last executing test programs: 11m46.772596282s ago: executing program 3 (id=3444): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0xa048c5, &(0x7f0000000440)={[{@utf8no}, {@shortname_winnt}, {@rodir}, {@uni_xlateno}, {@uni_xlateno}, {@uni_xlate}, {@shortname_mixed}, {@shortname_win95}, {@fat=@tz_utc}, {@utf8}, {}, {@fat=@flush}]}, 0x0, 0x291, &(0x7f0000000580)="$eJzs3c1qE28Ux/Ffk6YvKW2y+PMHBfGgG90MbbyCIC2IAaU2oi6EqZ1oyJiUTKxExHbn1usoLt0J6g104869uCmC4KYLMdIkY5M2YltTpzbfD5Q5nec5M8+8hTMDmWzeevGwVAicgltTbMwUk9a0JaW3o7ah9jTWjEfUaU0XJ75+OHPj9p2r2Vxudt5sLrtwKWNmU2ffPH768ty72sTNV1OvR7WRvrv5JfNx4/+NU5vfF8KlVyTXFiuVmrvoe7ZUDEqO2XXfcwPPiuXAq9aso73gV5aX6+aWlyaTy1UvCMwt163k1a1WsVq1bu59t1g2x3FsMqlBEz9wRn59ft7NHslgEIXxXjOr1awb79mYX/8bgwIAAMdLVPX/g2JgxcDKla76fm/9HxP1/9Gh/h8E2/V/sn39dqP+BwAAAAAAAAAAAAAAAAAAAADgX7DVaKQajUYqnIZ/o5LGJIX/h/1Hoh0u+uygxx8nS8cX98Yk//lKfiXfmrbaswUV5cvTdEL61jwf2lrx3JXc7LQ1pfXWX23nr67k4xoN80Pp3vkzrXzrzk8o2bn+jFL6r3d+pmf+iC6cD/MTnhyl9P6eKvK11Dyvd/KfzZhdvpbblT/e7AcAAAAAwEng2E977t+b7Y6Frw3Z1d6aufN8QKnfPB/YdX89rNPD0W03AAAAAACDJKg/Kbm+71W7gtieOSchCH//oC8L/NWuI+hbEJN02PT4nx3lz5ISOg47oa/Bp0etK2A/naP8VAIAAABwFMKifyjqgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMMD2+/KwsP9h3j3Wsbp4NFsJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHA8/AgAA//+oMRp3") mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0) 11m46.541359836s ago: executing program 3 (id=3448): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r3, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) unshare(0x22020600) 11m46.349988775s ago: executing program 3 (id=3451): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000040)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES8, @ANYRES8=r1, @ANYRES32=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r4 = fcntl$dupfd(r3, 0x0, r2) sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x4040841) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_clone(0x2b02000, 0x0, 0x0, 0x0, 0x0, 0x0) 11m46.132260916s ago: executing program 3 (id=3453): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) dup(r0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000080)='./bus\x00', 0x14018, &(0x7f00000004c0)={[{@gid}, {@nodecompose}, {@type={'type', 0x3d, "d2b31a10"}}, {@uid}, {@umask}, {@creator={'creator', 0x3d, "8825b225"}}, {}, {@uid}, {@part={'part', 0x3d, 0xaa8d}}]}, 0x1, 0x6ed, &(0x7f0000000d80)="$eJzs3UtsXFcdB+DfHY9fQUqdNmkBVSJtpIKISPxQCmGTgBDyoqoqsWDBykqcxsokrWy3OBWiAQpsuyhiWxbZsUJixSao7JBgydKwqoTohlV2ru5j7Ek8Y8/k5Vj9vujOPfeexz3nP/c5VnQDfGEtnk77Toosnn5to1zevL3Q2by9MNlkd5KU6VbSrmcpbiTFJ8nF1FO+Uq5syheDtvNRWf3/m58mma7banfLl43+5e+vv9RT+v2t0UZxq5lyMslYM99tfPeqqf3buzSwvdpkT7r/+IvtnDJgp7qBg4O2tcutUaoPPN6Bw6Oor5u7zCRHmstkdZ1rzg6tJ9u7R2+ksxwAAAAcsMX/nZgfpfx0M3/mbu5m49A/xgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAT1bz/v2imVjd9MkX3/f8Tzbo06UPtzkF3AAAAAAAAAACGMNlNXOif/7W7uZuNHO0ubxXV3/xfrhaOV59fyjtZy3JWcyYbWcp61rOauSQzPQ1NbCytr6/ODVFzvm/N+Uc7bgAAAAAAAAD4gvllFnf+/g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+DIhmrZ9V0vJueSaudZCrJRFnuVvLPbvqQKPqtvPPk+wEAAAAPZeoB6kwkd7ORo93lraJ65n++el6eyju5kfWsZD2dLOdy8wxdPvW3Nm8vdDZvL1wvp94WtxqjdiOt1L899N/yl6sS07mSlWrNmVyqOnM5rapm6T9Jrnf7dH+/kl98VrZ9ofbTIXt2uZmXG/uw+yvC5EiDe0xmknYr49sRma36Vu8Ex3qjsDsS3/tsUKMX61n7/i2ld0tzaW3/8nO83kKZ3DfmF4Yc2ZFmXo7nN4N+ual88Pshm9zf1M5Gbw0stB2JVqpIzPfsfc/XkZhK/5gnX//zHz8sihvXrl5ZOz14SIfE/fvEQk8kXth776si8eOrnac0Eu3hi/7kd0lmq0ic2F65mB/mRzmdk3kjq1nJu1nKepZTNCNdavbn8nNm70hdvGfpjf26M9F8L/VZ9N4+TW830tunk/lBlVrKy1Xdo1lJkbdyOct5tfo3n7l8O+dyLud7vuETA/tdja066lvlEf/v7DrqW/07f+obTaLs6W+b+R7e3S8aj0J9UijjeqwnruW8e86dqfJ6z8I7UXq2is7kUNejKkr7DLncOb/aJMpt/GpwNA/A/ZGY67kFeG7v/fwPVdG1zo1rq1eX3u57dR1v5ju3Fq/05P56/9ufvw5Yv3/Mh9NzHiv3l2cz1ZxJjmW87tpYN++57bPMPfGq8o5v57V25Z2ov+6ie6S+PvBInWju4Xa3NF/lvdA3b6HKK++02u3sut9K3kpn+34IgKfYkW8emZj+7/Q/pj+e/mD66vRrU9+f/M7kixMZ/9v4d9uzY6+0Xiz+lI/z853nfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MGt3Xzv2lKns7zaP9EanLVXovsmn5012adW0bxJZ6hNtEbtz+NIbL2fDF24nREKj5h4KcljaLlYXbs59Rj6XO4J3ZcIjlZ99p49qkpcPMg94V+j1srUSEPeeqaO0kibmKnrDFF4sg7m2O6oVonmK3qQl4sCh8LZ9etvn127+d63Vq4vvbn85vKN8XPnzs+eP/fqwtkrK53l2frzoHsJPA47F/2D7gkAAAAAAAAAAAAwrIf7LxDtoQof9BgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAw23xdNp3UmRu9sxsubx5e6FTTt30Tsl2klYrKX6WFJ8kF1NPmelprhi0nY9Wzo8l+XSnrXa3fGuPeluTQ43iVjPlZJKxZv4Q7mnv0kO3V2yPsAzYqW7g4KB9HgAA//+pU/cO") ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000180)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00', @ANYRES8, @ANYRES16=0x0, @ANYRESHEX=0x0], 0x1, 0x2c3, &(0x7f00000002c0)="$eJzs3b1ra2UYAPDnpPlCh0RwEsEDOjhdbu/qkiK9cDGTkkEd9OK9F6QJQgsFPzDt5Oqim6uLILj5T7j4HwiugpsdCkdOzjn5Mo2JNK16f7+lb973efI+7zmnLR3y9P0XR0eP0nhy/tkv0W4nUetFLy6S6EYtKmexoPdlAAD/ZRdZFr9nhW3ykoho764sAGCHtv79/8POSwIAduytt99546DfP3wzTdtxf/TF6SD/yz7/WqwfPIkPYxiP42504jIimyrG97MsG9fTXDdeGY1PB3nm6L2fyvc/+C1ikr8fnehOphbzH/QP99PCXP44r+OZcv9enn8vOvH8iv0f9A/vrciPQTNefXmu/jvRiZ8/iI9iGI8mRRT5UYv4fD9NX8+++uPTd/Py8vxkfDpoTeJmsr0bvjUAAAAAAAAAAAAAAAAAAAAAAPyP3Sl757Ri0r8nnyr77+xd5i8akVa6i/15ivykeqOl/kDjLL6p+vPcTdM0KwNn+fV4oR712zk1AAAAAAAAAAAAAAAAAAAA/LucfPzJ0cPh8PHxtQyqbgDVx/r/6fv05mZeivXBrYhGuVet3HYh5utWxCwr9qqYJGJtGfkhNii12rNoe7A++OyKpeeWa64G332/8aX7dnr2xt8EN6Z7ZZ1ruu/Lg+rpOnqYrL6Grahm2tVD8uN8TDM23Kt51VK21ePXXLnU2frszWcng/GamEjWFfbar8WVK2eS5VM0J1d1ZXp13+fSF2PamzzPs++Uv0im3TqSa/0ZBAAAAAAAAAAAAAAAAAAAFGYf+l2xeL480Zh/UctaOy0NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG7M7P//bzEYl8kbBDfj+OSWjwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBT4M8AAAD//zAXXTM=") syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 11m45.778468022s ago: executing program 3 (id=3458): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[], 0x0) 11m43.935015887s ago: executing program 3 (id=3473): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = getpid() prlimit64(r5, 0xf, 0x0, 0x0) 11m42.517887849s ago: executing program 32 (id=3473): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = getpid() prlimit64(r5, 0xf, 0x0, 0x0) 2.311162129s ago: executing program 2 (id=9379): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) 2.104073829s ago: executing program 2 (id=9382): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r6 = socket$inet6_icmp(0xa, 0x2, 0x3a) connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e25, 0x1, @mcast2, 0x7}, 0x1c) sendto$inet6(r6, &(0x7f00000001c0)="80006466d3805699", 0x8, 0x20004840, 0x0, 0x0) 2.047694015s ago: executing program 1 (id=9384): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01dda865694e08605b702200000018000180140002006970365f76746930"], 0x2c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0) 2.006705169s ago: executing program 4 (id=9385): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) socket$rds(0x15, 0x5, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) socket$l2tp6(0xa, 0x2, 0x73) socket$l2tp6(0xa, 0x2, 0x73) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0xe}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="00008000", @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb080003"], 0x2c}}, 0x4000) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r6, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r1], 0x4}}, 0x0) sendfile(r5, r4, 0x0, 0x100000002) 1.89787684s ago: executing program 2 (id=9386): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r4 = gettid() process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) mremap(&(0x7f000046d000/0x4000)=nil, 0x4000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) 1.861543644s ago: executing program 4 (id=9387): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = dup(r0) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4004}, 0x10000) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r3, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0xd0e29cde0b9a4f94, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.811231458s ago: executing program 1 (id=9389): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r3, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mkdir(&(0x7f00000004c0)='./bus\x00', 0x92) 1.669409843s ago: executing program 4 (id=9390): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000040)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES8, @ANYRES8=r1, @ANYRES32=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r5 = fcntl$dupfd(r4, 0x0, r2) sendmsg$nl_generic(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x4040841) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 1.643389425s ago: executing program 2 (id=9391): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = dup(r0) write$FUSE_BMAP(r5, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000000), 0x181c800, 0x0) 1.635348956s ago: executing program 0 (id=9392): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000180)={0xa, 0x4e22, 0x8, @loopback}, 0x1c) listen(r3, 0x5) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @empty, 0xfffffffe}, 0x1c) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r5, 0xffffffffffffffff, 0x0) 1.603179519s ago: executing program 1 (id=9393): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r4, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0) syz_clone(0x80020000, 0x0, 0x0, 0x0, 0x0, 0x0) 1.471052173s ago: executing program 2 (id=9394): socket(0x0, 0x9f5faa811eea84c5, 0x0) sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0) setpriority(0x0, 0x0, 0xacf0165) r2 = openat(0xffffffffffffff9c, 0x0, 0x2, 0x0) fsync(r2) ioctl$NS_GET_OWNER_UID(r2, 0xb704, 0x0) fstat(r1, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x5) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) syz_mount_image$erofs(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x3008003, &(0x7f0000002ac0)=ANY=[], 0x2, 0x200, &(0x7f00000002c0)="$eJzsmbFrFEEUxr+Z3ds7gwRtLGwsDBjR7O3uqaSJEMFSEKKo5WHWEN3k5LJC7kDwsLHRzkKwtbG0sLCy8C+w1UIFwcIrBQthZGZnd4e93fMOTwXzfpDJN/PezLz3YF6xB4Ig9iyfPn778PDc8qWTAPZjAXW9/sXKfbjh//7JnROPV84/ffHu2Zvt+buviucxAEJUXve9aHIAvF61EIPZyYoQmM/tC0YIWuMyOI5rfQUMbiJ/CEUyCcFwTfvcNHRnnxZR6F7vROs3NqPQk4Mvh0AOLTM+GdRwwLAOoKGiE4IZ9p1e/1Y7isJuUdREes+IaVrBK8up41vlWEFaPSGk/9UH9wdyrmsDDzyrnw8OX+sWGNa0XkYdruvmJTHyP2zn51uT5D9jcVbd9WjSXc+VOLj05wNLRPpGptkly/g3SvcfidpMzmHFFfmgs5VDw7QHmj6f/1nu+LVPY/xjhLaPmN7ORdGF34jQKSlUJvL+JDv7MaM/2bCz/tGMt243d3r9pc2t9ka4EW4HQeuMd8rzTgdN1YiScUz/a6j+NGecX6vwdZiD3XYcd/1dIO762TxIxjwBrL3sfJVbDkD1P47Fo+oI1VNV2vXyO5j+4+q/VItWuee9ypwIgiAIgiAIgiAIgiAIgiDKOQKG5JcwwfQH0TKCi+oL5c8AAAD//40vYXw=") creat(&(0x7f00000000c0)='./file0\x00', 0xf4) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0x301, &(0x7f0000000640)={'\x00', 0x40, 0x200000a, 0x2, 0x8, 0xfffffffffffffffd}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fadvise64(r3, 0xe0ffff, 0x19, 0x3) 1.405651259s ago: executing program 0 (id=9395): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0xb, 0x84) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet_icmp_raw(0x2, 0x3, 0x1) 1.326388727s ago: executing program 4 (id=9396): sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r5, &(0x7f00000002c0)={0xa, 0x4e24, 0x0, @rand_addr, 0x8000}, 0x1c) sendmmsg(r5, &(0x7f00000092c0), 0x4ff, 0xfdff) 1.308170239s ago: executing program 1 (id=9397): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) sendmmsg$inet6(r2, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) socket$inet6_tcp(0xa, 0x1, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r5, &(0x7f0000000400)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r6 = dup(r5) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000000), 0x181c800, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6]) 1.211805089s ago: executing program 0 (id=9398): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6(0xa, 0x400000000001, 0x0) bind$inet6(r5, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r5, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x8, @loopback, 0x9db}, 0x1c) sendto$inet6(r5, 0x0, 0x0, 0x0, 0x0, 0x0) 1.081997372s ago: executing program 0 (id=9399): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='io.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r4, 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write$binfmt_script(r5, 0x0, 0x0) 987.020761ms ago: executing program 1 (id=9400): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r2, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000004b00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10) r6 = userfaultfd(0x80001) ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0)) 310.900039ms ago: executing program 0 (id=9401): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x40000000, &(0x7f0000000040)={[0x400]}, 0x8) 310.529819ms ago: executing program 1 (id=9402): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil) add_key(0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000007c0)=[@in6={0xa, 0x4e20, 0x0, @loopback, 0x4b26e94}, @in={0x2, 0x4e20, @multicast2}], 0x2c) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x48, &(0x7f00000004c0)=[@in6={0xa, 0x4e20, 0x800, @loopback}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x31}}, @in6={0xa, 0x4e21, 0x5, @private1={0xfc, 0x1, '\x00', 0x1}, 0x6}]}, &(0x7f0000000480)=0x10) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x3e8, 0xffffffff, 0x218, 0x0, 0x218, 0xfeffffff, 0xffffffff, 0x318, 0x318, 0x318, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}, {[0x8, 0x2], 0x6, 0x15, 0x2}}, @common=@dst={{0x48}, {0x2, 0x0, 0x1, [0x2, 0x376, 0x8, 0x7ff, 0x5, 0x4, 0x8, 0x7, 0x8, 0xfff8, 0x81, 0x7240, 0x7fff, 0x101, 0x0, 0x5], 0x6}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x3}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0xe9c, 0x7}}}, {{@ipv6={@empty, @private2={0xfc, 0x2, '\x00', 0x1}, [0xff, 0x0, 0xff000000], [0x0, 0xffffff00, 0xff], 'team0\x00', 'batadv_slave_0\x00', {}, {}, 0x2e, 0x79, 0x4, 0x44}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@ah={{0x30}, {[0x4d5, 0x4d6], 0xe, 0xab, 0x3}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x6}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x448) 259.153174ms ago: executing program 4 (id=9403): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c00000014000100040000000005c10901"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x8018) 125.927808ms ago: executing program 0 (id=9404): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r3, &(0x7f00000075c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[], 0x50}}], 0x1, 0x40804) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r5, &(0x7f0000000040)=ANY=[], 0x13) 51.152165ms ago: executing program 4 (id=9405): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) io_setup(0x9bb1, &(0x7f0000000040)=0x0) io_submit(r4, 0x1, &(0x7f0000000480)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x8, r2, 0x0, 0x0, 0x0, 0x0, 0x4}]) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) unshare(0x60000600) 0s ago: executing program 2 (id=9406): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r3, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) kernel console output (not intermixed with test programs): bytes leftover after parsing attributes in process `syz.2.3337'. [ 500.422494][T13680] loop1: detected capacity change from 0 to 128 [ 500.495340][T13680] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 500.540895][T13680] ext4 filesystem being mounted at /814/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 500.569659][ T27] audit: type=1326 audit(1763488699.026:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.2.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 500.601120][ T27] audit: type=1326 audit(1763488699.026:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.2.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 500.624469][ T27] audit: type=1326 audit(1763488699.026:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.2.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 500.648794][ T27] audit: type=1326 audit(1763488699.026:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.2.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 500.705459][ T27] audit: type=1326 audit(1763488699.026:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.2.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 500.740091][ T5796] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 500.786541][ T27] audit: type=1326 audit(1763488699.026:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.2.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 500.850289][ T27] audit: type=1326 audit(1763488699.026:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.2.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 500.880025][ T27] audit: type=1326 audit(1763488699.026:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.2.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 500.910648][ T27] audit: type=1326 audit(1763488699.026:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.2.