last executing test programs: 6.904601816s ago: executing program 3 (id=3086): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) write(r1, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket(0x2, 0x2, 0x1) 6.101419217s ago: executing program 2 (id=3093): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00), 0x1, 0x41) readv(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x100000001, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) 4.382902989s ago: executing program 3 (id=3101): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) writev(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)="57c8", 0x2}], 0x1) sendto$inet(r1, 0x0, 0x0, 0x805, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r2, &(0x7f00000075c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40804) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) 3.790863139s ago: executing program 2 (id=3106): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r6, 0x0, 0x0, 0x0, 0x1) 3.540509684s ago: executing program 3 (id=3110): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) 3.409208097s ago: executing program 3 (id=3111): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 2.912916007s ago: executing program 1 (id=3117): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x400, &(0x7f0000000100), 0xff, 0x4a6, &(0x7f0000000980)="$eJzs3MtvVFUYAPDvTh+8aUVEQdAqGomPlhZUFi7UaOJCExNd4LK2BZGBGloTIY0WY3BpSNwblyb+Be7cGHVhTNxq4tKQEG1MKK5q7gum02mZlpYpnd8vmc45c1/nu+eemXPv6b0BtK2+9E8SsT0ifo+Injw7f4a+/G12Zmrk+szUSBJzc2/9nWTzXZuZGilnLZfbVmQOVSIqnyXxYrJwuxPnL5werlbHzhX5gckzHwxMnL/wzKkzwyfHTo6dHTp27OiRweefG3p2VeJM47q27+Px/Xtfe+fyGyPHL7/707dpsfYcyKfXxnFL1xsE1EBfutf+mcvUT3t8GWW/G+yoSSedLSwIy9IREWl1dWXtvyc64mbl9cSrn7a0cMCaSn+bNi0+eXoO2MCSaHUJgNYof+jT89/ydYe6HuvC1Zciuov07MzUyOyN+DujUnzetYbb74uI49P/fZW+YrnXIQAAViDr2zzdqP9XiT3Zez7WsbMYQ+mNiHsiYldE3BsRuyPivohs3vujOx7IF57raXL7fXX5hf2fypWGZV4laf/vhZq+32xN/MVbb0eR25HF35WcOFUdO1zsk0PRtSnNDy6xje9f+e2LxabV9v/SV7r9si9YFOBKZ90FutHhyeHV2glXL0bs62wUf3JjJCA9AvZGxL7lrXpnmTj15Df7F5vp1vEvYRXGmea+jngir//pqIu/lCw9PjmwOapjhwfKo2Khn3+99GaR7K6fdlvxr4K0/rfOP/6LKReL955/k3y8tiuq1bFzE8vfxqU/Pl/0nGalx3938nY2Zv3Le/lnHw1PTp4bjOhOXs/y5Y7OPh+6uWyZL+dP4z90sHH731Usk8b/YESkB/GBiHgoIh4uyv5IRDwaEQeXiP/Hlx97f4n4k0iipfU/2vD7L4nYnCV6k9rx+hUkOk7/8N1iI+bN1f/RmM6+a3PZ998tNFvA29+DAAAAsP5VImJ7JJX+PN23PSqV/v78f/h3x9ZKdXxi8qkT4x+eHc3vEeiNrkp5paun5nroYDJdrDHPDxXXisvpR4rrxl92bMny/SPj1dEWxw7tbtv89h9l+0/91dHq0gFrzv1a0L7q23+lReUA7rxmfv+dC8DG1KD9b2lFOYA7z/k/tK9G7f+Turz+P2xMC9v/nw0eWQdsRPr/0L60f2hf2j+0pWbv4i+fp7DihwDMS5Q3C6x8PZubvsN//SX61mTNZQ2tZeG3xM1PorKMxcurSY3nmV4HlbLOE2mLWcnisbP5Z2HMTzR4WA0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBd6P8AAAD//9FR4Lw=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) 2.850736434s ago: executing program 2 (id=3118): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, 0x0, 0x0, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_X86_SETUP_MCE(r8, 0x4008ae9c, 0x0) 2.847636614s ago: executing program 0 (id=3119): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x14, 0xd, 0xa, 0x801, 0x0, 0x0, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000) 2.695914419s ago: executing program 0 (id=3120): madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x14) 2.636065265s ago: executing program 0 (id=3121): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r3, &(0x7f00000075c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40804) syz_usb_connect(0x5, 0x24, &(0x7f00000004c0)={{0x12, 0x1, 0x0, 0xa0, 0x99, 0x53, 0x10, 0x19d2, 0xffbf, 0x6878, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0x10, 0x40, 0x6, [{{0x9, 0x4, 0x40, 0x0, 0x0, 0xff, 0xff, 0xff, 0x60}}]}}]}}, 0x0) 2.610375317s ago: executing program 2 (id=3122): rt_sigaction(0xd, 0x0, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0x118) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@version_u}]}}) 2.499787199s ago: executing program 1 (id=3123): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, 0x0, 0x0, 0x4) openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0) 2.48540497s ago: executing program 2 (id=3124): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0) ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f0000000380)={{0x0, 0x400, 0x4b, 0x9}, 'syz0\x00', 0x11}) ioctl$UI_DEV_SETUP(r4, 0x5501, 0x0) syz_open_dev$evdev(&(0x7f0000000040), 0xfffffffffffffffe, 0x2) 2.302529048s ago: executing program 1 (id=3125): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, 0x0, 0x0, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r2, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000100)) 2.154646274s ago: executing program 1 (id=3126): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r6, 0x0, 0x0, 0x0, 0x1) 2.003986248s ago: executing program 1 (id=3127): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000740)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000001800000018000000050000000100000001000013040000000200000088060000ff0f0000002e2e"], 0x0, 0x35, 0x0, 0x1}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 1.854540904s ago: executing program 1 (id=3128): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r6, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r6, @ANYRES64=r5], 0x118) ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r7 = socket$netlink(0x10, 0x3, 0x0) writev(r7, &(0x7f00000000c0)=[{&(0x7f0000000080)="390000001300090468fe0700200000000000ff3f08000000480100100000000019002b000a0001000500000000000072080003000500030000", 0x39}], 0x1) 1.401194099s ago: executing program 3 (id=3129): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000001c0)={0x1, &(0x7f0000f07000)=[{0x6, 0x0, 0xfd}]}, 0xfc9e) 1.196366499s ago: executing program 0 (id=3130): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r2, 0x1000) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r4, @ANYRES64=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x0) ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00), 0x0, 0x4) socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042) 187.964551ms ago: executing program 3 (id=3131): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000022c0)=ANY=[@ANYBLOB="b702000000000090bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f01000000010000006e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b98d2de10c21d3ea02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d000000200008000000000000001abc11c800000000000000000000000928ee53595a779d243a48cea769470424d20a04c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e495f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e4a48dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94) r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x4, 0x24, &(0x7f0000000100)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0xc0085504, &(0x7f0000002940)) 135.851636ms ago: executing program 2 (id=3132): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r5, @ANYRES32=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r6 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r6, 0x0, 0x0, 0x805, 0x0, 0x0) 116.646898ms ago: executing program 0 (id=3133): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, 0x0, 0x0, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x8080, &(0x7f0000000b80)=ANY=[@ANYBLOB="636865636b3d7374726963742c757466383d312c757466383d302c757466383d312c6e66732c6572726f72733d72656d6f756e742d726f2c73686f72746e616d653d77696e6e742c00043518f9aad8a4f2c1cdb3e993cf0444d9d2d40bb509d4da042c2c85e3650de97db42c38cafa7a9d7503c3c985486cf7fc80515e9bef7e9e56fb346de370b3eb3ecbc59d343c36bf04efc3d68033308b0014b0c677ae5ef2932cc05f566112668fa4f6844dcf823618a2993da771384e8fc12467a56b33e3b00030dbfd82ea2f8ddbeb1d04bac86815ebe0b9d084d60edf56b15e74589892dce86962f611a4313120b738dddfd38d20b443570197dc795020ecf541601ef9a5618869febf769dd50261849a47e170ba166b97e76a0261d0dc1fb3e2646595f1c8b49057d94f10f7b5e35ead0a38", @ANYRES8=0x0], 0x3, 0x232, &(0x7f0000000640)="$eJzs2r+LHGUYB/BnzsSLFy574i8SEF+0UJshd7VFDklAXFA0K0RBMvFmddlx99hZDlbEbKWtf4K1WNoJktLmGv8CC7trrkwhjmz21GzYFEHNJfHzaeaBd77M+zLvvDzFHLz29af9bp13i3GsZFmsXIhp3MxiI1biT9N49eUrPz3/7pX339xuty++k9Kl7cubWymlMy/8+MHn3714Y3z6ve/P/LAa+xsfHhxu/br/7P7Zg98vf9KrU69Og+E4FenacDgurlVl2unV/Tylt6uyqMvUG9TlaGG8Ww13dyepGOysr+2OyrpOxWCS+uUkjYdpPJqk4uOiN0h5nqf1teCf6Hx7s2nisDl5NZqmeeKbOH0j1n+JVmRPpuypC9kzV7PnptnZw6ZpHfdU+U94//9vtx3qpyKqr/Y6e535dT6+3Y1eVFHG+WjFbzHbJkfm9aU32hfPp1s24svq+lH++l7nscX8ZrRiY3l+c55Pi/nVWIs4GXGU34pWPL08v7U0fypeeem25+fRip8/imFUsROz7N/5LzZTev2t9h35c7fuAwB41OTpL0v7tzy/2/g8fw/94R391Yk4d+J4105EPfmsX1RVOXpki9kqH4BpKP7NYjXuKZVFTGf74IGY/OMPx6d3rMcS98niOQkAAAAAAAAAAMDD4n79gQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHA3fwQAAP//rHDMJg==") rt_sigaction(0xd, 0x0, 0x0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, 0x0, 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x0) 0s ago: executing program 0 (id=3134): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, 0x0, 0x0, 0x4008080) socket$inet6(0xa, 0x80002, 0x88) kernel console output (not intermixed with test programs): 0000-000000000000 r/w without journal. Quota mode: none. [ 170.861623][ T7555] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.862781][ T7557] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.975709][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 171.098591][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.510668][ T7572] loop2: detected capacity change from 0 to 1024 [ 171.587101][ T7572] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 171.633859][ T7572] ext4 filesystem being mounted at /178/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 171.804239][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 172.629232][ T7590] netlink: 56 bytes leftover after parsing attributes in process `syz.3.769'. [ 172.714297][ T7586] loop2: detected capacity change from 0 to 8192 [ 173.590884][ T27] kauditd_printk_skb: 55 callbacks suppressed [ 173.590897][ T27] audit: type=1326 audit(1763425103.866:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 173.662622][ T27] audit: type=1326 audit(1763425103.866:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 173.725129][ T27] audit: type=1326 audit(1763425103.906:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 173.762247][ T27] audit: type=1326 audit(1763425103.906:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 173.828409][ T27] audit: type=1326 audit(1763425103.906:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 173.867059][ T27] audit: type=1326 audit(1763425103.906:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 173.919511][ T27] audit: type=1326 audit(1763425103.906:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 173.982626][ T27] audit: type=1326 audit(1763425103.906:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 174.046098][ T27] audit: type=1326 audit(1763425103.906:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 174.107046][ T27] audit: type=1326 audit(1763425103.906:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 175.988761][ T7654] 9pnet_fd: Insufficient options for proto=fd [ 176.399973][ T7661] loop0: detected capacity change from 0 to 1024 [ 176.455431][ T7661] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 176.472831][ T7661] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.631822][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 176.920727][ T7672] netlink: 9 bytes leftover after parsing attributes in process `syz.2.814'. [ 177.785040][ T7680] loop2: detected capacity change from 0 to 8192 [ 179.009926][ T7688] 9pnet_fd: Insufficient options for proto=fd [ 179.645451][ T7706] loop2: detected capacity change from 0 to 8192 [ 179.874255][ T7711] 9pnet_fd: Insufficient options for proto=fd [ 181.803918][ T7750] netlink: 56 bytes leftover after parsing attributes in process `syz.2.851'. [ 182.119425][ T7754] 9pnet_fd: Insufficient options for proto=fd [ 182.282029][ T7756] loop0: detected capacity change from 0 to 1024 [ 182.353948][ T7756] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 182.424623][ T7756] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 182.575120][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 184.189142][ T7789] loop3: detected capacity change from 0 to 8192 [ 186.018792][ T27] kauditd_printk_skb: 21 callbacks suppressed [ 186.018805][ T27] audit: type=1326 audit(1763425116.296:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7816 comm="syz.1.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 186.147886][ T27] audit: type=1326 audit(1763425116.326:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7816 comm="syz.1.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 186.202389][ T27] audit: type=1326 audit(1763425116.336:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7816 comm="syz.1.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 186.239403][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 186.247216][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 186.255137][ T5104] Bluetooth: hci2: command 0x0406 tx timeout [ 186.264894][ T5796] Bluetooth: hci1: command 0x0406 tx timeout [ 186.267988][ T27] audit: type=1326 audit(1763425116.336:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7816 comm="syz.1.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 186.295757][ T27] audit: type=1326 audit(1763425116.336:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7816 comm="syz.1.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 186.320297][ T27] audit: type=1326 audit(1763425116.336:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7816 comm="syz.1.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 186.342789][ T27] audit: type=1326 audit(1763425116.336:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7816 comm="syz.1.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 186.365176][ T27] audit: type=1326 audit(1763425116.346:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7816 comm="syz.1.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 186.388157][ T27] audit: type=1326 audit(1763425116.346:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7816 comm="syz.1.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 186.410658][ T27] audit: type=1326 audit(1763425116.346:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7816 comm="syz.1.