last executing test programs: 6.711121805s ago: executing program 0 (id=4013): write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfdfffff3, 0x9, 0x7f, 0x2, 0x1, 0x7f, 0x6, 0xfffffff9, 0xfffffff2, 0x5f, 0x2a35, 0x3, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xfffffffe, 0x1f561e2c, 0x2, 0xe661, 0x4, 0x9, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0xfffffffd, 0x5, 0x5, 0x4, 0x8, 0x3, 0x7, 0x0, 0x5, 0x6, 0x9, 0x4, 0x1, 0x40], [0x10000007, 0x8, 0x12f, 0x8000, 0x10, 0x8, 0x129432e2, 0xcb, 0xf9, 0xd, 0x2bf, 0x2, 0x9, 0xfffffffe, 0x7, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x8, 0xea4, 0xa, 0x4, 0x4000, 0x8000, 0x9, 0xffffffff, 0x1, 0x6, 0xfffffffd, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x1, 0x4, 0x1, 0x7, 0x10001, 0x9, 0x48c93690, 0x3, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x1, 0x7fff, 0x0, 0x8005, 0xb, 0x4, 0x5, 0x3, 0x0, 0x1ef, 0x5, 0x40008, 0x86, 0x3, 0x1000000b, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0xf, 0x8, 0x6, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0x54fe12d6, 0xbf, 0x200, 0x5, 0x400002, 0xfffffff9, 0x0, 0x9, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x4], [0x1000009, 0xbb2f, 0x3, 0x7, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x8ad, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x9, 0x5, 0xffffffff, 0x7ffffffe, 0x5, 0x8, 0xc8, 0x3, 0x3, 0xffff, 0x3, 0x9, 0x800100, 0x9602, 0xa, 0x2, 0x9, 0x6, 0x4000001, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0xb, 0x9, 0x11, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@getae={0x40, 0x1f, 0x1, 0x0, 0x25dfdbfd, {{@in=@dev}, @in6=@private2}}, 0x40}}, 0x0) write$char_usb(r0, &(0x7f0000000040)="e2", 0x918) socket$nl_generic(0x10, 0x3, 0x10) ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x230}], 0x1, 0x0, 0x0, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) r3 = syz_usb_connect(0x0, 0x3f, 0x0, 0x0) syz_usb_control_io(r3, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000000)=0xffb) prctl$PR_GET_SPECULATION_CTRL(0x23, 0x4, 0x7fffffffefff) 6.704498565s ago: executing program 1 (id=4014): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x1418, 0x1, 0x4, 0x25dfdbfd}, 0x10}, 0x1, 0xf00, 0x0, 0x40}, 0x44010) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000000c0)=@bpf_lsm={0x6, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = socket$inet6(0xa, 0x3, 0x3c) setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, &(0x7f00000005c0)=ANY=[@ANYBLOB="530002"], 0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000400)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r4, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x800}) ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000000)={0x28, 0x4, r4, 0x0, &(0x7f00004f9000/0x3000)=nil, 0x3000}) ioctl$IOMMU_IOAS_COPY(r3, 0x3b83, &(0x7f0000000040)={0x28, 0x3, 0x0, r4, 0x3, 0xfffffffffefffff8, 0x3fff}) getdents(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10a) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000006c0)=ANY=[@ANYBLOB="30000000040601040000590000000000070000050500010007000000050001"], 0x30}, 0x1, 0x0, 0x0, 0xc080}, 0xe821651e0a1b45fc) 6.600329377s ago: executing program 1 (id=4015): socket$inet_udp(0x2, 0x2, 0x0) r0 = socket(0x10, 0x803, 0x0) ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, 0x0, 0x0) kexec_load(0x0, 