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 500.945995][ T27] audit: type=1326 audit(1763488699.026:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.2.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 500.993278][T13694] overlayfs: missing 'lowerdir' [ 502.035163][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.041741][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.191457][T13729] loop2: detected capacity change from 0 to 128 [ 502.711852][T13748] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3380'. [ 503.101449][T13758] netlink: 165 bytes leftover after parsing attributes in process `syz.3.3382'. [ 504.816815][T13796] netlink: 104 bytes leftover after parsing attributes in process `syz.0.3402'. [ 505.698693][T13807] netlink: 'syz.0.3407': attribute type 11 has an invalid length. [ 505.707465][T13807] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3407'. [ 506.179691][T13827] 9pnet_fd: Insufficient options for proto=fd [ 508.479004][T13892] loop3: detected capacity change from 0 to 128 [ 508.893941][T13904] netlink: 'syz.0.3450': attribute type 4 has an invalid length. [ 508.916583][T13904] netlink: 'syz.0.3450': attribute type 5 has an invalid length. [ 508.940358][T13904] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.3450'. [ 509.112219][T13911] loop3: detected capacity change from 0 to 256 [ 509.397904][ T5802] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 509.441236][ T5802] FAT-fs (loop3): Filesystem has been set read-only [ 509.471376][ T5802] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 510.068589][ T2915] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 510.220405][ T2915] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 510.269039][T13935] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3465'. [ 510.323676][ T2915] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 510.460165][ T2915] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 510.733786][ T2915] tipc: Left network mode [ 510.865792][T13944] 9pnet_fd: Insufficient options for proto=fd [ 513.299489][T13980] 9pnet_fd: Insufficient options for proto=fd [ 513.604251][ T2915] hsr_slave_0: left promiscuous mode [ 513.623411][ T2915] hsr_slave_1: left promiscuous mode [ 513.630439][ T2915] bridge_slave_1: left allmulticast mode [ 513.651535][ T2915] bridge_slave_1: left promiscuous mode [ 513.660078][ T2915] bridge0: port 2(bridge_slave_1) entered disabled state [ 513.684061][ T2915] bridge_slave_0: left allmulticast mode [ 513.693293][ T2915] bridge_slave_0: left promiscuous mode [ 513.709524][ T2915] bridge0: port 1(bridge_slave_0) entered disabled state [ 513.808573][ T5795] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 513.824986][ T5795] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 513.835585][ T2915] veth1_macvtap: left promiscuous mode [ 513.842876][ T2915] veth0_macvtap: left promiscuous mode [ 513.842926][ T5795] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 513.855652][ T2915] veth1_vlan: left promiscuous mode [ 513.867389][ T5795] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 513.876101][ T2915] veth0_vlan: left promiscuous mode [ 513.882712][ T5795] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 513.891502][ T5795] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 513.917329][ T5109] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 513.926760][ T5109] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 513.935619][ T5109] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 513.948784][ T5109] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 513.958601][ T5109] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 513.966275][ T5109] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 514.935633][ T2915] team0 (unregistering): Port device team_slave_1 removed [ 514.988803][ T2915] team0 (unregistering): Port device team_slave_0 removed [ 515.044520][ T2915] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 515.097749][ T2915] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 515.639990][ T2915] bond0 (unregistering): Released all slaves [ 516.034564][ T5109] Bluetooth: hci2: command tx timeout [ 517.326337][T13992] chnl_net:caif_netlink_parms(): no params data found [ 517.663849][ T27] kauditd_printk_skb: 3 callbacks suppressed [ 517.663866][ T27] audit: type=1326 audit(1763488716.126:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14047 comm="syz.0.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 517.753234][T13992] bridge0: port 1(bridge_slave_0) entered blocking state [ 517.760754][ T27] audit: type=1326 audit(1763488716.126:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14047 comm="syz.0.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 517.785310][T13992] bridge0: port 1(bridge_slave_0) entered disabled state [ 517.814375][T13992] bridge_slave_0: entered allmulticast mode [ 517.834337][ T27] audit: type=1326 audit(1763488716.126:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14047 comm="syz.0.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 517.841133][T13992] bridge_slave_0: entered promiscuous mode [ 517.938159][ T27] audit: type=1326 audit(1763488716.186:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14047 comm="syz.0.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 517.942070][T13992] bridge0: port 2(bridge_slave_1) entered blocking state [ 518.019848][ T27] audit: type=1326 audit(1763488716.186:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14047 comm="syz.0.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 518.031209][T13992] bridge0: port 2(bridge_slave_1) entered disabled state [ 518.074245][T13992] bridge_slave_1: entered allmulticast mode [ 518.097454][T13992] bridge_slave_1: entered promiscuous mode [ 518.113642][ T5109] Bluetooth: hci2: command tx timeout [ 518.143546][ T27] audit: type=1326 audit(1763488716.216:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14052 comm="syz.0.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2ea33c1f85 code=0x7ffc0000 [ 518.199976][ T27] audit: type=1326 audit(1763488716.376:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14052 comm="syz.0.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 518.361064][ T27] audit: type=1326 audit(1763488716.686:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14061 comm="syz.1.3500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 518.890804][ T27] audit: type=1326 audit(1763488716.686:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14061 comm="syz.1.3500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 519.258443][ T27] audit: type=1326 audit(1763488716.716:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14061 comm="syz.1.3500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 519.366190][T13992] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 519.435761][T13992] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 519.605416][T13992] team0: Port device team_slave_0 added [ 519.636058][T13992] team0: Port device team_slave_1 added [ 519.796707][T13992] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 519.830797][T13992] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 519.911038][T13992] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 519.939955][T13992] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 519.961016][T13992] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 520.021032][T13992] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 520.165369][T13992] hsr_slave_0: entered promiscuous mode [ 520.191508][ T5109] Bluetooth: hci2: command tx timeout [ 520.199227][T13992] hsr_slave_1: entered promiscuous mode [ 520.206291][T13992] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 520.214091][T13992] Cannot create hsr debugfs directory [ 521.030058][T13992] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 521.055974][T13992] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 521.075270][T13992] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 521.092441][T13992] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 522.026037][T14136] overlayfs: failed to clone upperpath [ 522.098972][T13992] 8021q: adding VLAN 0 to HW filter on device bond0 [ 522.178079][T13992] 8021q: adding VLAN 0 to HW filter on device team0 [ 522.254904][ T2915] bridge0: port 1(bridge_slave_0) entered blocking state [ 522.262257][ T2915] bridge0: port 1(bridge_slave_0) entered forwarding state [ 522.272966][ T5109] Bluetooth: hci2: command tx timeout [ 522.294834][ T2915] bridge0: port 2(bridge_slave_1) entered blocking state [ 522.302106][ T2915] bridge0: port 2(bridge_slave_1) entered forwarding state [ 523.107094][T13992] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 523.342819][T14188] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 523.342819][T14188] The task syz.2.3537 (14188) triggered the difference, watch for misbehavior. [ 523.586250][T14194] loop2: detected capacity change from 0 to 512 [ 524.053329][T13992] veth0_vlan: entered promiscuous mode [ 524.092688][T14207] overlayfs: failed to clone upperpath [ 524.099150][T13992] veth1_vlan: entered promiscuous mode [ 524.214518][T13992] veth0_macvtap: entered promiscuous mode [ 524.249768][T13992] veth1_macvtap: entered promiscuous mode [ 524.316837][T13992] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 524.348378][T13992] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 524.371847][T13992] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 524.380834][T13992] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 524.401514][T13992] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 524.424204][T14216] overlayfs: missing 'lowerdir' [ 524.429238][T13992] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 524.675335][ T2915] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 524.698199][ T2915] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 524.767149][ T2944] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 524.777412][ T2944] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 525.248276][T14237] syz.0.3551[14237] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 525.249039][T14237] syz.0.3551[14237] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 525.419969][T14237] xt_CT: You must specify a L4 protocol and not use inversions on it [ 526.802194][T14245] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 526.849717][T14245] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 527.337691][T14256] loop2: detected capacity change from 0 to 512 [ 527.506730][T14256] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 527.551185][T14256] ext4 filesystem being mounted at /859/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 527.847131][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 536.450130][T14488] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3640'. [ 538.056890][ T27] kauditd_printk_skb: 39 callbacks suppressed [ 538.056909][ T27] audit: type=1326 audit(1763488736.506:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 538.117422][ T27] audit: type=1326 audit(1763488736.506:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 538.160400][ T27] audit: type=1326 audit(1763488736.526:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 538.228030][ T27] audit: type=1326 audit(1763488736.526:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 538.262687][ T27] audit: type=1326 audit(1763488736.526:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 538.320374][ T27] audit: type=1326 audit(1763488736.526:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 538.348705][ T27] audit: type=1326 audit(1763488736.526:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 538.460875][ T27] audit: type=1326 audit(1763488736.526:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 538.523975][ T27] audit: type=1326 audit(1763488736.526:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 538.594868][ T27] audit: type=1326 audit(1763488736.526:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.0.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 539.184254][T14581] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3677'. [ 542.515430][T14645] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3701'. [ 542.573451][T14645] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3701'. [ 544.701636][ T27] kauditd_printk_skb: 31 callbacks suppressed [ 544.701652][ T27] audit: type=1804 audit(1763488743.166:222): pid=14694 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3715" name="bus" dev="ramfs" ino=50026 res=1 errno=0 [ 544.709518][T14694] Invalid ELF header magic: != ELF [ 544.830217][T14699] overlayfs: missing 'lowerdir' [ 544.961627][T14702] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3717'. [ 544.992257][T14702] team_slave_0: entered promiscuous mode [ 544.998520][T14702] team_slave_1: entered promiscuous mode [ 545.009623][T14702] macvtap1: entered promiscuous mode [ 545.016677][T14702] team0: entered promiscuous mode [ 545.046534][T14702] macvtap1: entered allmulticast mode [ 545.066153][T14702] team0: entered allmulticast mode [ 545.076052][T14702] team_slave_0: entered allmulticast mode [ 545.084346][T14702] team_slave_1: entered allmulticast mode [ 545.092008][T14702] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 545.111238][T14705] team0: left allmulticast mode [ 545.137948][ T27] audit: type=1326 audit(1763488743.596:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14681 comm="syz.4.3712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7fc00000 [ 545.176936][T14705] team_slave_0: left allmulticast mode [ 545.186565][T14705] team_slave_1: left allmulticast mode [ 545.206918][T14705] team0: left promiscuous mode [ 545.225110][T14705] team_slave_0: left promiscuous mode [ 545.230709][T14705] team_slave_1: left promiscuous mode [ 547.739716][T14750] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3736'. [ 547.761298][T14750] bridge_slave_1: left allmulticast mode [ 547.787630][T14750] bridge_slave_1: left promiscuous mode [ 547.805189][T14750] bridge0: port 2(bridge_slave_1) entered disabled state [ 547.852582][T14750] bridge_slave_0: left allmulticast mode [ 547.878798][T14750] bridge_slave_0: left promiscuous mode [ 547.907879][T14750] bridge0: port 1(bridge_slave_0) entered disabled state [ 548.190586][T14751] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3735'. [ 548.238496][T14755] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3737'. [ 550.895239][T14829] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3762'. [ 550.924892][T14829] bridge_slave_1: left allmulticast mode [ 550.930638][T14829] bridge_slave_1: left promiscuous mode [ 550.961386][T14829] bridge0: port 2(bridge_slave_1) entered disabled state [ 550.989110][T14829] bridge_slave_0: left allmulticast mode [ 551.012173][T14829] bridge_slave_0: left promiscuous mode [ 551.042232][T14829] bridge0: port 1(bridge_slave_0) entered disabled state [ 552.834283][T14873] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3774'. [ 553.161993][ T9] IPVS: starting estimator thread 0... [ 553.312981][T14881] IPVS: using max 15 ests per chain, 36000 per kthread [ 558.501581][T14980] loop1: detected capacity change from 0 to 512 [ 558.578538][T14980] EXT4-fs (loop1): Test dummy encryption mode enabled [ 558.654567][T14980] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 558.996416][ T5796] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 561.856310][ T23] IPVS: starting estimator thread 0... [ 561.996427][T15081] IPVS: using max 15 ests per chain, 36000 per kthread [ 562.965022][T15090] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3847'. [ 563.172206][T15095] syz.1.3849[15095] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 563.172355][T15095] syz.1.3849[15095] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 563.475870][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.504388][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.930798][T15129] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3865'. [ 566.371998][ T27] audit: type=1326 audit(1763488764.836:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15155 comm="syz.0.3877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 566.423292][ T27] audit: type=1326 audit(1763488764.836:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15155 comm="syz.0.3877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 566.500692][ T27] audit: type=1326 audit(1763488764.856:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15155 comm="syz.0.3877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 566.529827][ T27] audit: type=1326 audit(1763488764.856:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15155 comm="syz.0.3877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 