last executing test programs: 5m42.247967934s ago: executing program 3 (id=230): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_clone(0x1022000, 0x0, 0xfffffffffffffc76, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) 5m41.816059833s ago: executing program 3 (id=237): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@empty, @in6=@dev={0xfe, 0x80, '\x00', 0x2f}, 0x20, 0x0, 0x0, 0x0, 0x2, 0x20, 0x20, 0x0, 0x0, 0xee01}, {0x3, 0x0, 0x0, 0x0, 0x3, 0x1, 0x100000001}, {}, 0x4, 0x0, 0x1}, {{@in6=@private0, 0x0, 0x6c}, 0x2, @in6=@private0, 0x3501, 0x7, 0x0, 0xb7, 0xffffffff}}, 0xe8) 5m41.522331565s ago: executing program 3 (id=244): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r2, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23) 5m41.212032999s ago: executing program 3 (id=250): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x120c40a, &(0x7f0000000a00)={[{@noblock_validity}, {@dioread_lock}, {@nobh}, {@errors_remount}, {@inlinecrypt}, {@usrjquota, 0x2e}, {@sb={'sb', 0x3d, 0x7}}, {@nodiscard}, {@jqfmt_vfsv0}, {@noload}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@test_dummy_encryption}], [], 0x2c}, 0x81, 0x463, &(0x7f0000000480)="$eJzs3EtvG0UcAPD/bpK+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRqiIBoXJE/QTAEYlPwAkuCDiBuMIdIVWoF1oOaNHaa9c4dmrHTp3Gv5+02ZndtWf+3h17dsZOAH1rNP+TROyKiN8iYjgiBuoPGC2vbly/PHPz+uWZJLLszb+S/GHx9/XLM5VDk2K9s8iMpRHpJ0kcaFDuwsVLZ6fn5mYvFPmJxXPvTSxcvPTcmXPTp2dPz56fOnbs6JHJF1+Yer4rce7O67r/w/mD+46/ffX1mRNX3/nx67y+u4r9tXGUjXRc5miMVl+Tek92/Owby+5i3SxeNqa8rQ9GxFCp/Q/HQClXNhyvfdzTygHrKsuybOuKrdUewHIGbGJJ9LoGQG9UPujz+9/Kcge7Hz137eXyDVAe941iKe8ZjLQ4Zqjm/rbbRiPixPI/n+dLNByHAADorm/z/s+zjfp/aTxQc9w9xdzQSETcGxF7IuK+iNgbEfdHlI59MCIearP80br8yv7PL9vXFFiL8v7fS8Xc1v/7f5XeX4wMFLndpfiHklNn5mYPF6/JWAxtzfOTq5Tx3au/ftZsX23/L1/y8it9waIefw7WDdCdnF6c7iTmWtc+Ko0BLq2MP6nOBCQRsS8i9q/h+bdFxJmnvzrYbP/t41/F4BoqVCf7MuKp8vlfjrr4K5LV5ycntsXc7OGJylWx0k8/X3mjWfkdxd8F+fnf0fD6r8Y/ktTO1y60X8aV3z9tek+z1ut/S/JWKb2l2PbB9OLihcmILcnyyu1Ttx5byVeOz+MfO9Qg/ptZ/h737xfF4w5ERH4RPxwRj0TEo0XdH4uIxyPiUIPYsqXy+odXnnh37fGvrzz+k22d//YTA2e//6ZZ+a2d/6Ol1FixpZX3v1Yr2MlrBwAAAHeLtPQd+CQdr6bTdHy8/B3+vbEjnZtfWHzm1Pz750+Wvys/EkNpZaRruGY8dLIYG67kp+ryR0rjxlmWZdtL+fGZ+bn1mlMHWrOzSfvP/THQ69oB666teTS/8IJNpQvz6MBdSvuH/qX9Q//S/qF/NWr/SxE3elAV4A67zef/rf8SAGw6+v/Qv7R/6F/aP/SlTn7Xv1piz/H1eubNlhjYGNVoOxHphqhGS4mh4mqvbkk3SMVKia0R0erBS3GnKtbjNyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu+S8AAP//28vuNQ==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1887008, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e) 5m38.805001683s ago: executing program 3 (id=280): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x84) r2 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, 0x0, 0x0) 5m34.267903087s ago: executing program 3 (id=323): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) io_setup(0x7, &(0x7f0000000080)=0x0) io_pgetevents(r2, 0x3, 0x3, &(0x7f00000000c0)=[{}, {}, {}], &(0x7f0000000180)={0x77359400}, 0x0) 5m33.96689097s ago: executing program 32 (id=323): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) io_setup(0x7, &(0x7f0000000080)=0x0) io_pgetevents(r2, 0x3, 0x3, &(0x7f00000000c0)=[{}, {}, {}], &(0x7f0000000180)={0x77359400}, 0x0) 3m4.277923826s ago: executing program 0 (id=3461): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) futex(0x0, 0x80000000000b, 0x0, 0x0, 0x0, 0x300) 3m4.119805523s ago: executing program 0 (id=3465): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000300)={0x0, 0x2a, r3}) 3m3.905638182s ago: executing program 0 (id=3466): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000140), 0x0, 0x0) 3m3.764382598s ago: executing program 0 (id=3467): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x2810489, &(0x7f00000008c0)={[{@anchor={'anchor', 0x3d, 0x10000}}, {@adinicb}, {@unhide}, {@umask={'umask', 0x3d, 0x80}}, {@unhide}, {@lastblock={'lastblock', 0x3d, 0xb42b}}, {@shortad}, {@uid_forget}, {@shortad}, {@uid_ignore}, {@umask={'umask', 0x3d, 0x7}}, {@uid}, {@gid}, {@dmode={'dmode', 0x3d, 0x9}}, {@fileset={'fileset', 0x3d, 0x3}}]}, 0x9, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG") mount(0x0, 0x0, 0x0, 0x0, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc13, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x2020) 3m2.926100494s ago: executing program 0 (id=3479): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) quotactl_fd$Q_GETINFO(r3, 0xffffffff80000500, 0x0, 0x0) 3m2.042294043s ago: executing program 0 (id=3491): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$netlink(0x10, 0x3, 0xf) writev(r3, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190019000400ad000d00030000000006040000000000f93132", 0x39}], 0x1) 3m1.675217428s ago: executing program 33 (id=3491): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$netlink(0x10, 0x3, 0xf) writev(r3, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190019000400ad000d00030000000006040000000000f93132", 0x39}], 0x1) 21.932140517s ago: executing program 5 (id=6484): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) listen(0xffffffffffffffff, 0x0) 21.596162641s ago: executing program 5 (id=6491): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB, @ANYBLOB=',acce']) 21.403922809s ago: executing program 5 (id=6495): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0x1, 0x2527, 0x0, 0x40, 0xa204, 0xffffffffffffff2d, 0x832}, 0x0, 0x0) 20.44805192s ago: executing program 5 (id=6513): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x12c5008, 0x0) mount$bind(0x0, &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x80000, 0x0) 20.284156387s ago: executing program 5 (id=6517): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x181000, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000300)=0x2) 20.076363657s ago: executing program 5 (id=6523): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = getpgrp(0x0) ptrace(0x10, r4) 19.862692756s ago: executing program 34 (id=6523): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = getpgrp(0x0) ptrace(0x10, r4) 5.245976384s ago: executing program 2 (id=6746): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00), 0x1, 0x41) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) sendto$packet(r3, &(0x7f00000002c0)="05031600d3fc140000004788031c", 0xe, 0x4, &(0x7f0000000140)={0x11, 0x8100, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) 5.026642943s ago: executing program 2 (id=6750): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000407d1ef62c00000400000109022400010000000009040000010300020009210000000122070009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000000)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00!\a'], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000001500)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="200103"], 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000940)={0x84, &(0x7f0000002140)=ANY=[@ANYBLOB='@\r\r'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000002100)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000002000)={0x20, 0x1, 0xd, "b68ef1c291785b8e54bef54eed"}, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f00000003c0)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x1, 0xd, "1b5f16d1fd98e4568487f083be"}, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000600)={0x18, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x1, 0xe, "075e9ca734a8e424627abc7978e2"}, 0x0}) 3.651810452s ago: executing program 1 (id=6777): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x111) 3.514305199s ago: executing program 1 (id=6779): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket(0x10, 0x803, 0x0) sendto(r4, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r4, &(0x7f0000003480)=[{{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000340)=""/77, 0x4d}, {&(0x7f0000000d00)=""/225, 0xe1}, {&(0x7f0000000000)=""/12, 0xc}, {&(0x7f0000001100)=""/4096, 0x1000}, {&(0x7f0000002100)=""/4096, 0x1000}], 0x5}, 0x7}], 0x2, 0x2000, 0x0) 3.351134336s ago: executing program 1 (id=6781): r0 = openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}}) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="1201000000000010711e0920000000000001090224000100000000090400090103000100092105000001220500090581030002"], 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_open_dev$hidraw(&(0x7f0000000100), 0x0, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000680)=0x9) ioctl$TCXONC(r2, 0x540a, 0x0) syz_usb_ep_write(r1, 0x81, 0x1, &(0x7f0000000140)='g') r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r3, 0xffffffffffffffff, 0x0) 2.005389813s ago: executing program 4 (id=6806): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000440)={0x7}, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000001200410a"], 0x20}}, 0x0) 1.833324191s ago: executing program 4 (id=6810): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x14, 0x11, 0x0, 0x1, @meta={{0x9}, @val={0x4}}}]}], {0x14, 0x10}}, 0x98}}, 0x0) 1.62776018s ago: executing program 4 (id=6814): socket$inet6_tcp(0xa, 0x1, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000400), 0x2, 0x454, &(0x7f0000000a00)="$eJzs3M1vFOUfAPDvzG7Lr7z8WhVfeFGraGx8aWlB5eBFowkHTUz0gMe1LQRZqKFrIoQoGoNHQ+LdeDTxL/CkF6OeTLzq3ZAQwgX0tGZ2Z9jtultoWbqV/XySgeeZmc3z/e4zz+4z87AEMLQmsz+SiO0R8XtEjDerK0+YbP51/eq5+b+unptPol5/60rSOO/a1XPzxanF67bllak0Iv0siT1d2l0+c/ZEpVpdPJ3XZ2on359ZPnP2ueMnK8cWjy2emjt06OCB2RdfmHu+L3lmMV3b/dHS3l2H37n4xvyRi+/+/G1S5N+RR59MrnbwyXq9z80N1o62clIeYCCsSSkisu4aaYz/8ShFq/PG47VPBxoccEfV6/X6tt6Hz9eBu1gSg44AGIziiz67/y22DZp6bAqXX27eAGV5X8+35pFypPk5Ix33t/00GRFHzv/9VbbFnXkOAQCwwvfZ/OfZbvO/NB5oO+//+drQRETcExH3RsR9EbEzIu6PaJz7YEQ8tMb2OxdJrtWudMx/0kvrSuwWZfO/l/K1rWzbEq38cxOlvLajkf9IcvR4dXF//p5MxciWrD67Shs/vPrbF72Otc//si2LoZgL5nFcKm9Z+ZqFSq1yOzm3u/xJxO5yK//W/De5sRKQRMSuiNi9zjaOP/3N3l7Hbp7/KvqwzlT/OuKpZv+fj478C8nq65Mz/4vq4v6Z4qr4t19+vfBmr/Zv5H94LGKt+fdB1v9bo3v/5yaS9vXa5bW3ceGPz7vc0zTH13qv/9Hk7UZ5NN/3YaVWOz0bMZq83gy6ff9c67VFvTg/y39qX7f808ZnXPFO7ImI7CJ+OCIeiYhH89gfi4jHI2LfKvn/9MoT7/U6dlvXfx9k+S+sqf9bhdHo3NO9UDrx43crGp3onX8puvX/wUZpKt9zK59/txLX+q5mAAAA+O9JI2J7JOn0jXKaTk83/738ztiaVpeWa88cXfrg1ELzNwITMZIWT7rG256Hzua39UV9rqN+IH9u/GVprFGfnl+qLgw6eRhy23qM/8yfpUFHB9xxfq8Fw8v4h+Fl/MPwMv5heHUZ/2ODiAPYeN2+/z8eQBzAxusY/5b9YIi4/4fhZfzD8DL+YSgtj8XNfySvsCkK5R7/D8NgCpFuijBOVMqbI4y7rTDoTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID++CcAAP//10jezw==") 1.609420881s ago: executing program 6 (id=6815): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000140), 0x82084, 0x0) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000400)={0xfffffffe, 0xe7, 0x6, 0x9357, 0x9, "ea7174ddb80fc7000002f7ffffffffd2a2d975", 0x4, 0x4}) ioctl$TIOCSTI(r0, 0x5412, 0x0) 1.600035391s ago: executing program 7 (id=6816): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001030000000000000000fc0100000000000000000000000000003ed300000000000000000000000000000000000000000000020010"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="8801000014"], 0x188}}, 0x0) 1.448131948s ago: executing program 7 (id=6817): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 1.433234778s ago: executing program 6 (id=6818): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x75}) sendmmsg$inet6(r2, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r4, 0x0, 0x7, &(0x7f0000000080)=0xcd, 0x4) 1.38257705s ago: executing program 7 (id=6819): openat$sndtimer(0xffffffffffffff9c, 0x0, 0x8000) prlimit64(0x0, 0xe, &(0x7f00000192c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_procfs(r0, &(0x7f0000019340)='net/snmp6\x00') pread64(r3, &(0x7f0000000200)=""/102385, 0x18ff1, 0xffffffffe) 1.287641894s ago: executing program 6 (id=6820): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000003c0)=ANY=[@ANYBLOB="88020000", @ANYRES16=r4, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="6102330050300100080211000001080211"], 0x288}, 0x1, 0x0, 0x0, 0x800}, 0x0) 1.286434884s ago: executing program 4 (id=6821): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) recvmmsg$unix(r1, 0x0, 0x0, 0x2, &(0x7f0000006540)={0x77359400}) 516.951367ms ago: executing program 1 (id=6822): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) io_setup(0x3, &(0x7f0000000740)=0x0) io_getevents(r4, 0x6, 0x6, &(0x7f0000000780)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000840)={0x0, 0x989680}) 444.16128ms ago: executing program 4 (id=6823): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket(0xb, 0x4, 0x4) 430.260871ms ago: executing program 2 (id=6824): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) semget$private(0x0, 0x2, 0x0) 398.416322ms ago: executing program 7 (id=6825): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000600)={0x1, 0x0, @pic={0x7, 0x7f, 0x0, 0x23, 0x6, 0xfe, 0x40, 0x1, 0x0, 0x8, 0x24, 0x0, 0x1, 0x60, 0x0, 0x3}}) 367.313664ms ago: executing program 6 (id=6826): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) recvmmsg(r4, &(0x7f00000056c0)=[{{0x0, 0x0, 0x0}, 0x958e}], 0x1, 0x40010100, 0x0) 248.059849ms ago: executing program 2 (id=6827): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket(0x2, 0x3, 0xff) bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) 247.903229ms ago: executing program 4 (id=6828): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$SIOCGIFHWADDR(r4, 0x8927, &(0x7f0000000040)={'nr0\x00'}) 247.773329ms ago: executing program 7 (id=6829): r0 = socket$inet_sctp(0x2, 0x1, 0x84) close(0x3) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x20, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}], 0x1, 0x4001) shutdown(r2, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30, 0x180}], 0x1, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000080)={r4, 0x3ff}, 0x8) 209.61512ms ago: executing program 1 (id=6830): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, 0x0) 206.761641ms ago: executing program 6 (id=6831): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0xc, 0x54404d0a08a4d8, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) 152.051593ms ago: executing program 2 (id=6832): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) write(r0, 0x0, 0x0) r3 = socket(0x10, 0x803, 0x0) sendto(r3, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {0x0}, {&(0x7f0000000580)=""/106, 0x6a}], 0x3}, 0x5}], 0x1, 0x2000, 0x0) 103.187025ms ago: executing program 1 (id=6833): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) sendmmsg$inet6(r0, 0x0, 0x0, 0x4) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) writev(r1, &(0x7f0000000180)=[{&(0x7f0000000200)="c082b44eb524", 0x6}, {&(0x7f0000000240)="a43b2eaab400000000000000", 0xc}], 0x2) 88.684656ms ago: executing program 2 (id=6834): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) clock_adjtime(0x0, &(0x7f0000000680)={0x4000019b1, 0x0, 0x0, 0xe1, 0x0, 0x9, 0xffffffffbfffffff, 0x0, 0xfffffffffffffff9, 0x10000e5, 0x0, 0x200, 0x400000, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfde, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x6, 0x253}) 75.772826ms ago: executing program 7 (id=6835): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) dup2(r5, r4) 0s ago: executing program 6 (id=6836): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]}) shutdown(0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): batadv_slave_0 [ 255.232294][T12342] binder: 12341:12342 ioctl c018620c 200000000000 returned -1 [ 255.262895][T12238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 255.371133][T12238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 255.501078][T12238] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 255.534453][T12238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 255.655034][T12238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 255.716638][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.723095][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.828275][T12238] device hsr_slave_0 entered promiscuous mode [ 255.914871][T12238] device hsr_slave_1 entered promiscuous mode [ 255.954202][T12238] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 255.964807][T12238] Cannot create hsr debugfs directory [ 256.174165][ T7] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 256.444367][ T7] usb 2-1: Using ep0 maxpacket: 8 [ 256.492815][T12238] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 256.546892][T12238] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 256.564267][ T7] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 256.582665][ T7] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 256.593001][ T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.623410][ T7] usb 2-1: config 0 descriptor?? [ 256.641583][T12238] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 256.659899][ T3523] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 256.696797][T12238] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 256.914365][ T7] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 256.921602][ T3523] usb 3-1: Using ep0 maxpacket: 16 [ 256.994978][ T7] Bluetooth: hci3: command 0x041b tx timeout [ 257.131444][T12238] 8021q: adding VLAN 0 to HW filter on device bond0 [ 257.175253][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 