodes' [ 547.883224][ T26] kauditd_printk_skb: 13 callbacks suppressed [ 547.883238][ T26] audit: type=1326 audit(547.851:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21496 comm="syz.2.7538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 547.989256][ T26] audit: type=1326 audit(547.891:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21496 comm="syz.2.7538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 548.066206][ T26] audit: type=1326 audit(547.891:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21496 comm="syz.2.7538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 548.256000][T21514] netlink: 120 bytes leftover after parsing attributes in process `syz.5.7546'. [ 548.277707][T21514] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7546'. [ 548.287483][T21514] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7546'. [ 548.351918][T21514] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7546'. [ 548.658817][T21529] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 549.532868][T21532] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7553'. [ 549.619237][T21532] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7553'. [ 549.644959][T21532] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7553'. [ 549.668031][T21532] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7553'. [ 553.070671][T21706] ipt_CLUSTERIP: Please specify destination IP [ 553.496236][T21732] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7645'. [ 553.710680][T21743] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7649'. [ 555.711705][T21808] netlink: 'syz.0.7681': attribute type 4 has an invalid length. [ 556.750215][T21842] overlayfs: invalid origin (0000) [ 558.491411][T21887] netlink: 84 bytes leftover after parsing attributes in process `syz.4.7718'. [ 560.292677][T21951] IPv6: NLM_F_CREATE should be specified when creating new route [ 560.310218][T21954] netlink: 132 bytes leftover after parsing attributes in process `syz.5.7747'. [ 561.092372][T22008] can: request_module (can-proto-0) failed. [ 561.480200][T22048] netlink: 68 bytes leftover after parsing attributes in process `syz.0.7791'. [ 561.535035][T22055] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7794'. [ 561.954025][T22088] netlink: 68 bytes leftover after parsing attributes in process `syz.5.7807'. [ 561.988247][ T26] audit: type=1326 audit(561.962:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22093 comm="syz.4.7811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 562.062914][ T26] audit: type=1326 audit(561.982:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22093 comm="syz.4.7811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 562.138524][ T26] audit: type=1326 audit(561.982:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22093 comm="syz.4.7811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 562.177710][ T26] audit: type=1326 audit(561.982:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22093 comm="syz.4.7811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 562.220077][ T26] audit: type=1326 audit(561.982:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22093 comm="syz.4.7811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 562.244889][ T26] audit: type=1326 audit(561.982:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22093 comm="syz.4.7811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 562.270782][ T26] audit: type=1326 audit(561.982:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22093 comm="syz.4.7811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 562.325786][ T26] audit: type=1326 audit(562.002:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22093 comm="syz.4.7811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 562.365411][ T26] audit: type=1326 audit(562.002:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22093 comm="syz.4.7811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 562.427535][ T26] audit: type=1326 audit(562.002:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22093 comm="syz.4.7811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 562.666106][T22132] netlink: 68 bytes leftover after parsing attributes in process `syz.4.7827'. [ 562.689960][T22136] IPv6: NLM_F_CREATE should be specified when creating new route [ 562.849900][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.856330][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.944673][T22151] unsupported nla_type 35 [ 563.067879][T22157] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7839'. [ 563.173063][T22169] netlink: 'syz.0.7844': attribute type 17 has an invalid length. [ 563.211226][T22169] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 563.318874][T22178] loop0: detected capacity change from 0 to 64 [ 563.387577][T22178] hfs: invalid btree extent records [ 563.416013][T22178] hfs: unable to open extent tree [ 563.515811][T22178] hfs: can't find a HFS filesystem on dev loop0 [ 564.760681][T22208] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7862'. [ 567.462839][T22274] netlink: 'syz.4.7891': attribute type 17 has an invalid length. [ 567.579712][ T26] kauditd_printk_skb: 16 callbacks suppressed [ 567.579728][ T26] audit: type=1326 audit(567.552:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22282 comm="syz.1.7896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 567.625948][ T26] audit: type=1326 audit(567.592:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22282 comm="syz.1.7896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 569.096506][ T4289] usb 3-1: new low-speed USB device number 9 using dummy_hcd [ 570.129224][T22341] overlayfs: unrecognized mount option "verity=require" or missing value [ 570.408906][ T4289] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 570.419619][ T4289] usb 3-1: config 0 has no interfaces? [ 570.425146][ T4289] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 570.434900][ T4289] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 570.444674][ T4289] usb 3-1: config 0 descriptor?? [ 571.448721][ T4240] usb 3-1: USB disconnect, device number 9 [ 574.539884][T22416] netlink: 160 bytes leftover after parsing attributes in process `syz.4.7955'. [ 574.608367][T22416] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 574.885779][T22434] netlink: 44 bytes leftover after parsing attributes in process `syz.4.7963'. [ 575.495455][T22492] netlink: 44 bytes leftover after parsing attributes in process `syz.2.7992'. [ 575.507715][T22492] netlink: 43 bytes leftover after parsing attributes in process `syz.2.7992'. [ 575.520519][T22492] netlink: 'syz.2.7992': attribute type 5 has an invalid length. [ 575.560724][T22492] netlink: 43 bytes leftover after parsing attributes in process `syz.2.7992'. [ 575.695334][T22507] netlink: 160 bytes leftover after parsing attributes in process `syz.2.7998'. [ 575.745362][T22507] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 576.062892][T22534] device syzkaller0 entered promiscuous mode [ 576.936103][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 577.070525][T22600] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8042'. [ 577.183040][T22610] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8047'. [ 577.607007][T22636] overlayfs: failed to clone upperpath [ 577.661686][T22638] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 577.680318][T22638] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 577.864094][T22647] 9pnet: Could not find request transport: 0xffffffffffffffff [ 578.037087][T22655] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8069'. [ 580.697008][T22707] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 580.759897][T22707] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 580.773827][T22714] 9pnet: Could not find request transport: 0xffffffffffffffff [ 580.892746][T22725] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8101'. [ 580.947456][T22723] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8098'. [ 582.409803][T22745] 9pnet: Could not find request transport: 0xffffffffffffffff [ 582.904029][ T26] audit: type=1326 audit(582.873:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22763 comm="syz.2.8119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 583.019458][ T26] audit: type=1326 audit(582.903:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22763 comm="syz.2.8119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 583.107348][ T26] audit: type=1326 audit(582.903:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22763 comm="syz.2.8119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 583.132929][ T26] audit: type=1326 audit(582.903:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22763 comm="syz.2.8119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 583.278686][ T26] audit: type=1326 audit(582.903:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22763 comm="syz.2.8119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 