566.581369][ T27] audit: type=1326 audit(1763488764.856:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15155 comm="syz.0.3877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 566.652973][ T27] audit: type=1326 audit(1763488764.856:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15155 comm="syz.0.3877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 566.744496][ T27] audit: type=1326 audit(1763488764.856:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15155 comm="syz.0.3877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 566.822254][ T27] audit: type=1326 audit(1763488764.856:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15155 comm="syz.0.3877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 566.894591][ T27] audit: type=1326 audit(1763488764.856:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15155 comm="syz.0.3877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 566.941136][T15174] 9pnet: p9_errstr2errno: server reported unknown error 184467440737 [ 566.955466][ T27] audit: type=1326 audit(1763488764.856:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15155 comm="syz.0.3877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 567.145327][T15178] 9pnet_fd: Insufficient options for proto=fd [ 567.180808][T15182] overlayfs: missing 'workdir' [ 567.406727][T15189] 9pnet_fd: Insufficient options for proto=fd [ 567.412874][T15190] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3892'. [ 571.555995][T15287] overlayfs: overlapping lowerdir path [ 572.888604][ T5861] IPVS: starting estimator thread 0... [ 573.099291][T15307] IPVS: using max 16 ests per chain, 38400 per kthread [ 573.662949][T15327] overlay: Unknown parameter 'hash' [ 574.212336][T15343] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3958'. [ 575.859296][T15381] overlayfs: overlapping lowerdir path [ 576.419269][T15397] overlayfs: missing 'lowerdir' [ 576.529736][T15400] loop2: detected capacity change from 0 to 8 [ 576.662303][T15406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3988'. [ 577.100465][T15421] overlayfs: failed to resolve './file0': -2 [ 577.392673][T15434] loop4: detected capacity change from 0 to 8 [ 579.214923][ T27] kauditd_printk_skb: 15 callbacks suppressed [ 579.214941][ T27] audit: type=1326 audit(1763488777.676:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15456 comm="syz.1.4009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 579.327416][ T27] audit: type=1326 audit(1763488777.676:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15456 comm="syz.1.4009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 579.450877][ T27] audit: type=1326 audit(1763488777.676:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15456 comm="syz.1.4009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 579.611695][ T27] audit: type=1326 audit(1763488777.676:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15456 comm="syz.1.4009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 579.634731][T15465] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4013'. [ 579.691029][ T27] audit: type=1326 audit(1763488777.676:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15456 comm="syz.1.4009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 579.773489][ T27] audit: type=1326 audit(1763488777.686:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15456 comm="syz.1.4009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 579.849071][ T27] audit: type=1326 audit(1763488777.686:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15456 comm="syz.1.4009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 579.863544][T15472] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4016'. [ 579.912408][ T27] audit: type=1326 audit(1763488777.706:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15456 comm="syz.1.4009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 579.991014][ T27] audit: type=1326 audit(1763488777.716:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15456 comm="syz.1.4009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 580.070371][ T27] audit: type=1326 audit(1763488777.716:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15456 comm="syz.1.4009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 580.634387][T15488] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 584.256558][T15567] tipc: Enabled bearer , priority 0 [ 584.276505][T15567] syzkaller0: entered promiscuous mode [ 584.291377][T15567] syzkaller0: entered allmulticast mode [ 584.407884][T15567] tipc: Resetting bearer [ 584.444232][T15566] tipc: Resetting bearer [ 584.496822][T15566] tipc: Disabling bearer [ 585.798044][T15593] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4070'. [ 585.841626][T15593] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4070'. [ 587.010872][T15632] netlink: 80 bytes leftover after parsing attributes in process `syz.2.4086'. [ 588.506556][T15662] loop4: detected capacity change from 0 to 512 [ 588.527010][T15662] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 588.581827][T15662] EXT4-fs (loop4): 1 truncate cleaned up [ 588.588939][T15662] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 589.496114][T13992] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.663910][T15677] raw_sendmsg: syz.2.4104 forgot to set AF_INET. Fix it! [ 590.582296][T15712] syzkaller0: entered promiscuous mode [ 590.587910][T15712] syzkaller0: entered allmulticast mode [ 591.103341][T15731] netlink: 92 bytes leftover after parsing attributes in process `syz.0.4126'. [ 591.288026][T15739] netlink: 'syz.0.4129': attribute type 4 has an invalid length. [ 591.296021][T15739] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.4129'. [ 591.455752][T15743] netlink: 'syz.1.4133': attribute type 4 has an invalid length. [ 591.513953][T15745] netlink: 'syz.0.4132': attribute type 4 has an invalid length. [ 592.631091][ T5784] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 592.831641][ T5784] usb 5-1: Using ep0 maxpacket: 8 [ 592.907462][ T5784] usb 5-1: unable to get BOS descriptor or descriptor too short [ 592.937226][ T5784] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 592.954058][ T5784] usb 5-1: can't read configurations, error -71 [ 593.210738][T15776] syz.1.4146 uses obsolete (PF_INET,SOCK_PACKET) [ 594.601121][T15807] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4159'. [ 594.966222][T15821] netlink: 120 bytes leftover after parsing attributes in process `syz.4.4166'. [ 594.985973][T15821] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4166'. [ 595.185989][T15827] loop2: detected capacity change from 0 to 512 [ 595.216724][T15827] EXT4-fs: Ignoring removed mblk_io_submit option [ 595.263514][T15827] EXT4-fs: inline encryption not supported [ 595.331107][T15827] EXT4-fs: Ignoring removed mblk_io_submit option [ 595.417853][T15827] EXT4-fs (loop2): Test dummy encryption mode enabled [ 595.561287][T15827] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 595.796885][T15827] EXT4-fs (loop2): 1 truncate cleaned up [ 595.986741][T15827] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 596.292402][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.974491][T15858] loop2: detected capacity change from 0 to 512 [ 597.011315][T15858] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 597.076545][T15858] EXT4-fs (loop2): 1 truncate cleaned up [ 597.112436][T15858] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 598.167560][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 601.930007][T15974] 9pnet_fd: Insufficient options for proto=fd [ 602.799923][T15992] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4236'. [ 603.110271][T15995] loop4: detected capacity change from 0 to 512 [ 603.124835][T15995] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 603.616639][T15995] EXT4-fs (loop4): 1 truncate cleaned up [ 603.644168][T15995] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 603.878191][T13992] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 605.359129][T16049] 9pnet_fd: Insufficient options for proto=fd [ 606.013446][T16072] netlink: 156 bytes leftover after parsing attributes in process `syz.2.4271'. [ 606.027702][T16072] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4271'. [ 610.351907][T16153] netlink: 'syz.2.4305': attribute type 4 has an invalid length. [ 610.391428][T16153] netlink: 'syz.2.4305': attribute type 4 has an invalid length. [ 613.798136][T16197] loop2: detected capacity change from 0 to 1024 [ 613.843188][T16197] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 613.892699][T16197] ext4 filesystem being mounted at /1050/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 613.979822][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 614.614098][T16219] netlink: 'syz.2.4333': attribute type 10 has an invalid length. [ 614.633919][T16219] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4333'. [ 616.564070][T16279] overlayfs: failed to clone upperpath [ 617.299566][T16303] loop2: detected capacity change from 0 to 1024 [ 617.374852][T16303] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 617.529081][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 617.762477][T16315] 9pnet_fd: Insufficient options for proto=fd [ 620.848190][ T27] kauditd_printk_skb: 24 callbacks suppressed [ 620.848208][ T27] audit: type=1326 audit(1763488819.306:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16391 comm="syz.0.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 620.881104][ T27] audit: type=1326 audit(1763488819.306:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16391 comm="syz.0.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 620.920337][ T27] audit: type=1326 audit(1763488819.306:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16391 comm="syz.0.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 620.946193][ T27] audit: type=1326 audit(1763488819.306:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16391 comm="syz.0.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 621.042933][T16399] loop4: detected capacity change from 0 to 1024 [ 621.112145][T16399] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 621.186660][T16399] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 621.338242][T13992] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 622.106333][ T27] audit: type=1326 audit(1763488820.566:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16429 comm="syz.2.4431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 622.143355][ T27] audit: type=1326 audit(1763488820.566:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16429 comm="syz.2.4431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 622.336170][ T27] audit: type=1326 audit(1763488820.606:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16429 comm="syz.2.4431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 622.367893][ T27] audit: type=1326 audit(1763488820.606:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16429 comm="syz.2.4431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 622.391714][ T27] audit: type=1326 audit(1763488820.606:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16429 comm="syz.2.4431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 625.451915][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 625.458311][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.400872][T16544] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370 [ 630.334454][T16561] netlink: 596 bytes leftover after parsing attributes in process `syz.2.4484'. [ 631.391338][T16573] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4488'. [ 632.306871][ T27] audit: type=1326 audit(1763488830.756:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16589 comm="syz.2.4495" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x0 [ 632.424783][T16593] batadv_slave_1: entered promiscuous mode [ 632.884147][T16593] batadv_slave_1: left promiscuous mode [ 637.251200][T16623] Bluetooth: hci2: command 0x0406 tx timeout [ 638.196509][T16678] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 639.489214][T16697] tipc: Failed to remove unknown binding: 66,1,1/0:876122046/876122048 [ 639.509467][T16697] tipc: Failed to remove unknown binding: 66,1,1/0:876122046/876122048 [ 639.529144][T16697] tipc: Failed to remove unknown binding: 66,1,1/0:876122046/876122048 [ 641.280181][T16743] 9pnet_fd: Insufficient options for proto=fd [ 641.448376][T16748] loop1: detected capacity change from 0 to 2048 [ 641.457852][ T8] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 641.573593][T16748] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 641.653078][ T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 641.671026][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 641.684398][ T8] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 641.693550][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 641.724086][ T8] usb 5-1: config 0 descriptor?? [ 641.737152][ T8] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 642.019306][T16760] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 642.326826][ T5834] usb 5-1: USB disconnect, device number 4 [ 642.560122][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 644.038420][T16780] overlayfs: missing 'workdir' [ 644.789201][T16800] loop1: detected capacity change from 0 to 256 [ 644.951579][T16800] syz.1.4587: attempt to access beyond end of device [ 644.951579][T16800] loop1: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 645.718715][T16826] overlayfs: missing 'lowerdir' [ 647.270424][T16890] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4632'. [ 647.907102][T16916] 9pnet_fd: Insufficient options for proto=fd [ 648.233430][T16928] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4650'. [ 648.261874][T16928] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4650'. [ 648.610343][T16940] 9pnet_fd: Insufficient options for proto=fd [ 649.999434][T16963] loop4: detected capacity change from 0 to 512 [ 650.015882][T16965] 9pnet_fd: Insufficient options for proto=fd [ 650.132310][T16963] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 650.167116][T16963] ext4 filesystem being mounted at /301/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 650.405306][T13992] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 651.801193][T17015] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4688'. [ 653.249569][T17055] netlink: 596 bytes leftover after parsing attributes in process `syz.1.4709'. [ 654.891772][T17074] loop1: detected capacity change from 0 to 512 [ 654.964714][T17074] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 655.022626][T17074] ext4 filesystem being mounted at /1148/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 655.188083][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 656.794206][T17104] 9pnet_fd: Insufficient options for proto=fd [ 657.361142][T17121] netlink: 596 bytes leftover after parsing attributes in process `syz.0.4738'. [ 657.478709][T17124] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4740'. [ 657.649422][T17130] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 657.684677][T17134] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4745'. [ 658.020652][T17144] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4748'. [ 659.143004][ T27] audit: type=1800 audit(1763488857.596:293): pid=17158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4753" name="blkio.bfq.group_wait_time" dev="overlay" ino=2041 res=0 errno=0 [ 659.578719][T17173] loop4: detected capacity change from 0 to 1024 [ 659.596676][T17173] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 659.631172][T17173] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 659.759171][T17173] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 659.794661][T17173] System zones: 0-1, 4-36, 102-102 [ 659.822913][T17173] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 659.970618][T13992] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 667.118489][T17249] loop1: detected capacity change from 0 to 256 [ 667.216445][T17249] FAT-fs (loop1): Directory bread(block 64) failed [ 667.248671][T17249] FAT-fs (loop1): Directory bread(block 65) failed [ 667.255504][T17249] FAT-fs (loop1): Directory bread(block 66) failed [ 667.262311][T17249] FAT-fs (loop1): Directory bread(block 67) failed [ 667.269014][T17249] FAT-fs (loop1): Directory bread(block 68) failed [ 667.275728][T17249] FAT-fs (loop1): Directory bread(block 69) failed [ 667.282473][T17249] FAT-fs (loop1): Directory bread(block 70) failed [ 667.289052][T17249] FAT-fs (loop1): Directory bread(block 71) failed [ 667.295810][T17249] FAT-fs (loop1): Directory bread(block 72) failed [ 667.302469][T17249] FAT-fs (loop1): Directory bread(block 73) failed [ 669.227364][T17292] loop2: detected