0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x41000000}], 0x0) 6.48305297s ago: executing program 3 (id=4016): r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x121602, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, 0x0, 0x15) write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc00000019000100000000000000000000000000000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000b93760000000000000000000000000000000000000000000200000000000000010000000000000044000500ac141400000000000000000000000000000000003c00000000000000000000000000000000000000000000000000000001"], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x20040000) sendto$inet6(r3, &(0x7f0000000040)="6fa251480fbaa175310dfc8f0f9c0df526ec442f4f75883c9c116c31ed38b76fff9c4b114201fc85af1927d421febfe067622c46ba5b64c6ea024e82a74a85bbcf7d3b17fb6bed1390cef4a9190389547781f6fa64a5ac28084dd9e675e462c686fb7fbf1314cf9984779f7eba03d64ab361d1bfd4aca04a66189548e3c8149fb6", 0x81, 0x51, &(0x7f0000000000)={0xa, 0x3, 0x1, @dev={0xfe, 0x80, '\x00', 0x17}, 0x9}, 0x1c) 5.637900926s ago: executing program 3 (id=4018): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140)) r1 = dup2(r0, r0) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x5) read$FUSE(r1, &(0x7f0000004580)={0x2020}, 0x2020) write$vhost_msg_v2(r1, &(0x7f0000000280)={0x2, 0x0, {&(0x7f00000001c0)=""/132, 0x84, 0x0, 0x0, 0x2}}, 0x48) 5.581588478s ago: executing program 2 (id=4019): openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) r2 = socket(0x10, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000c40)=[@in6={0xa, 0x4e24, 0x5, @private2, 0x4}, @in={0x2, 0x4e22, @local}], 0x2c) write(r2, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f000000000000000000", 0x19) r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000140)={@my=0x1}) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r4, 0x7b1, &(0x7f00000000c0)={0x0, 0x2, 0x0, 0x8}) 5.522629069s ago: executing program 1 (id=4020): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000003b40)=ANY=[], 0x48}}, 0x0) 5.43856521s ago: executing program 3 (id=4021): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r2) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='`\x00\x00', @ANYRES16=r3, @ANYBLOB], 0x40}}, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r5 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x38, 0x38, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x10, 0x4}]}, @func_proto={0x0, 0x0, 0x0, 0xd, 0x4}, @ptr, @func={0x4, 0x0, 0x0, 0xf, 0x3}]}}, 0x0, 0x52, 0x0, 0x1}, 0x28) r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r6, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r7) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r7, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r8 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) close_range(r4, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, 0x0, 0x0) 5.421669591s ago: executing program 1 (id=4022): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000340), 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mbind(&(0x7f000012c000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000000)=0x8006, 0x86, 0x3) getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, &(0x7f0000000bc0)) r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, 0x0, 0x80c0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x34, 