583.429976][T22775] loop2: detected capacity change from 0 to 512 [ 583.442056][ T26] audit: type=1326 audit(582.903:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22763 comm="syz.2.8119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 583.512614][T22775] EXT4-fs (loop2): orphan cleanup on readonly fs [ 583.543414][T22775] Quota error (device loop2): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 583.570860][ T26] audit: type=1326 audit(582.913:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22763 comm="syz.2.8119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 583.657769][T22775] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 583.717119][T22775] EXT4-fs error (device loop2): ext4_acquire_dquot:6209: comm syz.2.8123: Failed to acquire dquot type 1 [ 583.748974][ T26] audit: type=1326 audit(582.963:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22763 comm="syz.2.8119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 583.803751][T22775] EXT4-fs (loop2): 1 truncate cleaned up [ 583.813414][T22775] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,resuid=0x0000000000000000,nodelalloc,dioread_nolock,quota,,errors=continue. Quota mode: writeback. [ 584.077849][T22796] netlink: 100 bytes leftover after parsing attributes in process `syz.1.8133'. [ 584.330734][T22812] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8141'. [ 584.591114][T22835] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8150'. [ 584.877951][T22859] loop4: detected capacity change from 0 to 512 [ 586.021202][T22859] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #11: comm syz.4.8159: ea_inode with extended attributes [ 586.034725][T22859] EXT4-fs (loop4): Remounting filesystem read-only [ 586.041992][T22859] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.8159: error while reading EA inode 11 err=-117 [ 586.057119][T22859] EXT4-fs (loop4): Remounting filesystem read-only [ 586.063977][T22859] EXT4-fs (loop4): 1 orphan inode deleted [ 586.070349][T22859] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,errors=remount-ro,delalloc,journal_ioprio=0x0000000000000001,init_itable=0x0000000000008d55,. Quota mode: none. [ 587.587523][T22936] netlink: 56 bytes leftover after parsing attributes in process `syz.5.8195'. [ 588.077979][T22973] netlink: 'syz.5.8219': attribute type 11 has an invalid length. [ 588.091329][T22973] netlink: 32 bytes leftover after parsing attributes in process `syz.5.8219'. [ 588.151247][T22979] netlink: 56 bytes leftover after parsing attributes in process `syz.2.8210'. [ 588.285523][T22982] loop0: detected capacity change from 0 to 1024 [ 588.442349][T22982] EXT4-fs (loop0): Ignoring removed bh option [ 588.449148][T22982] EXT4-fs (loop0): inline encryption not supported [ 588.650060][T22982] EXT4-fs error (device loop0): ext4_ext_check_inode:501: inode #3: comm syz.0.8209: pblk 67 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 588.673051][T22982] EXT4-fs error (device loop0): ext4_quota_enable:6420: comm syz.0.8209: Bad quota inode: 3, type: 0 [ 588.687825][T22982] EXT4-fs warning (device loop0): ext4_enable_quotas:6461: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 588.744012][T22982] EXT4-fs (loop0): mount failed [ 590.274680][T23000] netlink: 108 bytes leftover after parsing attributes in process `syz.2.8220'. [ 590.294542][T23000] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8220'. [ 590.529360][ T26] kauditd_printk_skb: 17 callbacks suppressed [ 590.529374][ T26] audit: type=1326 audit(590.503:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23011 comm="syz.1.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 590.562732][T23014] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8227'. [ 590.590636][T23014] device ip_vti0 entered promiscuous mode [ 590.617932][ T26] audit: type=1326 audit(590.543:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23011 comm="syz.1.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 590.689062][ T26] audit: type=1326 audit(590.543:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23011 comm="syz.1.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 590.745247][ T26] audit: type=1326 audit(590.543:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23011 comm="syz.1.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 590.776525][T23021] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8229'. [ 590.799467][T23021] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8229'. [ 591.142338][T23039] overlayfs: missing 'lowerdir' [ 591.240225][ T26] audit: type=1326 audit(591.213:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23040 comm="syz.4.8240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 591.290087][T23047] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8244'. [ 591.299301][ T26] audit: type=1326 audit(591.243:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23040 comm="syz.4.8240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 591.299714][T23047] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 591.325254][ T26] audit: type=1326 audit(591.243:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23040 comm="syz.4.8240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 591.359716][T23047] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 591.380352][T23047] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 591.403940][T23053] loop4: detected capacity change from 0 to 1024 [ 591.415495][T23047] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 591.423719][ T26] audit: type=1326 audit(591.243:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23040 comm="syz.4.8240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 591.459207][T23047] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 591.488646][T23047] batman_adv: batadv0: Removing interface: virt_wifi0 [ 591.488657][ T26] audit: type=1326 audit(591.243:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23040 comm="syz.4.8240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96a2e966c9 code=0x7ffc0000 [ 591.526747][T23053] EXT4-fs (loop4): INFO: recovery required on readonly filesystem [ 591.539778][T23053] EXT4-fs (loop4): write access will be enabled during recovery [ 591.548235][T23053] JBD2: no valid journal superblock found [ 591.554038][T23049] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8242'. [ 591.565979][T23053] EXT4-fs (loop4): error loading journal [ 591.773286][T23067] loop2: detected capacity change from 0 to 1024 [ 591.963849][T23067] EXT4-fs (loop2): Ignoring removed bh option [ 591.970448][T23067] EXT4-fs (loop2): inline encryption not supported [ 592.146086][T23067] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #3: comm syz.2.8252: pblk 67 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 592.168842][T23067] EXT4-fs error (device loop2): ext4_quota_enable:6420: comm syz.2.8252: Bad quota inode: 3, type: 0 [ 592.181549][T23067] EXT4-fs warning (device loop2): ext4_enable_quotas:6461: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 592.201128][T23067] EXT4-fs (loop2): mount failed [ 594.125834][T23090] fuse: Bad value for 'group_id' [ 597.274832][ T26] audit: type=1326 audit(597.240:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23152 comm="syz.1.8288" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x0 [ 597.416873][T23165] overlayfs: failed to clone lowerpath [ 598.454144][T23219] netlink: 388 bytes leftover after parsing attributes in process `syz.2.8317'. [ 598.549143][T23224] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8321'. [ 598.669417][T23236] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8327'. [ 598.696117][T23236] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8327'. [ 599.943286][T23279] fuse: Bad value for 'fd' [ 599.956903][T23283] netlink: 'syz.0.8355': attribute type 21 has an invalid length. [ 599.972061][T23283] netlink: 132 bytes leftover after parsing attributes in process `syz.0.8355'. [ 600.152992][T23283] netlink: 'syz.0.8355': attribute type 1 has an invalid length. [ 600.258854][T23283] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8355'. [ 600.403247][T23290] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 601.452745][T23344] netlink: 'syz.5.8374': attribute type 6 has an invalid length. [ 601.614891][T23360] netlink: 132 bytes leftover after parsing attributes in process `syz.1.8382'. [ 601.627072][T23361] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8379'. [ 601.659132][T23363] 9pnet: Could not find request transport: 0xffffffffffffffff [ 602.129520][T23402] device batadv_slave_1 entered promiscuous mode [ 602.145452][T23401] device batadv_slave_1 left promiscuous mode [ 602.880845][ T26] audit: type=1326 audit(602.838:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23470 comm="syz.2.8435" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1ede8f36c9 code=0x0 [ 603.266700][T23503] device pim6reg1 entered promiscuous mode [ 603.828596][T23537] x_tables: duplicate