capacity change from 0 to 1024 [ 669.311363][T17292] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 669.354218][ T27] audit: type=1800 audit(1763488867.816:294): pid=17292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4806" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 669.526915][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 669.704858][T17306] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 669.930313][T17315] overlayfs: failed to clone lowerpath [ 669.939723][T17315] overlayfs: failed to clone lowerpath [ 673.072933][T17370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4837'. [ 674.147992][T17395] loop1: detected capacity change from 0 to 512 [ 674.193698][T17395] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 674.233528][T17395] ext4 filesystem being mounted at /1182/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 674.376335][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 678.161425][T17491] netlink: 156 bytes leftover after parsing attributes in process `syz.4.4894'. [ 678.181131][T17491] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4894'. [ 678.190361][T17491] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4894'. [ 684.382900][T17597] 9pnet: Could not find request transport: 0xffffffffffffffff [ 685.031924][T17611] 9pnet: Could not find request transport: 0xffffffffffffffff [ 685.263757][T17624] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4948'. [ 686.523184][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.529619][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.447127][T17667] ptrace attach of "./syz-executor exec"[5792] was attempted by " [ 690.021663][T17719] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4991'. [ 690.612256][ T5861] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 690.620267][T17731] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9) [ 690.620339][T17731] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 690.627485][T17731] vhci_hcd vhci_hcd.0: Device attached [ 691.490952][T17732] vhci_hcd: connection closed [ 691.494046][ T49] vhci_hcd: stop threads [ 691.514968][ T49] vhci_hcd: release socket [ 691.529512][ T49] vhci_hcd: disconnect device [ 691.551294][ T5861] usb 3-1: Using ep0 maxpacket: 16 [ 691.576051][ T5861] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 691.601253][ T8] usb 35-1: new high-speed USB device number 2 using vhci_hcd [ 691.610065][ T5861] usb 3-1: config 0 interface 0 has no altsetting 0 [ 691.622177][ T8] usb 35-1: enqueue for inactive port 0 [ 691.628582][ T5861] usb 3-1: New USB device found, idVendor=044f, idProduct=b304, bcdDevice= 0.00 [ 691.640580][ T5861] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 691.655812][ T5861] usb 3-1: config 0 descriptor?? [ 691.711596][ T8] vhci_hcd: vhci_device speed not set [ 692.231904][ T5861] usbhid 3-1:0.0: can't add hid device: -71 [ 692.244072][ T5861] usbhid: probe of 3-1:0.0 failed with error -71 [ 692.269052][ T5861] usb 3-1: USB disconnect, device number 4 [ 694.303095][T17776] 9pnet: Could not find request transport: 0xffffffffffffffff [ 694.578730][ T27] audit: type=1326 audit(1763488893.036:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17792 comm="syz.0.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 694.654257][ T27] audit: type=1326 audit(1763488893.066:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17792 comm="syz.0.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 695.150311][ T27] audit: type=1326 audit(1763488893.606:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17792 comm="syz.0.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 695.211041][ T27] audit: type=1326 audit(1763488893.606:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17792 comm="syz.0.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 695.233545][ C0] vkms_vblank_simulate: vblank timer overrun [ 695.431731][T17820] 9pnet_fd: Insufficient options for proto=fd [ 695.487770][T17819] 9pnet: Could not find request transport: 0xffffffffffffffff [ 696.644156][T17841] tipc: Failed to remove unknown binding: 66,1,1/0:1781642554/1781642556 [ 696.992898][T17855] loop2: detected capacity change from 0 to 128 [ 697.046882][T17855] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 697.062999][T17855] ext4 filesystem being mounted at /1205/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 697.219303][ T5800] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 698.265756][ T27] audit: type=1326 audit(1763488896.726:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17893 comm="syz.4.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 698.321302][ T27] audit: type=1326 audit(1763488896.726:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17893 comm="syz.4.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 698.383670][ T27] audit: type=1326 audit(1763488896.746:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17893 comm="syz.4.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 698.409854][ T27] audit: type=1326 audit(1763488896.746:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17893 comm="syz.4.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 699.295758][ T27] audit: type=1326 audit(1763488897.756:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17924 comm="syz.1.5080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 699.570084][ T27] audit: type=1326 audit(1763488897.776:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17924 comm="syz.1.5080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 699.593684][ T27] audit: type=1326 audit(1763488897.826:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17924 comm="syz.1.5080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 700.115055][ T27] audit: type=1326 audit(1763488898.566:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17924 comm="syz.1.5080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 700.165424][ T27] audit: type=1326 audit(1763488898.576:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17924 comm="syz.1.5080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 701.143438][ T27] audit: type=1326 audit(1763488899.606:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17981 comm="syz.0.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 701.227444][ T27] audit: type=1326 audit(1763488899.626:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17981 comm="syz.0.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 701.304443][ T27] audit: type=1326 audit(1763488899.626:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17981 comm="syz.0.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 701.328197][ T27] audit: type=1326 audit(1763488899.626:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17981 comm="syz.0.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 701.652237][T17992] qnx4: no qnx4 filesystem (no root dir). [ 703.872425][T18025] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5125'. [ 703.885010][T18025] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5125'. [ 704.197023][T18035] netlink: 'syz.4.5129': attribute type 4 has an invalid length. [ 704.251101][T18035] netlink: 17 bytes leftover after parsing attributes in process `syz.4.5129'. [ 708.339499][T18151] loop1: detected capacity change from 0 to 128 [ 708.409049][T18151] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 708.519068][T18151] ext4 filesystem being mounted at /1263/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 708.710997][ T5796] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 708.728408][T18165] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5187'. [ 708.739740][T18165] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5187'. [ 709.222050][ T6143] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 709.426833][ T6143] usb 2-1: config 0 has no interfaces? [ 709.439743][ T6143] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 709.460078][ T6143] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 709.479850][ T6143] usb 2-1: Product: syz [ 709.491012][ T6143] usb 2-1: Manufacturer: syz [ 709.495707][ T6143] usb 2-1: SerialNumber: syz [ 709.532210][ T6143] usb 2-1: config 0 descriptor?? [ 709.752552][ T6143] usb 2-1: USB disconnect, device number 7 [ 711.918861][T18260] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5231'. [ 712.031087][ T5841] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 712.245235][ T5841] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 712.256212][ T5841] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint descriptor of length 2, skipping [ 712.277746][ T5841] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 712.301270][ T5841] usb 3-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae [ 712.310408][ T5841] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 712.322260][ T5841] usb 3-1: Product: syz [ 712.326516][ T5841] usb 3-1: Manufacturer: syz [ 712.332943][ T5841] usb 3-1: SerialNumber: syz [ 712.345890][ T5841] usb 3-1: config 0 descriptor?? [ 712.495060][T18276] fuse: Bad value for 'user_id' [ 712.690752][ T6143] usb 3-1: USB disconnect, device number 5 [ 712.799823][T18286] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5244'. [ 712.809146][T18286] bond0: entered promiscuous mode [ 712.814996][T18286] bond_slave_0: entered promiscuous mode [ 712.821208][T18286] bond_slave_1: entered promiscuous mode [ 712.828811][T18286] bond0: entered allmulticast mode [ 712.834606][T18286] bond_slave_0: entered allmulticast mode [ 712.840409][T18286] bond_slave_1: entered allmulticast mode [ 713.219944][ T27] audit: type=1326 audit(1763488911.676:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18304 comm="syz.4.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 713.285739][ T27] audit: type=1326 audit(1763488911.676:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18304 comm="syz.4.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 713.355303][ T27] audit: type=1326 audit(1763488911.706:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18304 comm="syz.4.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 714.502299][ T27] audit: type=1326 audit(1763488912.956:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18304 comm="syz.4.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 714.580990][ T27] audit: type=1326 audit(1763488912.956:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18304 comm="syz.4.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 716.068660][ T27] audit: type=1326 audit(1763488914.526:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18349 comm="syz.2.5270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 716.103945][ T27] audit: type=1326 audit(1763488914.556:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18349 comm="syz.2.5270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 716.132481][ T27] audit: type=1326 audit(1763488914.556:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18349 comm="syz.2.5270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 718.964089][T18366] netlink: 'syz.4.5274': attribute type 4 has an invalid length. [ 719.112365][T18367] netlink: 'syz.4.5274': attribute type 4 has an invalid length. [ 720.314042][T18394] loop2: detected capacity change from 0 to 512 [ 720.342029][T18394] EXT4-fs: Ignoring removed mblk_io_submit option [ 720.348573][T18394] EXT4-fs: inline encryption not supported [ 720.377317][T18394] EXT4-fs: Ignoring removed mblk_io_submit option [ 720.385832][T18394] EXT4-fs (loop2): Test dummy encryption mode enabled [ 720.395030][T18394] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 720.436606][T18394] EXT4-fs (loop2): 1 truncate cleaned up [ 720.446711][T18394] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 720.608735][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 722.585839][T18419] netlink: 192 bytes leftover after parsing attributes in process `syz.0.5297'. [ 722.703597][T18426] netlink: 'syz.0.5299': attribute type 4 has an invalid length. [ 722.825172][T18427] netlink: 'syz.0.5299': attribute type 4 has an invalid length. [ 723.783734][T18441] netlink: 104 bytes leftover after parsing attributes in process `syz.0.5306'. [ 729.602415][T18576] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5369'. [ 729.855206][T18591] netlink: 104 bytes leftover after parsing attributes in process `syz.1.5375'. [ 730.846152][T18631] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5394'. [ 731.985419][T18654] loop1: detected capacity change from 0 to 512 [ 732.012405][T18654] EXT4-fs: Ignoring removed nomblk_io_submit option [ 732.019102][T18654] EXT4-fs: Ignoring removed nomblk_io_submit option [ 732.044291][T18654] EXT4-fs: Ignoring removed i_version option [ 732.077330][T18654] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a816c099, mo2=0002] [ 732.091246][T18654] System zones: 1-12 [ 732.116805][T18654] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2249: inode #15: comm syz.1.5403: corrupted in-inode xattr: invalid ea_ino [ 732.189025][T18654] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.5403: couldn't read orphan inode 15 (err -117) [ 732.252813][T18654] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 732.426031][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 732.642854][ T27] audit: type=1326 audit(1763488931.106:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18663 comm="syz.1.5408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 732.690950][ T27] audit: type=1326 audit(1763488931.106:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18663 comm="syz.1.5408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 732.730953][ T27] audit: type=1326 audit(1763488931.106:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18663 comm="syz.1.5408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fef78f8e32a code=0x7ffc0000 [ 732.771651][ T27] audit: type=1326 audit(1763488931.106:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18663 comm="syz.1.5408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fef78fc1f85 code=0x7ffc0000 [ 732.845363][ T27] audit: type=1326 audit(1763488931.306:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18663 comm="syz.1.5408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 732.890966][ T27] audit: type=1326 audit(1763488931.306:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18663 comm="syz.1.5408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 733.396863][T18678] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5415'. [ 733.784534][T18691] tmpfs: Unknown parameter 'm' [ 736.724343][ T27] audit: type=1326 audit(1763488935.186:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18783 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 736.725928][T18786] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5464'. [ 736.752934][ T27] audit: type=1326 audit(1763488935.206:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18783 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 736.789130][ T27] audit: type=1326 audit(1763488935.206:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18783 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2ea338e32a code=0x7ffc0000 [ 736.817863][ T27] audit: type=1326 audit(1763488935.206:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18783 comm="syz.0.