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 189.896723][ T7829] netlink: 9 bytes leftover after parsing attributes in process `syz.2.886'. [ 190.060572][ T7833] 9pnet_fd: Insufficient options for proto=fd [ 191.381494][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 191.381508][ T27] audit: type=1326 audit(1763425121.656:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 191.472648][ T27] audit: type=1326 audit(1763425121.656:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 191.523761][ T27] audit: type=1326 audit(1763425121.656:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 191.579417][ T27] audit: type=1326 audit(1763425121.656:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 191.627773][ T27] audit: type=1326 audit(1763425121.656:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 191.689891][ T27] audit: type=1326 audit(1763425121.656:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 191.740296][ T27] audit: type=1326 audit(1763425121.656:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 191.797644][ T27] audit: type=1326 audit(1763425121.656:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 191.837963][ T27] audit: type=1326 audit(1763425121.656:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 191.865233][ T27] audit: type=1326 audit(1763425121.656:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 194.401247][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.410377][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.453777][ T7854] 9pnet_fd: Insufficient options for proto=fd [ 196.493585][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 196.493598][ T27] audit: type=1326 audit(1763425126.776:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.1.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 196.563159][ T27] audit: type=1326 audit(1763425126.776:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.1.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 196.622459][ T27] audit: type=1326 audit(1763425126.806:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.1.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 196.696705][ T27] audit: type=1326 audit(1763425126.806:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.1.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 196.718831][ T7867] loop1: detected capacity change from 0 to 512 [ 196.757312][ T27] audit: type=1326 audit(1763425126.806:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.1.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 196.818051][ T27] audit: type=1326 audit(1763425126.826:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.1.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 196.818742][ T7867] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 196.860612][ T7867] ext4 filesystem being mounted at /217/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 196.919624][ T27] audit: type=1326 audit(1763425126.826:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.1.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 196.948359][ T27] audit: type=1326 audit(1763425126.826:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.1.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 196.973878][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.977406][ T27] audit: type=1326 audit(1763425126.826:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.1.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 197.048532][ T27] audit: type=1326 audit(1763425126.826:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.1.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 198.735137][ T7900] loop3: detected capacity change from 0 to 1024 [ 198.825793][ T7900] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 198.867594][ T7900] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 199.049124][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 199.317965][ T7912] loop3: detected capacity change from 0 to 512 [ 199.350737][ T7912] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 199.383289][ T7912] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 199.610440][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.789358][ T7926] loop3: detected capacity change from 0 to 512 [ 199.850679][ T7926] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 199.957972][ T7926] ext4 filesystem being mounted at /239/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 200.159892][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.420620][ T7951] 9pnet_fd: Insufficient options for proto=fd [ 202.457978][ T7968] loop0: detected capacity change from 0 to 8192 [ 204.973803][ T7995] loop1: detected capacity change from 0 to 512 [ 205.054450][ T7995] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.087308][ T7995] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 205.242356][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.450298][ T8002] loop1: detected capacity change from 0 to 1024 [ 205.528018][ T8002] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 205.598067][ T8002] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 205.628098][ T8008] netlink: 24 bytes leftover after parsing attributes in process `syz.3.964'. [ 205.774301][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 209.361779][ T8025] netlink: 56 bytes leftover after parsing attributes in process `syz.3.971'. [ 213.560331][ T8053] loop2: detected capacity change from 0 to 8192 [ 217.394341][ T8081] netlink: 56 bytes leftover after parsing attributes in process `syz.2.996'. [ 218.029957][ T8095] loop0: detected capacity change from 0 to 8192 [ 218.991820][ T8122] loop0: detected capacity change from 0 to 8192 [ 219.441034][ T8130] loop0: detected capacity change from 0 to 512 [ 219.524938][ T8130] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.552938][ T8130] ext4 filesystem being mounted at /250/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 219.747509][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.146613][ T8151] 9pnet_fd: Insufficient options for proto=fd [ 222.093295][ T8187] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1050'. [ 223.895028][ T8211] binder: BINDER_SET_CONTEXT_MGR already set [ 223.901442][ T8211] binder: 8210:8211 ioctl 4018620d 200000000040 returned -16 [ 225.091715][ T8244] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1067'. [ 226.059650][ T8266] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1088'. [ 226.091579][ T8266] gretap0: entered promiscuous mode [ 227.740844][ T27] kauditd_printk_skb: 57 callbacks suppressed [ 227.740857][ T27] audit: type=1326 audit(1763425158.016:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 227.792197][ T27] audit: type=1326 audit(1763425158.066:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 227.837187][ T27] audit: type=1326 audit(1763425158.066:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 227.891579][ T27] audit: type=1326 audit(1763425158.066:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 227.936335][ T27] audit: type=1326 audit(1763425158.066:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 228.012721][ T27] audit: type=1326 audit(1763425158.066:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 228.082618][ T27] audit: type=1326 audit(1763425158.066:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 228.147337][ T27] audit: type=1326 audit(1763425158.066:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 228.210246][ T27] audit: type=1326 audit(1763425158.066:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 228.306847][ T27] audit: type=1326 audit(1763425158.066:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 228.649631][ T8309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1108'. [ 234.468580][ T8363] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1128'. [ 234.754538][ T8369] 9pnet_fd: Insufficient options for proto=fd [ 234.943956][ T8373] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1123'. [ 236.161410][ T8392] loop3: detected capacity change from 0 to 512 [ 236.226591][ T27] kauditd_printk_skb: 25 callbacks suppressed [ 236.226605][ T27] audit: type=1326 audit(1763425166.506:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8393 comm="syz.0.1142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad67f8f6c9 code=0x7ffc0000 [ 236.324708][ T8392] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.382773][ T8392] ext4 filesystem being mounted at /317/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 236.393733][ T27] audit: type=1326 audit(1763425166.506:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8393 comm="syz.0.1142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad67f8f6c9 code=0x7ffc0000 [ 236.458084][ T27] audit: type=1326 audit(1763425166.506:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8393 comm="syz.0.1142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fad67f8f6c9 code=0x7ffc0000 [ 236.519312][ T27] audit: type=1326 audit(1763425166.516:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8393 comm="syz.0.1142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad67f8f6c9 code=0x7ffc0000 [ 236.559411][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.610143][ T27] audit: type=1326 audit(1763425166.516:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8393 comm="syz.0.1142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad67f8f6c9 code=0x7ffc0000 [ 236.683640][ T27] audit: type=1326 audit(1763425166.516:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8393 comm="syz.0.1142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fad67f8f6c9 code=0x7ffc0000 [ 236.752670][ T27] audit: type=1326 audit(1763425166.516:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8393 comm="syz.0.1142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad67f8f6c9 code=0x7ffc0000 [ 236.830693][ T27] audit: type=1326 audit(1763425166.516:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8393 comm="syz.0.1142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fad67f8f6c9 code=0x7ffc0000 [ 236.910088][ T27] audit: type=1326 audit(1763425166.516:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8393 comm="syz.0.1142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad67f8f6c9 code=0x7ffc0000 [ 236.968217][ T27] audit: type=1326 audit(1763425166.516:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8393 comm="syz.0.1142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad67f8f6c9 code=0x7ffc0000 [ 237.627730][ T8414] loop0: detected capacity change from 0 to 512 [ 237.681322][ T8414] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 237.707114][ T8414] ext4 filesystem being mounted at /274/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 237.799974][ T8422] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1149'. [ 237.906781][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.396491][ T8436] loop1: detected capacity change from 0 to 512 [ 238.478385][ T8436] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 238.491513][ T8436] ext4 filesystem being mounted at /281/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 238.691176][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.338746][ T8453] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1166'. [ 239.993281][ T8471] 9pnet_fd: Insufficient options for proto=fd [ 241.398273][ T8506] binder: 8504:8506 ioctl 4018620d 0 returned -22 [ 241.721228][ T8511] loop2: detected capacity change from 0 to 8192 [ 242.540232][ T8530] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1202'. [ 242.574273][ T8530] gretap0: entered promiscuous mode [ 244.755753][ T8563] loop2: detected capacity change from 0 to 512 [ 244.795488][ T8563] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 244.828112][ T8563] ext4 filesystem being mounted at /286/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 244.968072][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 245.761858][ T8578] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1223'. [ 252.729524][ T8645] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1254'. [ 254.155329][ T8676] loop1: detected capacity change from 0 to 512 [ 254.239655][ T8676] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 254.272787][ T8676] ext4 filesystem being mounted at /323/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 254.429701][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.362756][ T8696] binder: 8695:8696 ioctl c0306201 0 returned -14 [ 255.772317][ T8705] loop1: detected capacity change from 0 to 512 [ 255.837251][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.844669][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.871082][ T8705] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 255.892693][ T8705] ext4 filesystem being mounted at /330/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 256.058758][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.778185][ T27] kauditd_printk_skb: 24 callbacks suppressed [ 256.778199][ T27] audit: type=1326 audit(1763425187.056:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 256.861101][ T27] audit: type=1326 audit(1763425187.056:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 256.946851][ T27] audit: type=1326 audit(1763425187.086:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 257.012619][ T27] audit: type=1326 audit(1763425187.086:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 257.092573][ T27] audit: type=1326 audit(1763425187.086:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 257.162601][ T27] audit: type=1326 audit(1763425187.086:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 257.225422][ T27] audit: type=1326 audit(1763425187.086:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 257.302610][ T27] audit: type=1326 audit(1763425187.086:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 257.375827][ T27] audit: type=1326 audit(1763425187.086:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 257.442589][ T27] audit: type=1326 audit(1763425187.086:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8721 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31e878f6c9 code=0x7ffc0000 [ 259.023205][ T8739] binder: 8738:8739 ioctl c0306201 0 returned -14 [ 259.053769][ T8739] binder: BINDER_SET_CONTEXT_MGR already set [ 259.059806][ T8739] binder: 8738:8739 ioctl 4018620d 200000000040 returned -16 [ 259.521828][ T8744] loop2: detected capacity change from 0 to 512 [ 259.580152][ T8744] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 259.608473][ T8744] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 259.683839][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.822459][ T8752] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1297'. [ 261.277739][ T8776] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1311'. [ 262.008380][ T8784] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1315'. [ 263.838748][ T8816] loop2: detected capacity change from 0 to 512 [ 263.892877][ T8816] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 263.981337][ T8816] ext4 filesystem being mounted at /298/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 