underflow at hook 1 [ 604.346742][T23542] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8468'. [ 605.013982][T23577] netlink: 'syz.5.8484': attribute type 4 has an invalid length. [ 605.031088][T23577] netlink: 17 bytes leftover after parsing attributes in process `syz.5.8484'. [ 605.497014][T23622] 9pnet: Insufficient options for proto=fd [ 606.335893][T23699] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8543'. [ 606.396274][T23708] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8546'. [ 607.563867][T23788] netlink: 64 bytes leftover after parsing attributes in process `syz.1.8583'. [ 607.629533][T23789] ptrace attach of "./syz-executor exec"[4182] was attempted by "./syz-executor exec"[23789] [ 608.509573][T23805] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8591'. [ 608.892611][ T26] audit: type=1326 audit(608.855:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23828 comm="syz.2.8603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 608.931210][T23831] loop2: detected capacity change from 0 to 512 [ 608.970511][ T26] audit: type=1326 audit(608.894:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23828 comm="syz.2.8603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1ede8f36c9 code=0x7ffc0000 [ 609.004407][ T26] audit: type=1326 audit(608.894:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23828 comm="syz.2.8603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1ede8f3703 code=0x7ffc0000 [ 609.028192][ T26] audit: type=1326 audit(608.894:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23828 comm="syz.2.8603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1ede8f217f code=0x7ffc0000 [ 609.059550][T23831] EXT4-fs (loop2): Ignoring removed bh option [ 609.084352][T23831] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 609.114225][T23831] EXT4-fs (loop2): orphan cleanup on readonly fs [ 609.123055][ T26] audit: type=1326 audit(608.894:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23828 comm="syz.2.8603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f1ede8f3757 code=0x7ffc0000 [ 609.157088][T23831] EXT4-fs (loop2): 1 truncate cleaned up [ 609.163005][T23831] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,resgid=0x000000000000ee00,bh,noload,data_err=ignore,abort,,errors=continue. Quota mode: writeback. [ 609.220928][ T26] audit: type=1326 audit(608.894:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23828 comm="syz.2.8603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1ede8f1f10 code=0x7ffc0000 [ 609.286369][ T26] audit: type=1326 audit(608.894:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23828 comm="syz.2.8603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1ede8f32cb code=0x7ffc0000 [ 609.336968][ T26] audit: type=1326 audit(608.924:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23828 comm="syz.2.8603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1ede8f232a code=0x7ffc0000 [ 609.411111][ T26] audit: type=1326 audit(608.924:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23828 comm="syz.2.8603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1ede8f232a code=0x7ffc0000 [ 609.493770][ T26] audit: type=1326 audit(608.964:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23837 comm="syz.0.8607" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x0 [ 609.643277][T23876] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8623'. [ 610.137220][T23905] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8635'. [ 610.431972][T23933] x_tables: duplicate underflow at hook 1 [ 610.745136][T23947] loop4: detected capacity change from 0 to 1024 [ 612.509355][T23955] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8657'. [ 612.545757][T23947] EXT4-fs (loop4): Ignoring removed bh option [ 612.552286][T23947] EXT4-fs (loop4): inline encryption not supported [ 613.528261][T23947] EXT4-fs: error -4 creating inode table initialization thread [ 613.537973][T23947] EXT4-fs (loop4): mount failed [ 615.481412][T24014] netlink: 'syz.0.8684': attribute type 10 has an invalid length. [ 615.527349][T24014] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8684'. [ 617.322044][T24073] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8709'. [ 617.565259][T24088] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8718'. [ 618.161079][T24129] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8738'. [ 618.675296][T24158] tipc: Enabled bearer , priority 0 [ 620.336784][T24202] netlink: 'syz.0.8771': attribute type 5 has an invalid length. [ 620.498782][T24210] tipc: Enabling of bearer rejected, failed to enable media [ 621.017050][T24236] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 622.033153][T24255] loop4: detected capacity change from 0 to 4096 [ 622.081536][T24255] ntfs3: Unknown parameter 'windows_names' [ 622.253285][T24265] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 624.443509][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.449862][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.532534][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 625.532571][ T26] audit: type=1326 audit(625.446:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24341 comm="syz.1.8833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 625.904021][ T26] audit: type=1326 audit(625.446:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24341 comm="syz.1.8833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 625.961658][ T26] audit: type=1326 audit(625.576:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24341 comm="syz.1.8833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 626.044777][ T26] audit: type=1326 audit(625.586:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24341 comm="syz.1.8833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 626.110888][ T26] audit: type=1326 audit(625.596:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24341 comm="syz.1.8833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 626.185368][ T26] audit: type=1326 audit(625.636:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24341 comm="syz.1.8833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 626.268064][ T26] audit: type=1326 audit(625.646:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24341 comm="syz.1.8833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 626.294366][T24379] @: renamed from vlan0 [ 626.320634][ T26] audit: type=1326 audit(625.656:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24341 comm="syz.1.8833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 626.377709][ T26] audit: type=1326 audit(625.826:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24341 comm="syz.1.8833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 626.436108][ T26] audit: type=1326 audit(625.826:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24341 comm="syz.1.8833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 626.941158][T24437] netlink: 'syz.2.8878': attribute type 16 has an invalid length. [ 626.990885][T24437] netlink: 64130 bytes leftover after parsing attributes in process `syz.2.8878'. [ 628.480195][ T4240] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 628.747715][T24485] netlink: 'syz.5.8899': attribute type 1 has an invalid length. [ 628.772654][T24485] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8899'. [ 628.945828][ T4240] usb 3-1: config 0 has an invalid descriptor of length 134, skipping remainder of the config [ 628.973719][ T4240] usb 3-1: too many endpoints for config 0 interface 0 altsetting 209: 129, using maximum allowed: 30 [ 629.005520][ T4240] usb 3-1: config 0 interface 0 altsetting 209 has 0 endpoint descriptors, different from the interface descriptor's value: 129 [ 629.090001][T24508] netlink: 160 bytes leftover after parsing attributes in process `syz.0.8909'. [ 629.103999][ T4240] usb 3-1: config 0 interface 0 has no altsetting 0 [ 629.122202][ T4240] usb 3-1: New USB device found, idVendor=1b96, idProduct=0009, bcdDevice= 0.00 [ 629.132665][T24508] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 629.148906][ T4240] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 629.201106][ T4240] usb 3-1: config 0 descriptor?? [ 629.329859][T24515] netlink: 156 bytes leftover after parsing attributes in process `syz.1.8913'. [ 629.514377][ T4240] usb 3-1: string descriptor 0 read error: -71 [ 630.459182][ T4240] usb 3-1: USB disconnect, device number 10 [ 631.630561][T24561] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8933'. [ 631.723776][T24564] loop0: detected capacity change from 0 to 512 [ 631.834798][T24564] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 631.985375][T24577] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8939'. [ 632.484531][T24609] netlink: 44 bytes leftover after parsing attributes in process `syz.2.8953'. [ 632.504371][T24609] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8953'. [ 633.356227][T24668] netlink: 72 bytes leftover after parsing attributes in