0x2c, 0xd2b, 0x70bd2e, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x8}, {}, {0x7, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0xd}, @TCA_CHAIN={0x8, 0xb, 0x5}]}, 0x34}}, 0x400c084) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x3c1, 0x3, 0x410, 0x0, 0x168, 0x0, 0x0, 0xa, 0x340, 0x250, 0x250, 0x340, 0x250, 0x3, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x33}, [0xff, 0x0, 0xff, 0xff000000], [0xffffff00, 0xff000000, 0xff, 0xff000000], 'xfrm0\x00', 'veth1_to_bond\x00', {}, {0xff}, 0x0, 0x3, 0x2}, 0x0, 0x228, 0x268, 0x0, {0x0, 0x28e}, [@common=@inet=@hashlimit3={{0x158}, {'caif0\x00', {0x0, 0x7ff, 0x0, 0x1, 0x0, 0x6, 0x1000}, {0xfffffffffffffff6}}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "48c01c5140d722edd3fb24545886bbd1be494201b400"}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{}, {0x0, 0x8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x470) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/syz1\x00', 0x1ff) 4.433101921s ago: executing program 3 (id=4023): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x1418, 0x1, 0x4, 0x25dfdbfd}, 0x10}, 0x1, 0xf00, 0x0, 0x40}, 0x44010) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000000c0)=@bpf_lsm={0x6, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = socket$inet6(0xa, 0x3, 0x3c) setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, &(0x7f00000005c0)=ANY=[@ANYBLOB="530002"], 0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000400)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r4, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x800}) ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000000)={0x28, 0x4, r4, 0x0, &(0x7f00004f9000/0x3000)=nil, 0x3000}) ioctl$IOMMU_IOAS_COPY(r3, 0x3b83, &(0x7f0000000040)={0x28, 0x3, 0x0, r4, 0x3, 0xfffffffffefffff8, 0x3fff}) getdents(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10a) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000006c0)=ANY=[@ANYBLOB="30000000040601040000590000000000070000050500010007000000050001"], 0x30}, 0x1, 0x0, 0x0, 0xc080}, 0xe821651e0a1b45fc) 4.191508076s ago: executing program 3 (id=4024): prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = syz_io_uring_setup(0x495, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x7, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd, 0x4, 0x0, 0x0, 0x16}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) 3.215212775s ago: executing program 2 (id=4025): socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x3232, 0x100, 0x0, 0x3de}, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x45833af92e4b39ff, 0x0) r3 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000300)=[r3], 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x6000, @fd_index, 0x400000080001001, 0x0, 0x0, 0x22}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0) read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 3.150817996s ago: executing program 0 (id=4026): mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) mknod$loop(&(0x7f00000002c0)='./file0/../file0/file0\x00', 0xffff8000, 0x0) write$FUSE_INIT(r0, &(0x7f0000000580)={0x50, 0x0, r1, {0x7, 0x28, 0xffff, 0x200800, 0x0, 0x0, 0x1e0, 0x0, 0x0, 0x0, 0x24522716a989086f, 0xfffffffc}}, 