257.201184][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 257.214996][T12429] netlink: 104 bytes leftover after parsing attributes in process `syz.5.3577'. [ 257.230312][T12238] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.239304][ T3523] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 257.256755][ T3523] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 257.265971][ T3523] usb 3-1: Product: syz [ 257.281554][ T3523] usb 3-1: Manufacturer: syz [ 257.290461][ T3523] usb 3-1: SerialNumber: syz [ 257.306282][ T3523] usb 3-1: config 0 descriptor?? [ 257.390912][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 257.425423][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 257.436901][ T4639] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.444075][ T4639] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.460081][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 257.472536][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 257.486112][ T4639] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.493340][ T4639] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.506071][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 257.519856][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 257.574289][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 257.589346][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 257.627971][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 257.645627][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 257.669716][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 257.684315][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 257.693371][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 257.766187][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 257.789708][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 257.794558][ T3523] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 257.818428][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 257.837459][ T3523] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 257.851100][T12238] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 257.916241][ T3523] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 257.937645][ T3523] usb 3-1: media controller created [ 257.974453][ T1235] IPVS: stopping master sync thread 5427 ... [ 258.012352][ T3523] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 258.155718][ T3523] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 258.194249][ T3523] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 258.446193][T12238] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 258.455260][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 258.463351][ T6266] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 258.621691][T12472] loop4: detected capacity change from 0 to 128 [ 258.642742][ T1235] device hsr_slave_0 left promiscuous mode [ 258.726440][ T1235] device hsr_slave_1 left promiscuous mode [ 258.875908][ T1108] usb 2-1: USB disconnect, device number 5 [ 258.923731][ T1235] device veth1_macvtap left promiscuous mode [ 258.940124][ T1235] device veth0_macvtap left promiscuous mode [ 258.959261][ T1235] device veth1_vlan left promiscuous mode [ 258.990287][ T1235] device veth0_vlan left promiscuous mode [ 259.074265][ T7] Bluetooth: hci3: command 0x040f tx timeout [ 260.034153][T12496] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3595'. [ 260.082484][ T3523] usb 3-1: USB disconnect, device number 2 [ 260.491671][ T3523] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 260.815628][T12526] netlink: 'syz.5.3605': attribute type 28 has an invalid length. [ 260.989226][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 261.020517][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 261.044204][T12537] loop4: detected capacity change from 0 to 2048 [ 261.064191][ T3523] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 261.136359][ T4597] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 261.154718][ T4295] Bluetooth: hci3: command 0x0419 tx timeout [ 261.162398][T12537] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 261.205241][ T4597] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 261.245535][T12238] device veth0_vlan entered promiscuous mode [ 261.272335][ T4597] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 261.285918][ T4597] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 261.321755][T12238] device veth1_vlan entered promiscuous mode [ 261.444947][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 261.448921][ T3523] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 261.453351][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 261.506279][ T3523] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 261.541390][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 261.544939][T12556] binder: 12554:12556 ioctl c018620c 200000000000 returned -22 [ 261.571189][ T3523] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.595009][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 261.600937][ T3523] usb 3-1: config 0 descriptor?? [ 261.635998][T12238] device veth0_macvtap entered promiscuous mode [ 261.687173][T12238] device veth1_macvtap entered promiscuous mode [ 261.745442][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 261.806659][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 261.884876][T12238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.951793][T12238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.971339][T12238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.982449][T12238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.993277][T12238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.042698][T12238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.063133][T12238] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 262.111393][ T3523] keytouch 0003:0926:3333.0002: fixing up Keytouch IEC report descriptor [ 262.122706][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 262.138366][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 262.150657][ T3523] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0002/input/input10 [ 262.186450][T12238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.224901][T12238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.257267][T12587] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3628'. [ 262.290860][T12590] loop4: detected capacity change from 0 to 512 [ 262.295920][T12238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.305626][T12591] binder: 12588:12591 ioctl c018620c 200000000000 returned -22 [ 262.314339][T12238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.332522][T12238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.343788][T12238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.362003][T12238] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 262.372382][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 262.390411][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 262.407833][T12590] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 262.468381][T12238] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.484386][T12238] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.493139][T12238] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.498697][T12590] EXT4-fs error (device loop4): ext4_orphan_get:1427: comm syz.4.3630: bad orphan inode 131083 [ 262.506186][T12238] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.528443][ T3523] keytouch 0003:0926:3333.0002: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 262.600391][T12590] EXT4-fs (loop4): mounted filesystem without journal. Opts: stripe=0x000000000000003d,init_itable,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 262.688592][ T4296] usb 3-1: USB disconnect, device number 3 [ 262.818093][ T4303] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 262.822638][T12599] fido_id[12599]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 262.872599][ T4303] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 262.942327][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 263.013536][ T4274] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 263.057550][ T4274] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 263.103318][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 263.266165][T12617] binder: 12615:12617 ioctl c018620c 200000000000 returned -22 [ 263.733905][T12639] loop6: detected capacity change from 0 to 2048 [ 263.799637][T12639] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 264.026682][T12653] binder: 12652:12653 ioctl c018620c 200000000000 returned -22 [ 264.527742][ T6266] Bluetooth: hci5: Frame reassembly failed (-84) [ 264.553948][T12678] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 264.934316][T12693] loop1: detected capacity change from 0 to 512 [ 264.952091][T12698] binder: 12694:12698 ioctl 80089418 0 returned -22 [ 265.068198][T12693] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 265.114208][ T4265] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 265.178190][T12706] netlink: 'syz.6.3671': attribute type 1 has an invalid length. [ 265.197838][T12693] ext4 filesystem being mounted at /759/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 265.211904][ T26] audit: type=1326 audit(1763592506.086:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12707 comm="syz.2.3672" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3d9d253749 code=0x0 [ 265.524723][ T4265] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 265.564118][ T4265] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 265.605893][ T4265] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 265.655820][ T4265] usb 6-1: config 0 descriptor?? [ 266.165472][ T4265] keytouch 0003:0926:3333.0003: fixing up Keytouch IEC report descriptor [ 266.207127][ T4265] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0003/input/input11 [ 266.439316][ T4265] keytouch 0003:0926:3333.0003: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0 [ 266.584377][ T4296] Bluetooth: hci5: command 0x1003 tx timeout [ 266.591219][ T4200] Bluetooth: hci5: sending frame failed (-49) [ 266.690215][T12763] tipc: Enabling of bearer rejected, failed to enable media [ 266.775106][ T4265] usb 6-1: USB disconnect, device number 4 [ 266.819963][T12760] fido_id[12760]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0003/report_descriptor': No such device [ 266.950000][T12772] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3693'. [ 267.083838][T12772] team0 (unregistering): Port device team_slave_0 removed [ 267.169073][T12772] team0 (unregistering): Port device team_slave_1 removed [ 267.740581][T12800] binder: 12797:12800 ioctl c018620c 200000000000 returned -1 [ 267.909589][T12804] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3703'. [ 268.604984][T12838] binder: 12837:12838 ioctl c018620c 200000000000 returned -1 [ 268.664373][ T4242] Bluetooth: hci5: command 0x1001 tx timeout [ 268.670508][ T4200] Bluetooth: hci5: sending frame failed (-49) [ 269.237737][T12865] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3725'. [ 269.387761][T12875] binder: 12874:12875 ioctl c018620c 200000000000 returned -1 [ 270.051165][T12906] binder: 12904:12906 ioctl c018620c 200000000000 returned -1 [ 270.535235][ T26] audit: type=1326 audit(1763592511.406:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12929 comm="syz.1.3754" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x0 [ 270.710246][ T4296] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 270.732913][T12939] loop5: detected capacity change from 0 to 1024 [ 270.769842][ T4296] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 270.799343][ T4296] Bluetooth: hci5: command 0x1009 tx timeout [ 270.847346][T12944] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3759'. [ 270.951740][ T6266] hfsplus: b-tree write err: -5, ino 4 [ 271.070795][T12946] fido_id[12946]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 271.442871][T12967] netlink: 'syz.1.3768': attribute type 1 has an invalid length. [ 271.827858][T12981] binder: 12980:12981 ioctl c018620c 0 returned -14 [ 272.040138][T12991] syz.2.3780[12991] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 272.040248][T12991] syz.2.3780[12991] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 272.268195][T12999] loop2: detected capacity change from 0 to 256 [ 272.488867][T13007] binder: 13006:13007 ioctl c018620c 0 returned -14 [ 272.705603][T13014] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3790'. [ 273.120012][T13030] mmap: syz.1.3799 (13030): VmData 49209344 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 273.682297][ T26] audit: type=1326 audit(1763592514.546:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13045 comm="syz.5.3806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 273.766295][ T26] audit: type=1326 audit(1763592514.576:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13045 comm="syz.5.3806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 273.860827][ T26] audit: type=1326 audit(1763592514.586:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13045 comm="syz.5.3806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 273.944188][ T26] audit: type=1326 audit(1763592514.586:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13045 comm="syz.5.3806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 274.015347][ T26] audit: type=1326 audit(1763592514.586:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13045 comm="syz.5.3806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 274.087069][ T26] audit: type=1326 audit(1763592514.586:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13045 comm="syz.5.3806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 274.143775][ T26] audit: type=1326 audit(1763592514.586:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13045 comm="syz.5.3806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 274.176797][ T26] audit: type=1326 audit(1763592514.586:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13045 comm="syz.5.3806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 274.222425][ T26] audit: type=1326 audit(1763592514.586:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13045 comm="syz.5.3806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 275.164842][T13100] loop1: detected capacity change from 0 to 512 [ 275.238592][T13100] EXT4-fs (loop1): Ignoring removed nobh option [ 275.285842][T13100] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13 [ 275.325199][T13100] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.3828: attempt to clear invalid blocks 1 len 1 [ 275.421733][T13100] EXT4-fs (loop1): Remounting filesystem read-only [ 275.467606][T13100] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 275.530227][T13100] EXT4-fs (loop1): Remounting filesystem read-only [ 275.555774][T13100] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.3828: invalid indirect mapped block 1819239214 (level 0) [ 275.617605][T13100] EXT4-fs (loop1): Remounting filesystem read-only [ 275.659448][T13100] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.3828: invalid indirect mapped block 1819239214 (level 1) [ 275.718365][T13100] EXT4-fs (loop1): Remounting filesystem read-only [ 275.750061][T13100] EXT4-fs (loop1): 1 truncate cleaned up [ 275.794195][T13100] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,resuid=0x0000000000000000,jqfmt=vfsv1,errors=remount-ro,nobh,usrjquota=... Quota mode: writeback. [ 276.006933][T13138] netlink: 'syz.4.3841': attribute type 10 has an invalid length. [ 276.034300][T13138] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3841'. [ 276.057038][T13138] device dummy0 entered promiscuous mode [ 276.374223][ T4265] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 276.797875][ T4265] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 276.844102][ T4265] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 276.898273][ T4265] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 276.948048][ T4265] usb 6-1: config 0 descriptor?? [ 277.454078][ T4265] keytouch 0003:0926:3333.0005: fixing up Keytouch IEC report descriptor [ 277.719048][ T4265] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0005/input/input12 [ 278.288228][ T4265] keytouch 0003:0926:3333.0005: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0 [ 278.395035][ T4265] usb 6-1: USB disconnect, device number 5 [ 278.605257][T13205] loop6: detected capacity change from 0 to 256 [ 278.616985][T13201] fido_id[13201]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory [ 279.688716][T13250] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3879'. [ 279.832021][T13255] cgroup: No subsys list or none specified [ 280.289511][T13274] netlink: 196 bytes leftover after parsing attributes in process `syz.6.3890'. [ 280.982470][T13311] futex_wake_op: syz.6.3904 tries to shift op by 32; fix this program [ 281.775091][T13358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3925'. [ 282.551069][T13404] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3946'. [ 282.953269][T13430] loop2: detected capacity change from 0 to 512 [ 282.997098][T13430] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 283.037844][T13430] EXT4-fs (loop2): inline encryption not supported [ 283.055765][T13430] EXT4-fs (loop2): Test dummy encryption mode enabled [ 283.073142][T13430] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 283.093738][T13430] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 283.197348][T13430] EXT4-fs (loop2): 1 truncate cleaned up [ 283.203055][T13430] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 283.299613][T13451] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3960'. [ 283.789692][T13480] binder: Unknown parameter 'fscontext' [ 285.210495][ T3159] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 285.286034][T13564] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4002'. [ 285.334294][T13564] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4002'. [ 285.389950][T13564] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4002'. [ 285.429694][T13564] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4002'. [ 285.474146][ T3159] usb 5-1: Using ep0 maxpacket: 16 [ 285.509608][T13572] loop2: detected capacity change from 0 to 256 [ 285.594952][ T3159] usb 5-1: config index 0 descriptor too short (expected 65532, got 18) [ 285.617381][ T3159] usb 5-1: config 0 has an invalid interface number: 0 but max is -1 [ 285.651346][ T3159] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 285.854464][ T3159] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 285.863570][ T3159] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 285.914153][ T3159] usb 5-1: Product: syz [ 285.931864][ T3159] usb 5-1: Manufacturer: syz [ 285.954157][ T3159] usb 5-1: SerialNumber: syz [ 285.984775][ T3159] r8152-cfgselector 5-1: config 0 descriptor?? [ 286.513056][T13619] netlink: 72 bytes leftover after parsing attributes in process `syz.6.4024'. [ 286.530337][ T3159] r8152-cfgselector 5-1: Unknown version 0x0000 [ 286.554311][ T3159] r8152-cfgselector 5-1: bad CDC descriptors [ 286.611756][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 286.611772][ T26] audit: type=1326 audit(1780369972.477:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.2.