process `syz.2.8985'. [ 635.356536][ T26] kauditd_printk_skb: 1 callbacks suppressed [ 635.356552][ T26] audit: type=1326 audit(891.310:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24798 comm="syz.1.9046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 635.429114][ T26] audit: type=1326 audit(891.310:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24798 comm="syz.1.9046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 635.477849][ T26] audit: type=1326 audit(891.310:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24798 comm="syz.1.9046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 635.559105][ T26] audit: type=1326 audit(891.310:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24798 comm="syz.1.9046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 635.616409][ T26] audit: type=1326 audit(891.310:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24798 comm="syz.1.9046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3a6086c9 code=0x7ffc0000 [ 635.653959][T24822] netlink: 'syz.1.9055': attribute type 4 has an invalid length. [ 635.663007][T24822] netlink: 'syz.1.9055': attribute type 5 has an invalid length. [ 635.685599][T24822] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.9055'. [ 635.794521][T24832] netlink: 44 bytes leftover after parsing attributes in process `syz.0.9062'. [ 636.536307][T24892] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9090'. [ 636.686663][T24900] loop4: detected capacity change from 0 to 512 [ 636.863413][T24900] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 637.486300][T24900] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz.4.9094: invalid indirect mapped block 4294967295 (level 0) [ 637.677739][T24900] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz.4.9094: invalid indirect mapped block 4294967295 (level 1) [ 637.732163][T24900] EXT4-fs (loop4): 1 orphan inode deleted [ 637.784455][T24900] EXT4-fs (loop4): 1 truncate cleaned up [ 637.793443][T24900] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 639.385212][T24954] netlink: 'syz.0.9115': attribute type 1 has an invalid length. [ 639.895616][T24977] netlink: 'syz.0.9123': attribute type 4 has an invalid length. [ 639.913670][T24977] netlink: 'syz.0.9123': attribute type 5 has an invalid length. [ 639.954458][T24977] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.9123'. [ 640.018528][T24983] binder: Unknown parameter 'context' [ 640.205798][T24988] netlink: 68 bytes leftover after parsing attributes in process `syz.4.9130'. [ 640.846665][T25035] lo: Caught tx_queue_len zero misconfig [ 641.635020][T25087] fuse: Bad value for 'fd' [ 641.641365][T25089] tmpfs: Unknown parameter 'n' [ 642.305180][ T26] audit: type=1326 audit(16778343.264:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25135 comm="syz.5.9200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 642.409104][ T26] audit: type=1326 audit(16778343.284:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25135 comm="syz.5.9200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 642.468196][ T26] audit: type=1326 audit(16778343.284:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25135 comm="syz.5.9200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 642.559341][ T26] audit: type=1326 audit(16778343.284:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25135 comm="syz.5.9200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 642.591635][ T26] audit: type=1326 audit(16778343.284:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25135 comm="syz.5.9200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 642.750569][ T26] audit: type=1326 audit(16778343.704:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25174 comm="syz.0.9218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 642.813071][ T26] audit: type=1326 audit(16778343.734:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25174 comm="syz.0.9218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 642.865645][T25185] netlink: 96 bytes leftover after parsing attributes in process `syz.0.9223'. [ 642.875311][ T26] audit: type=1326 audit(16778343.734:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25174 comm="syz.0.9218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 642.912824][ T26] audit: type=1326 audit(16778343.734:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25174 comm="syz.0.9218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 642.952386][ T26] audit: type=1326 audit(16778343.734:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25174 comm="syz.0.9218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 643.526555][T25214] netlink: 132 bytes leftover after parsing attributes in process `syz.4.9236'. [ 644.250618][T25245] netlink: 'syz.5.9251': attribute type 4 has an invalid length. [ 644.278156][T25245] netlink: 'syz.5.9251': attribute type 5 has an invalid length. [ 644.303214][T25245] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.9251'. [ 644.565567][T25255] device sit0 entered promiscuous mode [ 644.604686][T25255] netlink: 'syz.5.9255': attribute type 1 has an invalid length. [ 644.663123][T25255] netlink: 9 bytes leftover after parsing attributes in process `syz.5.9255'. [ 645.470864][T25310] loop0: detected capacity change from 0 to 512 [ 645.529825][T25310] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 645.574157][T25310] EXT4-fs (loop0): 1 truncate cleaned up [ 645.580387][T25310] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000000012,inode_readahead_blks=0x0000000000000020,max_batch_time=0x0000000000000007,,errors=continue. Quota mode: none. [ 646.168845][T25323] netlink: 'syz.2.9286': attribute type 4 has an invalid length. [ 646.477867][T25323] netlink: 'syz.2.9286': attribute type 5 has an invalid length. [ 646.768634][T25323] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.9286'. [ 647.752294][T25379] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9313'. [ 647.873756][T25385] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9315'. [ 648.057783][T25391] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9318'. [ 648.304144][T25400] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9322'. [ 648.914357][T25432] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9336'. [ 649.034160][T25443] loop2: detected capacity change from 0 to 512 [ 649.057048][T25443] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 649.093426][T25443] EXT4-fs (loop2): inline encryption not supported [ 649.100027][T25443] EXT4-fs (loop2): Test dummy encryption mode enabled [ 649.121370][T25443] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 649.130839][T25443] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 649.162748][T25443] EXT4-fs (loop2): 1 truncate cleaned up [ 649.168527][T25443] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 649.341755][T25463] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9348'. [ 649.902909][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 660.478692][T25485] chnl_net:caif_netlink_parms(): no params data found [ 660.514748][T25485] bridge0: port 1(bridge_slave_0) entered blocking state [ 660.521922][T25485] bridge0: port 1(bridge_slave_0) entered disabled state [ 660.529870][T25485] device bridge_slave_0 entered promiscuous mode [ 660.537752][T25485] bridge0: port 2(bridge_slave_1) entered blocking state [ 660.544927][T25485] bridge0: port 2(bridge_slave_1) entered disabled state [ 660.553267][T25485] device bridge_slave_1 entered promiscuous mode [ 660.571837][T25485] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 660.585530][T25485] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 660.860032][T25485] team0: Port device team_slave_0 added [ 660.907576][ T4474] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 660.933262][T25485] team0: Port device team_slave_1 added [ 661.040532][ T4474] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 661.093527][T25485] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 661.100555][T25485] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 661.116310][T25535] xt_bpf: check failed: parse error [ 661.147923][T25485] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 661.160932][T25485] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 661.168587][T25485] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 661.240791][T25485] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 661.276308][ T4474] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 662.320659][T25485] device hsr_slave_0 entered promiscuous mode [ 662.384376][ T5193] Bluetooth: hci3: command 0x0409 tx timeout [ 662.404251][T25485] device hsr_slave_1 entered promiscuous mode [ 662.432181][T25485] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 662.442290][T25485] Cannot create hsr debugfs directory [ 662.477048][ T4474] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 662.906295][ T4474] tipc: Disabling bearer [ 662.931146][ T4474] tipc: Left network mode [ 662.936476][T25485] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 663.014436][T25485] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 663.065998][T25485] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 663.149743][T25485] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 663.236083][T25605] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9406'. [ 663.361211][T25485] 8021q: adding VLAN 0 to HW filter on device bond0 [ 663.471472][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 663.504193][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 663.542640][T25485] 8021q: adding VLAN 0 to HW filter on device team0 [ 663.600993][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 663.610551][T25631] netlink: 256 bytes leftover after parsing attributes in process `syz.0.9415'. [ 663.623042][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 663.631904][ T155] bridge0: port 1(bridge_slave_0) entered blocking state [ 663.639257][ T155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 663.689334][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 663.760863][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 663.790685][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 663.804511][ T155] bridge0: port 2(bridge_slave_1) entered blocking state [ 663.811629][ T155] bridge0: port 2(bridge_slave_1) entered forwarding state [ 663.847095][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 663.872971][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 663.886356][T25649] fuse: Bad value for 'fd' [ 663.946808][T16600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 663.960080][T16600] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 664.017428][T16600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 664.049366][T16600] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 664.071270][T16600] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 664.091457][T16600] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 664.355693][T16600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 664.463405][ T4255] Bluetooth: hci3: command 0x041b tx timeout [ 664.495790][T16600] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 664.608868][T16600] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 664.892388][T25663] netlink: 108 bytes leftover after parsing attributes in process `syz.2.9427'. [ 665.310377][T16600] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 665.321057][T16600] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 665.365246][T25485] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 665.751671][ T4474] device hsr_slave_0 left promiscuous mode [ 665.816768][ T4474] device hsr_slave_1 left promiscuous mode [ 665.898911][T25751] overlayfs: missing 'lowerdir' [ 665.994075][ T4474] device veth1_macvtap left promiscuous mode [ 666.002316][ T4474] device veth0_macvtap left promiscuous mode [ 666.008624][ T4474] device veth1_vlan left promiscuous mode [ 666.030875][ T4474] device veth0_vlan left promiscuous mode [ 666.380879][ T4474] team0 (unregistering): Port device team_slave_1 removed [ 666.397913][ T4474] team0 (unregistering): Port device team_slave_0 removed [ 666.409548][ T4474] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 666.457539][ T4474] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 666.552085][ T4240] Bluetooth: hci3: command 0x040f tx timeout [ 666.586995][ T4474] bond0 (unregistering): Released all slaves [ 666.607566][T25755] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9453'. [ 666.774514][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 666.805472][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 666.825044][T25789] netlink: 80 bytes leftover after parsing attributes in process `syz.0.9470'. [ 666.886994][T25485] device veth0_vlan entered promiscuous mode [ 666.932995][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 666.995191][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 667.020976][T25485] device veth1_vlan entered promiscuous mode [ 667.073333][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 667.095456][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 667.133078][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 667.622761][T16636] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 667.922868][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 667.994865][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 668.036323][T25485] device veth0_macvtap entered promiscuous mode [ 668.050680][T25821] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9480'. [ 668.125489][T25821] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 668.244652][T25821] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 668.309595][T25821] bond0 (unregistering): Released all slaves [ 668.370647][T25485] device veth1_macvtap entered promiscuous mode [ 668.385901][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 668.398942][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 668.516469][T25485] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 668.541549][T16636] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 668.556781][T16636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 668.598204][T25485] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 668.632034][ T13] Bluetooth: hci3: command 0x0419 tx timeout [ 668.654402][T16636] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 668.667857][T16636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 668.707970][T25485] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 668.758277][T25485] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 668.782560][T25485] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 668.805598][T25485] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 669.071777][ T1226] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 669.080217][ T1226] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 669.131950][T16636] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 669.160825][ T1226] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 669.228232][ T1226] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 669.266647][T16636] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 670.348589][T25961] netlink: 'syz.0.9533': attribute type 1 has an invalid length. [ 670.393525][T25961] netlink: 'syz.0.9533': attribute type 1 has an invalid length. [ 671.246901][T26005] netlink: 32 bytes leftover after parsing attributes in process `syz.2.9548'. [ 673.040455][ T5192] Bluetooth: hci0: command 0x1003 tx timeout [ 673.063660][ T4199] Bluetooth: hci0: sending frame failed (-49) [ 673.157102][T26069] netlink: 'syz.5.9570': attribute type 4 has an invalid length. [ 673.165346][T26069] netlink: 17 bytes leftover after parsing attributes in process `syz.5.9570'. [ 673.507683][T26091] device macsec0 entered promiscuous mode [ 673.592076][T26095] loop2: detected capacity change from 0 to 8 [ 673.917745][T26109] bond1: (slave ip6gretap0): Enslaving as a backup interface with an up link [ 674.011609][T16600] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 674.154345][T26114] tmpfs: Unknown parameter 'no' [ 674.211578][T16600] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 675.101518][ T5192] Bluetooth: hci0: command 0x1001 tx timeout [ 675.107780][ T4199] Bluetooth: hci0: sending frame failed (-49) [ 675.706837][T26204] netlink: 'syz.1.9616': attribute type 1 has an invalid length. [ 675.781485][T26204] netlink: 'syz.1.9616': attribute type 3 has an invalid length. [ 677.181291][ T4173] Bluetooth: hci0: command 0x1009 tx timeout [ 677.298085][T26285] overlayfs: missing 'lowerdir' [ 677.519004][T26295] netlink: 72 bytes leftover after parsing attributes in process `syz.1.9656'. [ 678.696108][T26320] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9668'. [ 678.883990][T26330] netlink: 'syz.2.9673': attribute type 2 has an invalid length. [ 678.944760][T26336] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9673'. [ 679.085948][T26344] netlink: 'syz.0.9679': attribute type 32 has an invalid length. [ 679.897726][T26391] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9700'. [ 679.937265][T26391] netlink: 32 bytes leftover after parsing attributes in process `syz.5.9700'. [ 681.504406][T26457] netlink: 48 bytes leftover after parsing attributes in process `syz.6.9725'. [ 682.281951][T26491] overlayfs: failed to resolve './file1': -2 [ 682.523585][T26499] fuseblk: Bad value for 'fd' [ 682.942785][T26534] netlink: 188 bytes leftover after parsing attributes in process `syz.5.9761'. [ 683.049985][T26542] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9765'. [ 684.484463][T26654] netlink: 60 bytes leftover after parsing attributes in process `syz.2.9811'. [ 684.493695][ T4173] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 684.814421][T26671] netlink: 'syz.2.9827': attribute type 1 has an invalid length. [ 684.829151][T26671] netlink: 'syz.2.9827': attribute