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2ea33c1f85 code=0x7ffc0000 [ 738.011162][ T5834] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 738.195597][ T5834] usb 3-1: config 0 has an invalid interface number: 133 but max is 0 [ 738.215708][ T5834] usb 3-1: config 0 has no interface number 0 [ 738.235231][ T5834] usb 3-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 738.256820][ T5834] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 738.275399][ T5834] usb 3-1: Product: syz [ 738.283701][ T5834] usb 3-1: Manufacturer: syz [ 738.294375][ T5834] usb 3-1: SerialNumber: syz [ 738.323850][ T5834] usb 3-1: config 0 descriptor?? [ 738.555012][ T5834] keyspan 3-1:0.133: Keyspan 1 port adapter converter detected [ 738.587032][ T5834] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 81 [ 738.621252][ T5834] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 1 [ 738.633567][ T5834] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 2 [ 738.647201][ T5834] usb 3-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 738.689791][ T5834] usb 3-1: USB disconnect, device number 6 [ 738.919995][ T5834] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 739.113732][ T5834] keyspan 3-1:0.133: device disconnected [ 741.584311][T18921] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5526'. [ 743.167018][T18956] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 745.337270][T19012] netlink: 68 bytes leftover after parsing attributes in process `syz.1.5575'. [ 745.998996][T19036] befs: (nullb0): invalid magic header [ 747.795694][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.802187][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.933694][T19090] netlink: 76 bytes leftover after parsing attributes in process `syz.2.5600'. [ 747.973413][T19090] netlink: 76 bytes leftover after parsing attributes in process `syz.2.5600'. [ 748.198325][T19097] netlink: 'syz.2.5603': attribute type 4 has an invalid length. [ 749.512859][T19123] befs: (nullb0): invalid magic header [ 750.849915][ T787] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 751.718508][ T787] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 751.742086][ T787] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 751.760068][ T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 751.772100][ T787] usb 3-1: config 0 descriptor?? [ 751.783254][ T787] pwc: Askey VC010 type 2 USB webcam detected. [ 751.992190][ T787] pwc: send_video_command error -71 [ 752.012461][ T787] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 752.028567][ T787] Philips webcam: probe of 3-1:0.0 failed with error -71 [ 752.051430][ T787] usb 3-1: USB disconnect, device number 7 [ 752.236348][T19174] netlink: 'syz.0.5637': attribute type 4 has an invalid length. [ 752.287083][T19178] netlink: 'syz.4.5638': attribute type 4 has an invalid length. [ 752.331718][T19180] netlink: 'syz.4.5638': attribute type 4 has an invalid length. [ 752.571058][ T787] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 752.773241][ T787] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 752.791823][ T787] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 752.809423][ T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 752.850784][ T787] usb 3-1: config 0 descriptor?? [ 752.899140][ T787] pwc: Askey VC010 type 2 USB webcam detected. [ 752.999621][T19198] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5644'. [ 753.152805][T19201] overlayfs: failed to clone upperpath [ 753.282423][ T787] pwc: recv_control_msg error -32 req 02 val 2b00 [ 753.296990][ T787] pwc: recv_control_msg error -32 req 02 val 2700 [ 753.314216][ T787] pwc: recv_control_msg error -32 req 02 val 2c00 [ 753.331663][ T787] pwc: recv_control_msg error -32 req 04 val 1000 [ 753.351310][ T787] pwc: recv_control_msg error -32 req 04 val 1300 [ 753.371056][ T787] pwc: recv_control_msg error -32 req 04 val 1400 [ 753.401128][ T787] pwc: recv_control_msg error -32 req 02 val 2000 [ 753.408600][ T787] pwc: recv_control_msg error -32 req 02 val 2100 [ 753.424154][ T787] pwc: recv_control_msg error -32 req 04 val 1500 [ 753.432488][ T787] pwc: recv_control_msg error -32 req 02 val 2500 [ 753.451079][ T787] pwc: recv_control_msg error -32 req 02 val 2400 [ 753.456837][T19207] netlink: 'syz.1.5648': attribute type 4 has an invalid length. [ 753.458700][ T787] pwc: recv_control_msg error -32 req 02 val 2600 [ 753.694194][ T787] pwc: recv_control_msg error -71 req 02 val 2800 [ 753.707894][ T787] pwc: recv_control_msg error -71 req 04 val 1100 [ 753.720599][ T787] pwc: recv_control_msg error -71 req 04 val 1200 [ 753.746022][ T787] pwc: Registered as video103. [ 753.774364][ T787] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input7 [ 753.845590][ T787] usb 3-1: USB disconnect, device number 8 [ 754.083145][T19218] loop1: detected capacity change from 0 to 1024 [ 754.392447][T19218] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 754.408295][T19218] ext4 filesystem being mounted at /1378/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 754.921783][T19218] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.5652: inode has both inline data and extents flags [ 755.039584][T19218] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.5652: inode has both inline data and extents flags [ 755.177594][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 755.359053][T19244] 9p: Unknown Cache mode or invalid value f [ 755.628897][T19257] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5667'. [ 756.677242][T19268] loop2: detected capacity change from 0 to 1024 [ 756.781105][T19271] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 757.625634][T19268] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 757.665381][T19268] ext4 filesystem being mounted at /1343/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 757.708642][T19268] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.5670: inode has both inline data and extents flags [ 757.769482][T19268] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.5670: inode has both inline data and extents flags [ 758.274608][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 759.554915][T19292] netlink: 'syz.4.5677': attribute type 4 has an invalid length. [ 760.616562][T19338] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5698'. [ 761.353697][T19365] loop2: detected capacity change from 0 to 128 [ 761.430527][T19365] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 761.476761][T19365] ext4 filesystem being mounted at /1355/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 761.621979][ T5800] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 763.745064][T19421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5735'. [ 765.581148][T19451] loop1: detected capacity change from 0 to 1024 [ 765.581432][T19453] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5750'. [ 765.624022][T19451] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 765.649410][T19451] ext4 filesystem being mounted at /1395/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 765.731845][T19451] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.5749: inode has both inline data and extents flags [ 765.821294][T19451] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.5749: inode has both inline data and extents flags [ 765.985703][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 771.404701][T19535] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5783'. [ 771.833661][T19538] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5784'. [ 772.890672][T19543] overlayfs: missing 'lowerdir' [ 774.741299][ T27] kauditd_printk_skb: 2 callbacks suppressed [ 774.741320][ T27] audit: type=1326 audit(1763488973.186:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19595 comm="syz.1.5819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 774.871050][ T27] audit: type=1326 audit(1763488973.186:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19595 comm="syz.1.5819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 775.701717][T19607] overlayfs: failed to resolve './bus': -2 [ 776.003278][T19616] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5816'. [ 777.472334][T19630] loop2: detected capacity change from 0 to 256 [ 777.796259][T19636] netlink: 156 bytes leftover after parsing attributes in process `syz.4.5823'. [ 777.878951][T19636] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5823'. [ 777.917057][T19636] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5823'. [ 779.177243][T19678] 9pnet_fd: Insufficient options for proto=fd [ 780.130191][T19683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5846'. [ 783.330665][T19745] loop2: detected capacity change from 0 to 128 [ 783.364234][T19745] EXT4-fs: Ignoring removed nobh option [ 783.432495][T19745] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 783.456132][T19745] ext4 filesystem being mounted at /1394/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 783.484426][T19743] netlink: 268 bytes leftover after parsing attributes in process `syz.4.5871'. [ 783.716956][ T5800] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 788.268754][T19830] netlink: 268 bytes leftover after parsing attributes in process `syz.0.5907'. [ 788.409544][T19834] loop1: detected capacity change from 0 to 128 [ 789.876544][T19865] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5924'. [ 791.444563][T19886] loop1: detected capacity change from 0 to 512 [ 791.897480][T19886] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 792.091944][T19886] ext4 filesystem being mounted at /1440/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 792.344572][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 792.936033][T19905] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 792.958681][T19905] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 792.996151][T19909] loop1: detected capacity change from 0 to 128 [ 794.892798][T19934] overlayfs: missing 'lowerdir' [ 795.154091][T19944] netlink: 192 bytes leftover after parsing attributes in process `syz.0.5957'. [ 798.084653][T20019] netlink: 112 bytes leftover after parsing attributes in process `syz.4.5992'. [ 798.831761][T20036] loop2: detected capacity change from 0 to 256 [ 799.306574][T20043] overlayfs: failed to resolve './file0': -2 [ 800.342919][ T27] audit: type=1326 audit(1763488998.796:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20068 comm="syz.2.6013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 800.381735][T20071] netlink: 156 bytes leftover after parsing attributes in process `syz.0.6015'. [ 800.397211][ T27] audit: type=1326 audit(1763488998.806:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20068 comm="syz.2.6013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 800.432233][T20071] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6015'. [ 800.452960][ T27] audit: type=1326 audit(1763488998.806:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20068 comm="syz.2.6013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 800.478169][T20071] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6015'. [ 800.525745][ T27] audit: type=1326 audit(1763488998.806:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20068 comm="syz.2.6013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 800.602256][ T27] audit: type=1326 audit(1763488998.806:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20068 comm="syz.2.6013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 800.674338][ T27] audit: type=1326 audit(1763488998.806:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20068 comm="syz.2.6013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 800.731350][ T27] audit: type=1326 audit(1763488998.806:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20068 comm="syz.2.6013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 800.790780][ T27] audit: type=1326 audit(1763488998.806:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20068 comm="syz.2.6013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 800.874429][ T27] audit: type=1326 audit(1763488998.826:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20068 comm="syz.2.6013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 800.929267][ T27] audit: type=1326 audit(1763488998.826:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20068 comm="syz.2.6013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 801.781366][T20087] overlayfs: missing 'lowerdir' [ 804.019715][T20133] loop2: detected capacity change from 0 to 1024 [ 805.207940][T20149] loop2: detected capacity change from 0 to 512 [ 805.283436][T20149] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 805.316377][T20149] ext4 filesystem being mounted at /1437/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 805.515003][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 806.416997][T20185] netlink: 48 bytes leftover after parsing attributes in process `syz.2.6062'. [ 809.311819][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.318273][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 810.761749][T20227] overlayfs: missing 'lowerdir' [ 813.049096][T20292] netlink: 56 bytes leftover after parsing attributes in process `syz.4.6107'. [ 813.179606][T20297] netlink: 'syz.4.6110': attribute type 4 has an invalid length. [ 813.202985][T20297] netlink: 'syz.4.6110': attribute type 5 has an invalid length. [ 813.226460][T20297] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.6110'. [ 814.456512][T20334] 9pnet_fd: Insufficient options for proto=fd [ 815.687338][T20371] mmap: syz.0.6150 (20371): VmData 49209344 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 816.455219][T20389] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6149'. [ 818.131687][T20431] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6170'. [ 822.441982][T20506] loop1: detected capacity change from 0 to 1024 [ 823.799826][T20533] loop1: detected capacity change from 0 to 512 [ 823.822174][T20533] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 823.891919][T20533] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 823.980256][T20533] ext4 filesystem being mounted at /1511/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 824.088977][T20533] EXT4-fs error (device loop1): ext4_do_update_inode:5244: inode #2: comm syz.1.6211: corrupted inode contents [ 824.137379][T20533] EXT4-fs error (device loop1): ext4_dirty_inode:6120: inode #2: comm syz.1.6211: mark_inode_dirty error [ 824.185078][T20533] EXT4-fs error (device loop1): ext4_do_update_inode:5244: inode #2: comm syz.1.6211: corrupted inode contents [ 824.217632][T20533] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.6211: mark_inode_dirty error [ 824.335652][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 827.142036][T20590] netlink: 'syz.4.6233': attribute type 4 has an invalid length. [ 827.161972][T20590] netlink: 'syz.4.6233': attribute type 4 has an invalid length. [ 827.775506][T20608] Bluetooth: MGMT ver 1.22 [ 835.306036][T20676] loop2: detected capacity change from 0 to 1024 [ 835.363968][T20676] EXT4-fs: Ignoring removed nomblk_io_submit option [ 835.402017][T20676] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c815c01c, mo2=0003] [ 835.474436][T20676] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 835.630165][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 836.560777][T20705] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6279'. [ 837.507983][T20722] overlayfs: failed to resolve './file1/file0': -2 [ 837.914311][T20734] loop1: detected capacity change from 0 to 1024 [ 837.932085][T20734] EXT4-fs: Ignoring removed nomblk_io_submit option [ 838.015105][T20734] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c815c01c, mo2=0003] [ 838.038952][T20734] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 838.195697][T20745] 9pnet_fd: Insufficient options for proto=fd [ 838.250015][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 838.828564][T20764] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6306'. [ 839.240705][T20774] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6311'. [ 839.256243][T20775] overlayfs: failed to clone upperpath [ 841.043471][T20834] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 841.626433][T20854] loop2: detected capacity change from 0 to 1024 [ 841.649333][T20854] EXT4-fs: Ignoring removed nomblk_io_submit option [ 841.733301][T20854] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c815c01c, mo2=0003] [ 841.822096][T20854] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 841.980456][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 846.739115][T20949] overlayfs: failed to resolve './file0': -2 [ 847.720084][T20983] loop1: detected capacity change from 0 to 512 [ 847.732078][T20983] EXT4-fs: Ignoring removed mblk_io_submit option [ 847.741007][T20983] EXT4-fs: inline encryption not supported [ 847.746955][T20983] EXT4-fs: Ignoring removed mblk_io_submit option [ 847.777196][T20983] EXT4-fs (loop1): Test dummy encryption mode enabled [ 847.803610][T20983] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 847.841591][T20983] EXT4-fs (loop1): 1 truncate cleaned up [ 847.849977][T20983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 848.086741][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 849.120664][T21006] netlink: 72 bytes leftover after parsing attributes in process `syz.0.6414'. [ 849.619486][T21020] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6420'. [ 849.822651][T21028] loop1: detected capacity change from 0 to 512 [ 849.864979][T21028] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.6423: inode has both inline data and extents flags [ 849.929524][T21028] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.6423: couldn't read orphan inode 15 (err -117) [ 850.006629][T21028] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 850.210601][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 850.963352][T21057] netlink: 'syz.1.6431': attribute type 3 has an invalid length. [ 850.971284][T21057] netlink: 558 bytes leftover after parsing attributes in process `syz.1.6431'. [ 852.194256][T21092] 9pnet_fd: Insufficient options for proto=fd [ 852.449123][T21100] netlink: 'syz.4.6456': attribute type 4 has an invalid