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d9d253749 code=0x7fc00000 [ 286.612211][ T3159] r8152-cfgselector 5-1: Unknown version 0x0000 [ 286.733843][T13630] loop6: detected capacity change from 0 to 256 [ 286.755709][ T3159] r8152-cfgselector 5-1: USB disconnect, device number 3 [ 287.068181][T13642] loop1: detected capacity change from 0 to 1024 [ 287.223401][T13652] netlink: 128 bytes leftover after parsing attributes in process `syz.6.4035'. [ 287.284548][T13652] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4035'. [ 287.322471][ T26] audit: type=1326 audit(1780369973.187:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.2.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3d9d253749 code=0x7fc00000 [ 287.365608][T13652] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4035'. [ 287.436117][ T26] audit: type=1326 audit(1780369973.187:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.2.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d9d253749 code=0x7fc00000 [ 287.542963][ T26] audit: type=1326 audit(1780369973.187:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.2.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d9d253749 code=0x7fc00000 [ 287.655432][ T26] audit: type=1326 audit(1780369973.187:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.2.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d9d253749 code=0x7fc00000 [ 287.705937][T13675] netlink: 528 bytes leftover after parsing attributes in process `syz.1.4045'. [ 287.772720][ T26] audit: type=1326 audit(1780369973.187:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.2.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d9d253749 code=0x7fc00000 [ 287.864173][ T26] audit: type=1326 audit(1780369973.187:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.2.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d9d253749 code=0x7fc00000 [ 287.949897][ T26] audit: type=1326 audit(1780369973.187:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.2.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d9d253749 code=0x7fc00000 [ 288.085569][ T26] audit: type=1326 audit(1780369973.187:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.2.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d9d253749 code=0x7fc00000 [ 288.168635][T13699] tmpfs: Bad value for 'mpol' [ 288.181043][ T26] audit: type=1326 audit(1780369973.187:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.2.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d9d253749 code=0x7fc00000 [ 290.437507][T13828] netlink: 84 bytes leftover after parsing attributes in process `syz.5.4110'. [ 290.466737][T13834] loop6: detected capacity change from 0 to 512 [ 290.605706][T13834] EXT4-fs error (device loop6): ext4_orphan_get:1401: inode #15: comm syz.6.4112: inode has both inline data and extents flags [ 290.663200][T13846] overlayfs: missing 'lowerdir' [ 290.721169][T13834] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.4112: couldn't read orphan inode 15 (err -117) [ 290.741515][T13834] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 291.852768][T13878] netlink: 'syz.4.4133': attribute type 13 has an invalid length. [ 291.919072][T13878] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 291.992325][T13878] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 292.018844][T13878] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 292.273740][T13893] tipc: Enabled bearer , priority 10 [ 292.564275][ T3523] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 292.764098][ T3523] usb 3-1: device descriptor read/64, error -71 [ 293.039750][ T3523] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 293.237768][ T3523] usb 3-1: device descriptor read/64, error -71 [ 293.356697][ T1108] tipc: Node number set to 11552 [ 293.378061][ T3523] usb usb3-port1: attempt power cycle [ 293.820168][ T3523] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 293.924368][ T3523] usb 3-1: device descriptor read/8, error -71 [ 294.010033][T13964] netlink: 'syz.6.4173': attribute type 13 has an invalid length. [ 294.050511][T13964] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 294.075841][T13964] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 294.122334][T13964] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 294.204563][ T3523] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 294.307644][ T3523] usb 3-1: device descriptor read/8, error -71 [ 294.434322][ T3523] usb usb3-port1: unable to enumerate USB device [ 294.494089][T13975] fuse: Unknown parameter '&' [ 294.620417][T13979] netlink: 'syz.1.4179': attribute type 16 has an invalid length. [ 294.659150][T13979] netlink: 64130 bytes leftover after parsing attributes in process `syz.1.4179'. [ 295.512437][T14019] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4197'. [ 295.545954][T14019] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4197'. [ 297.194313][ T4265] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 297.221896][T14080] netlink: 156 bytes leftover after parsing attributes in process `syz.2.4224'. [ 297.351471][T14085] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4226'. [ 297.414148][ T4265] usb 7-1: device descriptor read/64, error -71 [ 297.706108][ T4265] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 297.944354][ T4265] usb 7-1: device descriptor read/64, error -71 [ 298.067143][ T4265] usb usb7-port1: attempt power cycle [ 298.133062][T14126] loop4: detected capacity change from 0 to 512 [ 298.304346][T14126] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 298.319757][T14126] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 298.359871][T14126] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a816c099, mo2=0002] [ 298.426897][T14126] System zones: 1-12 [ 298.440023][T14126] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.4247: inode #1: comm syz.4.4247: iget: illegal inode # [ 298.459836][T14126] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.4247: error while reading EA inode 1 err=-117 [ 298.492369][T14126] EXT4-fs (loop4): 1 orphan inode deleted [ 298.498503][T14126] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,usrjquota=,usrjquota=,journal_dev=0x0000000000000dcd,resgid=0x0000000000000000,minixdf,debug,grpquota,nombcache,minixdf,nomblk_io_submit,nomblk_io_submit,i_version,,errors=continue. Quota mode: writeback. [ 298.525550][ T4265] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 298.637066][ T4265] usb 7-1: device descriptor read/8, error -71 [ 298.704150][T14150] trusted_key: encrypted_key: master key parameter is missing [ 298.924187][ T4265] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 299.024416][ T4265] usb 7-1: device descriptor read/8, error -71 [ 299.031835][T14167] loop1: detected capacity change from 0 to 2048 [ 299.103385][ T7071] loop1: p1 < > p4 < > [ 299.145514][ T4265] usb usb7-port1: unable to enumerate USB device [ 299.180211][T14167] loop1: p1 < > p4 < > [ 299.260610][T14180] 9pnet_virtio: no channels available for device syz [ 299.402914][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 299.403605][ T7071] udevd[7071]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 299.538830][ T7071] udevd[7071]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 299.553687][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 299.653957][T14198] 9pnet: Could not find request transport: 0xffffffffffffffff [ 300.785046][T14204] loop4: detected capacity change from 0 to 32768 [ 300.844744][ T3523] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 301.001245][T14204] JBD2: Ignoring recovery information on journal [ 301.034063][ T3523] usb 6-1: device descriptor read/64, error -71 [ 301.176325][T14259] netlink: 132 bytes leftover after parsing attributes in process `syz.6.4307'. [ 301.194110][T14204] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 301.310621][ T3523] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 301.432208][ T26] kauditd_printk_skb: 58 callbacks suppressed [ 301.432223][ T26] audit: type=1326 audit(1780369987.297:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14264 comm="syz.2.4310" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3d9d253749 code=0x0 [ 301.524217][ T3523] usb 6-1: device descriptor read/64, error -71 [ 301.650101][ T3523] usb usb6-port1: attempt power cycle [ 301.712312][ T4185] ocfs2: Unmounting device (7,4) on (node local) [ 302.045334][T14290] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4323'. [ 302.064108][ T3523] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 302.154231][ T3523] usb 6-1: device descriptor read/8, error -71 [ 302.277307][ T3159] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 302.434117][ T3523] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 302.484159][ T4265] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 302.524181][ T3523] usb 6-1: device descriptor read/8, error -71 [ 302.644538][ T3523] usb usb6-port1: unable to enumerate USB device [ 302.664326][ T3159] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 302.686102][ T3159] usb 7-1: config 220 has 1 interface, different from the descriptor's value: 3 [ 302.724085][ T3159] usb 7-1: config 220 interface 0 has no altsetting 0 [ 302.774361][ T4265] usb 2-1: Using ep0 maxpacket: 16 [ 302.884160][ T3159] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 302.901459][ T3159] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 302.919718][ T3159] usb 7-1: Product: syz [ 302.935510][ T4265] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 302.944746][ T3159] usb 7-1: Manufacturer: syz [ 302.950020][ T3159] usb 7-1: SerialNumber: syz [ 303.164534][ T4265] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 303.173655][ T4265] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.229783][ T4265] usb 2-1: Product: syz [ 303.234271][ T4265] usb 2-1: Manufacturer: syz [ 303.238955][ T4265] usb 2-1: SerialNumber: syz [ 303.254255][ T4265] usb 2-1: config 0 descriptor?? [ 303.306522][ T4265] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 303.337385][ T4265] em28xx 2-1:0.0: DVB interface 0 found: bulk [ 303.604425][ T3159] usb 7-1: Found UVC 0.00 device syz (8086:0b07) [ 303.614740][ T3159] usb 7-1: No valid video chain found. [ 303.651896][ T3159] usb 7-1: USB disconnect, device number 6 [ 303.761083][T14355] netlink: 64 bytes leftover after parsing attributes in process `syz.5.4352'. [ 303.879990][T14361] netlink: 208 bytes leftover after parsing attributes in process `syz.5.4355'. [ 303.974309][ T4265] em28xx 2-1:0.0: unknown em28xx chip ID (0) [ 304.514286][ T4265] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 304.523095][ T4265] em28xx 2-1:0.0: board has no eeprom [ 304.599115][T14393] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 304.681654][T14395] loop2: detected capacity change from 0 to 512 [ 305.558828][T14440] loop5: detected capacity change from 0 to 512 [ 305.626487][T14440] EXT4-fs (loop5): Ignoring removed mblk_io_submit option [ 305.638170][T14440] EXT4-fs (loop5): inline encryption not supported [ 305.645722][T14440] EXT4-fs (loop5): Test dummy encryption mode enabled [ 305.689349][T14440] EXT4-fs (loop5): Ignoring removed mblk_io_submit option [ 305.691518][T14408] loop2: detected capacity change from 0 to 32768 [ 305.710577][T14440] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 305.764223][T14440] EXT4-fs (loop5): 1 truncate cleaned up [ 305.771712][T14440] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 305.790232][T14297] em28xx 2-1:0.0: reading from i2c device at 0x0 failed (error=-5) [ 305.800263][ T4265] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 305.833546][T14408] JBD2: Ignoring recovery information on journal [ 305.875007][ T4265] em28xx 2-1:0.0: dvb set to bulk mode. [ 305.885025][ T4295] em28xx 2-1:0.0: Binding DVB extension [ 305.912704][T14408] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 305.964667][ T4265] usb 2-1: USB disconnect, device number 6 [ 305.989804][ T4265] em28xx 2-1:0.0: Disconnecting em28xx [ 306.007365][ T4295] em28xx 2-1:0.0: Registering input extension [ 306.035406][ T4265] em28xx 2-1:0.0: Closing input extension [ 306.126411][T14456] loop6: detected capacity change from 0 to 512 [ 306.188600][ T4265] em28xx 2-1:0.0: Freeing device [ 306.251320][ T4183] ocfs2: Unmounting device (7,2) on (node local) [ 306.409762][T14467] netlink: 68 bytes leftover after parsing attributes in process `syz.5.4402'. [ 306.884150][ T4265] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 307.210316][T14511] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4423'. [ 307.269364][T14513] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4424'. [ 307.284243][ T4265] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 307.319709][T14515] loop4: detected capacity change from 0 to 512 [ 307.327138][ T4265] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 307.336549][ T4265] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 307.355268][ T4265] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.377303][T14515] EXT4-fs (loop4): inline encryption not supported [ 307.391161][ T4265] usb 2-1: config 0 descriptor?? [ 307.505175][T14515] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 307.532632][T14515] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.4425: invalid indirect mapped block 2683928664 (level 1) [ 307.560323][T14515] EXT4-fs (loop4): Remounting filesystem read-only [ 307.578285][T14515] EXT4-fs (loop4): 1 truncate cleaned up [ 307.602813][T14515] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,errors=remount-ro,init_itable=0x0000000000000b8f,nodiscard,inlinecrypt,usrjquota=.sb=0x0000000000000007,nodiscard,jqfmt=vfsv0,noload,debug_want_extra_isize=0x0000000000000006,noload,,. Quota mode: writeback. [ 307.790559][T14537] loop6: detected capacity change from 0 to 1024 [ 307.915395][T14537] hfsplus: xattr searching failed [ 308.204236][T14559] netlink: 'syz.4.4444': attribute type 6 has an invalid length. [ 308.379599][T14570] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4449'. [ 308.419576][T14574] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4450'. [ 308.816562][T14590] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 308.860413][T14590] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 309.083570][T14599] device syzkaller0 entered promiscuous mode [ 309.116365][T14604] netlink: 'syz.4.4463': attribute type 4 has an invalid length. [ 309.450219][ T3523] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 309.496700][T14623] loop6: detected capacity change from 0 to 128 [ 309.525816][ T3523] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 309.574134][ T3523] usb 2-1: USB disconnect, device number 7 [ 309.598969][T14623] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 309.617047][T14623] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 309.795607][T14638] overlayfs: workdir and upperdir must reside under the same mount [ 310.356082][T14662] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4489'. [ 310.403578][T14662] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 310.434632][T14662] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 310.464795][T14662] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 310.482920][T14662] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 311.548908][ T1108] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 311.818508][ T1108] usb 3-1: Using ep0 maxpacket: 16 [ 311.974097][ T1108] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 312.000866][ T1108] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 312.125240][T14749] sch_tbf: burst 512 is lower than device syzkaller0 mtu (1500) ! [ 312.300197][ T1108] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 312.330451][ T1108] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 312.375585][T14762] binder: 14761:14762 ioctl c0306201 2000000004c0 returned -22 [ 312.384090][ T1108] usb 3-1: Product: syz [ 312.397670][ T1108] usb 3-1: Manufacturer: syz [ 312.402406][ T1108] usb 3-1: SerialNumber: syz [ 312.705228][T14781] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4543'. [ 312.825505][ T1108] usb 3-1: 0:2 : does not exist [ 312.837954][ T1108] usb 3-1: unit 6 not found! [ 312.934052][ T1108] usb 3-1: USB disconnect, device number 8 [ 313.210989][ T7071] udevd[7071]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 314.258656][T14845] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4572'. [ 314.511496][ T3523] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 314.546542][ T3523] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 316.204433][T14895] netlink: 68 bytes leftover after parsing attributes in process `syz.6.4595'. [ 316.372437][T14899] overlayfs: missing 'lowerdir' [ 317.147758][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.155249][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.393259][T14925] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 317.443563][T14925] overlayfs: missing 'lowerdir' [ 317.499521][T14932] raw_sendmsg: syz.5.4612 forgot to set AF_INET. Fix it! [ 317.647436][T14938] device syzkaller0 entered promiscuous mode [ 317.933438][ T4295] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 317.950523][T14956] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 318.184222][ T4295] usb 3-1: Using ep0 maxpacket: 32 [ 318.303557][ T4295] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 318.311825][ T4295] usb 3-1: config 0 has no interface number 0 [ 318.493710][ T4295] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=2c.d8 [ 318.502910][ T4295] usb 3-1: New USB device strings: Mfr=193, Product=2, SerialNumber=3 [ 318.560468][ T4295] usb 3-1: Product: syz [ 318.578791][ T4295] usb 3-1: Manufacturer: syz [ 318.602125][ T4295] usb 3-1: SerialNumber: syz [ 318.623674][ T4295] usb 3-1: config 0 descriptor?? [ 318.675481][ T4295] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 318.711072][ T4295] usb 3-1: selecting invalid altsetting 1 [ 318.724021][ T4295] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 318.749362][ T4295] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 318.770024][ T4295] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 318.779656][T15000] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4644'. [ 318.813449][ T4295] usb 3-1: media controller created [ 318.835170][ T4295] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 319.189983][T15015] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4650'. [ 319.766048][T15041] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4662'. [ 319.953430][ T4295] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 319.970163][T14936] usb 3-1: dvb_usb_ce6230: I2C read not implemented [ 319.983514][ T4295] zl10353_read_register: readreg error (reg=127, ret==-110) [ 320.031136][ T4295] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 320.128396][ T4295] usb 3-1: USB disconnect, device number 9 [ 320.264181][ T1108] Bluetooth: hci5: command 0x1003 tx timeout [ 320.270407][ T4200] Bluetooth: hci5: sending frame failed (-49) [ 320.751003][T15068] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4674'. [ 320.889260][T15073] netlink: 'syz.5.4678': attribute type 4 has an invalid length. [ 320.912309][T15073] netlink: 17 bytes leftover after parsing attributes in process `syz.5.4678'. [ 321.144594][ T26] audit: type=1326 audit(1780370007.017:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15081 comm="syz.1.4682" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x0 [ 322.396721][ T1108] Bluetooth: hci5: command 0x1001 tx timeout [ 322.402865][ T4200] Bluetooth: hci5: sending frame failed (-49) [ 322.445441][T15098] overlayfs: missing 'lowerdir' [ 322.602397][T15112] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4694'. [ 322.728418][T15118] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4699'. [ 323.123597][T15142] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4709'. [ 323.216614][T15148] loop2: detected capacity change from 0 to 256 [ 323.572797][T15167] loop1: detected capacity change from 0 to 512 [ 323.666965][T15167] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 323.743885][T15167] ext4 filesystem being mounted at /961/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 323.842823][T15188] netlink: 44 bytes leftover after parsing attributes in process `syz.6.4730'. [ 323.928133][T15190] SET target dimension over the limit! [ 324.008737][T15194] misc userio: No port type given on /dev/userio [ 324.423288][ T4295] Bluetooth: hci5: command 0x1009 tx timeout [ 324.508283][T15214] loop1: detected capacity change from 0 to 512 [ 324.678744][T15221] trusted_key: encrypted_key: master key parameter 'd' is invalid [ 324.782906][T15214] EXT4-fs error (device loop1): ext4_do_update_inode:5218: inode #16: comm syz.1.4742: corrupted inode contents [ 324.873696][T15214] EXT4-fs error (device loop1): ext4_dirty_inode:6054: inode #16: comm syz.1.4742: mark_inode_dirty error [ 324.897878][T15214] EXT4-fs error (device loop1): ext4_do_update_inode:5218: inode #16: comm syz.1.4742: corrupted inode contents [ 324.928143][T15214] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #16: comm syz.1.4742: mark_inode_dirty error [ 324.963852][T15214] EXT4-fs error (device loop1): ext4_do_update_inode:5218: inode #16: comm syz.1.4742: corrupted inode contents [ 325.006128][T15214] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem [ 325.036312][T15214] EXT4-fs error (device loop1): ext4_do_update_inode:5218: inode #16: comm syz.1.4742: corrupted inode contents [ 325.067012][T15214] EXT4-fs error (device loop1): ext4_truncate:4279: inode #16: comm syz.1.4742: mark_inode_dirty error [ 325.116509][T15214] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem [ 325.144727][T15214] EXT4-fs (loop1): 1 truncate cleaned up [ 325.150424][T15214] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 325.187430][T15214] ext4 filesystem being mounted at /965/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 325.336145][T15242] netlink: 628 bytes leftover after parsing attributes in process `syz.2.4754'. [ 325.565215][T15252] loop2: detected capacity change from 0 to 512 [ 325.673376][T15252] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 325.680823][T15252] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 325.729745][T15252] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a816c099, mo2=0002] [ 325.749056][T15252] System zones: 1-12 [ 325.756899][T15252] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.4759: inode #1: comm syz.2.4759: iget: illegal inode # [ 325.783467][T15252] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.4759: error while reading EA inode 1 err=-117 [ 325.803953][T15252] EXT4-fs (loop2): 1 orphan inode deleted [ 325.809956][T15252] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodioread_nolock,usrjquota=,usrjquota=,journal_dev=0x0000000000000dcd,resgid=0x0000000000000000,minixdf,debug,grpquota,nombcache,minixdf,nomblk_io_submit,nomblk_io_submit,i_version,,errors=continue. Quota mode: writeback. [ 326.513748][T15296] loop1: detected capacity change from 0 to 256 [ 326.634069][T15296] FAT-fs (loop1): Directory bread(block 64) failed [ 326.640669][T15296] FAT-fs (loop1): Directory bread(block 65) failed [ 326.693237][T15296] FAT-fs (loop1): Directory bread(block 66) failed [ 326.699834][T15296] FAT-fs (loop1): Directory bread(block 67) failed [ 326.743859][T15296] FAT-fs (loop1): Directory bread(block 68) failed [ 326.781730][T15296] FAT-fs (loop1): Directory bread(block 69) failed [ 326.794557][T15296] FAT-fs (loop1): Directory bread(block 70) failed [ 326.801189][T15296] FAT-fs (loop1): Directory bread(block 71) failed [ 326.848101][T15296] FAT-fs (loop1): Directory bread(block 72) failed [ 326.862940][T15296] FAT-fs (loop1): Directory bread(block 73) failed [ 327.945808][ T26] audit: type=1326 audit(1780370013.818:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.1.4799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 327.975144][ T26] audit: type=1326 audit(1780370013.818:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.1.4799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 328.051041][ T26] audit: type=1326 audit(1780370013.818:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.1.4799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 328.143221][T15347] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4802'. [ 328.202879][ T26] audit: type=1326 audit(1780370013.818:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.1.4799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 328.299468][ T26] audit: type=1326 audit(1780370013.818:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.1.4799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 328.397649][ T26] audit: type=1326 audit(1780370013.848:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.1.4799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 328.503151][ T26] audit: type=1326 audit(1780370013.848:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.1.4799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 328.598448][ T26] audit: type=1326 audit(1780370013.848:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.1.4799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 328.613013][T15367] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4813'. [ 328.773089][ T26] audit: type=1326 audit(1780370013.848:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.1.4799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 328.866580][ T26] audit: type=1326 audit(1780370013.848:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.1.4799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 329.187446][T15399] overlayfs: invalid origin (0000) [ 329.497839][T15420] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4839'. [ 329.780569][T15439] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4847'. [ 330.158846][T15461] netlink: 'syz.1.4857': attribute type 13 has an invalid length. [ 330.373948][T15479] netlink: 'syz.4.4865': attribute type 13 has an invalid length. [ 330.686837][T15500] overlayfs: invalid origin (0000) [ 331.246086][T15535] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4894'. [ 331.443980][T15548] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4900'. [ 332.460127][T15610] 9pnet: p9_errstr2errno: server reported unknown error 1844674 [ 332.897213][ T4296] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 332.939912][T15635] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4938'. [ 332.999948][T15635] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4938'. [ 333.377892][ T4296] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 333.393592][ T4296] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 333.430586][ T4296] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 333.447638][ T4296] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.483071][ T4296] usb 5-1: config 0 descriptor?? [ 333.764661][T15686] loop6: detected capacity change from 0 to 512 [ 333.797844][T15686] EXT4-fs (loop6): Mount option "nodioread_nolock" incompatible with ext2 [ 334.053856][ T4296] usbhid 5-1:0.0: can't add hid device: -71 [ 334.059918][ T4296] usbhid: probe of 5-1:0.0 failed with error -71 [ 334.079184][ T4296] usb 5-1: USB disconnect, device number 4 [ 334.326278][ T26] kauditd_printk_skb: 22 callbacks suppressed [ 334.326294][ T26] audit: type=1326 audit(1780370020.198:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15708 comm="syz.6.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 334.389346][ T26] audit: type=1326 audit(1780370020.238:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15708 comm="syz.6.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 334.437050][ T26] audit: type=1326 audit(1780370020.238:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15708 comm="syz.6.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 334.510345][ T26] audit: type=1326 audit(1780370020.238:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15708 comm="syz.6.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 334.534912][T15719] netlink: 104 bytes leftover after parsing attributes in process `syz.5.4977'. [ 334.568943][ T26] audit: type=1326 audit(1780370020.238:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15708 comm="syz.6.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 334.628408][ T26] audit: type=1326 audit(1780370020.238:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15708 comm="syz.6.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 334.657252][ T26] audit: type=1326 audit(1780370020.238:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15708 comm="syz.6.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 334.711998][ T26] audit: type=1326 audit(1780370020.238:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15708 comm="syz.6.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 334.784628][ T26] audit: type=1326 audit(1780370020.238:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15708 comm="syz.6.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 334.861632][T15731] tipc: Started in network mode [ 334.873679][T15731] tipc: Node identity 9acc5baaa2a8, cluster identity 4711 [ 334.882169][ T26] audit: type=1326 audit(1780370020.238:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15708 comm="syz.6.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 334.913585][T15731] tipc: Enabled bearer , priority 0 [ 334.941366][T15730] tipc: Disabling bearer [ 335.280825][T15752] loop4: detected capacity change from 0 to 2048 [ 335.453228][T15752] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 335.656035][T15775] loop2: detected capacity change from 0 to 1024 [ 335.699586][T15775] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 335.770801][T15775] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000080,nodelalloc,grpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 335.879576][T15773] ipt_CLUSTERIP: Please specify destination IP [ 336.157753][T15795] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5011'. [ 336.341624][T15801] loop1: detected capacity change from 0 to 1024 [ 336.461570][T15801] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 336.481599][T15801] ext4 filesystem being mounted at /1027/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 336.955198][T15831] netlink: 172 bytes leftover after parsing attributes in process `syz.2.5028'. [ 337.032423][ T1108] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 337.562529][ T1108] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 337.571628][ T1108] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 337.594951][ T1108] usb 5-1: Product: syz [ 337.599170][ T1108] usb 5-1: Manufacturer: syz [ 337.621245][ T1108] usb 5-1: SerialNumber: syz [ 337.902472][ T1108] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 337.952621][ T1108] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 338.002506][ T1108] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71 [ 338.015687][ T1108] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 338.048835][T15883] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5054'. [ 338.059181][ T1108] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 338.073988][ T1108] lan78xx: probe of 5-1:1.0 failed with error -71 [ 338.096790][ T1108] usb 5-1: USB disconnect, device number 5 [ 339.272447][ T1108] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 339.495919][T15943] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5083'. [ 339.542260][T15943] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5083'. [ 339.582036][T15943] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5083'. [ 339.612248][T15943] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5083'. [ 339.653456][ T1108] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 339.674799][ T1108] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 339.713411][ T1108] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 339.752209][ T1108] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.793143][ T1108] usb 6-1: config 0 descriptor?? [ 340.542392][ T1108] usbhid 6-1:0.0: can't add hid device: -71 [ 340.548517][ T1108] usbhid: probe of 6-1:0.0 failed with error -71 [ 340.566627][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 340.566643][ T26] audit: type=1326 audit(1780370026.438:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15982 comm="syz.4.