type 2 has an invalid length. [ 684.934568][T26678] netlink: 44 bytes leftover after parsing attributes in process `syz.1.9821'. [ 684.957700][T26678] netlink: 67 bytes leftover after parsing attributes in process `syz.1.9821'. [ 685.031150][ T4173] usb 1-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 685.048778][T26685] netlink: 32 bytes leftover after parsing attributes in process `syz.1.9826'. [ 685.060599][ T4173] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 685.090848][ T4173] usb 1-1: Product: syz [ 685.095243][ T4173] usb 1-1: Manufacturer: syz [ 685.099853][ T4173] usb 1-1: SerialNumber: syz [ 685.128650][ T4173] usb 1-1: config 0 descriptor?? [ 685.202781][ T4173] i2c-tiny-usb 1-1:0.0: version 6d.cc found at bus 001 address 007 [ 685.753825][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.760161][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.800485][T26734] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9849'. [ 685.841695][T26733] netlink: 'syz.2.9848': attribute type 12 has an invalid length. [ 685.871072][ T4173] i2c i2c-1: failure reading functionality [ 685.895563][ T4173] i2c i2c-1: connected i2c-tiny-usb device [ 685.950907][ T5192] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 685.978955][ T4173] usb 1-1: USB disconnect, device number 7 [ 686.329498][T26770] overlayfs: failed to resolve './file1': -2 [ 686.340962][ T5192] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 686.358636][ T5192] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 686.380276][ T5192] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 686.434707][ T5192] usb 7-1: config 0 descriptor?? [ 686.451240][T26724] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 686.783504][ T5192] usbhid 7-1:0.0: can't add hid device: -71 [ 686.789524][ T5192] usbhid: probe of 7-1:0.0 failed with error -71 [ 686.814977][ T5192] usb 7-1: USB disconnect, device number 2 [ 687.509170][T26850] netlink: 96 bytes leftover after parsing attributes in process `syz.6.9888'. [ 687.590234][T26853] netlink: 188 bytes leftover after parsing attributes in process `syz.0.9891'. [ 687.839179][T26875] netlink: 44 bytes leftover after parsing attributes in process `syz.6.9899'. [ 688.008744][T26875] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9899'. [ 688.017952][T26875] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9899'. [ 688.027109][T26875] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9899'. [ 689.694001][T26966] netlink: 108 bytes leftover after parsing attributes in process `syz.6.9934'. [ 689.741053][T26966] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9934'. [ 690.679279][T27044] netlink: 56 bytes leftover after parsing attributes in process `syz.2.9963'. [ 690.823650][T27050] loop6: detected capacity change from 0 to 128 [ 690.851015][T27052] netlink: 172 bytes leftover after parsing attributes in process `syz.2.9966'. [ 690.910170][T27052] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9966'. [ 690.960641][T27052] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9966'. [ 692.693203][T27123] overlayfs: failed to clone upperpath [ 693.002903][T27140] 9pnet_virtio: no channels available for device syz [ 693.234541][T27159] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10002'. [ 693.628232][T27181] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10011'. [ 695.157807][ T26] audit: type=1326 audit(16778396.110:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27219 comm="syz.5.10022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 695.162469][T27222] netlink: 'syz.5.10022': attribute type 4 has an invalid length. [ 695.225708][ T26] audit: type=1326 audit(16778396.110:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27219 comm="syz.5.10022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 695.276504][T27222] netlink: 'syz.5.10022': attribute type 3 has an invalid length. [ 695.295512][ T26] audit: type=1326 audit(16778396.120:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27219 comm="syz.5.10022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 695.330783][T27222] netlink: 132 bytes leftover after parsing attributes in process `syz.5.10022'. [ 695.336107][T27235] binder: 27234:27235 ioctl 40046205 0 returned -22 [ 695.349493][T27235] binder: 27234:27235 ioctl c0306201 200000000300 returned -11 [ 695.456464][ T26] audit: type=1326 audit(16778396.120:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27219 comm="syz.5.10022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 695.582778][ T26] audit: type=1326 audit(16778396.120:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27219 comm="syz.5.10022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 695.641869][T27251] 9pnet: Could not find request transport: f [ 695.678422][ T26] audit: type=1326 audit(16778396.120:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27219 comm="syz.5.10022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 695.775181][ T26] audit: type=1326 audit(16778396.120:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27219 comm="syz.5.10022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 695.853919][ T26] audit: type=1326 audit(16778396.120:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27219 comm="syz.5.10022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 695.956828][ T26] audit: type=1326 audit(16778396.120:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27219 comm="syz.5.10022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 696.031704][ T26] audit: type=1326 audit(16778396.120:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27219 comm="syz.5.10022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f14786c9 code=0x7ffc0000 [ 696.158393][T27281] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10050'. [ 696.188488][ T155] Bluetooth: hci0: Frame reassembly failed (-84) [ 696.694497][T27304] loop6: detected capacity change from 0 to 4096 [ 697.820200][ T5193] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 698.190325][ T5193] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 698.210826][ T5193] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 698.230985][ T5193] usb 7-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 698.250173][ T5193] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 698.269448][ T4173] Bluetooth: hci0: command 0x1003 tx timeout [ 698.277098][ T4199] Bluetooth: hci0: sending frame failed (-49) [ 698.284702][ T5193] usb 7-1: config 0 descriptor?? [ 698.700332][ T5193] usbhid 7-1:0.0: can't add hid device: -71 [ 698.707439][ T5193] usbhid: probe of 7-1:0.0 failed with error -71 [ 698.729225][ T5193] usb 7-1: USB disconnect, device number 3 [ 699.276330][T27424] overlayfs: failed to clone upperpath [ 699.320189][T27427] x_tables: duplicate underflow at hook 2 [ 699.532738][T27442] loop6: detected capacity change from 0 to 2048 [ 699.898684][T27470] loop6: detected capacity change from 0 to 256 [ 700.300025][ T5193] Bluetooth: hci0: command 0x1001 tx timeout [ 700.306188][ T4199] Bluetooth: hci0: sending frame failed (-49) [ 701.981876][T27532] binder: 27531:27532 ioctl 40046205 0 returned -22 [ 702.011887][T27532] binder: 27531:27532 ioctl c0306201 200000000300 returned -11 [ 702.155685][T27553] sctp: [Deprecated]: syz.5.10180 (pid 27553) Use of int in max_burst socket option. [ 702.155685][T27553] Use struct sctp_assoc_value instead [ 702.379956][ T5193] Bluetooth: hci0: command 0x1009 tx timeout [ 704.819630][T27630] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10215'. [ 705.340879][T27667] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10231'. [ 706.280747][T27722] fuse: Unknown parameter '&' [ 706.376304][T27728] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10264'. [ 706.554358][T27742] 9pnet: Insufficient options for proto=fd [ 706.581349][T27749] overlayfs: missing 'lowerdir' [ 706.870510][T16636] wlan0: Trigger new scan to find an IBSS to join [ 707.067341][T27776] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10283'. [ 707.174901][T27782] netlink: 'syz.6.10287': attribute type 10 has an invalid length. [ 707.184197][T27782] netlink: 40 bytes leftover after parsing attributes in process `syz.6.10287'. [ 707.302891][T27782] team0: Port device geneve0 added [ 708.331526][T27866] fuse: Bad value for 'fd' [ 708.494773][T27876] loop2: detected capacity change from 0 to 512 [ 708.552110][T27876] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 708.559317][T27876] EXT4-fs (loop2): inline encryption not supported [ 708.577168][T27876] EXT4-fs (loop2): Test dummy encryption mode enabled [ 708.594697][T27876] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 708.609661][T27876] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 708.654645][T27876] EXT4-fs (loop2): 1 truncate cleaned up [ 708.660552][T27876] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 708.994533][T27901] overlayfs: overlapping lowerdir path [ 