length. [ 852.469799][T21100] netlink: 17 bytes leftover after parsing attributes in process `syz.4.6456'. [ 852.731540][ T5834] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 852.950995][ T5834] usb 3-1: Using ep0 maxpacket: 16 [ 852.957376][T21119] overlayfs: failed to clone upperpath [ 852.963997][ T5834] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 852.983654][ T5834] usb 3-1: config 0 interface 0 has no altsetting 0 [ 853.011828][ T5834] usb 3-1: New USB device found, idVendor=044f, idProduct=b304, bcdDevice= 0.00 [ 853.041474][ T5834] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 853.060054][ T5834] usb 3-1: config 0 descriptor?? [ 853.290323][ T5834] usbhid 3-1:0.0: can't add hid device: -71 [ 853.309736][ T5834] usbhid: probe of 3-1:0.0 failed with error -71 [ 853.329755][ T5834] usb 3-1: USB disconnect, device number 9 [ 853.509282][ T27] audit: type=1326 audit(1763489051.966:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 853.544183][ T27] audit: type=1326 audit(1763489051.986:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 853.575764][ T27] audit: type=1326 audit(1763489051.996:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2ea338df10 code=0x7ffc0000 [ 853.605282][ T27] audit: type=1326 audit(1763489051.996:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2ea338df10 code=0x7ffc0000 [ 853.631105][ T27] audit: type=1326 audit(1763489051.996:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 853.655118][ T27] audit: type=1326 audit(1763489051.996:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 853.678279][ T27] audit: type=1326 audit(1763489052.006:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 853.750992][ T27] audit: type=1326 audit(1763489052.006:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 853.808885][ T27] audit: type=1326 audit(1763489052.006:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 853.853962][ T27] audit: type=1326 audit(1763489052.006:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.0.6474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 855.156536][T21161] netlink: 596 bytes leftover after parsing attributes in process `syz.2.6483'. [ 856.444554][T21211] batadv_slave_1: entered promiscuous mode [ 856.452421][T21210] batadv_slave_1: left promiscuous mode [ 858.792733][T21248] netlink: 3744 bytes leftover after parsing attributes in process `syz.2.6524'. [ 858.853211][T21252] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6526'. [ 858.995916][T21258] loop2: detected capacity change from 0 to 512 [ 859.080251][T21258] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002] [ 859.106779][T21258] System zones: 1-12 [ 859.126535][T21258] EXT4-fs error (device loop2): dx_probe:823: inode #2: comm syz.2.6528: Directory hole found for htree index block 0 [ 859.170761][T21258] EXT4-fs (loop2): Remounting filesystem read-only [ 859.207557][T21258] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 859.221852][T21258] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 859.241243][T21258] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 860.331619][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 860.505840][T21280] loop2: detected capacity change from 0 to 512 [ 860.571832][T21280] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.6534: inode has both inline data and extents flags [ 860.624935][T21280] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.6534: couldn't read orphan inode 15 (err -117) [ 860.674446][T21280] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 860.680068][T21289] netlink: 116 bytes leftover after parsing attributes in process `syz.4.6539'. [ 860.825797][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 860.968883][ T27] kauditd_printk_skb: 11 callbacks suppressed [ 860.968901][ T27] audit: type=1800 audit(1763489059.426:365): pid=21291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6541" name="cpuacct.usage_percpu" dev="overlay" ino=9679 res=0 errno=0 [ 863.096369][T21335] netlink: 3744 bytes leftover after parsing attributes in process `syz.0.6561'. [ 870.509862][T21517] 9pnet_fd: Insufficient options for proto=fd [ 870.676227][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.682746][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.025689][T21539] netlink: 120 bytes leftover after parsing attributes in process `syz.1.6648'. [ 871.036387][T21539] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6648'. [ 871.057696][T21539] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6648'. [ 871.387112][T21547] netlink: 208 bytes leftover after parsing attributes in process `syz.0.6659'. [ 871.791695][T21562] 9pnet: p9_errstr2errno: server reported unknown error 184467440737 [ 874.358206][T21605] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6674'. [ 876.105208][T21631] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6683'. [ 877.915845][T21661] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6696'. [ 885.033051][T21811] netlink: 288 bytes leftover after parsing attributes in process `syz.4.6760'. [ 889.604778][T21892] --map-set only usable from mangle table [ 894.811089][T21975] loop2: detected capacity change from 0 to 512 [ 894.849236][T21975] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.6827: inode has both inline data and extents flags [ 894.884164][T21975] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.6827: couldn't read orphan inode 15 (err -117) [ 894.955799][T21975] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 895.191861][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 895.608327][T21997] 9pnet_fd: Insufficient options for proto=fd [ 896.498765][T22017] --map-set only usable from mangle table [ 899.222075][ T27] audit: type=1804 audit(1763489097.676:366): pid=22046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.6857" name="bus" dev="ramfs" ino=85505 res=1 errno=0 [ 899.263103][T22046] Invalid ELF header magic: != ELF [ 899.370321][T22050] loop2: detected capacity change from 0 to 512 [ 899.589886][T22050] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 899.605394][T22050] ext4 filesystem being mounted at /1656/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 900.382297][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 900.647149][T22066] netlink: 'syz.2.6861': attribute type 4 has an invalid length. [ 902.778460][T22103] overlayfs: failed to clone upperpath [ 903.365009][T22120] overlayfs: failed to clone upperpath [ 903.574203][T22125] overlayfs: failed to resolve './bus': -2 [ 904.525234][ T27] audit: type=1326 audit(1763489102.316:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22126 comm="syz.0.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 904.665877][ T27] audit: type=1326 audit(1763489102.326:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22126 comm="syz.0.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 904.699084][ T27] audit: type=1326 audit(1763489102.936:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22126 comm="syz.0.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 904.729489][ T27] audit: type=1326 audit(1763489102.946:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22126 comm="syz.0.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 905.361747][T22152] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 906.263464][T22154] loop1: detected capacity change from 0 to 512 [ 906.352974][T22154] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 906.411989][T22154] ext4 filesystem being mounted at /1675/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 906.467743][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 910.903420][T22192] netlink: 76 bytes leftover after parsing attributes in process `syz.1.6916'. [ 912.235242][T22242] netlink: 68 bytes leftover after parsing attributes in process `syz.0.6939'. [ 912.446617][T22254] netlink: 96 bytes leftover after parsing attributes in process `syz.2.6945'. [ 912.703619][T22262] overlayfs: failed to resolve './file1/file0': -2 [ 915.777468][T22307] loop2: detected capacity change from 0 to 512 [ 915.837590][T22307] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 915.864062][T22307] ext4 filesystem being mounted at /1684/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 915.981930][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 919.987581][T22388] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7001'. [ 920.826464][T22416] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7012'. [ 922.409033][T22453] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7027'. [ 928.692204][T22621] 9pnet_fd: Insufficient options for proto=fd [ 929.111382][ T23] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 929.311009][ T23] usb 3-1: Using ep0 maxpacket: 8 [ 929.358216][ T23] usb 3-1: unable to get BOS descriptor or descriptor too short [ 929.379643][ T23] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 929.414301][ T23] usb 3-1: can't read configurations, error -71 [ 932.121844][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.128425][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 933.150629][T22725] overlayfs: failed to clone upperpath [ 933.603761][T22745] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7156'. [ 934.827562][T22790] loop5: detected capacity change from 0 to 7 [ 934.859309][T22790] Dev loop5: unable to read RDB block 7 [ 934.865478][T22790] loop5: unable to read partition table [ 934.891169][T22790] loop5: partition table beyond EOD, truncated [ 934.915176][T22790] loop_reread_partitions: partition scan of loop5 (ъщ) failed (rc=-5) [ 936.785442][T22861] Illegal XDP return value 4294967274 on prog (id 330) dev N/A, expect packet loss! [ 941.535163][T22975] netlink: 'syz.2.7258': attribute type 4 has an invalid length. [ 943.112922][T22998] netlink: 140 bytes leftover after parsing attributes in process `syz.1.7267'. [ 944.707125][T23029] overlayfs: failed to clone upperpath [ 945.121153][T23037] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7284'. [ 946.253988][T23062] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7297'. [ 946.880635][T23075] overlayfs: conflicting lowerdir path [ 947.742065][T23101] overlayfs: failed to clone upperpath [ 949.379745][T23141] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7332'. [ 952.169280][ T27] audit: type=1326 audit(1763489150.626:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23189 comm="syz.1.7353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 952.254388][ T27] audit: type=1326 audit(1763489150.626:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23189 comm="syz.1.7353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 952.330712][ T27] audit: type=1326 audit(1763489150.626:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23189 comm="syz.1.7353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 952.374787][T23192] veth0: entered promiscuous mode [ 952.389712][T23192] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7354'. [ 952.411882][ T27] audit: type=1326 audit(1763489150.626:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23189 comm="syz.1.7353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef78f8f6c9 code=0x7ffc0000 [ 952.453779][T23192] veth0 (unregistering): left promiscuous mode [ 954.491135][ T6143] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 954.681783][ T6143] usb 3-1: Using ep0 maxpacket: 16 [ 954.689542][ T6143] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 954.703722][ T6143] usb 3-1: config 0 interface 0 has no altsetting 0 [ 954.710460][ T6143] usb 3-1: New USB device found, idVendor=044f, idProduct=b304, bcdDevice= 0.00 [ 954.766998][ T6143] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 954.804863][ T6143] usb 3-1: config 0 descriptor?? [ 955.023987][ T6143] usbhid 3-1:0.0: can't add hid device: -71 [ 955.036411][ T6143] usbhid: probe of 3-1:0.0 failed with error -71 [ 955.056694][ T6143] usb 3-1: USB disconnect, device number 12 [ 955.853956][T23275] netlink: 36 bytes leftover after parsing attributes in process `syz.0.7397'. [ 959.680366][T23332] loop2: detected capacity change from 0 to 128 [ 959.706731][T23332] EXT4-fs (loop2): Test dummy encryption mode enabled [ 959.844655][T23338] netlink: 'syz.4.7416': attribute type 4 has an invalid length. [ 959.945645][T23332] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 959.971740][T23332] ext4 filesystem being mounted at /1783/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 960.869879][ T5800] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 962.330905][ T27] audit: type=1326 audit(1763489160.786:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23375 comm="syz.4.7430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 962.371828][ T27] audit: type=1326 audit(1763489160.796:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23375 comm="syz.4.7430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 962.518945][T23386] netlink: 156 bytes leftover after parsing attributes in process `syz.4.7434'. [ 963.700712][T23415] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 963.718837][T23415] overlayfs: missing 'lowerdir' [ 966.490906][ T27] audit: type=1326 audit(1763489164.926:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 966.560935][ T27] audit: type=1326 audit(1763489164.926:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 966.664563][ T27] audit: type=1326 audit(1763489164.926:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 966.734119][ T27] audit: type=1326 audit(1763489164.926:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 966.773708][ T27] audit: type=1326 audit(1763489164.936:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 966.923848][ T27] audit: type=1326 audit(1763489164.936:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 967.466706][ T27] audit: type=1326 audit(1763489164.936:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 967.497627][ T27] audit: type=1326 audit(1763489164.936:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 967.526028][ T27] audit: type=1326 audit(1763489164.936:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 967.557654][ T27] audit: type=1326 audit(1763489164.936:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 967.635660][ T27] audit: type=1326 audit(1763489164.936:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2ea338f703 code=0x7ffc0000 [ 967.658204][ T27] audit: type=1326 audit(1763489164.936:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2ea338e17f code=0x7ffc0000 [ 967.691176][ T27] audit: type=1326 audit(1763489164.936:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2ea338f757 code=0x7ffc0000 [ 967.751293][ T27] audit: type=1326 audit(1763489164.946:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2ea338df10 code=0x7ffc0000 [ 967.811114][ T27] audit: type=1326 audit(1763489164.946:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2ea338e32a code=0x7ffc0000 [ 967.824911][T23473] loop1: detected capacity change from 0 to 128 [ 967.871927][T23473] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 967.880905][ T27] audit: type=1326 audit(1763489164.946:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23459 comm="syz.0.