0x50) syz_fuse_handle_req(r0, &(0x7f000000a280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783fcf2c2c9fac2c3a2771dd0e2fb113cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db214687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a7aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e5", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x0, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x200, 0x0, {0x5, 0x0, 0x7, 0x1000007, 0x3, 0x0, 0xfffffffe, 0x8000000, 0x0, 0xa000, 0x10000, 0x0, r3, 0x734}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000006680)="8e503ba12553ae35664093744598ff2ed98313cfeff69bbb1f3ba451bc98d27cf439225d75522ac543a153ac5284bf131a87e53d0b20f8dddcb2af841def3e560070344be18fcee4983553ba856738012b512e3dc760fb581a17e5622e0e22e22546476d6cc6d6d94d828a2fa22ec77a1cf082f5ca88f1f8976e8b6c3a7a537f8f50b432bf4df69c912bfcc539a65851f86b23f24e714e0643429ec1198ea1647316538a3ce23fad21e19e087c0dedc7aa6d5e4b0dcbfcbe22c857f5a848aef15126b9ecc810249cbbc82c8b6ba49e46b71cb79f6ef9449d0838b9130946398941a4c64f6e2d84118b60ed4ccfed8a26446032fecf87434e71b7989253f64feb6d2e1013673a9600b1915174e55ad78d1d666fb75c24142e44ceca89a18ca66b4b5e66ba953ca42fb6a36d4a3612a2948393f67a7d1d0957a8553c73855fd007abbb6c3d4bbc943f3b102bb2ea6f40e714516a3de91acc6e1468e9e7b66ee57815da23054153d9d5fca6bdb26ed8f7754d88154d46df2f2e4964ee5d7f47e9218d6877c3b232c945cddeef70b24e5c6c434fa30fd0a2ad1c348c3658494f7cfdfb6bb56b43f1d9b2d049c1166161c3232ada01f3c789b2d6958cdd9f044a654f8397d64cb928f4d57f0c4e9739afbf3afbf0e9f84d56a1aba6db7538d98404b7cdfa97f8770a6df4a13145c1d0cfb7ec0349b5639d9180eada54b2f8c12472fb379901e6d514fbfd6d41d2dd77eb42608a784fc016ae48fb126776b10be5c03f62ec90987e766d20d821a17c03e0d867f4aa3f4902fb803e8261833aa9397e107e6c100daa3d8b792bf4b5081ef56670762b5ae3f528836029ca332f44fcc5cf3750f39091985032afa8dd2e80b69cbffc29aa13fcdc0ff811a108794b4154ecaf70e58a9f70a573cf9d1040e23f5a04a873a583e4ab0fa5f77d620c60f0a45cdc789b849e9e8746528846bbbf8251a84f2aa97ccc3e49f4c9b6abf0248344e86a71486eba9e62ff5920bb80ceccc5813f068da0d5aa208c440b7889118d2f4e8baf22a84544f232d6a3a1aedf31d5fc22f0ece56ac611b1363ff35e5071342a0257d3f146dc3ea1cc795d2f06afeb1d6995e50eb2d2d21dc6c4377a2626dd9486446517d03a4a03c43ef2e255a92b775c198bfe92c21375599235aac33c69190bbbfaad76860d0c9e70ad53273460c370b06bdf94ee8bfc31c48609ff6de0d39f873ec11e8c2835f17b3f18891c8ae335a7074fb5a5c794007a327fbb2622e71d62e43f50a00cc59b7eeb3f8ceed5d87fa5eb62a7a8c74ec90b1096a0b24606bf14b1f13f78ea4ab522304c7ca1d7b8ae47b5859f6a0d9baf3b6ffd29a4fb6782732febcfa51446aa87691ac81bf891717fbf8e4deaccac63477d3bc7b8ed52e9b6ca3fd39eefee6a337c2ad76df9739e2fbff34bf36027be0cfbebfe5b2fd168d75b2fd64479e2faf85654c013955e04044a9b7bf8b3d42da91962796bfe6eb53fe29e36a7a7512a155c712ae561d885703cb26d72e6f1df3976cc665960f871f3110309ffb6b5a79e54057a7a286c62c11e973ef671e86051686f77992f985d729740f38fecf83e03a1fef542cd6b4cee48546f67873a9c682c4afe4a5beccfc64085c622c5a0b5a1f6355f938d16925cabe61426a837c48fd6ad790afe54448fb296a03322f3427e132e8c0623bd311af8a619c2d91415e851744941700f09a2d8471def9dbc448c6aefb4c664f8902c872cc7de9d26e8b300b55b1d08a80257095efef35d9b497487607a22bc95c68f39aeeae243e76ccd40dd1b7ccad6eb39b35d91d239b2b005c8bb6e50037ffb1253276e20384398a5e97ad705fcffd04c720539ddf80cf4e929e82e3fec3d7542e0b7495733eb5da29f6dff5a34ec88a71881f660a5bc9481e755fd3c5683e95ed97cc91ab0edf49afda477aea42bc436b364747d973d61be806e1e63b6982e42814a13c5adb3bd767ec724d2d654afb106198fba6b4c798f4b82f329c2b8055ac4d247da971e32eb4cb971c9ac99d18c0