709.559288][T27936] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10356'. [ 709.823935][T27949] loop2: detected capacity change from 0 to 512 [ 709.915657][T27949] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 709.946616][T27949] EXT4-fs (loop2): inline encryption not supported [ 709.981792][T27949] EXT4-fs (loop2): Test dummy encryption mode enabled [ 709.988750][T27949] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 710.041548][T27949] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 710.128551][T27949] EXT4-fs (loop2): 1 truncate cleaned up [ 710.154922][T27949] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 710.385482][T27976] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10374'. [ 711.819546][ T4472] wlan0: Trigger new scan to find an IBSS to join [ 712.124852][T28025] netlink: 'syz.1.10394': attribute type 10 has an invalid length. [ 712.159418][T28025] netlink: 40 bytes leftover after parsing attributes in process `syz.1.10394'. [ 712.192711][T28025] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 712.525786][T28047] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.10403' sets config #0 [ 712.557489][T28052] netlink: 16 bytes leftover after parsing attributes in process `syz.6.10406'. [ 712.736445][T28066] loop0: detected capacity change from 0 to 16 [ 712.839662][T28066] erofs: (device loop0): mounted with root inode @ nid 36. [ 712.901725][ T155] wlan0: Creating new IBSS network, BSSID 0e:df:46:b1:d6:93 [ 713.013613][T28078] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 713.090239][T28086] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10419'. [ 713.773632][T28132] autofs4:pid:28132:autofs_fill_super: called with bogus options [ 714.793062][ T26] kauditd_printk_skb: 5 callbacks suppressed [ 714.793075][ T26] audit: type=1804 audit(16778415.751:595): pid=28169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.10459" name="bus" dev="ramfs" ino=132874 res=1 errno=0 [ 714.855717][ T26] audit: type=1804 audit(16778415.781:596): pid=28169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.10459" name="bus" dev="ramfs" ino=132874 res=1 errno=0 [ 716.902402][T28222] loop0: detected capacity change from 0 to 1024 [ 717.246756][T28241] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10486'. [ 717.271524][T28241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.10486'. [ 717.365567][ T26] audit: type=1326 audit(16778418.321:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28249 comm="syz.0.10493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 717.411073][ T26] audit: type=1326 audit(16778418.341:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28249 comm="syz.0.10493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 717.435178][ T26] audit: type=1326 audit(16778418.351:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28249 comm="syz.0.10493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 717.467511][ T26] audit: type=1326 audit(16778418.351:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28249 comm="syz.0.10493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 717.495619][ T26] audit: type=1326 audit(16778418.351:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28249 comm="syz.0.10493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 717.521095][ T26] audit: type=1326 audit(16778418.351:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28249 comm="syz.0.10493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 717.546200][ T26] audit: type=1326 audit(16778418.351:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28249 comm="syz.0.10493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 717.574773][ T26] audit: type=1326 audit(16778418.351:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28249 comm="syz.0.10493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488be8f6c9 code=0x7ffc0000 [ 718.112371][T28304] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10516'. [ 718.375146][T28322] x_tables: duplicate underflow at hook 1 [ 718.526056][T28331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10529'. [ 718.556053][T28331] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10529'. [ 718.557237][T28333] loop6: detected capacity change from 0 to 512 [ 718.587352][T28331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10529'. [ 718.607238][T28331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10529'. [ 718.821175][T28351] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10538'. [ 718.958740][T28363] netlink: 64 bytes leftover after parsing attributes in process `syz.5.10544'. [ 718.973933][T28361] loop2: detected capacity change from 0 to 1024 [ 719.034299][T28361] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 719.129575][T28361] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000080,nodelalloc,grpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 721.219170][ T5192] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 721.520119][T28472] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10602'. [ 721.629204][ T5192] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 721.659125][ T5192] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 721.708763][ T5192] usb 3-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 721.738344][ T5192] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 721.777662][ T5192] usb 3-1: config 0 descriptor?? [ 827.382810][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 827.389794][ C0] rcu: 1-...!: (1 GPs behind) idle=78b/1/0x4000000000000000 softirq=82634/82635 fqs=6 [ 827.401306][ C0] (detected by 0, t=10502 jiffies, g=98933, q=343) [ 827.407903][ C0] Sending NMI from CPU 0 to CPUs 1: [ 827.413108][ C1] NMI backtrace for cpu 1 [ 827.413118][ C1] CPU: 1 PID: 4173 Comm: kworker/1:3 Not tainted syzkaller #0 [ 827.413133][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 827.413144][ C1] Workqueue: events nsim_dev_trap_report_work [ 827.413184][ C1] RIP: 0010:__netif_schedule+0x99/0x2c0 [ 827.413200][ C1] Code: f3 f3 41 c6 44 0d 0b f3 e8 84 db a1 f9 48 8d bb 88 01 00 00 be 08 00 00 00 e8 33 45 e6 f9 31 f6 f0 48 0f ba ab 88 01 00 00 00 <41> 0f 93 c6 40 0f 92 c6 bf 02 00 00 00 e8 b5 dd a1 f9 45 84 f6 75 [ 827.413212][ C1] RSP: 0018:ffffc90000dd0ba0 EFLAGS: 00000047 [ 827.413223][ C1] RAX: ffffffff87d5f001 RBX: ffff888021308000 RCX: ffffffff87d5f09d [ 827.413233][ C1] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff888021308188 [ 827.413242][ C1] RBP: ffffc90000dd0c70 R08: dffffc0000000000 R09: ffffed1004261032 [ 827.413252][ C1] R10: ffffed1004261032 R11: 1ffff11004261031 R12: ffff8880213082e8 [ 827.413262][ C1] R13: 1ffff920001ba178 R14: ffff888021308000 R15: 00493c0054000000 [ 827.413273][ C1] FS: 0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000 [ 827.413285][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 827.413295][ C1] CR2: 000000110c33e061 CR3: 00000000220f1000 CR4: 00000000003506e0 [ 827.413307][ C1] Call Trace: [ 827.413314][ C1] [ 827.413322][ C1] ? read_lock_is_recursive+0x10/0x10 [ 827.413338][ C1] ? do_raw_spin_lock+0x11d/0x280 [ 827.413351][ C1] ? netif_get_num_default_rss_queues+0xc0/0xc0 [ 827.413365][ C1] ? __rwlock_init+0x140/0x140 [ 827.413382][ C1] advance_sched+0x74c/0x940 [ 827.413403][ C1] __hrtimer_run_queues+0x53d/0xc40 [ 827.413422][ C1] ? taprio_free_sched_cb+0x190/0x190 [ 827.413442][ C1] ? hrtimer_interrupt+0x8d0/0x8d0 [ 827.413456][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0 [ 827.413474][ C1] hrtimer_interrupt+0x3bb/0x8d0 [ 827.413500][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0 [ 827.413514][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0 [ 827.413531][ C1] [ 827.413534][ C1] [ 827.413539][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 827.413554][ C1] RIP: 0010:unwind_next_frame+0x8bb/0x1d90 [ 827.413570][ C1] Code: 04 28 84 c0 0f 85 fa 12 00 00 4c 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0 0f 85 14 13 00 00 48 0f bf 02 48 01 c7 48 89 7c 24 08 <4d> 8d 7e 01 43 0f b6 04 2c 84 c0 0f 85 20 0f 00 00 4c 89 fa 48 c1 [ 827.413580][ C1] RSP: 0018:ffffc9000266f608 EFLAGS: 00000282 [ 827.413596][ C1] RAX: 0000000000000100 RBX: ffffc9000266f6c8 RCX: ffffffff8dacb4a0 [ 827.413605][ C1] RDX: ffffffff8e32c5ba RSI: ffffffff8e32c5ba RDI: ffffc9000266fc40 [ 827.413616][ C1] RBP: ffffc9000266f710 R08: 0000000000000001 R09: 0000000000000005 [ 827.413625][ C1] R10: fffff520004cdee5 R11: 1ffff920004cdee3 R12: 1ffffffff1c658b7 [ 827.413634][ C1] R13: dffffc0000000000 R14: ffffffff8e32c5be R15: ffffffff8e32c5bb [ 827.413653][ C1] ? unwind_next_frame+0xac/0x1d90 [ 827.413670][ C1] ? nsim_dev_trap_report_work+0x7cb/0xb40 [ 827.413690][ C1] ? stack_trace_save+0xe0/0xe0 [ 827.413702][ C1] arch_stack_walk+0x10c/0x140 [ 827.413720][ C1] ? nsim_dev_trap_report_work+0x7cb/0xb40 [ 827.413733][ C1] ? kmem_cache_free+0x8f/0x210 [ 827.413746][ C1] stack_trace_save+0x98/0xe0 [ 827.413758][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 827.413769][ C1] ? kasan_set_free_info+0x1f/0x40 [ 827.413785][ C1] ? skb_release_data+0x6fe/0x850 [ 827.413799][ C1] ? consume_skb+0xa2/0x100 [ 827.413812][ C1] ? nsim_dev_trap_report_work+0x7cb/0xb40 [ 827.413824][ C1] ? process_one_work+0x863/0x1000 [ 827.413836][ C1] ? worker_thread+0xaa8/0x12a0 [ 827.413849][ C1] ? kthread+0x436/0x520 [ 827.413860][ C1] ? ret_from_fork+0x1f/0x30 [ 827.413874][ C1] ? memset+0x1e/0x40 [ 827.413888][ C1] kasan_set_track+0x4b/0x70 [ 827.413900][ C1] ? kasan_set_track+0x4b/0x70 [ 827.413912][ C1] ? kasan_set_free_info+0x1f/0x40 [ 827.413925][ C1] ? ____kasan_slab_free+0xd5/0x110 [ 827.413938][ C1] ? slab_free_freelist_hook+0xea/0x170 [ 827.413950][ C1] ? kmem_cache_free+0x8f/0x210 [ 827.413961][ C1] ? nsim_dev_trap_report_work+0x7cb/0xb40 [ 827.413994][ C1] ? skb_release_data+0x6fe/0x850 [ 827.414008][ C1] kasan_set_free_info+0x1f/0x40 [ 827.414022][ C1] ____kasan_slab_free+0xd5/0x110 [ 827.414037][ C1] slab_free_freelist_hook+0xea/0x170 [ 827.414051][ C1] ? nsim_dev_trap_report_work+0x7cb/0xb40 [ 827.414064][ C1] kmem_cache_free+0x8f/0x210 [ 827.414080][ C1] nsim_dev_trap_report_work+0x7cb/0xb40 [ 827.414103][ C1] process_one_work+0x863/0x1000 [ 827.414123][ C1] ? worker_detach_from_pool+0x240/0x240 [ 827.414136][ C1] ? lockdep_hardirqs_off+0x70/0x100 [ 827.414151][ C1] ? _raw_spin_lock_irq+0xab/0xe0 [ 827.414163][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 827.414177][ C1] ? wq_worker_running+0x97/0x170 [ 827.414190][ C1] worker_thread+0xaa8/0x12a0 [ 827.414217][ C1] kthread+0x436/0x520 [ 827.414228][ C1] ? rcu_lock_release+0x20/0x20 [ 827.414240][ C1] ? kthread_blkcg+0xd0/0xd0 [ 827.414253][ C1] ret_from_fork+0x1f/0x30 [ 827.414273][ C1] [ 827.415101][ C0] rcu: rcu_preempt kthread starved for 10490 jiffies! g98933 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 827.914191][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 827.924155][ C0] rcu: RCU grace-period kthread stack dump: [ 827.930029][ C0] task:rcu_preempt state:R running task stack:28064 pid: 15 ppid: 2 flags:0x00004000 [ 827.940809][ C0] Call Trace: [ 827.944086][ C0] [ 827.947012][ C0] __schedule+0x11bb/0x4390 [ 827.951521][ C0] ? _raw_spin_lock_irqsave+0x7f/0xf0 [ 827.956888][ C0] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 827.963040][ C0] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 827.968922][ C0] ? _raw_spin_unlock+0x40/0x40 [ 827.973762][ C0] ? rcu_is_watching+0x11/0xa0 [ 827.978539][ C0] ? release_firmware_map_entry+0x190/0x190 [ 827.984438][ C0] schedule+0x11b/0x1e0 [ 827.988587][ C0] schedule_timeout+0x15c/0x280 [ 827.993531][ C0] ? console_conditional_schedule+0x40/0x40 [ 827.999417][ C0] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 828.005301][ C0] ? update_process_times+0x200/0x200 [ 828.010692][ C0] ? prepare_to_swait_event+0x331/0x350 [ 828.016258][ C0] rcu_gp_fqs_loop+0x29e/0x11b0 [ 828.021117][ C0] ? dyntick_save_progress_counter+0x230/0x230 [ 828.027393][ C0] ? rcu_gp_init+0x10e0/0x10e0 [ 828.032782][ C0] ? _raw_spin_unlock_irq+0x1f/0x40 [ 828.037977][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 828.043171][ C0] rcu_gp_kthread+0x98/0x350 [ 828.047757][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 828.052861][ C0] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 828.058746][ C0] ? __kthread_parkme+0x157/0x1b0 [ 828.063887][ C0] kthread+0x436/0x520 [ 828.067946][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 828.073047][ C0] ? kthread_blkcg+0xd0/0xd0 [ 828.077631][ C0] ret_from_fork+0x1f/0x30 [ 828.082061][ C0] [ 828.085071][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 828.091493][ C0] NMI backtrace for cpu 0 [ 828.095829][ C0] CPU: 0 PID: 28505 Comm: syz.1.10608 Not tainted syzkaller #0 [ 828.103364][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 828.113409][ C0] Call Trace: [ 828.116691][ C0] [ 828.119530][ C0] dump_stack_lvl+0x168/0x230 [ 828.124213][ C0] ? show_regs_print_info+0x20/0x20 [ 828.129410][ C0] ? load_image+0x3b0/0x3b0 [ 828.133914][ C0] ? irq_work_queue+0xbf/0x140 [ 828.138685][ C0] nmi_cpu_backtrace+0x397/0x3d0 [ 828.143619][ C0] ? nmi_trigger_cpumask_backtrace+0x280/0x280 [ 828.149772][ C0] ? _printk+0xcc/0x110 [ 828.153925][ C0] ? cpu_online+0x1d/0x30 [ 828.158261][ C0] ? load_image+0x3b0/0x3b0 [ 828.162762][ C0] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 828.168828][ C0] nmi_trigger_cpumask_backtrace+0x163/0x280 [ 828.174805][ C0] rcu_check_gp_kthread_starvation+0x1cd/0x250 [ 828.180969][ C0] print_other_cpu_stall+0x10c8/0x1220 [ 828.186445][ C0] ? print_cpu_stall+0x5f0/0x5f0 [ 828.191380][ C0] ? timekeeping_advance+0x7f6/0xac0 [ 828.196661][ C0] ? __lock_acquire+0x7c60/0x7c60 [ 828.201695][ C0] rcu_sched_clock_irq+0x831/0x1110 [ 828.206890][ C0] ? rcutree_dead_cpu+0x20/0x20 [ 828.211739][ C0] ? account_process_tick+0x227/0x3a0 [ 828.217118][ C0] update_process_times+0x193/0x200 [ 828.222317][ C0] tick_sched_timer+0x37d/0x560 [ 828.227163][ C0] __hrtimer_run_queues+0x4fe/0xc40 [ 828.232372][ C0] ? tick_setup_sched_timer+0x2c0/0x2c0 [ 828.237921][ C0] ? hrtimer_interrupt+0x8d0/0x8d0 [ 828.243028][ C0] ? ktime_get_update_offsets_now+0x3ce/0x3e0 [ 828.249095][ C0] hrtimer_interrupt+0x3bb/0x8d0 [ 828.254050][ C0] __sysvec_apic_timer_interrupt+0x137/0x4a0 [ 828.260026][ C0] sysvec_apic_timer_interrupt+0x9b/0xc0 [ 828.265669][ C0] [ 828.268590][ C0] [ 828.271513][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 828.277497][ C0] RIP: 0010:smp_call_function_many_cond+0xb88/0xd70 [ 828.284102][ C0] Code: b6 44 05 00 84 c0 0f 85 9d 00 00 00 41 8b 1c 24 89 de 83 e6 01 31 ff e8 66 49 0b 00 83 e3 01 75 07 e8 fc 45 0b 00 eb 43 f3 90 <48> b8 00 00 00 00 00 fc ff df 41 0f b6 44 05 00 84 c0 75 11 41 f7 [ 828.303717][ C0] RSP: 0018:ffffc90002e8f4e0 EFLAGS: 00000293 [ 828.309781][ C0] RAX: ffffffff816c863b RBX: 0000000000000001 RCX: ffff888079c88000 [ 828.317746][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 828.325719][ C0] RBP: ffffc90002e8f620 R08: dffffc0000000000 R09: ffffed101720767b [ 828.333699][ C0] R10: ffffed101720767b R11: 1ffff1101720767a R12: ffff8880b91405c8 [ 828.341674][ C0] R13: 1ffff110172280b9 R14: ffff8880b903b3c0 R15: 0000000000000001 [ 828.349647][ C0] ? smp_call_function_many_cond+0xbab/0xd70 [ 828.355638][ C0] ? native_flush_tlb_multi+0xd0/0xd0 [ 828.361005][ C0] ? smp_call_function_many+0x30/0x30 [ 828.366367][ C0] ? pgtable_pmd_page_dtor+0x1cb/0x280 [ 828.371822][ C0] ? tlb_remove_page+0xe/0x20 [ 828.376492][ C0] ? ___pmd_free_tlb+0x90/0x90 [ 828.381251][ C0] ? rcu_is_watching+0x11/0xa0 [ 828.386011][ C0] ? native_flush_tlb_multi+0xd0/0xd0 [ 828.391375][ C0] on_each_cpu_cond_mask+0x3b/0x80 [ 828.396489][ C0] flush_tlb_mm_range+0x360/0x560 [ 828.401512][ C0] ? flush_tlb_multi+0x50/0x50 [ 828.406278][ C0] tlb_flush_mmu_tlbonly+0x1b1/0x3f0 [ 828.411561][ C0] tlb_finish_mmu+0xc5/0x2e0 [ 828.416149][ C0] exit_mmap+0x3a6/0x5f0 [ 828.420405][ C0] ? vm_brk+0x20/0x20 [ 828.424409][ C0] ? uprobe_clear_state+0x2f6/0x460 [ 828.429607][ C0] ? mm_update_next_owner+0x522/0x640 [ 828.434998][ C0] __mmput+0x115/0x3b0 [ 828.439064][ C0] exit_mm+0x567/0x6c0 [ 828.443127][ C0] ? xacct_add_tsk+0x4b0/0x4b0 [ 828.447894][ C0] ? do_exit+0x20a0/0x20a0 [ 828.452313][ C0] ? taskstats_exit+0x439/0xab0 [ 828.457159][ C0] ? tty_audit_exit+0x14e/0x1f0 [ 828.462009][ C0] do_exit+0x5a1/0x20a0 [ 828.466161][ C0] ? put_task_struct+0x80/0x80 [ 828.470920][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 828.476898][ C0] ? lock_chain_count+0x20/0x20 [ 828.481828][ C0] ? _raw_spin_lock_irq+0xab/0xe0 [ 828.486848][ C0] do_group_exit+0x12e/0x300 [ 828.491433][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 828.496625][ C0] get_signal+0x6ca/0x12c0 [ 828.501048][ C0] arch_do_signal_or_restart+0xc1/0x1300 [ 828.506683][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 828.512667][ C0] ? futex_exit_release+0x1c0/0x1c0 [ 828.517861][ C0] ? get_sigframe_size+0x10/0x10 [ 828.522808][ C0] ? exit_to_user_mode_loop+0x3b/0x130 [ 828.528263][ C0] exit_to_user_mode_loop+0x9e/0x130 [ 828.533548][ C0] exit_to_user_mode_prepare+0xee/0x180 [ 828.539130][ C0] syscall_exit_to_user_mode+0x16/0x40 [ 828.544581][ C0] do_syscall_64+0x58/0xa0 [ 828.548986][ C0] ? clear_bhb_loop+0x30/0x80 [ 828.553650][ C0] ? clear_bhb_loop+0x30/0x80 [ 828.558322][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 828.564207][ C0] RIP: 0033:0x7fbf3a6086c9 [ 828.568609][ C0] Code: Unable to access opcode bytes at RIP 0x7fbf3a60869f. [ 828.575971][ C0] RSP: 002b:00007fbf3886f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 828.584382][ C0] RAX: fffffffffffffe00 RBX: 00007fbf3a85efa8 RCX: 00007fbf3a6086c9 [ 828.592350][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbf3a85efa8 [ 828.600321][ C0] RBP: 00007fbf3a85efa0 R08: 0000000000000000 R09: 0000000000000000 [ 828.608283][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 828.616245][ C0] R13: 00007fbf3a85f038 R14: 00007ffea3b37750 R15: 00007ffea3b37838 [ 828.624222][ C0]