264.215712][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.097168][ T8881] loop1: detected capacity change from 0 to 512 [ 270.171705][ T8881] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 270.261044][ T8881] ext4 filesystem being mounted at /348/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 270.425952][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.461048][ T8955] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1392'. [ 277.452459][ T8974] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1391'. [ 278.370590][ T8994] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1409'. [ 279.813344][ T9013] loop2: detected capacity change from 0 to 512 [ 279.878170][ T9013] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 279.953018][ T9013] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 280.133962][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.992321][ T9035] loop3: detected capacity change from 0 to 512 [ 281.062782][ T9035] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.075523][ T9035] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 281.273410][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.367841][ T9043] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1424'. [ 281.454451][ T9045] loop3: detected capacity change from 0 to 512 [ 281.543965][ T9045] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.569883][ T9045] ext4 filesystem being mounted at /402/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 281.601840][ T9049] loop0: detected capacity change from 0 to 512 [ 281.707399][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.730070][ T9049] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.778112][ T9049] ext4 filesystem being mounted at /338/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 281.940278][ T27] kauditd_printk_skb: 22 callbacks suppressed [ 281.940294][ T27] audit: type=1326 audit(1763425212.216:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9060 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 281.979918][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.029840][ T27] audit: type=1326 audit(1763425212.216:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9060 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 282.120541][ T27] audit: type=1326 audit(1763425212.256:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9060 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 282.159197][ T27] audit: type=1326 audit(1763425212.256:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9060 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 282.187201][ T27] audit: type=1326 audit(1763425212.256:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9060 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 282.277832][ T27] audit: type=1326 audit(1763425212.256:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9060 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 282.347155][ T27] audit: type=1326 audit(1763425212.256:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9060 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 282.386069][ T27] audit: type=1326 audit(1763425212.256:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9060 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 282.431671][ T27] audit: type=1326 audit(1763425212.256:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9060 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 282.492716][ T27] audit: type=1326 audit(1763425212.256:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9060 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 282.618404][ T9076] loop2: detected capacity change from 0 to 512 [ 282.669359][ T9076] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.692764][ T9076] ext4 filesystem being mounted at /323/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 282.830254][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.524411][ T9110] loop0: detected capacity change from 0 to 512 [ 283.623737][ T9110] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 283.642784][ T9110] ext4 filesystem being mounted at /343/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 283.879625][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.113337][ T9121] loop3: detected capacity change from 0 to 512 [ 284.125388][ T9125] binder: 9124:9125 ioctl c0306201 0 returned -14 [ 284.181619][ T9121] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 284.218254][ T9121] ext4 filesystem being mounted at /412/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 284.383815][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.668063][ T9142] loop1: detected capacity change from 0 to 512 [ 284.759041][ T9142] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 284.864662][ T9142] ext4 filesystem being mounted at /381/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 285.007385][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.238218][ T9161] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1478'. [ 285.508584][ T9171] loop2: detected capacity change from 0 to 512 [ 285.571865][ T9171] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 285.623272][ T9171] ext4 filesystem being mounted at /327/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 285.835686][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.320265][ T9205] loop0: detected capacity change from 0 to 512 [ 286.397128][ T9205] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.413927][ T9205] ext4 filesystem being mounted at /355/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 286.628546][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.725314][ T9273] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1531'. [ 289.647552][ T9293] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1541'. [ 289.716982][ T9295] loop3: detected capacity change from 0 to 512 [ 289.775513][ T9295] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.833918][ T9295] ext4 filesystem being mounted at /435/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 290.038397][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.288900][ T9320] loop2: detected capacity change from 0 to 512 [ 291.345032][ T9320] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 291.420733][ T9320] ext4 filesystem being mounted at /339/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 291.571932][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.956137][ T9372] loop3: detected capacity change from 0 to 512 [ 295.050509][ T9372] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.123197][ T9372] ext4 filesystem being mounted at /442/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 295.338952][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.605567][ T9389] loop1: detected capacity change from 0 to 512 [ 295.691751][ T9389] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.742752][ T9389] ext4 filesystem being mounted at /421/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 295.946145][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.422316][ T9406] loop1: detected capacity change from 0 to 512 [ 296.498969][ T9406] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.553056][ T9406] ext4 filesystem being mounted at /423/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 296.756950][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.192933][ T9420] loop2: detected capacity change from 0 to 512 [ 297.446842][ T9420] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.471368][ T9420] ext4 filesystem being mounted at /353/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 297.608154][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.384814][ T9434] loop2: detected capacity change from 0 to 512 [ 298.526535][ T9434] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 298.581403][ T9434] ext4 filesystem being mounted at /357/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 298.757312][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.585396][ T788] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 299.822597][ T788] usb 2-1: Using ep0 maxpacket: 16 [ 299.846271][ T788] usb 2-1: config 1 has an invalid interface number: 64 but max is 0 [ 299.872617][ T788] usb 2-1: config 1 has no interface number 0 [ 299.899368][ T788] usb 2-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 299.909522][ T788] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 299.935961][ T788] usb 2-1: Product: syz [ 299.940173][ T788] usb 2-1: Manufacturer: syz [ 299.946501][ T788] usb 2-1: SerialNumber: syz [ 300.204112][ T788] option 2-1:1.64: GSM modem (1-port) converter detected [ 300.249958][ T788] usb 2-1: USB disconnect, device number 2 [ 300.268464][ T788] option 2-1:1.64: device disconnected [ 302.346709][ T9479] loop2: detected capacity change from 0 to 512 [ 302.434643][ T9479] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 302.463385][ T9479] ext4 filesystem being mounted at /361/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 302.665238][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 304.119867][ T27] kauditd_printk_skb: 57 callbacks suppressed [ 304.119882][ T27] audit: type=1326 audit(1763425234.396:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9508 comm="syz.3.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 304.213862][ T27] audit: type=1326 audit(1763425234.436:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9508 comm="syz.3.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 304.293370][ T27] audit: type=1326 audit(1763425234.446:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9508 comm="syz.3.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 304.362147][ T27] audit: type=1326 audit(1763425234.446:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9508 comm="syz.3.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 304.385561][ T9513] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1631'. [ 304.449458][ T27] audit: type=1326 audit(1763425234.446:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9508 comm="syz.3.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 304.516749][ T27] audit: type=1326 audit(1763425234.446:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9508 comm="syz.3.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 304.602713][ T27] audit: type=1326 audit(1763425234.446:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9508 comm="syz.3.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 304.629091][ T9518] loop1: detected capacity change from 0 to 512 [ 304.664489][ T27] audit: type=1326 audit(1763425234.446:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9508 comm="syz.3.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 304.713457][ T27] audit: type=1326 audit(1763425234.446:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9508 comm="syz.3.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 304.762310][ T27] audit: type=1326 audit(1763425234.446:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9508 comm="syz.3.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f7778f6c9 code=0x7ffc0000 [ 304.798676][ T9518] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 304.812643][ T9518] ext4 filesystem being mounted at /429/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 304.941450][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.550477][ T9553] loop0: detected capacity change from 0 to 512 [ 305.635789][ T9553] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 305.733440][ T9553] ext4 filesystem being mounted at /387/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 305.900649][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 306.296020][ T9577] sit0: entered promiscuous mode [ 306.327979][ T9577] netlink: 'syz.0.1655': attribute type 1 has an invalid length. [ 306.352672][ T9577] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1655'. [ 306.463379][ T9581] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1657'. [ 306.779127][ T9587] loop2: detected capacity change from 0 to 256 [ 306.937776][ T9587] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ab87c, utbl_chksum : 0xe619d30d) [ 307.652903][ T9591] loop0: detected capacity change from 0 to 512 [ 307.706524][ T9591] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 307.797546][ T9591] ext4 filesystem being mounted at /392/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 307.972296][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.186599][ T9600] binder: 9599:9600 ioctl c0306201 200000000080 returned -14 [ 308.433296][ T9608] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1667'. [ 309.990683][ T9647] loop2: detected capacity change from 0 to 512 [ 310.102602][ T9647] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 310.142680][ T9647] ext4 filesystem being mounted at /385/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 310.310232][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 311.020994][ T9667] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1694'. [ 311.647758][ T9673] loop3: detected capacity change from 0 to 512 [ 311.747145][ T9673] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 311.769185][ T9673] ext4 filesystem being mounted at /468/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 311.966293][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.784437][ T9710] loop2: detected capacity change from 0 to 512 [ 314.854118][ T9710] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 314.887283][ T9710] ext4 filesystem being mounted at /391/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 315.104214][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.277802][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.289105][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.750563][ T9742] loop1: detected capacity change from 0 to 512 [ 317.874095][ T9742] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 317.937212][ T9742] ext4 filesystem being mounted at /442/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 318.098095][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.572408][ T9797] loop2: detected capacity change from 0 to 128 [ 323.662219][ T9845] loop2: detected capacity change from 0 to 512 [ 323.723588][ T9845] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 323.797088][ T9845] ext4 filesystem being mounted at /420/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 323.971044][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.737874][ T9863] loop2: detected capacity change from 0 to 512 [ 324.822925][ T9863] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 324.894116][ T9863] ext4 filesystem being mounted at /424/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 