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 340.586863][ T1108] usb 6-1: USB disconnect, device number 10 [ 340.677164][ T26] audit: type=1326 audit(1780370026.438:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15982 comm="syz.4.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 340.750767][ T26] audit: type=1326 audit(1780370026.438:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15982 comm="syz.4.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 340.846580][ T26] audit: type=1326 audit(1780370026.438:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15982 comm="syz.4.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 340.912229][ T26] audit: type=1326 audit(1780370026.438:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15982 comm="syz.4.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 340.970854][ T26] audit: type=1326 audit(1780370026.438:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15982 comm="syz.4.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 341.003653][ T26] audit: type=1326 audit(1780370026.438:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15982 comm="syz.4.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 341.141732][T15993] tmpfs: Unknown parameter 'fscontext' [ 341.581966][T16008] xt_CT: You must specify a L4 protocol and not use inversions on it [ 345.957490][T16164] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5184'. [ 346.061989][ T4265] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 346.100501][T16171] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5187'. [ 346.278960][T16183] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5192'. [ 346.428119][ T4296] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 347.319259][ T4296] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz1] on syz0 [ 347.451894][ T4265] usb 7-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 347.463474][ T4265] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 347.492636][ T4265] usb 7-1: Product: syz [ 347.496852][ T4265] usb 7-1: Manufacturer: syz [ 347.501468][ T4265] usb 7-1: SerialNumber: syz [ 347.606256][T16211] 9pnet: Insufficient options for proto=fd [ 347.768733][T16218] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5207'. [ 347.796209][ T4265] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 347.813393][T16217] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5208'. [ 347.831912][ T4265] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 347.856862][ T26] audit: type=1326 audit(1780370033.729:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.5.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 347.901865][ T4265] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71 [ 347.929504][ T4265] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 347.929805][ T26] audit: type=1326 audit(1780370033.769:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.5.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 347.969809][ T4265] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 348.011842][ T26] audit: type=1326 audit(1780370033.769:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.5.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 348.014816][ T4265] lan78xx: probe of 7-1:1.0 failed with error -71 [ 348.055095][ T26] audit: type=1326 audit(1780370033.769:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.5.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 348.120973][ T4265] usb 7-1: USB disconnect, device number 7 [ 348.128488][ T26] audit: type=1326 audit(1780370033.769:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.5.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 348.178551][ T26] audit: type=1326 audit(1780370033.769:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.5.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 348.247607][ T26] audit: type=1326 audit(1780370033.769:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.5.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 348.296563][ T26] audit: type=1326 audit(1780370033.769:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.5.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 348.324731][ T26] audit: type=1326 audit(1780370033.769:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.5.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 348.360210][ T26] audit: type=1326 audit(1780370033.769:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.5.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fd953d1a749 code=0x7ffc0000 [ 349.058210][T16266] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5231'. [ 349.544922][T16291] netlink: 72 bytes leftover after parsing attributes in process `syz.2.5243'. [ 350.038826][T16320] overlayfs: invalid origin (0000) [ 350.089275][T16325] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 350.188488][T16325] af_packet: tpacket_rcv: packet too big, clamped from 140 to 4294967272. macoff=96 [ 350.423038][ T3523] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 350.853173][ T3523] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 350.901599][ T3523] usb 5-1: New USB device found, idVendor=056e, idProduct=00ff, bcdDevice= 0.00 [ 350.925282][ T3523] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 350.961128][ T3523] usb 5-1: config 0 descriptor?? [ 351.217648][T16383] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5286'. [ 351.443887][ T3523] elecom 0003:056E:00FF.0009: item fetching failed at offset 0/3 [ 351.467034][ T3523] elecom: probe of 0003:056E:00FF.0009 failed with error -22 [ 351.649650][ T23] usb 5-1: USB disconnect, device number 6 [ 352.483849][T16446] netlink: 892 bytes leftover after parsing attributes in process `syz.6.5325'. [ 353.186054][ T13] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 353.584965][ T13] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xB3, skipping [ 353.625193][ T13] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 353.679532][ T13] usb 2-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00 [ 353.701838][ T13] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 353.711188][T16502] loop5: detected capacity change from 0 to 1024 [ 353.734808][ T13] usb 2-1: config 0 descriptor?? [ 353.778008][ T13] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 353.807308][T16502] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 353.841136][T16502] ext4 filesystem being mounted at /1007/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 353.886584][T16502] EXT4-fs error (device loop5): ext4_lookup:1858: inode #15: comm syz.5.5340: inode has both inline data and extents flags [ 354.002001][ T13] usb 2-1: USB disconnect, device number 8 [ 354.591489][T16530] netlink: 48 bytes leftover after parsing attributes in process `syz.5.5352'. [ 354.981397][ T13] Bluetooth: hci5: command 0x1003 tx timeout [ 354.998234][ T4200] Bluetooth: hci5: sending frame failed (-49) [ 355.292499][T16548] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5359'. [ 355.585697][T16555] netlink: 'syz.6.5365': attribute type 4 has an invalid length. [ 355.810881][T16568] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5368'. [ 355.841404][T16568] tc_dump_action: action bad kind [ 356.457366][T16595] hub 8-0:1.0: USB hub found [ 356.465015][T16595] hub 8-0:1.0: 1 port detected [ 356.702642][T16604] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 357.010601][T16622] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5393'. [ 357.077167][ T13] Bluetooth: hci5: command 0x1001 tx timeout [ 357.083499][ T4200] Bluetooth: hci5: sending frame failed (-49) [ 357.691192][ T13] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 357.805942][T16661] netlink: 108 bytes leftover after parsing attributes in process `syz.5.5410'. [ 357.820437][T16661] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5410'. [ 357.941188][ T13] usb 7-1: Using ep0 maxpacket: 32 [ 358.054297][T16667] overlayfs: workdir and upperdir must be separate subtrees [ 358.062368][ T13] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 358.082500][ T13] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 358.095927][ T13] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 358.121649][ T13] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 358.148528][ T13] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 358.175812][ T13] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 358.205601][ T13] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 358.235802][ T13] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 358.251622][ T13] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 358.262343][ T13] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 358.292876][ T13] usb 7-1: config 0 descriptor?? [ 358.306398][T16676] netlink: 'syz.2.5417': attribute type 16 has an invalid length. [ 358.315508][T16676] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.5417'. [ 358.452237][T16680] 9p: Unknown uid 18446744073709551615 [ 358.555392][ T13] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 358.594582][ T13] usb 7-1: USB disconnect, device number 8 [ 358.642440][ T13] usblp0: removed [ 358.719702][T16688] device syzkaller0 entered promiscuous mode [ 358.934857][T16694] netlink: 'syz.2.5425': attribute type 27 has an invalid length. [ 359.121127][ T13] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 359.141266][ T4265] Bluetooth: hci5: command 0x1009 tx timeout [ 359.379682][ T13] usb 7-1: Using ep0 maxpacket: 32 [ 359.511342][ T13] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 359.530101][ T13] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 359.541300][ T13] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 359.584731][ T13] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 359.621063][ T13] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 359.649754][ T13] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 359.680467][ T13] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 359.731072][ T13] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 359.761615][ T13] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 359.792965][ T13] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 359.885290][ T13] usb 7-1: config 0 descriptor?? [ 359.983553][ T26] kauditd_printk_skb: 9 callbacks suppressed [ 359.983569][ T26] audit: type=1326 audit(1780370045.860:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16729 comm="syz.1.5440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 360.103544][ T26] audit: type=1326 audit(1780370045.860:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16729 comm="syz.1.5440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 360.145747][ T13] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 360.192238][ T13] usb 7-1: USB disconnect, device number 9 [ 360.209638][ T13] usblp0: removed [ 360.225535][ T26] audit: type=1326 audit(1780370045.860:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16729 comm="syz.1.5440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 360.310699][ T26] audit: type=1326 audit(1780370045.860:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16729 comm="syz.1.5440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 360.312977][T16742] loop1: detected capacity change from 0 to 164 [ 360.351399][ T26] audit: type=1326 audit(1780370045.860:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16729 comm="syz.1.5440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 360.418014][ T26] audit: type=1326 audit(1780370045.860:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16729 comm="syz.1.5440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 360.463915][ T26] audit: type=1326 audit(1780370045.860:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16729 comm="syz.1.5440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 360.505362][ T26] audit: type=1326 audit(1780370045.860:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16729 comm="syz.1.5440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af192749 code=0x7ffc0000 [ 360.739683][T16750] netlink: 1004 bytes leftover after parsing attributes in process `syz.1.5448'. [ 360.993078][T16762] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5454'. [ 361.014651][T16762] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5454'. [ 361.097982][T16768] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5457'. [ 361.405773][T16786] netlink: 772 bytes leftover after parsing attributes in process `syz.6.5467'. [ 362.028100][T16816] netlink: 772 bytes leftover after parsing attributes in process `syz.1.5480'. [ 362.169257][T16821] overlayfs: failed to resolve './file1': -2 [ 362.575137][T16842] netlink: 772 bytes leftover after parsing attributes in process `syz.5.5492'. [ 363.049862][T16837] loop2: detected capacity change from 0 to 32768 [ 363.158569][T16837] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.5490 (16837) [ 363.361044][T16837] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 363.397266][T16837] BTRFS info (device loop2): turning off barriers [ 363.425088][T16837] BTRFS info (device loop2): setting nodatasum [ 363.437731][T16837] BTRFS info (device loop2): enabling auto defrag [ 363.447445][T16837] BTRFS info (device loop2): disabling tree log [ 363.454208][T16837] BTRFS info (device loop2): using free space tree [ 363.469826][T16837] BTRFS info (device loop2): has skinny extents [ 363.532553][T16877] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5505'. [ 363.631093][T16837] BTRFS info (device loop2): enabling ssd optimizations [ 364.246772][T16919] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5520'. [ 364.975295][T16951] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5534'. [ 365.317421][T16968] netlink: 'syz.5.5542': attribute type 4 has an invalid length. [ 365.361440][T16968] netlink: 'syz.5.5542': attribute type 5 has an invalid length. [ 365.389326][T16968] netlink: 'syz.5.5542': attribute type 1 has an invalid length. [ 366.115034][T17011] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5558'. [ 367.620806][ T4295] Bluetooth: hci5: command 0x1003 tx timeout [ 367.633795][ T4200] Bluetooth: hci5: sending frame failed (-49) [ 367.673502][T17078] netlink: 188 bytes leftover after parsing attributes in process `syz.5.5585'. [ 369.029849][T17156] overlayfs: missing 'lowerdir' [ 369.295070][T17172] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5631'. [ 369.655118][ T26] audit: type=1326 audit(1780370055.530:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17193 comm="syz.4.5641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 369.700662][ T4295] Bluetooth: hci5: command 0x1001 tx timeout [ 369.706850][ T4200] Bluetooth: hci5: sending frame failed (-49) [ 369.728561][ T26] audit: type=1326 audit(1780370055.530:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17193 comm="syz.4.5641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 369.783244][ T26] audit: type=1326 audit(1780370055.540:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17193 comm="syz.4.5641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 369.806650][ T26] audit: type=1326 audit(1780370055.540:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17193 comm="syz.4.5641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 369.895867][ T26] audit: type=1326 audit(1780370055.540:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17193 comm="syz.4.5641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 369.989436][ T26] audit: type=1326 audit(1780370055.560:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17193 comm="syz.4.5641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 370.026361][ T26] audit: type=1326 audit(1780370055.560:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17193 comm="syz.4.5641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 370.080455][ T26] audit: type=1326 audit(1780370055.560:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17193 comm="syz.4.5641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79d9d01749 code=0x7ffc0000 [ 370.600546][ T4242] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 370.860727][ T4242] usb 6-1: Using ep0 maxpacket: 32 [ 371.000772][ T4242] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 371.009357][ T4242] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 371.054484][ T4242] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 371.068266][ T4242] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 371.110227][ T4242] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 371.148464][ T4242] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 371.167346][ T4242] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 371.178174][ T4242] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 371.211808][ T4242] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 371.221307][ T4242] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 371.239912][ T4242] usb 6-1: config 0 descriptor?? [ 371.511784][ T4242] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 11 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 371.547728][ T4242] usb 6-1: USB disconnect, device number 11 [ 371.582398][ T4242] usblp0: removed [ 371.784338][ T1108] Bluetooth: hci5: command 0x1009 tx timeout [ 372.130522][ T4242] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 372.365981][T17347] netlink: 108 bytes leftover after parsing attributes in process `syz.2.5713'. [ 372.383899][T17347] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5713'. [ 372.440391][ T4242] usb 6-1: Using ep0 maxpacket: 32 [ 372.527425][T17357] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5716'. [ 372.570507][ T4242] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 372.579067][ T4242] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 372.602607][ T4242] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 372.635191][ T4242] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 372.680464][ T4242] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 372.709127][ T4242] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 372.726804][ T4242] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 372.737696][ T4242] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 372.753512][ T4242] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 372.763829][ T4242] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 372.779982][ T4242] usb 6-1: config 0 descriptor?? [ 373.051998][ T4242] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 373.083715][ T4242] usb 6-1: USB disconnect, device number 12 [ 373.103505][ T4242] usblp0: removed [ 373.467963][T17408] veth1: Caught tx_queue_len zero misconfig [ 374.400128][T17463] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5765'. [ 374.432103][T17463] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 374.473990][T17463] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 374.684123][ T26] audit: type=1800 audit(2000000001.690:215): pid=17436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.5753" name="/" dev="fuse" ino=4 res=0 errno=0 [ 374.959799][T17481] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5775'. [ 375.542772][ T13] Bluetooth: hci3: command 0x0406 tx timeout [ 376.941730][T17580] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 377.583993][T17620] binfmt_misc: register: failed to install interpreter file ./cgroup [ 378.024203][T17645] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5851'. [ 378.049625][T17646] netlink: 100 bytes leftover after parsing attributes in process `syz.6.5852'. [ 378.510269][ T26] audit: type=1800 audit(2000000261.514:216): pid=17631 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.5844" name="/" dev="fuse" ino=5 res=0 errno=0 [ 378.593966][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.600373][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.652119][T17677] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5865'. [ 378.764582][ T26] audit: type=1326 audit(2000000261.774:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17678 comm="syz.6.5867" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faa10469749 code=0x0 [ 379.627786][T17721] netlink: 'syz.4.5885': attribute type 8 has an invalid length. [ 379.680161][T17721] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5885'. [ 379.805502][T17734] overlayfs: missing 'workdir' [ 380.170182][ T4242] usb 3-1: new full-speed USB device number 10 using dummy_hcd [ 380.601471][ T4242] usb 3-1: unable to get BOS descriptor or descriptor too short [ 380.653916][ T4242] usb 3-1: not running at top speed; connect to a high speed hub [ 380.750338][ T4242] usb 3-1: config 0 has no interfaces? [ 380.911471][ T4242] usb 3-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00 [ 380.927491][ T4242] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.955720][ T4242] usb 3-1: Product: syz [ 380.971386][ T4242] usb 3-1: Manufacturer: syz [ 380.989514][ T4242] usb 3-1: SerialNumber: syz [ 381.013644][ T4242] usb 3-1: config 0 descriptor?? [ 381.263541][ T4242] usb 3-1: USB disconnect, device number 10 [ 382.105807][T17850] loop4: detected capacity change from 0 to 512 [ 382.302229][T17850] EXT4-fs (loop4): Ignoring removed bh option [ 382.674064][T17850] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 383.108350][T17850] ext4 filesystem being mounted at /1085/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 384.010126][ T23] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 384.260387][ T23] usb 5-1: Using ep0 maxpacket: 16 [ 384.380460][ T23] usb 5-1: config 9 has an invalid interface number: 173 but max is 1 [ 384.400131][ T23] usb 5-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config [ 384.430091][ T23] usb 5-1: config 9 has 1 interface, different from the descriptor's value: 2 [ 384.464887][ T23] usb 5-1: config 9 has no interface number 0 [ 384.484893][ T23] usb 5-1: config 9 interface 173 altsetting 2 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 384.524423][ T23] usb 5-1: config 9 interface 173 has no altsetting 0 [ 384.710405][ T23] usb 5-1: New USB device found, idVendor=056e, idProduct=b338, bcdDevice=7f.56 [ 384.737147][ T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 384.770179][ T23] usb 5-1: Product: syz [ 384.774409][ T23] usb 5-1: Manufacturer: syz [ 384.799534][ T23] usb 5-1: SerialNumber: syz [ 384.805192][T17926] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 384.821764][T17926] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 385.094628][ T23] usb 5-1: USB disconnect, device number 7 [ 385.189485][T17954] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 387.560473][T18028] loop2: detected capacity change from 0 to 2048 [ 387.621340][T18028] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 387.658290][T18028] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 387.758585][T18040] fuse: Bad value for 'user_id' [ 387.793032][T18043] netlink: 268 bytes leftover after parsing attributes in process `syz.4.6030'. [ 388.028705][T18046] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 388.411868][T18075] netlink: 'syz.2.6042': attribute type 28 has an invalid length. [ 388.466797][T18077] loop6: detected capacity change from 0 to 512 [ 388.574383][T18077] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 388.647242][T18077] EXT4-fs (loop6): 1 truncate cleaned up [ 388.656992][T18077] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 388.787363][T18094] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 388.830456][T18094] overlayfs: missing 'lowerdir' [ 388.888577][T18101] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6055'. [ 389.090928][T18101] bond0: (slave bond_slave_1): Releasing backup interface [ 389.145885][T18101] device bond_slave_1 left promiscuous mode [ 389.424784][T18123] loop6: detected capacity change from 0 to 512 [ 389.536386][T18123] EXT4-fs (loop6): Ignoring removed bh option [ 389.656688][T18123] EXT4-fs (loop6): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 389.734923][T18123] ext4 filesystem being mounted at /449/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 390.860170][ T13] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 391.150052][ T13] usb 2-1: Using ep0 maxpacket: 8 [ 391.280275][ T13] usb 2-1: unable to get BOS descriptor or descriptor too short [ 391.360175][ T13] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 391.367839][ T13] usb 2-1: can't read configurations, error -71 [ 391.696782][T18246] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6122'. [ 391.823832][T18246] bond0: (slave bond_slave_1): Releasing backup interface [ 391.990734][T18257] loop6: detected capacity change from 0 to 512 [ 392.054733][T18257] EXT4-fs (loop6): Ignoring removed bh option [ 392.271545][T18257] EXT4-fs (loop6): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 392.290277][T18257] ext4 filesystem being mounted at /462/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 393.952512][T18324] netlink: 9 bytes leftover after parsing attributes in process `syz.1.6154'. [ 393.980539][T18324] device gretap0 entered promiscuous mode [ 394.048833][T18328] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6157'. [ 394.235212][T18331] netlink: 'syz.6.6158': attribute type 4 has an invalid length. [ 394.324956][T18334] loop4: detected capacity change from 0 to 8192 [ 394.450393][T18344] 9pnet: Insufficient options for proto=fd [ 394.743095][T18360] loop1: detected capacity change from 0 to 512 [ 394.836505][T18360] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 394.848112][T18360] EXT4-fs (loop1): inline encryption not supported [ 394.863024][T18360] EXT4-fs (loop1): Test dummy encryption mode enabled [ 394.885153][T18360] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 394.909218][T18360] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 394.982931][T18360] EXT4-fs (loop1): 1 truncate cleaned up [ 394.998939][T18360] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 395.610403][T18408] loop4: detected capacity change from 0 to 512 [ 395.651890][T18412] loop5: detected capacity change from 0 to 2048 [ 395.733398][T18408] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #11: comm syz.4.6193: ea_inode with extended attributes [ 395.752582][T18412] Alternate GPT is invalid, using primary GPT. [ 395.772615][T18412] loop5: p2 p3 p7 [ 395.801474][T18408] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.6193: error while reading EA inode 11 err=-117 [ 395.827558][T18408] EXT4-fs (loop4): 1 orphan inode deleted [ 395.840231][ T4242] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 395.877838][T18408] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue. Quota mode: none. [ 395.967596][ T7071] udevd[7071]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 395.967766][ T4312] udevd[4312]: inotify_add_watch(7, /dev/loop5p7, 10) failed: No such file or directory [ 395.999478][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 396.400443][ T4242] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 396.470170][T18444] loop4: detected capacity change from 0 to 512 [ 396.557290][ T4242] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 396.800796][T18444] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.6202: bg 0: block 393: padding at end of block bitmap is not set [ 396.823093][T18444] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6178: Corrupt filesystem [ 396.836446][T18444] EXT4-fs (loop4): 2 truncates cleaned up [ 396.842404][T18444] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 396.930812][ T4242] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 397.116213][ T4242] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.251234][ T4242] usb 3-1: config 0 descriptor?? [ 397.732046][ T4242] cm6533_jd 0003:0D8C:0022.000A: unknown main item tag 0x0 [ 397.755561][ T4242] cm6533_jd 0003:0D8C:0022.000A: unknown main item tag 0x0 [ 397.812183][ T4242] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.000A/input/input17 [ 397.969649][ T4242] cm6533_jd 0003:0D8C:0022.000A: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 398.176698][ T4242] usb 3-1: USB disconnect, device number 11 [ 398.337603][T18472] fido_id[18472]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 398.494007][ T26] audit: type=1326 audit(2000000281.504:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.6.6226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 398.565233][ T26] audit: type=1326 audit(2000000281.504:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.6.6226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 398.630434][ T26] audit: type=1326 audit(2000000281.504:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.6.6226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 398.701843][ T26] audit: type=1326 audit(2000000281.534:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18481 comm="syz.6.6226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa10469749 code=0x7ffc0000 [ 398.701927][T18489] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 398.724235][ C1] vkms_vblank_simulate: vblank timer overrun [ 398.737365][T18489] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 398.793916][T18492] loop5: detected capacity change from 0 to 1024 [ 398.926524][T18492] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 398.961577][T18489] vhci_hcd vhci_hcd.0: Device attached [ 398.969403][ T26] audit: type=1800 audit(2000000281.974:222): pid=18492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.6229" name="bus" dev="loop5" ino=18 res=0 errno=0 [ 398.989926][ C1] vkms_vblank_simulate: vblank timer overrun [ 399.046551][T18493] vhci_hcd: connection closed [ 399.054949][ T4303] vhci_hcd: stop threads [ 399.091139][ T4303] vhci_hcd: release socket [ 399.105340][ T4303] vhci_hcd: disconnect device [ 400.268532][T18563] loop1: detected capacity change from 0 to 512 [ 400.387591][T18563] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 400.518118][T18563] ext4 filesystem being mounted at /1305/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 400.793315][T18587] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6268'. [ 400.868477][T18591] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6273'. [ 401.231820][T18614] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6283'. [ 401.296140][T18611] tipc: Started in network mode [ 401.301901][T18611] tipc: Node identity 6ad5a42a1a8a, cluster identity 4711 [ 401.327040][T18611] tipc: Enabled bearer , priority 10 [ 401.437494][T18626] overlayfs: failed to resolve './file0': -2 [ 401.547994][T18633] overlayfs: missing 'lowerdir' [ 402.330212][ T4295] tipc: Node number set to 1885316138 [ 403.863176][T18754] overlayfs: missing 'lowerdir' [ 404.259521][T18776] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6353'. [ 404.830251][ T1108] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 405.000103][ T4295] usb 7-1: new full-speed USB device number 10 using dummy_hcd [ 405.130102][ T1108] usb 2-1: Using ep0 maxpacket: 8 [ 405.284223][ T1108] usb 2-1: too many endpoints for config 0 interface 0 altsetting 250: 251, using maximum allowed: 30 [ 405.295650][ T1108] usb 2-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 251 [ 405.315312][ T1108] usb 2-1: config 0 interface 0 has no altsetting 0 [ 405.323231][ T1108] usb 2-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 405.337244][ T1108] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.366019][ T1108] usb 2-1: config 0 descriptor?? [ 405.440506][ T4295] usb 7-1: config 0 has an invalid interface number: 231 but max is 0 [ 405.451262][ T4295] usb 7-1: config 0 has no interface number 0 [ 405.457494][ T4295] usb 7-1: config 0 interface 231 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 405.660449][ T4295] usb 7-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b [ 405.685254][ T4295] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 405.701007][ T4295] usb 7-1: Product: syz [ 405.705694][ T4295] usb 7-1: Manufacturer: syz [ 405.710987][ T4295] usb 7-1: SerialNumber: syz [ 405.722420][ T1108] usbhid 2-1:0.0: can't add hid device: -71 [ 405.738843][ T1108] usbhid: probe of 2-1:0.0 failed with error -71 [ 405.751020][ T4295] usb 7-1: config 0 descriptor?? [ 405.770137][ T1108] usb 2-1: USB disconnect, device number 11 [ 405.780427][T18797] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 405.859460][ T4295] plusb 7-1:0.231 usb0: register 'plusb' at usb-dummy_hcd.6-1, Prolific PL-2301/PL-2302/PL-25A1/PL-27A1, e2:a9:52:61:2e:36 [ 406.084641][ T23] usb 7-1: USB disconnect, device number 10 [ 406.092570][ T23] plusb 7-1:0.231 usb0: unregister 'plusb' usb-dummy_hcd.6-1, Prolific PL-2301/PL-2302/PL-25A1/PL-27A1 [ 406.118293][T18868] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6398'. [ 406.128552][T18865] loop5: detected capacity change from 0 to 2048 [ 406.202732][T18865] EXT4-fs (loop5): Ignoring removed bh option [ 406.267403][T18865] EXT4-fs (loop5): mounted filesystem without journal. Opts: discard,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 406.443763][T18886] overlayfs: overlapping lowerdir path [ 406.574250][T18893] netlink: 44 bytes leftover after parsing attributes in process `syz.2.6407'. [ 407.597435][T18936] loop1: detected capacity change from 0 to 32768 [ 407.653797][T18936] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.6423 (18936) [ 407.695306][T18936] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 407.704243][T18936] BTRFS info (device loop1): using free space tree [ 407.711206][T18936] BTRFS info (device loop1): has skinny extents [ 407.949824][T18970] netlink: 116 bytes leftover after parsing attributes in process `syz.4.6429'. [ 408.120562][T18973] loop2: detected capacity change from 0 to 2048 [ 408.199461][T18973] loop2: p1 < > p4 < > [ 408.235350][T18936] BTRFS info (device loop1): enabling ssd optimizations [ 408.813677][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 408.827998][ T4312] udevd[4312]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 410.589521][T19077] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6472'. [ 411.414341][T19090] netlink: 'syz.1.6477': attribute type 4 has an invalid length. [ 411.535477][T19090] netlink: 'syz.1.6477': attribute type 5 has an invalid length. [ 411.674254][T19090] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.6477'. [ 411.931595][T19102] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6483'. [ 412.514910][T19128] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6494'. [ 412.560363][T19130] netlink: 116 bytes leftover after parsing attributes in process `syz.6.6492'. [ 412.709665][T19134] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6497'. [ 412.750117][T19134] netlink: 59 bytes leftover after parsing attributes in process `syz.1.6497'. [ 412.770370][T19134] netlink: 59 bytes leftover after parsing attributes in process `syz.1.6497'. [ 412.819020][ T26] audit: type=1326 audit(2000000295.824:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19137 comm="syz.6.6499" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faa10469749 code=0x0 [ 413.068020][T19146] netlink: 132 bytes leftover after parsing attributes in process `syz.4.6502'. [ 414.073493][T19191] atomic_op ffff888076be8198 conn xmit_atomic 0000000000000000 [ 414.173253][ T154] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.305902][ T154] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.425379][ T154] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.646920][ T154] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.892230][T19233] overlayfs: missing 'lowerdir' [ 415.180082][T19235] loop6: detected capacity change from 0 to 32768 [ 415.244547][T19235] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 scanned by syz.6.6544 (19235) [ 415.289296][T19209] chnl_net:caif_netlink_parms(): no params data found [ 415.370628][T19235] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm [ 415.379323][T19235] BTRFS info (device loop6): using free space tree [ 415.386033][T19235] BTRFS info (device loop6): has skinny extents [ 415.741377][T19291] overlayfs: missing 'lowerdir' [ 415.756293][T19235] BTRFS info (device loop6): enabling ssd optimizations [ 415.892549][T19209] bridge0: port 1(bridge_slave_0) entered blocking state [ 415.990380][T19209] bridge0: port 1(bridge_slave_0) entered disabled state [ 416.118189][T19209] device bridge_slave_0 entered promiscuous mode [ 416.311526][T19302] loop2: detected capacity change from 0 to 512 [ 416.349556][T19302] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 416.496000][T19209] bridge0: port 2(bridge_slave_1) entered blocking state [ 416.515347][T19209] bridge0: port 2(bridge_slave_1) entered disabled state [ 416.561790][T19209] device bridge_slave_1 entered promiscuous mode [ 416.585858][ T4295] Bluetooth: hci2: command 0x0409 tx timeout [ 416.792746][T19318] loop4: detected capacity change from 0 to 512 [ 416.826687][T19209] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 416.869460][T19209] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 416.898014][T19318] EXT4-fs (loop4): Ignoring removed bh option [ 417.107234][T19318] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 417.121800][T19318] ext4 filesystem being mounted at /1222/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 417.508100][T19343] overlayfs: missing 'lowerdir' [ 417.574234][T19345] tmpfs: Unknown parameter 'noswap' [ 417.591912][T19209] team0: Port device team_slave_0 added [ 417.631657][T19209] team0: Port device team_slave_1 added [ 417.752028][T19209] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 417.800166][T19209] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 417.826296][ C0] vkms_vblank_simulate: vblank timer overrun [ 417.875633][T19359] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6579'. [ 417.915912][T19209] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 417.968163][T19209] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 418.042407][T19209] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 418.144334][T19209] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 418.217674][T19370] team0: Caught tx_queue_len zero misconfig [ 418.363599][T19209] device hsr_slave_0 entered promiscuous mode [ 418.410834][T19209] device hsr_slave_1 entered promiscuous mode [ 418.660469][ T4265] Bluetooth: hci2: command 0x041b tx timeout [ 418.951239][ T154] device hsr_slave_0 left promiscuous mode [ 418.990688][ T154] device hsr_slave_1 left promiscuous mode [ 419.056167][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 419.097014][ T154] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 419.110333][T19426] loop4: detected capacity change from 0 to 512 [ 419.134469][T19426] EXT4-fs (loop4): Ignoring removed bh option [ 419.141701][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 419.153941][ T154] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 419.176376][ T154] device bridge_slave_1 left promiscuous mode [ 419.203220][ T154] bridge0: port 2(bridge_slave_1) entered disabled state [ 419.205937][T19426] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 419.256817][ T154] device bridge_slave_0 left promiscuous mode [ 419.266230][ T154] bridge0: port 1(bridge_slave_0) entered disabled state [ 419.276661][T19426] ext4 filesystem being mounted at /1231/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 419.328169][T19435] loop1: detected capacity change from 0 to 512 [ 419.402494][T19435] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 419.418324][T19435] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 419.452011][ T154] device veth1_macvtap left promiscuous mode [ 419.465468][ T154] device veth0_macvtap left promiscuous mode [ 419.495829][ T154] device veth1_vlan left promiscuous mode [ 419.544567][ T154] device veth0_vlan left promiscuous mode [ 420.238449][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 420.313845][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 420.583934][ T154] bond0 (unregistering): Released all slaves [ 420.597436][T19498] overlayfs: missing 'workdir' [ 420.759424][ T4265] Bluetooth: hci2: command 0x040f tx timeout [ 420.779026][T19494] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6633'. [ 420.928818][T19513] binder: Bad value for 'max' [ 421.006332][T19209] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 421.072616][T19209] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 421.122797][T19209] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 421.183495][T19209] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 421.304179][T19539] netlink: 56 bytes leftover after parsing attributes in process `syz.2.6648'. [ 421.800481][T19209] 8021q: adding VLAN 0 to HW filter on device bond0 [ 421.845592][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 421.860536][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 421.913585][T19209] 8021q: adding VLAN 0 to HW filter on device team0 [ 422.014967][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 422.034615][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 422.088093][ T4556] bridge0: port 1(bridge_slave_0) entered blocking state [ 422.095292][ T4556] bridge0: port 1(bridge_slave_0) entered forwarding state [ 422.137844][T19583] overlayfs: unrecognized mount option "fscontext=root" or missing value [ 422.156958][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 422.165894][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 422.196644][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 422.242342][ T4556] bridge0: port 2(bridge_slave_1) entered blocking state [ 422.249494][ T4556] bridge0: port 2(bridge_slave_1) entered forwarding state [ 422.324479][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 422.392217][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 422.434369][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 422.492702][T19597] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5) [ 422.499273][T19597] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 422.504427][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 422.559132][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 422.566509][T19597] vhci_hcd vhci_hcd.0: Device attached [ 422.594478][T19599] vhci_hcd: connection closed [ 422.594726][ T4639] vhci_hcd: stop threads [ 422.608627][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 422.624807][ T4639] vhci_hcd: release socket [ 422.638397][ T4639] vhci_hcd: disconnect device [ 422.659526][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 422.685003][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 422.729455][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 422.826205][T19209] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 422.830133][ T1108] Bluetooth: hci2: command 0x0419 tx timeout [ 422.850968][T19209] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 422.868243][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 422.885689][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 423.007838][T19618] loop1: detected capacity change from 0 to 512 [ 423.078694][T19618] EXT4-fs (loop1): Ignoring removed bh option [ 423.257013][T19618] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 423.280367][T19618] ext4 filesystem being mounted at /1395/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 423.508005][T19647] loop2: detected capacity change from 0 to 512 [ 423.551674][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 423.610631][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 423.663594][T19209] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 423.690154][T19647] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 423.774511][T19647] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 423.891824][T19660] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 423.898404][T19660] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 423.940236][T19660] vhci_hcd vhci_hcd.0: Device attached [ 423.967369][T19661] vhci_hcd: connection closed [ 423.967939][ T4597] vhci_hcd: stop threads [ 424.016810][ T4597] vhci_hcd: release socket [ 424.040127][ T4597] vhci_hcd: disconnect device [ 424.405496][T19690] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6691'. [ 424.495565][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 424.526230][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 424.618496][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 424.647129][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 424.697740][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 424.727200][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 424.773741][T19209] device veth0_vlan entered promiscuous mode [ 424.832861][T19209] device veth1_vlan entered promiscuous mode [ 424.920323][T19712] loop4: detected capacity change from 0 to 512 [ 424.974659][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 425.001212][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 425.027771][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 425.037491][T19712] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 425.087274][T19712] EXT4-fs (loop4): inline encryption not supported [ 425.091990][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 425.120466][T19712] EXT4-fs (loop4): Test dummy encryption mode enabled [ 425.141429][T19209] device veth0_macvtap entered promiscuous mode [ 425.191703][T19712] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 425.198898][T19712] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 425.215909][T19209] device veth1_macvtap entered promiscuous mode [ 425.288921][T19209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 425.310432][T19712] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002] [ 425.340073][T19712] System zones: 1-12 [ 425.345873][T19209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.381535][T19712] EXT4-fs (loop4): 1 truncate cleaned up [ 425.400297][T19209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 425.409813][T19712] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,,errors=continue. Quota mode: none. [ 425.411974][T19209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.446215][T19209] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 425.469357][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 425.478726][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 425.490055][ T3523] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 425.513198][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 425.557678][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 425.595402][T19209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 425.606270][T19209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.622554][T19209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 425.637087][T19209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.654456][T19209] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 425.689204][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 425.708170][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 425.749884][T19209] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 425.787538][T19209] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 425.816966][T19209] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 425.850074][T19209] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 425.880980][ T3523] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 425.910559][ T3523] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 425.940158][ T3523] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 425.969701][ T3523] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 426.002676][ T3523] usb 7-1: config 0 descriptor?? [ 426.062624][ T3523] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 426.182766][ T4639] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 426.227795][ T4639] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 426.259110][ T4303] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 426.273302][ T3159] usb 7-1: USB disconnect, device number 11 [ 426.284380][ T4556] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 426.323269][ T4303] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 426.394166][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 426.452213][T19769] loop2: detected capacity change from 0 to 512 [ 426.553908][T19769] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 426.576122][T19769] EXT4-fs (loop2): invalid journal inode [ 426.600337][T19769] EXT4-fs (loop2): can't get journal size [ 426.661441][T19769] EXT4-fs (loop2): 1 truncate cleaned up [ 426.678648][T19769] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,max_batch_time=0x0000000000000003,,errors=continue. Quota mode: none. [ 426.725555][T19782] tmpfs: Unknown parameter 'no' [ 426.789672][T19780] loop1: detected capacity change from 0 to 512 [ 426.909053][T19780] EXT4-fs (loop1): Ignoring removed bh option [ 426.966944][T19780] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 427.010178][T19780] ext4 filesystem being mounted at /1410/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 427.062049][T19801] overlayfs: failed to resolve './file2': -2 [ 427.381657][T19820] overlayfs: missing 'workdir' [ 427.408267][T19825] loop2: detected capacity change from 0 to 128 [ 428.480474][T19835] trusted_key: encrypted_key: insufficient parameters specified [ 428.900107][ T4265] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 429.202080][ T4242] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 429.300499][ T4265] usb 5-1: config 0 has an invalid interface number: 133 but max is 0 [ 429.325482][ T4265] usb 5-1: config 0 has no interface number 0 [ 429.545485][ T4265] usb 5-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 429.570995][ T4242] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 429.571051][ T4265] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 429.592911][ T4242] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 429.615009][ T4265] usb 5-1: Product: syz [ 429.623818][ T4265] usb 5-1: Manufacturer: syz [ 429.628954][ T4265] usb 5-1: SerialNumber: syz [ 429.645787][T19900] device syzkaller0 entered promiscuous mode [ 429.669098][ T4265] usb 5-1: config 0 descriptor?? [ 429.710420][ T4242] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 429.734866][ T4242] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 429.753828][ T4242] usb 3-1: Manufacturer: syz [ 429.782942][ T4242] usb 3-1: config 0 descriptor?? [ 429.971989][ T4265] keyspan 5-1:0.133: Keyspan 1 port adapter converter detected [ 429.992278][ T4265] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 81 [ 430.030286][ T4265] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 1 [ 430.079096][ T4265] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 2 [ 430.115727][ T4265] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 430.152431][ T4265] usb 5-1: USB disconnect, device number 8 [ 430.207218][ T4265] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 430.274106][ T4242] pyra 0003:1E7D:2CF6.000B: unknown main item tag 0x0 [ 430.278644][ T4265] keyspan 5-1:0.133: device disconnected [ 430.301625][ T4242] pyra 0003:1E7D:2CF6.000B: unknown main item tag 0x0 [ 430.350126][ T4242] pyra 0003:1E7D:2CF6.000B: unknown main item tag 0x0 [ 430.395540][ T4242] pyra 0003:1E7D:2CF6.000B: unknown main item tag 0x0 [ 430.403804][T19936] netlink: 3672 bytes leftover after parsing attributes in process `syz.7.6776'. [ 430.437165][ T4242] pyra 0003:1E7D:2CF6.000B: unknown main item tag 0x0 [ 430.463394][ T4242] pyra 0003:1E7D:2CF6.000B: unknown main item tag 0x0 [ 430.475247][ T4242] pyra 0003:1E7D:2CF6.000B: unknown main item tag 0x0 [ 430.503722][ T4242] pyra 0003:1E7D:2CF6.000B: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 430.694992][T19951] loop6: detected capacity change from 0 to 512 [ 430.744819][T19951] EXT4-fs (loop6): Ignoring removed bh option [ 430.840266][T19951] EXT4-fs (loop6): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 430.853542][T19951] ext4 filesystem being mounted at /579/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 430.868073][ T4296] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 431.120352][ T4296] usb 2-1: Using ep0 maxpacket: 16 [ 431.240340][ T4296] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 431.252743][ T4296] usb 2-1: config 0 interface 0 has no altsetting 0 [ 431.259883][ T4296] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 431.277424][ T4296] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 431.321779][ T4296] usb 2-1: config 0 descriptor?? [ 431.538022][T19993] netlink: 'syz.6.6798': attribute type 4 has an invalid length. [ 431.567885][T19993] netlink: 17 bytes leftover after parsing attributes in process `syz.6.6798'. [ 431.625889][T20000] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6800'. [ 431.640357][T20000] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 431.784300][T20000] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 431.808405][ T4296] hid-generic 0003:1E71:2009.000C: hidraw1: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0 [ 432.264629][T20035] loop4: detected capacity change from 0 to 512 [ 432.302472][ T3523] usb 2-1: USB disconnect, device number 12 [ 432.311437][T20035] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 432.320368][ T4242] pyra 0003:1E7D:2CF6.000B: couldn't init struct pyra_device [ 432.345173][ T4242] pyra 0003:1E7D:2CF6.000B: couldn't install mouse [ 432.354642][T20035] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 432.370914][T20038] netlink: 312 bytes leftover after parsing attributes in process `syz.7.6816'. [ 432.383927][ T4242] pyra: probe of 0003:1E7D:2CF6.000B failed with error -71 [ 432.432323][ T4242] usb 3-1: USB disconnect, device number 12 [ 432.619628][T20043] fido_id[20043]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 433.287384][T20052] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6820'. [ 538.929936][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 538.937037][ C1] rcu: 0-...!: (1 GPs behind) idle=361/1/0x4000000000000000 softirq=63757/63761 fqs=8 [ 538.949245][ C1] (detected by 1, t=10502 jiffies, g=74461, q=481) [ 538.956057][ C1] Sending NMI from CPU 1 to CPUs 0: [ 538.961379][ C0] NMI backtrace for cpu 0 [ 538.961391][ C0] CPU: 0 PID: 20081 Comm: modprobe Not tainted syzkaller #0 [ 538.961409][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 538.961420][ C0] RIP: 0010:__lock_acquire+0x457/0x7c60 [ 538.961453][ C0] Code: 8b 05 21 73 a6 7e 31 db 85 c0 0f 95 c3 01 db 48 8b 44 24 30 4c 8d a0 d4 0a 00 00 4c 89 e0 48 c1 e8 03 48 89 84 24 c0 00 00 00 <42> 0f b6 04 00 84 c0 0f 85 55 62 00 00 31 c0 4c 89 a4 24 98 00 00 [ 538.961468][ C0] RSP: 0018:ffffc900000078c0 EFLAGS: 00000807 [ 538.961484][ C0] RAX: 1ffff11004c33c82 RBX: 0000000000000002 RCX: 1ffff11004c33c8a [ 538.961496][ C0] RDX: 0000000000000015 RSI: 0000000000000000 RDI: ffff88802619e440 [ 538.961508][ C0] RBP: ffffc90000007b10 R08: dffffc0000000000 R09: 0000000000000001 [ 538.961521][ C0] R10: fffffbfff1ad33a6 R11: 1ffffffff1ad33a5 R12: ffff88802619e414 [ 538.961534][ C0] R13: 0000000000000000 R14: 0000000000000015 R15: ffff88802619e430 [ 538.961545][ C0] FS: 0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 538.961560][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 538.961571][ C0] CR2: 00007faa0e6cff98 CR3: 000000007363b000 CR4: 00000000003506f0 [ 538.961586][ C0] Call Trace: [ 538.961593][ C0] [ 538.961610][ C0] ? mark_lock+0x94/0x320 [ 538.961635][ C0] ? __lock_acquire+0x13ad/0x7c60 [ 538.961654][ C0] ? verify_lock_unused+0x140/0x140 [ 538.961673][ C0] ? verify_lock_unused+0x140/0x140 [ 538.961692][ C0] ? mark_lock+0x94/0x320 [ 538.961713][ C0] ? __pv_queued_spin_lock_slowpath+0x7e6/0x9c0 [ 538.961735][ C0] lock_acquire+0x197/0x3f0 [ 538.961753][ C0] ? rcu_lock_acquire+0x5/0x30 [ 538.961776][ C0] ? read_lock_is_recursive+0x10/0x10 [ 538.961794][ C0] ? do_raw_spin_lock+0x11d/0x280 [ 538.961812][ C0] ? __rwlock_init+0x140/0x140 [ 538.961828][ C0] ? do_raw_spin_unlock+0x11d/0x230 [ 538.961846][ C0] rcu_lock_acquire+0x2a/0x30 [ 538.961863][ C0] ? rcu_lock_acquire+0x5/0x30 [ 538.961879][ C0] advance_sched+0x6ca/0x940 [ 538.961903][ C0] __hrtimer_run_queues+0x53d/0xc40 [ 538.961926][ C0] ? taprio_free_sched_cb+0x190/0x190 [ 538.961950][ C0] ? hrtimer_interrupt+0x8d0/0x8d0 [ 538.961969][ C0] ? ktime_get_update_offsets_now+0x3ce/0x3e0 [ 538.961989][ C0] hrtimer_interrupt+0x3bb/0x8d0 [ 538.962018][ C0] __sysvec_apic_timer_interrupt+0x137/0x4a0 [ 538.962036][ C0] sysvec_apic_timer_interrupt+0x9b/0xc0 [ 538.962058][ C0] [ 538.962063][ C0] [ 538.962068][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 538.962087][ C0] RIP: 0010:memset_erms+0xe/0x10 [ 538.962107][ C0] Code: b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 f3 aa 4c 89 c8 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 01 01 01 48 0f af [ 538.962121][ C0] RSP: 0018:ffffc900033af5e0 EFLAGS: 00000202 [ 538.962134][ C0] RAX: ffffc900033af6f8 RBX: ffffc900033af6a8 RCX: 0000000000000000 [ 538.962147][ C0] RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc900033af708 [ 538.962158][ C0] RBP: ffffc900033af6f0 R08: dffffc0000000000 R09: ffffc900033af6f8 [ 538.962171][ C0] R10: fffff52000675ee1 R11: 1ffff92000675edf R12: 1ffffffff1bc801b [ 538.962184][ C0] R13: dffffc0000000000 R14: ffffc900033af6f8 R15: ffffc900033af6dd [ 538.962205][ C0] unwind_next_frame+0xa3d/0x1d90 [ 538.962228][ C0] ? do_group_exit+0x12e/0x300 [ 538.962250][ C0] ? stack_trace_save+0xe0/0xe0 [ 538.962266][ C0] arch_stack_walk+0x10c/0x140 [ 538.962287][ C0] ? __x64_sys_exit_group+0x3b/0x40 [ 538.962307][ C0] ? kmem_cache_free+0x8f/0x210 [ 538.962323][ C0] stack_trace_save+0x98/0xe0 [ 538.962338][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 538.962358][ C0] ? memset+0x1e/0x40 [ 538.962376][ C0] kasan_set_track+0x4b/0x70 [ 538.962392][ C0] ? kasan_set_track+0x4b/0x70 [ 538.962407][ C0] ? kasan_set_free_info+0x1f/0x40 [ 538.962425][ C0] ? ____kasan_slab_free+0xd5/0x110 [ 538.962448][ C0] ? slab_free_freelist_hook+0xea/0x170 [ 538.962463][ C0] ? kmem_cache_free+0x8f/0x210 [ 538.962478][ C0] ? exit_mmap+0x4d8/0x5f0 [ 538.962495][ C0] ? __mmput+0x115/0x3b0 [ 538.962509][ C0] ? exit_mm+0x567/0x6c0 [ 538.962526][ C0] ? do_exit+0x5a1/0x20a0 [ 538.962543][ C0] ? do_group_exit+0x12e/0x300 [ 538.962580][ C0] kasan_set_free_info+0x1f/0x40 [ 538.962598][ C0] ____kasan_slab_free+0xd5/0x110 [ 538.962616][ C0] slab_free_freelist_hook+0xea/0x170 [ 538.962634][ C0] ? exit_mmap+0x4d8/0x5f0 [ 538.962664][ C0] kmem_cache_free+0x8f/0x210 [ 538.962682][ C0] exit_mmap+0x4d8/0x5f0 [ 538.962701][ C0] ? vm_brk+0x20/0x20 [ 538.962725][ C0] ? uprobe_clear_state+0x2f6/0x460 [ 538.962742][ C0] ? mm_update_next_owner+0x522/0x640 [ 538.962763][ C0] __mmput+0x115/0x3b0 [ 538.962780][ C0] exit_mm+0x567/0x6c0 [ 538.962798][ C0] ? xacct_add_tsk+0x4b0/0x4b0 [ 538.962818][ C0] ? do_exit+0x20a0/0x20a0 [ 538.962837][ C0] ? __ia32_sys_timer_delete+0x40/0x40 [ 538.962855][ C0] ? hrtimer_try_to_cancel+0x3c9/0x410 [ 538.962873][ C0] ? taskstats_exit+0x439/0xab0 [ 538.962892][ C0] ? tty_audit_exit+0x14e/0x1f0 [ 538.962912][ C0] do_exit+0x5a1/0x20a0 [ 538.962933][ C0] ? put_task_struct+0x80/0x80 [ 538.962953][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 538.962974][ C0] ? lock_chain_count+0x20/0x20 [ 538.962993][ C0] do_group_exit+0x12e/0x300 [ 538.963014][ C0] __x64_sys_exit_group+0x3b/0x40 [ 538.963033][ C0] do_syscall_64+0x4c/0xa0 [ 538.963049][ C0] ? clear_bhb_loop+0x30/0x80 [ 538.963065][ C0] ? clear_bhb_loop+0x30/0x80 [ 538.963081][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 538.963099][ C0] RIP: 0033:0x7fa6d793f6c5 [ 538.963121][ C0] Code: Unable to access opcode bytes at RIP 0x7fa6d793f69b. [ 538.963129][ C0] RSP: 002b:00007ffe6ca6e598 EFLAGS: 00000202 ORIG_RAX: 00000000000000e7 [ 538.963145][ C0] RAX: ffffffffffffffda RBX: 00007fa6d7a40fe8 RCX: 00007fa6d793f6c5 [ 538.963157][ C0] RDX: 00000000000000e7 RSI: ffffffffffffff88 RDI: 0000000000000001 [ 538.963169][ C0] RBP: 0000000000000001 R08: 00007ffe6ca6e528 R09: 0000000000000000 [ 538.963184][ C0] R10: 00007ffe6ca6e3c0 R11: 0000000000000202 R12: 0000000000000000 [ 538.963195][ C0] R13: 0000000000000001 R14: 00007fa6d7a3f680 R15: 00007fa6d7a41000 [ 538.963213][ C0] [ 538.963373][ C1] rcu: rcu_preempt kthread starved for 10486 jiffies! g74461 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 539.589707][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 539.599707][ C1] rcu: RCU grace-period kthread stack dump: [ 539.605694][ C1] task:rcu_preempt state:R running task stack:27584 pid: 15 ppid: 2 flags:0x00004000 [ 539.616759][ C1] Call Trace: [ 539.620055][ C1] [ 539.623011][ C1] __schedule+0x11bb/0x4390 [ 539.627550][ C1] ? _raw_spin_lock_irqsave+0x7f/0xf0 [ 539.632945][ C1] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 539.638871][ C1] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 539.644871][ C1] ? _raw_spin_unlock+0x40/0x40 [ 539.649736][ C1] ? rcu_is_watching+0x11/0xa0 [ 539.654518][ C1] ? release_firmware_map_entry+0x190/0x190 [ 539.660443][ C1] schedule+0x11b/0x1e0 [ 539.664623][ C1] schedule_timeout+0x15c/0x280 [ 539.669521][ C1] ? console_conditional_schedule+0x40/0x40 [ 539.675526][ C1] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 539.681446][ C1] ? update_process_times+0x200/0x200 [ 539.686848][ C1] ? prepare_to_swait_event+0x331/0x350 [ 539.692420][ C1] rcu_gp_fqs_loop+0x29e/0x11b0 [ 539.697390][ C1] ? dyntick_save_progress_counter+0x230/0x230 [ 539.703739][ C1] ? rcu_gp_init+0x10e0/0x10e0 [ 539.708531][ C1] ? _raw_spin_unlock_irq+0x1f/0x40 [ 539.713743][ C1] ? lockdep_hardirqs_on+0x94/0x140 [ 539.719143][ C1] rcu_gp_kthread+0x98/0x350 [ 539.723887][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 539.729017][ C1] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 539.735114][ C1] ? __kthread_parkme+0x157/0x1b0 [ 539.740709][ C1] kthread+0x436/0x520 [ 539.744795][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 539.749925][ C1] ? kthread_blkcg+0xd0/0xd0 [ 539.754568][ C1] ret_from_fork+0x1f/0x30 [ 539.759107][ C1] [ 539.762135][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 539.768739][ C1] NMI backtrace for cpu 1 [ 539.773158][ C1] CPU: 1 PID: 20089 Comm: syz.6.6836 Not tainted syzkaller #0 [ 539.780629][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 539.790721][ C1] Call Trace: [ 539.794029][ C1] [ 539.796885][ C1] dump_stack_lvl+0x168/0x230 [ 539.801771][ C1] ? show_regs_print_info+0x20/0x20 [ 539.807014][ C1] ? load_image+0x3b0/0x3b0 [ 539.811557][ C1] ? irq_work_queue+0xbf/0x140 [ 539.816364][ C1] nmi_cpu_backtrace+0x397/0x3d0 [ 539.821328][ C1] ? nmi_trigger_cpumask_backtrace+0x280/0x280 [ 539.827720][ C1] ? _printk+0xcc/0x110 [ 539.832000][ C1] ? cpu_online+0x1d/0x30 [ 539.836348][ C1] ? load_image+0x3b0/0x3b0 [ 539.840888][ C1] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 539.847114][ C1] nmi_trigger_cpumask_backtrace+0x163/0x280 [ 539.853154][ C1] rcu_check_gp_kthread_starvation+0x1cd/0x250 [ 539.859520][ C1] print_other_cpu_stall+0x10c8/0x1220 [ 539.865006][ C1] ? print_cpu_stall+0x5f0/0x5f0 [ 539.870194][ C1] ? timekeeping_advance+0x7f6/0xac0 [ 539.875503][ C1] ? __lock_acquire+0x7c60/0x7c60 [ 539.880645][ C1] rcu_sched_clock_irq+0x831/0x1110 [ 539.885956][ C1] ? rcutree_dead_cpu+0x20/0x20 [ 539.890832][ C1] ? account_process_tick+0x227/0x3a0 [ 539.896370][ C1] update_process_times+0x193/0x200 [ 539.901590][ C1] tick_sched_timer+0x37d/0x560 [ 539.906460][ C1] __hrtimer_run_queues+0x4fe/0xc40 [ 539.911693][ C1] ? tick_setup_sched_timer+0x2c0/0x2c0 [ 539.917445][ C1] ? hrtimer_interrupt+0x8d0/0x8d0 [ 539.922588][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0 [ 539.928778][ C1] hrtimer_interrupt+0x3bb/0x8d0 [ 539.933898][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0 [ 539.940000][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0 [ 539.945668][ C1] [ 539.948611][ C1] [ 539.951573][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 539.957669][ C1] RIP: 0010:smp_call_function_many_cond+0xb88/0xd70 [ 539.964569][ C1] Code: b6 44 05 00 84 c0 0f 85 9d 00 00 00 41 8b 1c 24 89 de 83 e6 01 31 ff e8 66 49 0b 00 83 e3 01 75 07 e8 fc 45 0b 00 eb 43 f3 90 <48> b8 00 00 00 00 00 fc ff df 41 0f b6 44 05 00 84 c0 75 11 41 f7 [ 539.984280][ C1] RSP: 0018:ffffc90002c4f300 EFLAGS: 00000246 [ 539.990536][ C1] RAX: ffffffff816c863b RBX: 0000000000000001 RCX: 0000000000080000 [ 539.998965][ C1] RDX: ffffc90015e30000 RSI: 000000000007ffff RDI: 0000000000080000 [ 540.006986][ C1] RBP: ffffc90002c4f440 R08: dffffc0000000000 R09: fffffbfff1ff7c1a [ 540.015094][ C1] R10: fffffbfff1ff7c1a R11: 1ffffffff1ff7c19 R12: ffff8880b9042848 [ 540.023204][ C1] R13: 1ffff11017208509 R14: ffff8880b913b3c0 R15: 0000000000000000 [ 540.031233][ C1] ? smp_call_function_many_cond+0xbab/0xd70 [ 540.037449][ C1] ? flush_tlb_all+0x20/0x20 [ 540.042072][ C1] ? smp_call_function_many+0x30/0x30 [ 540.047552][ C1] ? __lock_acquire+0x7c60/0x7c60 [ 540.052610][ C1] ? do_raw_spin_lock+0x11d/0x280 [ 540.057691][ C1] ? __rwlock_init+0x140/0x140 [ 540.062492][ C1] ? flush_tlb_all+0x20/0x20 [ 540.067108][ C1] on_each_cpu_cond_mask+0x3b/0x80 [ 540.072252][ C1] __purge_vmap_area_lazy+0x216/0x18f0 [ 540.077847][ C1] ? cpumask_next+0xb3/0xd0 [ 540.082395][ C1] ? purge_fragmented_blocks_allcpus+0x8b8/0x9d0 [ 540.088743][ C1] ? purge_fragmented_blocks_allcpus+0x950/0x9d0 [ 540.095178][ C1] ? mutex_lock_io_nested+0x60/0x60 [ 540.100791][ C1] ? purge_fragmented_blocks_allcpus+0x9d0/0x9d0 [ 540.107474][ C1] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 540.113602][ C1] _vm_unmap_aliases+0x410/0x4a0 [ 540.118580][ C1] change_page_attr_set_clr+0x311/0xc10 [ 540.124154][ C1] ? __set_memory_prot+0xd0/0xd0 [ 540.129300][ C1] ? find_vm_area+0xfe/0x130 [ 540.133928][ C1] ? __lock_acquire+0x7c60/0x7c60 [ 540.138978][ C1] ? do_raw_spin_lock+0x11d/0x280 [ 540.144116][ C1] set_memory_ro+0x89/0xd0 [ 540.148650][ C1] ? set_memory_nx+0x110/0x110 [ 540.153630][ C1] ? do_raw_spin_unlock+0x11d/0x230 [ 540.159025][ C1] ? _raw_spin_unlock+0x24/0x40 [ 540.164072][ C1] bpf_int_jit_compile+0xc4a8/0xcc80 [ 540.169505][ C1] ? kfree+0xef/0x2a0 [ 540.173760][ C1] ? emit_bpf_dispatcher+0x1020/0x1020 [ 540.179423][ C1] bpf_prog_select_runtime+0x46f/0x7c0 [ 540.184913][ C1] ? bpf_prog_realloc+0x142/0x1c0 [ 540.190071][ C1] bpf_prepare_filter+0x1014/0x11c0 [ 540.195495][ C1] ? seccomp_attach_filter+0xbc0/0xbc0 [ 540.200977][ C1] ? bpf_prog_create+0x1f0/0x1f0 [ 540.206054][ C1] ? memcpy+0x3c/0x60 [ 540.210159][ C1] bpf_prog_create_from_user+0x2ce/0x420 [ 540.215815][ C1] ? seccomp_attach_filter+0xbc0/0xbc0 [ 540.221303][ C1] do_seccomp+0x7b6/0x1630 [ 540.225827][ C1] ? __lock_acquire+0x7c60/0x7c60 [ 540.231016][ C1] ? prctl_set_seccomp+0x60/0x60 [ 540.236104][ C1] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 540.242210][ C1] ? vtime_user_exit+0x2dc/0x400 [ 540.247360][ C1] ? lockdep_hardirqs_on+0x94/0x140 [ 540.252589][ C1] do_syscall_64+0x4c/0xa0 [ 540.257021][ C1] ? clear_bhb_loop+0x30/0x80 [ 540.261809][ C1] ? clear_bhb_loop+0x30/0x80 [ 540.266610][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 540.272534][ C1] RIP: 0033:0x7faa10469749 [ 540.276985][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 540.296839][ C1] RSP: 002b:00007faa0e6d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 540.305631][ C1] RAX: ffffffffffffffda RBX: 00007faa106bffa0 RCX: 00007faa10469749 [ 540.313723][ C1] RDX: 00002000000000c0 RSI: 0000000000000000 RDI: 0000000000000001 [ 540.321822][ C1] RBP: 00007faa104edf91 R08: 0000000000000000 R09: 0000000000000000 [ 540.329995][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 540.338171][ C1] R13: 00007faa106c0038 R14: 00007faa106bffa0 R15: 00007ffd3fe20288 [ 540.346303][ C1]