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ea338f6c9 code=0x7ffc0000 [ 967.939611][T23473] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 977.739135][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 977.739152][ T27] audit: type=1326 audit(1763489176.196:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23665 comm="syz.4.7557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 977.851080][ T27] audit: type=1326 audit(1763489176.246:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23665 comm="syz.4.7557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 977.857718][T23670] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 977.920044][ T27] audit: type=1326 audit(1763489176.246:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23665 comm="syz.4.7557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 977.986310][ T27] audit: type=1326 audit(1763489176.246:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23665 comm="syz.4.7557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 978.080963][ T27] audit: type=1326 audit(1763489176.246:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23665 comm="syz.4.7557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 978.132381][ T27] audit: type=1326 audit(1763489176.246:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23665 comm="syz.4.7557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 978.194711][ T27] audit: type=1326 audit(1763489176.246:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23665 comm="syz.4.7557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 978.262493][ T27] audit: type=1326 audit(1763489176.246:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23665 comm="syz.4.7557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 978.320841][ T27] audit: type=1326 audit(1763489176.246:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23665 comm="syz.4.7557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 978.381787][ T27] audit: type=1326 audit(1763489176.246:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23665 comm="syz.4.7557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 982.078020][T23764] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7599'. [ 982.180032][T23764] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7599'. [ 982.954971][ T27] kauditd_printk_skb: 2 callbacks suppressed [ 982.954989][ T27] audit: type=1326 audit(1763489181.416:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23779 comm="syz.2.7604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 982.983916][T23780] loop2: detected capacity change from 0 to 128 [ 983.035962][T23780] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 983.039576][ T27] audit: type=1326 audit(1763489181.416:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23779 comm="syz.2.7604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 983.071578][T23782] netlink: 'syz.4.7606': attribute type 10 has an invalid length. [ 983.079473][T23782] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7606'. [ 983.101008][ T27] audit: type=1326 audit(1763489181.416:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23779 comm="syz.2.7604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 983.128369][T23780] ext4 filesystem being mounted at /1821/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 983.139219][ T27] audit: type=1326 audit(1763489181.416:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23779 comm="syz.2.7604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f51c518f703 code=0x7ffc0000 [ 983.141525][T23782] dummy0: entered promiscuous mode [ 983.162103][ T27] audit: type=1326 audit(1763489181.416:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23779 comm="syz.2.7604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f51c518e17f code=0x7ffc0000 [ 983.195636][ T27] audit: type=1326 audit(1763489181.426:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23779 comm="syz.2.7604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f51c518f757 code=0x7ffc0000 [ 983.228006][ T27] audit: type=1326 audit(1763489181.426:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23779 comm="syz.2.7604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f51c518df10 code=0x7ffc0000 [ 983.298716][ T27] audit: type=1326 audit(1763489181.426:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23779 comm="syz.2.7604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f51c518f2cb code=0x7ffc0000 [ 983.415035][ T27] audit: type=1326 audit(1763489181.456:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23779 comm="syz.2.7604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f51c518e32a code=0x7ffc0000 [ 983.481053][ T27] audit: type=1326 audit(1763489181.456:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23779 comm="syz.2.7604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f51c518e32a code=0x7ffc0000 [ 983.708271][ T5800] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 983.969434][T23798] fuse: Bad value for 'group_id' [ 986.082676][T23829] 9pnet_fd: Insufficient options for proto=fd [ 987.130625][T23851] 9pnet_fd: Insufficient options for proto=fd [ 988.714865][T23866] netlink: 268 bytes leftover after parsing attributes in process `syz.4.7641'. [ 989.994452][T23896] loop1: detected capacity change from 0 to 256 [ 992.241428][T23925] netlink: 'syz.2.7664': attribute type 10 has an invalid length. [ 992.249430][T23925] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7664'. [ 993.132945][T23945] overlayfs: failed to clone upperpath [ 993.561449][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.567864][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 996.245974][T24020] fuse: Bad value for 'user_id' [ 998.607322][T24096] loop1: detected capacity change from 0 to 1024 [ 998.626412][T24096] EXT4-fs: Ignoring removed nomblk_io_submit option [ 998.641890][T24096] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 998.786266][T24096] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 998.822417][T24096] System zones: 0-1, 3-36 [ 998.853181][T24096] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 998.987558][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1006.334632][T24299] overlayfs: missing 'lowerdir' [ 1011.677401][T24393] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.7871'. [ 1012.013572][T24404] overlayfs: failed to clone upperpath [ 1012.484183][T24414] overlayfs: missing 'lowerdir' [ 1015.874956][T24483] netlink: 120 bytes leftover after parsing attributes in process `syz.2.7914'. [ 1015.884361][T24483] netlink: 32 bytes leftover after parsing attributes in process `syz.2.7914'. [ 1018.085800][T24520] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7930'. [ 1024.042948][T24646] netlink: 'syz.1.7981': attribute type 11 has an invalid length. [ 1024.066525][T24646] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.7981'. [ 1024.953545][T24679] netlink: 52 bytes leftover after parsing attributes in process `syz.0.7997'. [ 1027.623907][T24750] netlink: 'syz.0.8028': attribute type 3 has an invalid length. [ 1033.561273][T24842] loop2: detected capacity change from 0 to 256 [ 1033.574509][T24842] exfat: Deprecated parameter 'namecase' [ 1033.581199][T24842] exfat: Deprecated parameter 'namecase' [ 1033.587100][T24842] exfat: Deprecated parameter 'namecase' [ 1033.614178][T24842] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 1033.695492][T24842] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 1035.707028][T24863] overlayfs: failed to clone upperpath [ 1036.004328][T24874] netlink: 'syz.4.8080': attribute type 4 has an invalid length. [ 1036.031885][T24874] netlink: 'syz.4.8080': attribute type 4 has an invalid length. [ 1040.913309][T24989] overlayfs: failed to clone upperpath [ 1043.670888][T25051] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370 [ 1046.040995][T25089] netlink: 108 bytes leftover after parsing attributes in process `syz.1.8176'. [ 1051.945034][ T6143] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 1052.561996][ T6143] usb 3-1: Using ep0 maxpacket: 8 [ 1052.673575][ T6143] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1052.709548][ T6143] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 1052.726194][ T6143] usb 3-1: can't read configurations, error -71 [ 1052.930232][T25210] netlink: 'syz.4.8230': attribute type 4 has an invalid length. [ 1052.949392][T25210] netlink: 'syz.4.8230': attribute type 5 has an invalid length. [ 1052.958329][T25210] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.8230'. [ 1054.454606][T25228] netlink: 104 bytes leftover after parsing attributes in process `syz.2.8238'. [ 1054.996393][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.003406][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 1056.180956][ T6143] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 1056.381304][ T6143] usb 3-1: Using ep0 maxpacket: 16 [ 1056.394561][ T6143] usb 3-1: config 1 has an invalid interface number: 64 but max is 0 [ 1056.410615][ T6143] usb 3-1: config 1 has no interface number 0 [ 1056.421253][ T6143] usb 3-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 1056.438467][ T6143] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1056.457566][ T6143] usb 3-1: Product: syz [ 1056.467699][ T6143] usb 3-1: Manufacturer: syz [ 1056.477846][ T6143] usb 3-1: SerialNumber: syz [ 1056.579666][ T27] kauditd_printk_skb: 14 callbacks suppressed [ 1056.579717][ T27] audit: type=1326 audit(1763489255.036:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25279 comm="syz.4.8261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 1056.659349][ T27] audit: type=1326 audit(1763489255.036:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25279 comm="syz.4.8261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 1056.689148][ T27] audit: type=1326 audit(1763489255.046:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25279 comm="syz.4.8261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 1056.714284][ T27] audit: type=1326 audit(1763489255.046:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25279 comm="syz.4.8261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c098f6c9 code=0x7ffc0000 [ 1056.746856][ T6143] option 3-1:1.64: GSM modem (1-port) converter detected [ 1056.787980][ T6143] usb 3-1: USB disconnect, device number 15 [ 1056.812439][ T6143] option 3-1:1.64: device disconnected [ 1064.240629][T25478] x_tables: ip_tables: osf match: only valid for protocol 6 [ 1067.781734][T25547] loop2: detected capacity change from 0 to 16 [ 1075.158056][T25648] netlink: 104 bytes leftover after parsing attributes in process `syz.4.8426'. [ 1078.418254][T25703] 9pnet_fd: Insufficient options for proto=fd [ 1078.952914][T25719] overlayfs: missing 'lowerdir' [ 1080.533850][T25755] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1080.550813][T25755] overlayfs: missing 'lowerdir' [ 1087.010516][T25832] 9pnet_fd: Insufficient options for proto=fd [ 1092.216855][T25884] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8528'. [ 1092.604307][T25896] overlayfs: missing 'workdir' [ 1093.551813][T25923] 9pnet: Could not find request transport: f [ 1093.933434][T25940] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8553'. [ 1093.959569][T25940] bridge_slave_1: left promiscuous mode [ 1093.974487][T25940] bridge0: port 2(bridge_slave_1) entered disabled state [ 1093.988556][T25940] bridge_slave_0: left allmulticast mode [ 1094.000125][T25940] bridge_slave_0: left promiscuous mode [ 1094.008023][T25940] bridge0: port 1(bridge_slave_0) entered disabled state [ 1094.558660][T25959] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1094.596615][T25959] overlayfs: missing 'lowerdir' [ 1094.682184][T25961] netlink: 120 bytes leftover after parsing attributes in process `syz.1.8561'. [ 1098.031285][T26027] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 1098.040515][T26027] overlayfs: missing 'lowerdir' [ 1098.318535][T26037] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8593'. [ 1105.584736][T26096] netlink: 104 bytes leftover after parsing attributes in process `syz.0.8617'. [ 1109.836584][T26192] overlayfs: missing 'workdir' [ 1116.840739][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.891300][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 1117.387291][T26285] netlink: 104 bytes leftover after parsing attributes in process `syz.2.8695'. [ 1125.226296][T26380] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8744'. [ 1125.745094][T26400] overlayfs: failed to resolve './file0': -2 [ 1126.486466][T26424] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 1126.927092][T26438] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8765'. [ 1130.047265][T26494] loop2: detected capacity change from 0 to 131072 [ 1130.350002][T26494] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0) [ 1130.358307][T26494] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1130.377155][T26494] F2FS-fs (loop2): invalid crc value [ 1130.418435][T26494] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1130.491531][T26494] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1130.498774][T26494] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 1138.613296][T26590] Invalid ELF header magic: != ELF [ 1139.665196][T26622] loop2: detected capacity change from 0 to 256 [ 1139.853437][T26622] FAT-fs (loop2): Directory bread(block 64) failed [ 1139.873494][T26622] FAT-fs (loop2): Directory bread(block 65) failed [ 1139.904388][T26622] FAT-fs (loop2): Directory bread(block 66) failed [ 1139.931337][T26622] FAT-fs (loop2): Directory bread(block 67) failed [ 1139.951041][T26622] FAT-fs (loop2): Directory bread(block 68) failed [ 1139.964112][T26622] FAT-fs (loop2): Directory bread(block 69) failed [ 1139.978957][T26622] FAT-fs (loop2): Directory bread(block 70) failed [ 1139.989000][T26622] FAT-fs (loop2): Directory bread(block 71) failed [ 1139.996662][T26622] FAT-fs (loop2): Directory bread(block 72) failed [ 1140.010015][T26622] FAT-fs (loop2): Directory bread(block 73) failed [ 1140.043655][T26626] netlink: 708 bytes leftover after parsing attributes in process `syz.4.8845'. [ 1140.122842][T26626] veth3: entered promiscuous mode [ 1140.189312][ T27] audit: type=1800 audit(1763489338.646:434): pid=26622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.8843" name="bus" dev="loop2" ino=1048746 res=0 errno=0 [ 1140.244760][T26622] syz.2.8843: attempt to access beyond end of device [ 1140.244760][T26622] loop2: rw=2049, sector=1800, nr_sectors = 76 limit=256 [ 1140.411895][T26629] netlink: 'syz.4.8846': attribute type 4 has an invalid length. [ 1142.646785][T26655] netlink: 708 bytes leftover after parsing attributes in process `syz.1.8856'. [ 1143.142679][T26655] veth1: entered promiscuous mode [ 1146.779836][T26740] loop2: detected capacity change from 0 to 128 [ 1146.827633][T26740] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1146.861617][T26740] ext4 filesystem being mounted at /2097/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1146.964431][ T5800] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1151.065902][T26812] loop2: detected capacity change from 0 to 256 [ 1151.264609][ T2944] kworker/u4:10: attempt to access beyond end of device [ 1151.264609][ T2944] loop2: rw=1, sector=256, nr_sectors = 4 limit=256 [ 1151.523011][T26821] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1151.566176][T26821] overlayfs: missing 'lowerdir' [ 1155.507417][T26855] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1155.541477][T26855] overlayfs: missing 'lowerdir' [ 1156.986199][T26883] netlink: 68 bytes leftover after parsing attributes in process `syz.1.8949'. [ 1164.877178][T27028] 9pnet_fd: Insufficient options for proto=fd [ 1165.011087][ T787] usb 3-1: new full-speed USB device number 16 using dummy_hcd [ 1165.099455][T27034] netlink: 48 bytes leftover after parsing attributes in process `syz.4.9015'. [ 1165.127049][T27034] netlink: 48 bytes leftover after parsing attributes in process `syz.4.9015'. [ 1165.212820][ T787] usb 3-1: config 0 has no interfaces? [ 1165.227873][ T787] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 1165.248959][ T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1165.275753][ T787] usb 3-1: config 0 descriptor?? [ 1165.539142][ T8] usb 3-1: USB disconnect, device number 16 [ 1172.646348][T27131] tipc: Failed to remove unknown binding: 66,1,1/0:1861784891/1861784893 [ 1177.114950][T27247] 9pnet_fd: Insufficient options for proto=fd [ 1177.961418][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.968106][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 1178.975299][T27275] Cannot find set identified by id 0 to match [ 1179.719202][T27281] loop2: detected capacity change from 0 to 512 [ 1179.793370][T27231] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1180.099960][T27294] overlay: Unknown parameter 'hash' [ 1180.521882][ T27] audit: type=1326 audit(1763489378.976:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27307 comm="syz.2.9110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 1180.624905][ T27] audit: type=1326 audit(1763489378.976:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27307 comm="syz.2.9110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 1180.689354][ T27] audit: type=1326 audit(1763489378.976:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27307 comm="syz.2.9110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 1180.800825][ T27] audit: type=1326 audit(1763489378.976:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27307 comm="syz.2.9110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 1180.843617][ T27] audit: type=1326 audit(1763489378.976:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27307 comm="syz.2.9110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c518f6c9 code=0x7ffc0000 [ 1183.661101][T27363] netlink: 'syz.0.9131': attribute type 4 has an invalid length. [ 1183.683112][T27363] netlink: 17 bytes leftover after parsing attributes in process `syz.0.9131'. [ 1186.197936][T27398] loop2: detected capacity change from 0 to 512 [ 1186.966450][T27398] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1186.989601][T27398] ext4 filesystem being mounted at /2155/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1187.086988][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1188.554676][T27449] netlink: 