325.095337][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.624292][ T9879] sit0: entered promiscuous mode [ 325.653062][ T9879] netlink: 'syz.2.1786': attribute type 1 has an invalid length. [ 325.682570][ T9879] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1786'. [ 325.934116][ T9885] loop1: detected capacity change from 0 to 512 [ 326.038979][ T9885] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 326.089985][ T9885] ext4 filesystem being mounted at /449/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 326.286308][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.752157][ T9913] loop0: detected capacity change from 0 to 512 [ 326.860327][ T9913] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 326.867804][ T9915] loop2: detected capacity change from 0 to 512 [ 326.893243][ T9913] ext4 filesystem being mounted at /425/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 326.965093][ T9915] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 327.048500][ T9915] ext4 filesystem being mounted at /432/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 327.165645][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.243719][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.490826][ T9937] netlink: 'syz.2.1807': attribute type 1 has an invalid length. [ 327.520672][ T9937] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1807'. [ 327.597145][ T9941] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1810'. [ 327.980667][ T9955] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1817'. [ 328.183807][ T9961] sit0: entered promiscuous mode [ 328.232753][ T9961] netlink: 'syz.1.1820': attribute type 1 has an invalid length. [ 328.263838][ T9961] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1820'. [ 328.720175][ T9980] loop2: detected capacity change from 0 to 512 [ 328.787920][ T9980] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 328.810278][ T9980] ext4 filesystem being mounted at /439/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 328.919366][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.978227][ T8286] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 329.208252][ T8286] usb 2-1: Using ep0 maxpacket: 16 [ 329.230439][ T8286] usb 2-1: config 1 has an invalid interface number: 64 but max is 0 [ 329.249048][ T8286] usb 2-1: config 1 has no interface number 0 [ 329.267977][ T8286] usb 2-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 329.292541][ T8286] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 329.313930][ T8286] usb 2-1: Product: syz [ 329.318125][ T8286] usb 2-1: Manufacturer: syz [ 329.336917][ T8286] usb 2-1: SerialNumber: syz [ 329.575224][ T8286] option 2-1:1.64: GSM modem (1-port) converter detected [ 329.613056][ T8286] usb 2-1: USB disconnect, device number 3 [ 329.621259][ T8286] option 2-1:1.64: device disconnected [ 334.233313][T10065] sit0: entered promiscuous mode [ 334.291377][T10065] netlink: 'syz.3.1866': attribute type 1 has an invalid length. [ 334.321540][T10065] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1866'. [ 335.342568][ T5786] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 335.562546][ T5786] usb 1-1: Using ep0 maxpacket: 16 [ 335.570845][ T5786] usb 1-1: config 1 has an invalid interface number: 64 but max is 0 [ 335.582552][ T5786] usb 1-1: config 1 has no interface number 0 [ 335.591563][ T5786] usb 1-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 335.601468][ T5786] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 335.621368][ T5786] usb 1-1: Product: syz [ 335.625651][ T5786] usb 1-1: Manufacturer: syz [ 335.630259][ T5786] usb 1-1: SerialNumber: syz [ 335.814757][T10088] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1875'. [ 335.870974][ T5786] option 1-1:1.64: GSM modem (1-port) converter detected [ 335.906146][ T5786] usb 1-1: USB disconnect, device number 2 [ 335.926318][ T5786] option 1-1:1.64: device disconnected [ 336.045415][T10090] netlink: 'syz.1.1877': attribute type 1 has an invalid length. [ 336.058186][T10090] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1877'. [ 337.496613][T10108] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1885'. [ 338.242680][ T8286] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 338.432671][ T8286] usb 3-1: Using ep0 maxpacket: 16 [ 338.448770][ T8286] usb 3-1: config 1 has an invalid interface number: 64 but max is 0 [ 338.470213][ T8286] usb 3-1: config 1 has no interface number 0 [ 338.487060][ T8286] usb 3-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 338.502521][ T8286] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 338.528274][ T8286] usb 3-1: Product: syz [ 338.540376][ T8286] usb 3-1: Manufacturer: syz [ 338.550694][ T8286] usb 3-1: SerialNumber: syz [ 338.785737][ T8286] option 3-1:1.64: GSM modem (1-port) converter detected [ 338.813670][ T8286] usb 3-1: USB disconnect, device number 2 [ 338.823727][ T8286] option 3-1:1.64: device disconnected [ 339.889849][T10156] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1910'. [ 340.455979][T10171] loop1: detected capacity change from 0 to 2048 [ 340.554113][ T5799] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 341.006627][T10188] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1923'. [ 342.832661][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 343.033054][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 343.059497][ T9] usb 4-1: config 1 has an invalid interface number: 64 but max is 0 [ 343.074982][ T9] usb 4-1: config 1 has no interface number 0 [ 343.096139][ T9] usb 4-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 343.113898][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.121920][ T9] usb 4-1: Product: syz [ 343.144427][ T9] usb 4-1: Manufacturer: syz [ 343.149063][ T9] usb 4-1: SerialNumber: syz [ 343.375586][ T9] option 4-1:1.64: GSM modem (1-port) converter detected [ 343.417950][ T9] usb 4-1: USB disconnect, device number 2 [ 343.463194][ T9] option 4-1:1.64: device disconnected [ 347.542422][T10300] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1973'. [ 348.061467][T10309] loop0: detected capacity change from 0 to 512 [ 348.158574][T10309] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 348.195567][T10309] ext4 filesystem being mounted at /474/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 348.334998][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 349.053604][T10331] loop0: detected capacity change from 0 to 128 [ 350.090977][T10351] loop3: detected capacity change from 0 to 512 [ 350.164288][T10351] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 350.187174][T10351] ext4 filesystem being mounted at /537/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 350.416335][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.514086][T10385] 9pnet_fd: Insufficient options for proto=fd [ 351.554891][T10387] netlink: 'syz.1.2013': attribute type 1 has an invalid length. [ 351.574970][T10387] netlink: 1 bytes leftover after parsing attributes in process `syz.1.2013'. [ 352.465886][T10415] loop3: detected capacity change from 0 to 512 [ 352.565426][T10415] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.623642][T10415] ext4 filesystem being mounted at /546/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 352.849006][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.689822][T10460] loop1: detected capacity change from 0 to 512 [ 355.728975][T10460] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 355.748286][T10460] ext4 filesystem being mounted at /499/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 355.779111][T10462] loop2: detected capacity change from 0 to 128 [ 355.834851][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.442985][T10512] netlink: 'syz.1.2068': attribute type 1 has an invalid length. [ 357.451000][T10512] netlink: 1 bytes leftover after parsing attributes in process `syz.1.2068'. [ 358.168136][T10545] netlink: 'syz.3.2082': attribute type 1 has an invalid length. [ 358.192690][T10545] netlink: 1 bytes leftover after parsing attributes in process `syz.3.2082'. [ 358.437400][T10551] loop3: detected capacity change from 0 to 256 [ 358.522257][T10551] syz.3.2085: attempt to access beyond end of device [ 358.522257][T10551] loop3: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 361.508252][T10567] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2092'. [ 361.629300][T10569] loop2: detected capacity change from 0 to 512 [ 361.707123][T10569] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 361.722571][ T5831] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 361.742664][T10569] ext4 filesystem being mounted at /511/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 361.861916][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.942764][ T5831] usb 2-1: Using ep0 maxpacket: 16 [ 361.949878][ T5831] usb 2-1: config 1 has an invalid interface number: 64 but max is 0 [ 361.962718][ T5831] usb 2-1: config 1 has no interface number 0 [ 361.977897][ T5831] usb 2-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 361.992010][ T5831] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 362.021341][ T5831] usb 2-1: Product: syz [ 362.026700][ T5831] usb 2-1: Manufacturer: syz [ 362.031456][ T5831] usb 2-1: SerialNumber: syz [ 362.270312][ T5831] option 2-1:1.64: GSM modem (1-port) converter detected [ 362.288827][ T5831] usb 2-1: USB disconnect, device number 4 [ 362.297445][ T5831] option 2-1:1.64: device disconnected [ 362.354490][T10581] netlink: 'syz.3.2094': attribute type 1 has an invalid length. [ 362.362385][T10581] netlink: 1 bytes leftover after parsing attributes in process `syz.3.2094'. [ 362.492955][T10586] loop2: detected capacity change from 0 to 512 [ 362.550740][T10586] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 362.563547][T10586] ext4 filesystem being mounted at /515/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 362.721274][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.979493][T10596] loop1: detected capacity change from 0 to 512 [ 363.077216][T10596] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.175782][T10596] ext4 filesystem being mounted at /513/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 363.358567][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.467673][ T789] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 364.519895][T10629] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2120'. [ 364.536200][ T789] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 366.007241][T10651] loop2: detected capacity change from 0 to 512 [ 366.125311][T10651] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 366.179552][T10651] ext4 filesystem being mounted at /528/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 366.352123][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.577828][T10704] loop2: detected capacity change from 0 to 512 [ 367.731947][T10704] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 367.800175][T10704] ext4 filesystem being mounted at /534/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 367.958404][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.361285][T10731] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2163'. [ 368.558906][T10737] loop0: detected capacity change from 0 to 512 [ 368.684067][T10737] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 368.710973][T10737] ext4 filesystem being mounted at /523/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 368.878549][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.055090][T10753] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2173'. [ 370.137113][T10788] loop3: detected capacity change from 0 to 256 [ 370.200580][T10788] syz.3.2190: attempt to access beyond end of device [ 370.200580][T10788] loop3: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 376.823190][T10882] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2234'. [ 378.418997][T10908] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2246'. [ 378.716189][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.722620][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 382.094925][T10932] loop1: detected capacity change from 0 to 512 [ 382.137120][T10932] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 382.151590][T10932] ext4 filesystem being mounted at /561/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 382.327644][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 382.407671][T10938] loop3: detected capacity change from 0 to 512 [ 382.457888][T10938] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 382.505051][T10938] ext4 filesystem being mounted at /581/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 382.673539][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 383.800348][T10972] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2273'. [ 383.968082][T10974] netlink: 'syz.3.2274': attribute type 1 has an invalid length. [ 383.976947][T10974] netlink: 1 bytes leftover after parsing attributes in process `syz.3.2274'. [ 384.785488][T10993] loop1: detected capacity change from 0 to 128 [ 385.065099][T10998] netlink: 'syz.1.2285': attribute type 1 has an invalid length. [ 385.073292][T10998] netlink: 1 bytes leftover after parsing attributes in process `syz.1.2285'. [ 386.721531][T11035] loop1: detected capacity change from 0 to 512 [ 386.849279][T11035] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 386.866877][T11035] ext4 filesystem being mounted at /574/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 386.969616][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.920656][T11096] loop2: detected capacity change from 0 to 512 [ 388.965788][T11096] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 388.986187][T11096] ext4 filesystem being mounted at /569/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 389.120679][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 389.913985][T11126] input: syz0 as /devices/virtual/input/input6 [ 390.344883][T11142] loop1: detected capacity change from 0 to 256 [ 390.408665][T11142] syz.1.2346: attempt to access beyond end of device [ 390.408665][T11142] loop1: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 390.482751][ T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 390.683478][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 390.712137][ T9] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 390.741151][ T9] usb 4-1: config 0 has no interface number 0 [ 390.748527][ T9] usb 4-1: config 0 interface 184 has no altsetting 0 [ 390.771173][ T9] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 390.787265][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 390.795887][ T9] usb 4-1: Product: syz [ 390.800214][ T9] usb 4-1: Manufacturer: syz [ 390.805778][ T9] usb 4-1: SerialNumber: syz [ 390.830180][ T9] usb 4-1: config 0 descriptor?? [ 390.850695][ T9] smsc75xx v1.0.0 [ 391.203872][T11166] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2358'. [ 391.477909][ T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 391.500483][ T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 391.947900][ T28] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 391.998271][ T28] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 393.038213][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 393.053225][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 393.062032][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 393.077929][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 393.099368][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 393.107543][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 393.145924][ T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000011c: -71 [ 393.190159][ T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write RX_ADDRL: -71 [ 393.220922][ T2930] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.242276][ T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to set mac address [ 393.282843][ T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 393.322856][ T9] smsc75xx: probe of 4-1:0.184 failed with error -71 [ 393.341602][ T9] usb 4-1: USB disconnect, device number 3 [ 393.423969][ T2930] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.577942][ T2930] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.667377][ T2930] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.717816][T11219] netlink: 'syz.0.2382': attribute type 1 has an invalid length. [ 393.731551][T11219] netlink: 1 bytes leftover after parsing attributes in process `syz.0.2382'. [ 394.020359][T11211] chnl_net:caif_netlink_parms(): no params data found [ 394.097481][ T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 394.292537][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 394.324705][ T9] usb 4-1: config 1 has an invalid interface number: 64 but max is 0 [ 394.349253][ T9] usb 4-1: config 1 has no interface number 0 [ 394.372410][ T9] usb 4-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 394.423978][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 394.457699][ T9] usb 4-1: Product: syz [ 394.482574][ T9] usb 4-1: Manufacturer: syz [ 394.487235][ T9] usb 4-1: SerialNumber: syz [ 394.553952][T11211] bridge0: port 1(bridge_slave_0) entered blocking state [ 394.588141][T11211] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.614155][T11211] bridge_slave_0: entered allmulticast mode [ 394.642186][T11211] bridge_slave_0: entered promiscuous mode [ 394.701536][T11211] bridge0: port 2(bridge_slave_1) entered blocking state [ 394.731830][T11211] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.751015][ T9] option 4-1:1.64: GSM modem (1-port) converter detected [ 394.768583][T11211] bridge_slave_1: entered allmulticast mode [ 394.784285][T11211] bridge_slave_1: entered promiscuous mode [ 394.792863][ T9] usb 4-1: USB disconnect, device number 4 [ 394.814912][ T9] option 4-1:1.64: device disconnected [ 394.997864][T11211] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 395.037351][T11211] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 395.125343][T11211] team0: Port device team_slave_0 added [ 395.146738][T11211] team0: Port device team_slave_1 added [ 395.192854][ T5788] Bluetooth: hci0: command tx timeout [ 395.219913][T11211] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 395.229231][T11211] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 395.282222][T11211] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 395.400904][T11211] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 395.425550][T11211] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 395.453971][T11211] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 395.725387][T11211] hsr_slave_0: entered promiscuous mode [ 395.770209][T11211] hsr_slave_1: entered promiscuous mode [ 395.805304][T11211] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 395.817383][T11211] Cannot create hsr debugfs directory [ 396.291696][T11285] loop3: detected capacity change from 0 to 512 [ 396.379373][T11285] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 396.399441][T11285] ext4 filesystem being mounted at /601/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 396.412311][ T2930] hsr_slave_0: left promiscuous mode [ 396.437267][ T2930] hsr_slave_1: left promiscuous mode [ 396.469047][ T2930] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 396.506107][ T2930] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 396.543874][ T2930] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 396.551322][ T2930] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 396.569779][ T2930] bridge_slave_1: left allmulticast mode [ 396.576293][ T2930] bridge_slave_1: left promiscuous mode [ 396.578829][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 396.584032][ T2930] bridge0: port 2(bridge_slave_1) entered disabled state [ 396.602034][ T2930] bridge_slave_0: left allmulticast mode [ 396.608315][ T2930] bridge_slave_0: left promiscuous mode [ 396.614467][ T2930] bridge0: port 1(bridge_slave_0) entered disabled state [ 396.683138][ T2930] veth1_macvtap: left promiscuous mode [ 396.689252][ T2930] veth0_macvtap: left promiscuous mode [ 396.706860][ T2930] veth1_vlan: left promiscuous mode [ 396.728861][ T2930] veth0_vlan: left promiscuous mode [ 397.273097][ T5788] Bluetooth: hci0: command tx timeout [ 397.672818][ T2930] team0 (unregistering): Port device team_slave_1 removed [ 397.719664][ T2930] team0 (unregistering): Port device team_slave_0 removed [ 397.775197][ T2930] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 397.829701][ T2930] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 398.168913][T11302] loop0: detected capacity change from 0 to 256 [ 398.252276][T11302] syz.0.2404: attempt to access beyond end of device [ 398.252276][T11302] loop0: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 398.396380][ T2930] bond0 (unregistering): Released all slaves [ 398.660062][T11309] loop0: detected capacity change from 0 to 512 [ 398.777472][T11309] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 398.803629][T11309] ext4 filesystem being mounted at /605/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 399.033681][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.177919][T11327] loop2: detected capacity change from 0 to 256 [ 399.311989][T11327] syz.2.2413: attempt to access beyond end of device [ 399.311989][T11327] loop2: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 399.352551][ T5788] Bluetooth: hci0: command tx timeout [ 399.818111][T11211] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 399.854298][T11211] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 399.887395][T11211] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 399.930438][T11211] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 400.187949][T11211] 8021q: adding VLAN 0 to HW filter on device bond0 [ 400.231534][T11211] 8021q: adding VLAN 0 to HW filter on device team0 [ 400.325306][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 400.332518][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 400.364136][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 400.371321][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 401.057022][T11211] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 401.192481][T11211] veth0_vlan: entered promiscuous mode [ 401.230032][T11211] veth1_vlan: entered promiscuous mode [ 401.325989][T11211] veth0_macvtap: entered promiscuous mode [ 401.350199][T11211] veth1_macvtap: entered promiscuous mode [ 401.407717][T11211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 401.433662][ T5788] Bluetooth: hci0: command tx timeout [ 401.449270][T11211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.476184][T11211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 401.502662][T11211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.542503][T11211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 401.581087][T11211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.604010][T11211] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 401.662185][T11211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 401.692496][T11211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.722540][T11211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 401.758981][T11211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.791372][T11211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 401.822258][T11211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.864007][T11211] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 401.920816][T11211] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 401.935417][T11211] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 401.963047][T11211] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 401.979968][T11211] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 402.187805][ T2930] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 402.212677][ T2930] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 402.277005][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 402.304972][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 402.590126][ T788] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 402.608509][ T788] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 403.429715][T11394] loop3: detected capacity change from 0 to 512 [ 403.604329][T11394] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 403.617602][T11394] ext4 filesystem being mounted at /608/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 403.761715][T11402] loop0: detected capacity change from 0 to 128 [ 403.784168][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 405.448907][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 405.458836][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 405.467300][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 405.475431][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 405.485328][ T51] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 405.492740][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 406.191103][T11430] chnl_net:caif_netlink_parms(): no params data found [ 407.594786][ T5788] Bluetooth: hci4: command tx timeout [ 407.706407][ T2930] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 407.794127][T11430] bridge0: port 1(bridge_slave_0) entered blocking state [ 407.801291][T11430] bridge0: port 1(bridge_slave_0) entered disabled state [ 407.842764][T11430] bridge_slave_0: entered allmulticast mode [ 407.863662][T11430] bridge_slave_0: entered promiscuous mode [ 407.890638][T11430] bridge0: port 2(bridge_slave_1) entered blocking state [ 407.908055][T11430] bridge0: port 2(bridge_slave_1) entered disabled state [ 407.932832][T11430] bridge_slave_1: entered allmulticast mode [ 407.952565][T11430] bridge_slave_1: entered promiscuous mode [ 408.023464][ T2930] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.185893][T11430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 408.244806][ T2930] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.270481][T11430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 408.489547][ T2930] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.544621][T11430] team0: Port device team_slave_0 added [ 408.608035][T11430] team0: Port device team_slave_1 added [ 408.825319][T11504] loop3: detected capacity change from 0 to 256 [ 408.885153][T11430] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 409.257029][T11430] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 409.601988][T11430] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 409.678515][ T5788] Bluetooth: hci4: command tx timeout [ 409.712690][T11430] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 409.720301][T11430] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 409.848204][T11430] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 410.045575][T11430] hsr_slave_0: entered promiscuous mode [ 410.065625][T11430] hsr_slave_1: entered promiscuous mode [ 411.545744][T11430] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 411.607933][T11430] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 411.640091][T11430] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 411.704089][T11430] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 411.755869][ T5788] Bluetooth: hci4: command tx timeout [ 411.991620][ T2930] hsr_slave_0: left promiscuous mode [ 412.015221][ T2930] hsr_slave_1: left promiscuous mode [ 412.029712][ T2930] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 412.048975][ T2930] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 412.069137][ T2930] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 412.092585][ T2930] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 412.122866][ T2930] bridge_slave_1: left allmulticast mode [ 412.128551][ T2930] bridge_slave_1: left promiscuous mode [ 412.150688][ T2930] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.170573][ T2930] bridge_slave_0: left allmulticast mode [ 412.189239][ T2930] bridge_slave_0: left promiscuous mode [ 412.207014][ T2930] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.219119][T11564] input: syz0 as /devices/virtual/input/input7 [ 412.334945][ T2930] veth1_macvtap: left promiscuous mode [ 412.340539][ T2930] veth0_macvtap: left promiscuous mode [ 412.359864][ T2930] veth1_vlan: left promiscuous mode [ 412.393402][ T2930] veth0_vlan: left promiscuous mode [ 413.731079][ T2930] team0 (unregistering): Port device team_slave_1 removed [ 413.804414][ T2930] team0 (unregistering): Port device team_slave_0 removed [ 413.833086][ T5788] Bluetooth: hci4: command tx timeout [ 413.880780][ T2930] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 413.951484][ T2930] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 414.981313][ T2930] bond0 (unregistering): Released all slaves [ 415.108402][T11608] sit0: entered promiscuous mode [ 415.139636][T11608] netlink: 'syz.1.2476': attribute type 1 has an invalid length. [ 415.162491][T11608] netlink: 1 bytes leftover after parsing attributes in process `syz.1.2476'. [ 415.279746][ T789] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 415.304019][T11430] 8021q: adding VLAN 0 to HW filter on device bond0 [ 415.378449][T11430] 8021q: adding VLAN 0 to HW filter on device team0 [ 415.421674][ T1325] bridge0: port 1(bridge_slave_0) entered blocking state [ 415.429601][ T1325] bridge0: port 1(bridge_slave_0) entered forwarding state [ 415.440556][ T1325] bridge0: port 2(bridge_slave_1) entered blocking state [ 415.447760][ T1325] bridge0: port 2(bridge_slave_1) entered forwarding state [ 415.503458][ T789] usb 4-1: Using ep0 maxpacket: 16 [ 415.512258][ T789] usb 4-1: config 1 has an invalid interface number: 64 but max is 0 [ 415.521370][ T789] usb 4-1: config 1 has no interface number 0 [ 415.538845][ T789] usb 4-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 415.552597][ T789] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 415.585482][ T789] usb 4-1: Product: syz [ 415.604343][ T789] usb 4-1: Manufacturer: syz [ 415.616262][ T789] usb 4-1: SerialNumber: syz [ 415.845158][ T789] option 4-1:1.64: GSM modem (1-port) converter detected [ 415.871468][ T789] usb 4-1: USB disconnect, device number 5 [ 415.884349][ T789] option 4-1:1.64: device disconnected [ 415.941877][T11430] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 416.002182][T11430] veth0_vlan: entered promiscuous mode [ 416.024694][T11430] veth1_vlan: entered promiscuous mode [ 416.078488][T11430] veth0_macvtap: entered promiscuous mode [ 416.088750][T11430] veth1_macvtap: entered promiscuous mode [ 416.092535][ T5831] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 416.116062][T11430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.128693][T11430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.139666][T11430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.156101][T11430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.167751][T11430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.178608][T11430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.199459][T11430] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 416.210899][T11430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.222095][T11430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.237646][T11430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.248511][T11430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.258856][T11430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.270287][T11430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.282128][T11430] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 416.298091][ T5831] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 416.301360][T11430] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.318001][T11430] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.322684][ T5831] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 416.331904][T11430] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.345371][T11430] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.368305][ T5831] usb 2-1: Product: syz [ 416.374885][ T5831] usb 2-1: Manufacturer: syz [ 416.388324][ T5831] usb 2-1: SerialNumber: syz [ 416.511559][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 416.535530][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 416.600276][ T2930] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 416.608434][ T2930] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 416.757659][ T5831] rtl8150 2-1:1.0: couldn't reset the device [ 416.776397][ T5831] rtl8150: probe of 2-1:1.0 failed with error -5 [ 416.820044][ T5831] usb 2-1: USB disconnect, device number 5 [ 417.061011][T11654] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2495'. [ 417.800740][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 417.811345][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 417.819487][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 417.828146][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 417.842816][ T51] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 417.862619][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 418.071107][ T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.229396][ T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.257090][T11686] netlink: 'syz.3.2509': attribute type 1 has an invalid length. [ 418.270626][T11686] netlink: 1 bytes leftover after parsing attributes in process `syz.3.2509'. [ 418.366794][ T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.498392][ T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.507288][T11699] loop1: detected capacity change from 0 to 256 [ 418.597458][T11699] syz.1.2515: attempt to access beyond end of device [ 418.597458][T11699] loop1: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 419.006255][ T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 419.024687][ T9] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 419.048409][T11713] netlink: 'syz.1.2521': attribute type 1 has an invalid length. [ 419.072898][T11713] netlink: 1 bytes leftover after parsing attributes in process `syz.1.2521'. [ 419.241789][T11672] chnl_net:caif_netlink_parms(): no params data found [ 419.920548][ T5788] Bluetooth: hci1: command tx timeout [ 419.939575][T11747] loop1: detected capacity change from 0 to 2048 [ 419.946420][T11672] bridge0: port 1(bridge_slave_0) entered blocking state [ 419.956388][T11672] bridge0: port 1(bridge_slave_0) entered disabled state [ 419.965038][T11672] bridge_slave_0: entered allmulticast mode [ 419.972379][T11672] bridge_slave_0: entered promiscuous mode [ 419.983454][T11672] bridge0: port 2(bridge_slave_1) entered blocking state [ 419.990658][T11672] bridge0: port 2(bridge_slave_1) entered disabled state [ 420.001423][T11672] bridge_slave_1: entered allmulticast mode [ 420.008846][T11672] bridge_slave_1: entered promiscuous mode [ 420.207529][T11672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 420.255180][T11672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 420.407027][T11672] team0: Port device team_slave_0 added [ 420.464110][T11672] team0: Port device team_slave_1 added [ 420.598905][T11672] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 420.620856][T11672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 420.692468][T11672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 420.759169][T11672] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 420.772462][T11672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 420.832584][T11672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 421.068571][T11672] hsr_slave_0: entered promiscuous mode [ 421.090623][T11672] hsr_slave_1: entered promiscuous mode [ 421.103255][T11672] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 421.122695][T11672] Cannot create hsr debugfs directory [ 421.397557][ T49] hsr_slave_0: left promiscuous mode [ 421.429347][ T49] hsr_slave_1: left promiscuous mode [ 421.474544][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 421.482137][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 421.512871][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 421.520306][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 421.538954][ T49] bridge_slave_1: left allmulticast mode [ 421.547992][ T49] bridge_slave_1: left promiscuous mode [ 421.558354][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 421.579593][ T49] bridge_slave_0: left allmulticast mode [ 421.585587][ T49] bridge_slave_0: left promiscuous mode [ 421.594013][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 421.715602][ T49] veth1_macvtap: left promiscuous mode [ 421.721174][ T49] veth0_macvtap: left promiscuous mode [ 421.728204][ T49] veth1_vlan: left promiscuous mode [ 421.743740][ T49] veth0_vlan: left promiscuous mode [ 421.912825][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 421.992629][ T5788] Bluetooth: hci1: command tx timeout [ 422.104940][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 423.607307][T11797] input: syz0 as /devices/virtual/input/input10 [ 423.770074][ T49] team0 (unregistering): Port device team_slave_1 removed [ 423.913454][ T49] team0 (unregistering): Port device team_slave_0 removed [ 424.036881][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 424.072545][ T5788] Bluetooth: hci1: command tx timeout [ 424.237470][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 425.239595][ T49] bond0 (unregistering): Released all slaves [ 426.152762][ T5788] Bluetooth: hci1: command tx timeout [ 426.183614][T11672] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 426.193711][T11672] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 426.206421][T11672] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 426.216661][T11672] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 426.309228][T11672] 8021q: adding VLAN 0 to HW filter on device bond0 [ 426.350513][T11672] 8021q: adding VLAN 0 to HW filter on device team0 [ 426.382923][ T213] bridge0: port 1(bridge_slave_0) entered blocking state [ 426.390112][ T213] bridge0: port 1(bridge_slave_0) entered forwarding state [ 426.455564][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 426.462788][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 426.922953][T11672] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 427.021735][T11672] veth0_vlan: entered promiscuous mode [ 427.060494][T11672] veth1_vlan: entered promiscuous mode [ 427.135134][T11672] veth0_macvtap: entered promiscuous mode [ 427.156520][T11672] veth1_macvtap: entered promiscuous mode [ 427.214631][T11672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 427.242471][T11672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 427.252336][T11672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 427.282503][T11672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 427.292357][T11672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 427.322497][T11672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 427.344029][T11672] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 427.378001][T11672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 427.412527][T11672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 427.422385][T11672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 427.452498][T11672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 427.462579][T11672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 427.491949][T11672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 427.523542][T11672] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 427.537721][T11672] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.562601][T11672] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.571338][T11672] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.602485][T11672] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.672145][T11844] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2570'. [ 427.778780][ T2930] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 427.797076][ T2930] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 427.827246][ T213] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 427.842575][ T213] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 428.756232][ T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 428.803058][ T9] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 429.593366][ T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 429.602194][ T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 429.610442][ T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 429.618674][ T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 429.628970][ T51] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 429.633676][T11864] input: syz0 as /devices/virtual/input/input11 [ 429.669929][ T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 430.237453][T11861] chnl_net:caif_netlink_parms(): no params data found [ 430.443493][ T213] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 430.685588][ T213] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 430.717981][T11861] bridge0: port 1(bridge_slave_0) entered blocking state [ 430.731354][T11861] bridge0: port 1(bridge_slave_0) entered disabled state [ 430.748906][T11861] bridge_slave_0: entered allmulticast mode [ 430.760229][T11861] bridge_slave_0: entered promiscuous mode [ 430.825304][ T213] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 430.853181][T11861] bridge0: port 2(bridge_slave_1) entered blocking state [ 430.870644][T11861] bridge0: port 2(bridge_slave_1) entered disabled state [ 430.880856][T11861] bridge_slave_1: entered allmulticast mode [ 430.894543][T11861] bridge_slave_1: entered promiscuous mode [ 430.948037][ T213] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.079160][T11861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 431.105176][T11861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 431.209964][T11861] team0: Port device team_slave_0 added [ 431.238977][T11861] team0: Port device team_slave_1 added [ 431.369563][T11861] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 431.388238][T11861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 431.452585][T11861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 431.485608][T11861] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 431.502670][T11861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 431.562632][T11861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 431.717867][T11861] hsr_slave_0: entered promiscuous mode [ 431.752958][ T5788] Bluetooth: hci3: command tx timeout [ 431.760594][T11861] hsr_slave_1: entered promiscuous mode [ 431.767038][T11861] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 431.774758][T11861] Cannot create hsr debugfs directory [ 433.069829][T11861] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 433.108515][T11861] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 433.228357][ T213] hsr_slave_0: left promiscuous mode [ 433.262698][ T213] hsr_slave_1: left promiscuous mode [ 433.274127][ T213] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 433.282753][ T213] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 433.313642][ T213] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 433.321072][ T213] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 433.348282][ T213] bridge_slave_1: left allmulticast mode [ 433.354997][ T213] bridge_slave_1: left promiscuous mode [ 433.360753][ T213] bridge0: port 2(bridge_slave_1) entered disabled state [ 433.393365][ T213] bridge_slave_0: left allmulticast mode [ 433.399040][ T213] bridge_slave_0: left promiscuous mode [ 433.423907][ T213] bridge0: port 1(bridge_slave_0) entered disabled state [ 433.485271][ T213] veth1_macvtap: left promiscuous mode [ 433.490849][ T213] veth0_macvtap: left promiscuous mode [ 433.502699][ T213] veth1_vlan: left promiscuous mode [ 433.508057][ T213] veth0_vlan: left promiscuous mode [ 433.832784][ T5788] Bluetooth: hci3: command tx timeout [ 435.120324][ T213] team0 (unregistering): Port device team_slave_1 removed [ 435.215412][ T213] team0 (unregistering): Port