188 bytes leftover after parsing attributes in process `syz.2.9166'. [ 1189.060020][T27459] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9170'. [ 1192.667432][T27530] netlink: 2088 bytes leftover after parsing attributes in process `syz.0.9200'. [ 1192.766061][T27533] netlink: 104 bytes leftover after parsing attributes in process `syz.1.9202'. [ 1197.205980][T27642] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1197.215369][T27642] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1201.180030][T27709] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9277'. [ 1204.389760][T27755] overlayfs: failed to resolve './file1': -2 [ 1206.323496][T27768] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1206.333724][T27768] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1206.559420][T27776] overlayfs: missing 'lowerdir' [ 1206.652086][T27778] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9305'. [ 1206.687572][T27780] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9307'. [ 1207.107819][T27791] 9pnet: Could not find request transport: 0xffffffffffffffff [ 1207.486816][T27810] 9pnet_fd: Insufficient options for proto=fd [ 1209.407753][T27872] 9pnet_fd: Insufficient options for proto=fd [ 1211.011678][T27896] overlayfs: failed to resolve './file1': -2 [ 1212.799782][T27944] overlayfs: missing 'workdir' [ 1213.186576][T27956] 9pnet_fd: Insufficient options for proto=fd [ 1213.884753][T27979] loop2: detected capacity change from 0 to 16 [ 1214.182017][T27979] erofs: (device loop2): mounted with root inode @ nid 36. [ 1214.214468][T27979] syz.2.9394: attempt to access beyond end of device [ 1214.214468][T27979] loop2: rw=0, sector=8, nr_sectors = 32 limit=16 [ 1214.652951][T27993] syz.2.9394: attempt to access beyond end of device [ 1214.652951][T27993] loop2: rw=524288, sector=16, nr_sectors = 32 limit=16 [ 1215.116534][ T5800] BUG: Bad page state in process syz-executor pfn:58ffc [ 1215.125446][ T5800] page:ffffea000163ff00 refcount:0 mapcount:0 mapping:ffff8880550b87c8 index:0x2 pfn:0x58ffc [ 1215.135990][ T5800] aops:z_erofs_cache_aops ino:0 [ 1215.141380][ T5800] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff) [ 1215.149333][ T5800] page_type: 0xffffffff() [ 1215.153965][ T5800] raw: 00fff00000000001 dead000000000100 dead000000000122 ffff8880550b87c8 [ 1215.162871][ T5800] raw: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 1215.172140][ T5800] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 1215.180060][ T5800] page_owner tracks the page as allocated [ 1215.187037][ T5800] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192840(GFP_NOWAIT|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 27979, tgid 27978 (syz.2.9394), ts 1214210195768, free_ts 1214173804341 [ 1215.210163][ T5800] post_alloc_hook+0x1cd/0x210 [ 1215.215363][ T5800] get_page_from_freelist+0x195c/0x19f0 [ 1215.221485][ T5800] __alloc_pages+0x1e3/0x460 [ 1215.227092][ T5800] z_erofs_do_read_page+0x20c0/0x3680 [ 1215.233091][ T5800] z_erofs_pcluster_readmore+0x2cf/0x450 [ 1215.238932][ T5800] z_erofs_read_folio+0x208/0x540 [ 1215.244141][ T5800] filemap_read_folio+0x167/0x760 [ 1215.249263][ T5800] do_read_cache_folio+0x470/0x7e0 [ 1215.254534][ T5800] erofs_bread+0x16f/0x630 [ 1215.259043][ T5800] erofs_namei+0x28c/0xf00 [ 1215.263806][ T5800] erofs_lookup+0x135/0x310 [ 1215.268691][ T5800] path_openat+0x10b8/0x3190 [ 1215.273706][ T5800] do_filp_open+0x1c5/0x3d0 [ 1215.278330][ T5800] do_sys_openat2+0x12c/0x1c0 [ 1215.283210][ T5800] __x64_sys_creat+0x90/0xb0 [ 1215.288077][ T5800] do_syscall_64+0x55/0xb0 [ 1215.292889][ T5800] page last free stack trace: [ 1215.297823][ T5800] free_unref_page_prepare+0x7ce/0x8e0 [ 1215.303846][ T5800] free_unref_page+0x32/0x2e0 [ 1215.308808][ T5800] vfree+0x1a6/0x320 [ 1215.313386][ T5800] delayed_vfree_work+0x55/0x80 [ 1215.318350][ T5800] process_scheduled_works+0xa45/0x15b0 [ 1215.324135][ T5800] worker_thread+0xa55/0xfc0 [ 1215.328898][ T5800] kthread+0x2fa/0x390 [ 1215.333114][ T5800] ret_from_fork+0x48/0x80 [ 1215.338263][ T5800] ret_from_fork_asm+0x11/0x20 [ 1215.343246][ T5800] Modules linked in: [ 1215.347227][ T5800] CPU: 0 PID: 5800 Comm: syz-executor Not tainted syzkaller #0 [ 1215.354847][ T5800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1215.364973][ T5800] Call Trace: [ 1215.368323][ T5800] [ 1215.371318][ T5800] dump_stack_lvl+0x16c/0x230 [ 1215.376116][ T5800] ? show_regs_print_info+0x20/0x20 [ 1215.381397][ T5800] ? swiotlb_print_info+0x70/0x70 [ 1215.386652][ T5800] bad_page+0x14b/0x170 [ 1215.390976][ T5800] free_unref_page_prepare+0x887/0x8e0 [ 1215.396709][ T5800] free_unref_page+0x32/0x2e0 [ 1215.401790][ T5800] ? __folio_put+0xef/0x210 [ 1215.406389][ T5800] erofs_try_to_free_all_cached_pages+0x295/0x600 [ 1215.413162][ T5800] erofs_shrink_workstation+0x118/0x290 [ 1215.418802][ T5800] ? erofs_shrinker_unregister+0x170/0x170 [ 1215.424714][ T5800] ? io_schedule+0xd0/0xd0 [ 1215.429475][ T5800] ? kobject_put+0x43c/0x470 [ 1215.434189][ T5800] erofs_shrinker_unregister+0x5d/0x170 [ 1215.439826][ T5800] erofs_put_super+0x4e/0x150 [ 1215.444588][ T5800] ? erofs_free_inode+0xb0/0xb0 [ 1215.449580][ T5800] generic_shutdown_super+0x134/0x2b0 [ 1215.455390][ T5800] kill_block_super+0x44/0x90 [ 1215.460144][ T5800] erofs_kill_sb+0x4c/0x140 [ 1215.464755][ T5800] deactivate_locked_super+0x97/0x100 [ 1215.470304][ T5800] cleanup_mnt+0x429/0x4c0 [ 1215.474843][ T5800] task_work_run+0x1ce/0x250 [ 1215.479509][ T5800] ? task_work_cancel+0x240/0x240 [ 1215.484902][ T5800] ? exit_to_user_mode_loop+0x3b/0x110 [ 1215.490457][ T5800] exit_to_user_mode_loop+0xe6/0x110 [ 1215.496345][ T5800] exit_to_user_mode_prepare+0xf6/0x180 [ 1215.504505][ T5800] syscall_exit_to_user_mode+0x1a/0x50 [ 1215.510219][ T5800] do_syscall_64+0x61/0xb0 [ 1215.514665][ T5800] ? clear_bhb_loop+0x40/0x90 [ 1215.519586][ T5800] ? clear_bhb_loop+0x40/0x90 [ 1215.525030][ T5800] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1215.530992][ T5800] RIP: 0033:0x7f51c51909f7 [ 1215.535434][ T5800] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 1215.556529][ T5800] RSP: 002b:00007ffdf8597708 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1215.565096][ T5800] RAX: 0000000000000000 RBX: 00007f51c5211d7d RCX: 00007f51c51909f7 [ 1215.573926][ T5800] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf85977c0 [ 1215.582035][ T5800] RBP: 00007ffdf85977c0 R08: 0000000000000000 R09: 0000000000000000 [ 1215.590855][ T5800] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf8598850 [ 1215.599126][ T5800] R13: 00007f51c5211d7d R14: 00000000001288bf R15: 00007ffdf8598890 [ 1215.607528][ T5800] [ 1215.612136][ T5800] Disabling lock debugging due to kernel taint [ 1215.618415][ T5800] BUG: Bad page state in process syz-executor pfn:7c847 [ 1215.625590][ T5800] page:ffffea0001f211c0 refcount:0 mapcount:0 mapping:ffff8880550b87c8 index:0x3 pfn:0x7c847 [ 1215.636016][ T5800] aops:z_erofs_cache_aops ino:0 [ 1215.641164][ T5800] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff) [ 1215.649324][ T5800] page_type: 0xffffffff() [ 1215.654198][ T5800] raw: 00fff00000000001 dead000000000100 dead000000000122 ffff8880550b87c8 [ 1215.663584][ T5800] raw: 0000000000000003 0000000000000000 00000000ffffffff 0000000000000000 [ 1215.672977][ T5800] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 1215.680707][ T5800] page_owner tracks the page as allocated [ 1215.686644][ T5800] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192840(GFP_NOWAIT|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 27979, tgid 27978 (syz.2.9394), ts 1214210216922, free_ts 1214173783907 [ 1215.709454][ T5800] post_alloc_hook+0x1cd/0x210 [ 1215.714342][ T5800] get_page_from_freelist+0x195c/0x19f0 [ 1215.720030][ T5800] __alloc_pages+0x1e3/0x460 [ 1215.724840][ T5800] z_erofs_do_read_page+0x20c0/0x3680 [ 1215.730274][ T5800] z_erofs_pcluster_readmore+0x2cf/0x450 [ 1215.736028][ T5800] z_erofs_read_folio+0x208/0x540 [ 1215.741164][ T5800] filemap_read_folio+0x167/0x760 [ 1215.746328][ T5800] do_read_cache_folio+0x470/0x7e0 [ 1215.751565][ T5800] erofs_bread+0x16f/0x630 [ 1215.756333][ T5800] erofs_namei+0x28c/0xf00 [ 1215.760841][ T5800] erofs_lookup+0x135/0x310 [ 1215.765578][ T5800] path_openat+0x10b8/0x3190 [ 1215.770288][ T5800] do_filp_open+0x1c5/0x3d0 [ 1215.774885][ T5800] do_sys_openat2+0x12c/0x1c0 [ 1215.779883][ T5800] __x64_sys_creat+0x90/0xb0 [ 1215.784751][ T5800] do_syscall_64+0x55/0xb0 [ 1215.789326][ T5800] page last free stack trace: [ 1215.794293][ T5800] free_unref_page_prepare+0x7ce/0x8e0 [ 1215.799940][ T5800] free_unref_page+0x32/0x2e0 [ 1215.805443][ T5800] vfree+0x1a6/0x320 [ 1215.809406][ T5800] delayed_vfree_work+0x55/0x80 [ 1215.814670][ T5800] process_scheduled_works+0xa45/0x15b0 [ 1215.820273][ T5800] worker_thread+0xa55/0xfc0 [ 1215.824969][ T5800] kthread+0x2fa/0x390 [ 1215.829099][ T5800] ret_from_fork+0x48/0x80 [ 1215.833795][ T5800] ret_from_fork_asm+0x11/0x20 [ 1215.838690][ T5800] Modules linked in: [ 1215.842697][ T5800] CPU: 0 PID: 5800 Comm: syz-executor Tainted: G B syzkaller #0 [ 1215.852324][ T5800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1215.863289][ T5800] Call Trace: [ 1215.867320][ T5800] [ 1215.870472][ T5800] dump_stack_lvl+0x16c/0x230 [ 1215.876426][ T5800] ? show_regs_print_info+0x20/0x20 [ 1215.881924][ T5800] ? swiotlb_print_info+0x70/0x70 [ 1215.888208][ T5800] bad_page+0x14b/0x170 [ 1215.894058][ T5800] free_unref_page_prepare+0x887/0x8e0 [ 1215.899754][ T5800] free_unref_page+0x32/0x2e0 [ 1215.904717][ T5800] ? __folio_put+0xef/0x210 [ 1215.909313][ T5800] erofs_try_to_free_all_cached_pages+0x295/0x600 [ 1215.916492][ T5800] erofs_shrink_workstation+0x118/0x290 [ 1215.922459][ T5800] ? erofs_shrinker_unregister+0x170/0x170 [ 1215.928438][ T5800] ? io_schedule+0xd0/0xd0 [ 1215.933842][ T5800] ? kobject_put+0x43c/0x470 [ 1215.938754][ T5800] erofs_shrinker_unregister+0x5d/0x170 [ 1215.944373][ T5800] erofs_put_super+0x4e/0x150 [ 1215.949716][ T5800] ? erofs_free_inode+0xb0/0xb0 [ 1215.955219][ T5800] generic_shutdown_super+0x134/0x2b0 [ 1215.960842][ T5800] kill_block_super+0x44/0x90 [ 1215.965824][ T5800] erofs_kill_sb+0x4c/0x140 [ 1215.970595][ T5800] deactivate_locked_super+0x97/0x100 [ 1215.976715][ T5800] cleanup_mnt+0x429/0x4c0 [ 1215.982132][ T5800] task_work_run+0x1ce/0x250 [ 1215.987741][ T5800] ? task_work_cancel+0x240/0x240 [ 1215.993464][ T5800] ? exit_to_user_mode_loop+0x3b/0x110 [ 1215.999066][ T5800] exit_to_user_mode_loop+0xe6/0x110 [ 1216.004480][ T5800] exit_to_user_mode_prepare+0xf6/0x180 [ 1216.010364][ T5800] syscall_exit_to_user_mode+0x1a/0x50 [ 1216.016090][ T5800] do_syscall_64+0x61/0xb0 [ 1216.020577][ T5800] ? clear_bhb_loop+0x40/0x90 [ 1216.025737][ T5800] ? clear_bhb_loop+0x40/0x90 [ 1216.030544][ T5800] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1216.036591][ T5800] RIP: 0033:0x7f51c51909f7 [ 1216.041111][ T5800] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 1216.061109][ T5800] RSP: 002b:00007ffdf8597708 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1216.069661][ T5800] RAX: 0000000000000000 RBX: 00007f51c5211d7d RCX: 00007f51c51909f7 [ 1216.077660][ T5800] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf85977c0 [ 1216.085653][ T5800] RBP: 00007ffdf85977c0 R08: 0000000000000000 R09: 0000000000000000 [ 1216.093651][ T5800] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf8598850 [ 1216.101924][ T5800] R13: 00007f51c5211d7d R14: 00000000001288bf R15: 00007ffdf8598890 [ 1216.109953][ T5800] [ 1216.113806][ T5800] BUG: Bad page state in process syz-executor pfn:5c43b [ 1216.120995][ T5800] page:ffffea0001710ec0 refcount:0 mapcount:0 mapping:ffff8880550b87c8 index:0x4 pfn:0x5c43b [ 1216.132358][ T5800] aops:z_erofs_cache_aops ino:0 [ 1216.137604][ T5800] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff) [ 1216.145664][ T5800] page_type: 0xffffffff() [ 1216.151266][ T5800] raw: 00fff00000000001 dead000000000100 dead000000000122 ffff8880550b87c8 [ 1216.161068][ T5800] raw: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 1216.170956][ T5800] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 1216.178531][ T5800] page_owner tracks the page as allocated [ 1216.184614][ T5800] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192840(GFP_NOWAIT|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 27979, tgid 27978 (syz.2.9394), ts 1214210239687, free_ts 1213922993805 [ 1216.211830][ T5800] post_alloc_hook+0x1cd/0x210 [ 1216.216830][ T5800] get_page_from_freelist+0x195c/0x19f0 [ 1216.222528][ T5800] __alloc_pages+0x1e3/0x460 [ 1216.227190][ T5800] z_erofs_do_read_page+0x20c0/0x3680 [ 1216.232711][ T5800] z_erofs_pcluster_readmore+0x2cf/0x450 [ 1216.238491][ T5800] z_erofs_read_folio+0x208/0x540 [ 1216.243702][ T5800] filemap_read_folio+0x167/0x760 [ 1216.248883][ T5800] do_read_cache_folio+0x470/0x7e0 [ 1216.255158][ T5800] erofs_bread+0x16f/0x630 [ 1216.260507][ T5800] erofs_namei+0x28c/0xf00 [ 1216.265032][ T5800] erofs_lookup+0x135/0x310 [ 1216.269724][ T5800] path_openat+0x10b8/0x3190 [ 1216.276048][ T5800] do_filp_open+0x1c5/0x3d0 [ 1216.282662][ T5800] do_sys_openat2+0x12c/0x1c0 [ 1216.288092][ T5800] __x64_sys_creat+0x90/0xb0 [ 1216.293393][ T5800] do_syscall_64+0x55/0xb0 [ 1216.298586][ T5800] page last free stack trace: [ 1216.303843][ T5800] free_unref_page_prepare+0x7ce/0x8e0 [ 1216.309542][ T5800] free_unref_page+0x32/0x2e0 [ 1216.315978][ T5800] __unfreeze_partials+0x1cf/0x210 [ 1216.321650][ T5800] put_cpu_partial+0x17c/0x250 [ 1216.327597][ T5800] __slab_free+0x31d/0x410 [ 1216.332676][ T5800] qlist_free_all+0x75/0xe0 [ 1216.337419][ T5800] kasan_quarantine_reduce+0x143/0x160 [ 1216.343090][ T5800] __kasan_slab_alloc+0x22/0x80 [ 1216.348090][ T5800] slab_post_alloc_hook+0x6e/0x4d0 [ 1216.353533][ T5800] __kmem_cache_alloc_node+0x13e/0x260 [ 1216.359068][ T5800] kmalloc_trace+0x2a/0xe0 [ 1216.363690][ T5800] bpf_raw_tp_link_attach+0x23a/0x560 [ 1216.369423][ T5800] bpf_raw_tracepoint_open+0x197/0x210 [ 1216.375234][ T5800] __sys_bpf+0x364/0x800 [ 1216.379533][ T5800] __x64_sys_bpf+0x7c/0x90 [ 1216.384215][ T5800] do_syscall_64+0x55/0xb0 [ 1216.388863][ T5800] Modules linked in: [ 1216.393452][ T5800] CPU: 0 PID: 5800 Comm: syz-executor Tainted: G B syzkaller #0 [ 1216.402513][ T5800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1216.413223][ T5800] Call Trace: [ 1216.416660][ T5800] [ 1216.420530][ T5800] dump_stack_lvl+0x16c/0x230 [ 1216.425382][ T5800] ? show_regs_print_info+0x20/0x20 [ 1216.430914][ T5800] ? swiotlb_print_info+0x70/0x70 [ 1216.437414][ T5800] bad_page+0x14b/0x170 [ 1216.441726][ T5800] free_unref_page_prepare+0x887/0x8e0 [ 1216.447273][ T5800] free_unref_page+0x32/0x2e0 [ 1216.452488][ T5800] ? __folio_put+0xef/0x210 [ 1216.457135][ T5800] erofs_try_to_free_all_cached_pages+0x295/0x600 [ 1216.464893][ T5800] erofs_shrink_workstation+0x118/0x290 [ 1216.471753][ T5800] ? erofs_shrinker_unregister+0x170/0x170 [ 1216.479842][ T5800] ? io_schedule+0xd0/0xd0 [ 1216.484603][ T5800] ? kobject_put+0x43c/0x470 [ 1216.490509][ T5800] erofs_shrinker_unregister+0x5d/0x170 [ 1216.496343][ T5800] erofs_put_super+0x4e/0x150 [ 1216.501199][ T5800] ? erofs_free_inode+0xb0/0xb0 [ 1216.506204][ T5800] generic_shutdown_super+0x134/0x2b0 [ 1216.511677][ T5800] kill_block_super+0x44/0x90 [ 1216.516437][ T5800] erofs_kill_sb+0x4c/0x140 [ 1216.521536][ T5800] deactivate_locked_super+0x97/0x100 [ 1216.527050][ T5800] cleanup_mnt+0x429/0x4c0 [ 1216.531674][ T5800] task_work_run+0x1ce/0x250 [ 1216.536388][ T5800] ? task_work_cancel+0x240/0x240 [ 1216.542426][ T5800] ? exit_to_user_mode_loop+0x3b/0x110 [ 1216.549741][ T5800] exit_to_user_mode_loop+0xe6/0x110 [ 1216.555742][ T5800] exit_to_user_mode_prepare+0xf6/0x180 [ 1216.562619][ T5800] syscall_exit_to_user_mode+0x1a/0x50 [ 1216.568152][ T5800] do_syscall_64+0x61/0xb0 [ 1216.572705][ T5800] ? clear_bhb_loop+0x40/0x90 [ 1216.577411][ T5800] ? clear_bhb_loop+0x40/0x90 [ 1216.582269][ T5800] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1216.588789][ T5800] RIP: 0033:0x7f51c51909f7 [ 1216.593247][ T5800] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 1216.613266][ T5800] RSP: 002b:00007ffdf8597708 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1216.621792][ T5800] RAX: 0000000000000000 RBX: 00007f51c5211d7d RCX: 00007f51c51909f7 [ 1216.630001][ T5800] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf85977c0 [ 1216.639564][ T5800] RBP: 00007ffdf85977c0 R08: 0000000000000000 R09: 0000000000000000 [ 1216.647942][ T5800] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf8598850 [ 1216.656131][ T5800] R13: 00007f51c5211d7d R14: 00000000001288bf R15: 00007ffdf8598890 [ 1216.664164][ T5800] [ 1216.776003][T28009] ip6t_REJECT: TCP_RESET illegal for non-tcp