device team_slave_0 removed [ 435.311659][ T213] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 435.451991][ T213] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 435.737325][T11930] loop0: detected capacity change from 0 to 128 [ 435.914033][ T5788] Bluetooth: hci3: command tx timeout [ 436.449001][ T213] bond0 (unregistering): Released all slaves [ 436.597937][T11861] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 436.609904][T11861] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 436.829080][ T28] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 436.883006][ T28] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 436.910718][T11861] 8021q: adding VLAN 0 to HW filter on device bond0 [ 436.962467][T11861] 8021q: adding VLAN 0 to HW filter on device team0 [ 436.999289][ T73] bridge0: port 1(bridge_slave_0) entered blocking state [ 437.006459][ T73] bridge0: port 1(bridge_slave_0) entered forwarding state [ 437.064695][ T73] bridge0: port 2(bridge_slave_1) entered blocking state [ 437.071894][ T73] bridge0: port 2(bridge_slave_1) entered forwarding state [ 437.619133][T11861] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 437.721582][T11861] veth0_vlan: entered promiscuous mode [ 437.751497][T11861] veth1_vlan: entered promiscuous mode [ 437.835785][T11861] veth0_macvtap: entered promiscuous mode [ 437.856216][T11861] veth1_macvtap: entered promiscuous mode [ 437.905539][T11861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 437.942803][T11861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 437.964175][T11861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 437.992829][ T5788] Bluetooth: hci3: command tx timeout [ 437.993074][T11861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 438.032667][T11861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 438.043307][T11861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 438.055018][T11861] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 438.115888][T11861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 438.128733][T11861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 438.198414][T11861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 438.229362][T11861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 438.250292][T11861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 438.271172][T11861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 438.303199][T11861] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 438.326737][T11861] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.336752][T11861] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.352634][T11861] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.366209][T11861] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.522174][ T213] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 438.553210][ T213] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 438.560885][ T2930] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 438.585545][ T2930] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 439.782652][ T5786] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 439.972583][ T5786] usb 4-1: Using ep0 maxpacket: 16 [ 439.989567][ T5786] usb 4-1: config 1 has an invalid interface number: 64 but max is 0 [ 440.008296][ T5786] usb 4-1: config 1 has no interface number 0 [ 440.037370][ T5786] usb 4-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 440.056665][ T5786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 440.073643][ T5786] usb 4-1: Product: syz [ 440.085049][ T5786] usb 4-1: Manufacturer: syz [ 440.099918][ T5786] usb 4-1: SerialNumber: syz [ 440.109916][T12010] input: syz0 as /devices/virtual/input/input12 [ 440.166718][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.182485][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.320696][ T5786] option 4-1:1.64: GSM modem (1-port) converter detected [ 440.352539][ T5786] usb 4-1: USB disconnect, device number 6 [ 440.361014][ T5786] option 4-1:1.64: device disconnected [ 440.402934][T12012] loop0: detected capacity change from 0 to 256 [ 440.463100][T12012] syz.0.2641: attempt to access beyond end of device [ 440.463100][T12012] loop0: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 441.721324][T12032] loop1: detected capacity change from 0 to 128 [ 444.169838][T11226] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 444.203406][T11226] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 444.792764][ T5786] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 445.040454][ T5786] usb 4-1: Using ep0 maxpacket: 16 [ 445.049490][ T5786] usb 4-1: config 1 has an invalid interface number: 64 but max is 0 [ 445.082472][ T5786] usb 4-1: config 1 has no interface number 0 [ 445.104905][ T5786] usb 4-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 445.114759][ T5786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 445.132538][ T5786] usb 4-1: Product: syz [ 445.136776][ T5786] usb 4-1: Manufacturer: syz [ 445.141386][ T5786] usb 4-1: SerialNumber: syz [ 445.372688][ T5786] option 4-1:1.64: GSM modem (1-port) converter detected [ 445.414272][ T5786] usb 4-1: USB disconnect, device number 7 [ 445.421166][ T5786] option 4-1:1.64: device disconnected [ 446.058873][T12067] netlink: 140 bytes leftover after parsing attributes in process `syz.3.2667'. [ 446.740623][T12082] loop2: detected capacity change from 0 to 256 [ 446.806034][T12082] syz.2.2675: attempt to access beyond end of device [ 446.806034][T12082] loop2: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 447.994944][T12104] input: syz0 as /devices/virtual/input/input13 [ 448.865865][T12127] loop0: detected capacity change from 0 to 128 [ 449.362663][T12147] netlink: 140 bytes leftover after parsing attributes in process `syz.3.2705'. [ 449.393359][T12148] netlink: 'syz.1.2707': attribute type 1 has an invalid length. [ 449.401130][T12148] netlink: 1 bytes leftover after parsing attributes in process `syz.1.2707'. [ 449.498029][T12151] loop3: detected capacity change from 0 to 128 [ 449.699995][T12157] loop3: detected capacity change from 0 to 256 [ 449.723610][T12161] Illegal XDP return value 4294967274 on prog (id 13) dev N/A, expect packet loss! [ 449.813604][T12157] syz.3.2712: attempt to access beyond end of device [ 449.813604][T12157] loop3: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 452.381790][T12240] loop0: detected capacity change from 0 to 128 [ 452.565672][T12243] input: syz0 as /devices/virtual/input/input14 [ 452.743423][T12250] input: syz0 as /devices/virtual/input/input15 [ 452.992648][T11226] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 453.183951][T11226] usb 2-1: Using ep0 maxpacket: 16 [ 453.201000][T11226] usb 2-1: config 1 has an invalid interface number: 64 but max is 0 [ 453.219542][T11226] usb 2-1: config 1 has no interface number 0 [ 453.236823][T11226] usb 2-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 453.252506][T11226] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 453.272473][T11226] usb 2-1: Product: syz [ 453.276750][T11226] usb 2-1: Manufacturer: syz [ 453.283709][T11226] usb 2-1: SerialNumber: syz [ 453.521510][T11226] option 2-1:1.64: GSM modem (1-port) converter detected [ 453.559284][T11226] usb 2-1: USB disconnect, device number 6 [ 453.578005][T11226] option 2-1:1.64: device disconnected [ 454.177919][T12271] mmap: syz.1.2768 (12271) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 454.536498][T12285] input: syz0 as /devices/virtual/input/input16 [ 455.704634][T12312] netlink: 'syz.1.2786': attribute type 1 has an invalid length. [ 455.737009][T12312] netlink: 1 bytes leftover after parsing attributes in process `syz.1.2786'. [ 456.525155][T12322] netlink: 140 bytes leftover after parsing attributes in process `syz.1.2791'. [ 458.877210][T12349] input: syz0 as /devices/virtual/input/input17 [ 460.434089][ T28] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 460.454164][ T28] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz1] on syz0 [ 461.238391][T12383] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2819'. [ 461.451696][T12385] loop0: detected capacity change from 0 to 512 [ 461.482858][T12385] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.2820: inode has both inline data and extents flags [ 461.541715][T12385] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.2820: couldn't read orphan inode 15 (err -117) [ 461.604200][T12385] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 461.724228][T11672] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 462.518143][T12397] input: syz0 as /devices/virtual/input/input18 [ 462.542833][T12399] sit0: entered promiscuous mode [ 462.594292][T12399] netlink: 'syz.0.2826': attribute type 1 has an invalid length. [ 462.642840][T12399] netlink: 1 bytes leftover after parsing attributes in process `syz.0.2826'. [ 462.755070][T12401] loop2: detected capacity change from 0 to 512 [ 462.791225][T12401] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.2828: inode has both inline data and extents flags [ 462.825523][T12401] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.2828: couldn't read orphan inode 15 (err -117) [ 462.854887][T12401] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 463.004251][T11430] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 464.120804][T12423] loop3: detected capacity change from 0 to 512 [ 464.162589][T12423] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.2836: inode has both inline data and extents flags [ 464.196461][T12423] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2836: couldn't read orphan inode 15 (err -117) [ 464.210884][T12423] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 464.349523][T11861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 466.658604][T12452] loop3: detected capacity change from 0 to 256 [ 466.740582][T12452] syz.3.2850: attempt to access beyond end of device [ 466.740582][T12452] loop3: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 467.057164][T12454] loop3: detected capacity change from 0 to 512 [ 467.092864][T12454] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.2852: inode has both inline data and extents flags [ 467.112632][T12454] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2852: couldn't read orphan inode 15 (err -117) [ 467.145681][T12454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 467.285449][T11861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.239224][T12489] loop1: detected capacity change from 0 to 512 [ 468.250976][T12489] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.2866: inode has both inline data and extents flags [ 468.267048][T12489] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.2866: couldn't read orphan inode 15 (err -117) [ 468.284327][T12489] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 468.381322][T11211] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.475696][T12502] loop2: detected capacity change from 0 to 128 [ 468.773524][T12512] input: syz0 as /devices/virtual/input/input19 [ 468.974056][ T23] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 469.007318][ T23] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz1] on syz0 [ 469.617964][T12524] loop2: detected capacity change from 0 to 512 [ 469.643028][T12524] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.2882: inode has both inline data and extents flags [ 469.671278][T12524] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.2882: couldn't read orphan inode 15 (err -117) [ 469.704253][T12524] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 469.810922][T11430] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 470.303052][T12537] loop0: detected capacity change from 0 to 512 [ 470.342561][T12537] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.2887: inode has both inline data and extents flags [ 470.376261][T12537] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.2887: couldn't read orphan inode 15 (err -117) [ 470.399369][T12537] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 470.532087][T11672] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 470.748440][T12546] loop2: detected capacity change from 0 to 512 [ 470.770953][T12546] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.2892: inode has both inline data and extents flags [ 470.797661][T12548] input: syz0 as /devices/virtual/input/input20 [ 470.806196][T12546] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.2892: couldn't read orphan inode 15 (err -117) [ 470.821875][T12546] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 470.965042][T11430] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 471.606538][T12564] loop1: detected capacity change from 0 to 256 [ 471.655438][T12564] syz.1.2891: attempt to access beyond end of device [ 471.655438][T12564] loop1: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 472.015346][T12574] input: syz0 as /devices/virtual/input/input21 [ 472.403480][T12579] loop1: detected capacity change from 0 to 128 [ 474.908157][T12617] input: syz0 as /devices/virtual/input/input22 [ 475.349578][T12626] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2929'. [ 477.500183][T12652] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2940'. [ 477.702507][ T789] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 477.892692][ T789] usb 2-1: Using ep0 maxpacket: 16 [ 477.900506][ T789] usb 2-1: config 1 has an invalid interface number: 64 but max is 0 [ 477.922462][ T789] usb 2-1: config 1 has no interface number 0 [ 477.973003][ T789] usb 2-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 477.982091][ T789] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 478.000554][ T789] usb 2-1: Product: syz [ 478.012472][ T789] usb 2-1: Manufacturer: syz [ 478.017959][ T789] usb 2-1: SerialNumber: syz [ 478.249225][ T789] option 2-1:1.64: GSM modem (1-port) converter detected [ 478.277242][ T789] usb 2-1: USB disconnect, device number 7 [ 478.288181][ T789] option 2-1:1.64: device disconnected [ 479.503801][T12679] sit0: entered promiscuous mode [ 479.553231][T12679] netlink: 'syz.2.2953': attribute type 1 has an invalid length. [ 479.561023][T12679] netlink: 1 bytes leftover after parsing attributes in process `syz.2.2953'. [ 482.319931][T12718] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2971'. [ 483.340497][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 486.321975][T12763] input: syz0 as /devices/virtual/input/input23 [ 488.509006][T12791] loop2: detected capacity change from 0 to 512 [ 488.541546][T12791] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.3000: inode has both inline data and extents flags [ 488.607731][T12791] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.3000: couldn't read orphan inode 15 (err -117) [ 488.653868][T12791] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 488.784383][T11430] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 488.918993][T12795] loop2: detected capacity change from 0 to 128 [ 490.212923][ T5786] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 490.412674][ T5786] usb 3-1: Using ep0 maxpacket: 16 [ 490.420156][ T5786] usb 3-1: config 1 has an invalid interface number: 64 but max is 0 [ 490.438983][ T5786] usb 3-1: config 1 has no interface number 0 [ 490.458321][ T5786] usb 3-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 490.478158][ T5786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 490.502643][ T5786] usb 3-1: Product: syz [ 490.506855][ T5786] usb 3-1: Manufacturer: syz [ 490.546032][ T5786] usb 3-1: SerialNumber: syz [ 490.767144][ T5786] option 3-1:1.64: GSM modem (1-port) converter detected [ 490.783182][ T5786] usb 3-1: USB disconnect, device number 3 [ 490.800354][ T5786] option 3-1:1.64: device disconnected [ 490.838243][T12813] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3012'. [ 491.031399][T12819] netlink: 'syz.1.3018': attribute type 1 has an invalid length. [ 491.046080][T12819] netlink: 1 bytes leftover after parsing attributes in process `syz.1.3018'. [ 491.718804][T12825] loop1: detected capacity change from 0 to 128 [ 491.766270][T12828] loop2: detected capacity change from 0 to 512 [ 491.804719][T12828] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.3021: inode has both inline data and extents flags [ 491.842330][T12828] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.3021: couldn't read orphan inode 15 (err -117) [ 491.857119][T12828] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 492.018795][T11430] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 492.176198][T12848] loop3: detected capacity change from 0 to 512 [ 492.208432][T12848] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.3030: inode has both inline data and extents flags [ 492.222843][T12848] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.3030: couldn't read orphan inode 15 (err -117) [ 492.251599][T12848] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 492.375906][T12851] loop0: detected capacity change from 0 to 4096 [ 492.390776][T11861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 492.419526][T12851] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 493.055645][T11672] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 495.129302][T12895] loop1: detected capacity change from 0 to 256 [ 495.187058][T12895] syz.1.3045: attempt to access beyond end of device [ 495.187058][T12895] loop1: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 495.632692][T12901] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3054'. [ 497.322582][ T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 497.532612][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 497.544941][ T9] usb 1-1: config 1 has an invalid interface number: 64 but max is 0 [ 497.562715][ T9] usb 1-1: config 1 has no interface number 0 [ 497.581459][ T9] usb 1-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 497.611006][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 497.631232][ T9] usb 1-1: Product: syz [ 497.635663][ T9] usb 1-1: Manufacturer: syz [ 497.640273][ T9] usb 1-1: SerialNumber: syz [ 497.843797][T12915] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3060'. [ 497.860331][ T9] option 1-1:1.64: GSM modem (1-port) converter detected [ 497.892858][ T9] usb 1-1: USB disconnect, device number 3 [ 497.899781][ T9] option 1-1:1.64: device disconnected [ 498.009910][T12917] loop3: detected capacity change from 0 to 256 [ 498.068185][T12917] syz.3.3061: attempt to access beyond end of device [ 498.068185][T12917] loop3: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 500.073320][ T23] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 500.292499][ T23] usb 3-1: Using ep0 maxpacket: 16 [ 500.304011][ T23] usb 3-1: config 1 has an invalid interface number: 64 but max is 0 [ 500.322160][ T23] usb 3-1: config 1 has no interface number 0 [ 500.335339][ T23] usb 3-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 500.353490][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 500.374495][ T23] usb 3-1: Product: syz [ 500.378700][ T23] usb 3-1: Manufacturer: syz [ 500.402502][ T23] usb 3-1: SerialNumber: syz [ 500.488753][T12954] loop0: detected capacity change from 0 to 512 [ 500.508340][T12954] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.3080: inode has both inline data and extents flags [ 500.526237][T12954] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.3080: couldn't read orphan inode 15 (err -117) [ 500.567501][T12954] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 500.621330][ T23] option 3-1:1.64: GSM modem (1-port) converter detected [ 500.646236][ T23] usb 3-1: USB disconnect, device number 4 [ 500.653594][ T23] option 3-1:1.64: device disconnected [ 500.678743][T11672] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 500.882546][T12960] input: syz0 as /devices/virtual/input/input24 [ 501.613041][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.619386][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.970416][T12984] loop1: detected capacity change from 0 to 512 [ 502.000546][T12984] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.3092: inode has both inline data and extents flags [ 502.022824][T12984] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3092: couldn't read orphan inode 15 (err -117) [ 502.074061][T12984] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 502.220463][T11211] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 502.385135][T12989] loop1: detected capacity change from 0 to 512 [ 502.430115][T12989] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.3094: inode has both inline data and extents flags [ 502.486199][T12989] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3094: couldn't read orphan inode 15 (err -117) [ 502.535120][T12989] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 502.678164][T11211] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 505.248440][T13041] loop1: detected capacity change from 0 to 512 [ 505.307359][T13041] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.3117: inode has both inline data and extents flags [ 505.352797][T13041] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.3117: couldn't read orphan inode 15 (err -117) [ 505.403858][T13041] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 505.541628][T11211] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 505.712633][T11226] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 505.912553][T11226] usb 1-1: Using ep0 maxpacket: 16 [ 505.938084][T11226] usb 1-1: config 1 has an invalid interface number: 64 but max is 0 [ 505.952532][T11226] usb 1-1: config 1 has no interface number 0 [ 505.975471][T11226] usb 1-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 506.002455][T11226] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 506.022440][T11226] usb 1-1: Product: syz [ 506.026657][T11226] usb 1-1: Manufacturer: syz [ 506.035369][T11226] usb 1-1: SerialNumber: syz [ 506.253899][T11226] option 1-1:1.64: GSM modem (1-port) converter detected [ 506.284572][T11226] usb 1-1: USB disconnect, device number 4 [ 506.301705][T11226] option 1-1:1.64: device disconnected [ 506.975351][ T28] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 507.034995][ T28] hid-generic 0000:0000:0000.000A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 507.970644][T13075] loop0: detected capacity change from 0 to 128 [ 508.163215][T13073] ------------[ cut here ]------------ [ 508.168735][T13073] WARNING: CPU: 1 PID: 13073 at mm/page_alloc.c:4433 __alloc_pages+0x2de/0x460 [ 508.178132][T13073] Modules linked in: [ 508.182093][T13073] CPU: 1 PID: 13073 Comm: syz.3.3131 Not tainted syzkaller #0 [ 508.189885][T13073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 508.200001][T13073] RIP: 0010:__alloc_pages+0x2de/0x460 [ 508.205459][T13073] Code: 0c 25 28 00 00 00 48 3b 8c 24 a0 00 00 00 0f 85 a0 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 c6 05 dc 21 64 0c 01 <0f> 0b eb a5 a9 00 00 08 00 8b 74 24 0c 75 3e 44 89 f1 81 e1 7f ff [ 508.225845][T13073] RSP: 0018:ffffc900032b7a00 EFLAGS: 00010246 [ 508.231942][T13073] RAX: ffffc900032b7a00 RBX: 1ffff92000656f44 RCX: 0000000000000000 [ 508.240482][T13073] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc900032b7a68 [ 508.248560][T13073] RBP: ffffc900032b7b00 R08: ffffc900032b7a67 R09: 0000000000000000 [ 508.256708][T13073] R10: ffffc900032b7a40 R11: fffff52000656f4d R12: 0000000000000014 [ 508.264727][T13073] R13: 0000000000000000 R14: 0000000000040cc0 R15: dffffc0000000000 [ 508.272763][T13073] FS: 00007f93f17166c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 508.281710][T13073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 508.288360][T13073] CR2: 000000110c4852bb CR3: 0000000067d67000 CR4: 00000000003506e0 [ 508.296431][T13073] Call Trace: [ 508.299727][T13073] [ 508.302711][T13073] ? zone_statistics+0x170/0x170 [ 508.307692][T13073] ? asm_sysvec_call_function_single+0x1a/0x20 [ 508.314221][T13073] ? lockdep_hardirqs_on+0x98/0x150 [ 508.319447][T13073] __kmalloc_large_node+0x8c/0x1e0 [ 508.324619][T13073] ? raw_ioctl+0x19b0/0x3b70 [ 508.329900][T13073] __kmalloc+0x111/0x240 [ 508.334345][T13073] raw_ioctl+0x19b0/0x3b70 [ 508.338786][T13073] ? tomoyo_path_number_perm+0x477/0x590 [ 508.344470][T13073] ? __kmem_cache_free+0xba/0x1f0 [ 508.349518][T13073] ? tomoyo_path_number_perm+0x4dc/0x590 [ 508.355202][T13073] ? tomoyo_path_number_perm+0x1ba/0x590 [ 508.360869][T13073] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 508.366383][T13073] ? make_qualifier+0x250/0x250 [ 508.371287][T13073] ? __fget_files+0x28/0x4d0 [ 508.375936][T13073] ? bpf_lsm_file_ioctl+0x9/0x10 [ 508.380887][T13073] ? security_file_ioctl+0x80/0xa0 [ 508.386051][T13073] ? make_qualifier+0x250/0x250 [ 508.390919][T13073] __se_sys_ioctl+0xfd/0x170 [ 508.395836][T13073] do_syscall_64+0x55/0xb0 [ 508.400283][T13073] ? clear_bhb_loop+0x40/0x90 [ 508.405025][T13073] ? clear_bhb_loop+0x40/0x90 [ 508.409726][T13073] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 508.415687][T13073] RIP: 0033:0x7f93f078f6c9 [ 508.420136][T13073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 508.440532][T13073] RSP: 002b:00007f93f1716038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 508.449152][T13073] RAX: ffffffffffffffda RBX: 00007f93f09e5fa0 RCX: 00007f93f078f6c9 [ 508.457191][T13073] RDX: 0000200000002940 RSI: 00000000c0085504 RDI: 0000000000000003 [ 508.465230][T13073] RBP: 00007f93f0811f91 R08: 0000000000000000 R09: 0000000000000000 [ 508.473329][T13073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 508.481318][T13073] R13: 00007f93f09e6038 R14: 00007f93f09e5fa0 R15: 00007fff5503a118 [ 508.489355][T13073] [ 508.492413][T13073] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 508.499700][T13073] CPU: 1 PID: 13073 Comm: syz.3.3131 Not tainted syzkaller #0 [ 508.507171][T13073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 508.517218][T13073] Call Trace: [ 508.520486][T13073] [ 508.523404][T13073] dump_stack_lvl+0x16c/0x230 [ 508.528082][T13073] ? show_regs_print_info+0x20/0x20 [ 508.533277][T13073] ? load_image+0x3b0/0x3b0 [ 508.537778][T13073] panic+0x2c0/0x710 [ 508.541661][T13073] ? bpf_jit_dump+0xd0/0xd0 [ 508.546162][T13073] __warn+0x2e0/0x470 [ 508.550130][T13073] ? __alloc_pages+0x2de/0x460 [ 508.554886][T13073] ? __alloc_pages+0x2de/0x460 [ 508.559644][T13073] report_bug+0x2be/0x4f0 [ 508.563967][T13073] ? __alloc_pages+0x2de/0x460 [ 508.568721][T13073] ? __alloc_pages+0x2de/0x460 [ 508.573476][T13073] ? __alloc_pages+0x2e0/0x460 [ 508.578233][T13073] handle_bug+0xcf/0x120 [ 508.582467][T13073] exc_invalid_op+0x1a/0x50 [ 508.586961][T13073] asm_exc_invalid_op+0x1a/0x20 [ 508.591796][T13073] RIP: 0010:__alloc_pages+0x2de/0x460 [ 508.597164][T13073] Code: 0c 25 28 00 00 00 48 3b 8c 24 a0 00 00 00 0f 85 a0 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 c6 05 dc 21 64 0c 01 <0f> 0b eb a5 a9 00 00 08 00 8b 74 24 0c 75 3e 44 89 f1 81 e1 7f ff [ 508.616759][T13073] RSP: 0018:ffffc900032b7a00 EFLAGS: 00010246 [ 508.622813][T13073] RAX: ffffc900032b7a00 RBX: 1ffff92000656f44 RCX: 0000000000000000 [ 508.630773][T13073] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc900032b7a68 [ 508.638730][T13073] RBP: ffffc900032b7b00 R08: ffffc900032b7a67 R09: 0000000000000000 [ 508.646690][T13073] R10: ffffc900032b7a40 R11: fffff52000656f4d R12: 0000000000000014 [ 508.654650][T13073] R13: 0000000000000000 R14: 0000000000040cc0 R15: dffffc0000000000 [ 508.662622][T13073] ? zone_statistics+0x170/0x170 [ 508.667561][T13073] ? asm_sysvec_call_function_single+0x1a/0x20 [ 508.673706][T13073] ? lockdep_hardirqs_on+0x98/0x150 [ 508.678890][T13073] __kmalloc_large_node+0x8c/0x1e0 [ 508.683995][T13073] ? raw_ioctl+0x19b0/0x3b70 [ 508.688571][T13073] __kmalloc+0x111/0x240 [ 508.692805][T13073] raw_ioctl+0x19b0/0x3b70 [ 508.697210][T13073] ? tomoyo_path_number_perm+0x477/0x590 [ 508.702835][T13073] ? __kmem_cache_free+0xba/0x1f0 [ 508.707851][T13073] ? tomoyo_path_number_perm+0x4dc/0x590 [ 508.713474][T13073] ? tomoyo_path_number_perm+0x1ba/0x590 [ 508.719105][T13073] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 508.724553][T13073] ? make_qualifier+0x250/0x250 [ 508.729408][T13073] ? __fget_files+0x28/0x4d0 [ 508.733995][T13073] ? bpf_lsm_file_ioctl+0x9/0x10 [ 508.738917][T13073] ? security_file_ioctl+0x80/0xa0 [ 508.744024][T13073] ? make_qualifier+0x250/0x250 [ 508.748863][T13073] __se_sys_ioctl+0xfd/0x170 [ 508.753444][T13073] do_syscall_64+0x55/0xb0 [ 508.757850][T13073] ? clear_bhb_loop+0x40/0x90 [ 508.762512][T13073] ? clear_bhb_loop+0x40/0x90 [ 508.767174][T13073] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 508.773053][T13073] RIP: 0033:0x7f93f078f6c9 [ 508.777457][T13073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 508.797050][T13073] RSP: 002b:00007f93f1716038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 508.805456][T13073] RAX: ffffffffffffffda RBX: 00007f93f09e5fa0 RCX: 00007f93f078f6c9 [ 508.813415][T13073] RDX: 0000200000002940 RSI: 00000000c0085504 RDI: 0000000000000003 [ 508.821371][T13073] RBP: 00007f93f0811f91 R08: 0000000000000000 R09: 0000000000000000 [ 508.829326][T13073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 508.837284][T13073] R13: 00007f93f09e6038 R14: 00007f93f09e5fa0 R15: 00007fff5503a118 [ 508.845254][T13073] [ 508.848491][T13073] Kernel Offset: disabled [ 508.852805][T13073] Rebooting in 86400 seconds..