a216d48dd7dffd372e0cad9ce6f05b06e47842c2f53b7c987139c6ddac3446fdb163342f8ca8f5401db91d324a6b710f28dece5839d37760c2515d6ad815a746cd7ccd3a438a5d3f28ca331f6874dedbab107c64127a7590a2813c1287ca977807827d52df80a9c19bc7ef335791da1be53c89f6de8ee1f02f26069b786f22bfd23cd8366e3ca02c0b296d0966d7f8fdbc0ef06895c547224f1a01c92d5f43f81b35539469d1fd9cd76dbf8cdd21b479a6474578863c9906ce6b12d0dbf5a458dafc042fcabe64aeebeb70c0da9300ed22e5d2851c5e77b20f9da1cd26cd810e0b8f1ba17d7c819e8a8ad86aa5bc4eb64748b75ab4a85f05bb1dc542234ac175eced1fe8f3fbd86f1c7349a360f5af0244818df303dce6842ea7afa722be19cf162d671256e5659c77c5569d827b28dc44b7dbb7d9433bc9eff26edbff36cf796b8afb285393f2dab6bb9a3ed40dd065ba8a8ab62cb575e696b97a2853b1700835ae429b983a5bb88972e367f5996a21e9a3b00e943e15c1163fdee023e1cf6e8dc42655cb175590fb6b8c46148b37957c5026aa94e96cbb71bcf9e7899c489edd9b34ca2d3d0dbd29f135cb158652ded6c959820b26a5fb6e8f3a6cfb80bcfa52c36ae0a3868914bda36b5ac09d2ae6cfccff9859550cfc5c6c3b30cddf6a2130c0c563445ae10634f38c65a47aeb8c72a0f25a6747a6787e703e1723303dd6d5bd4303240cb6d4659ee32d80b92859327e882ec84d9bb2a6976d9c6fa450d5598c6af1c92fc4ed7614e3192a06e62e704278424e2e5d521ec4f2cbd87d9b8a65405e807f6247e3f9228e8a5c44e31c9de9247d1b8248ce71d34663cbfcce728c9f08628629fca3f334566118aeb86470886147d714d2dce240408fac3c971b851dd33cb7997e238a2362195ba4f0e83d5c1c5039328817f258d6645bcbc20512398a7a34e2288585b4dc626c6867f3af5a0f573492cdb04e5613bd95bcfe6a61541c3912b4e841b34db2820ed5aca226dcba496f9586b83ab44ed3b9f34cfd2397f36dc4f9811815b975a208b6cd163031296b289b7d202036bca9c4e862f6b1d6356c3c54d47de63e0d0b38e7b9e41e1b25d94fbd03853f786fcf2325020355469e52dd2cfc879e2758382f609173cb2c01775030d1d536af97f5bd0a4b71ad9bf3e5becfccd7dce72fa8882733d2c32cab1338ce67f301be74b1c51dbacff9bdc22868f3f16531cb86b7597aff03040a821c4f7cae2b5b92db792f327dce81e79ac83d4ca15aa248ddc2fad518ebd360c5ac8ff3636e15e8ff61501b1e5c6338847ff43c0d3ed38c87aa623c318c8facffb72fbad8bf4effdd2013dc60ad91f1f5a791905b572321ce0956ffded80e2152b0672875fe71923de673ce343a665d327560c5267223b6fa636ef188b94d4a42884721b4f2d51f90ff3e5145aab164fb56982648a7215601d23017b749c01b684082e250330d109af89bf5d20ca788fbd95fd8d1c128aad3306c4e1bd1c054def7b7ea1948e3c95826078991d234808f55c2314706c8177d7674b2378792afe66b2d65484b481b0e52d8b60e0980163fcf2fffa2cd81f4dbf57afd76fd4e71ec8a6604a697fcaf57e65bba50489f6f0c5b4c046a14303eac05700550ee10fa29d8f68a9eb02fa504b640865f7e2c21f1451ed7d75c90a4734ba64327bc3597b5aff23d0a8f1229f0539720bece2b980f85e11c5ecbf3a560e5dedc40e1260349ccbc647d4d9763b17a45fe1b63e5d16e1a49d55c0011e3ab898b64a6618682bd7bb7e8ed18dafa1b462f20f6aaf2d7c4777a6fb73aa7a1720d67a644f4f4b0bc3ff965e696fd3513979f2e72289dec447af56b240380cfa2a9ce38a808e961d26b6ee6810c75778e9d23a93b3f79b3b293f138f23ef2596b60ecd4afc2036debb7e14f61774d84c1325ee7b8f95dc80c12b001e32e894516473a82aa2c24b5ff7f8c3374e245f1b3ff2a8cf0cc33ecd4b9b7528c34cf54d77756ed3e1b74a0e66c9c1dd8e53c123872c084f70e8a04efe8a8c3527ba75f4d9ced8469229ad7453a1376cae90b155638696103216a07b02e93e3924c4a98d159ce8633b2c8bda44ef28f37ba5edf1e80184c9ac2c8b0db77096dbf2f866536ac4f5ee9eed4bb8dfe0dad4361e901450ba499c119aa1af2a1a7c527b09562a47d8260bd7647e29ee422432f063a84d195e9c843e6f6fa684dd044bd09b8cb3e7a976df68049f09caba37b69a595cea61667f2631e561be743309568b4c37fdaed8ebc628889bc3bf9c5a63bc74e9358a9c2228f51370eb483ee39e682cd4f56f15a16217904c6189ef50044e04f244da23d1c9f41a5209f4f485df4ad8d1922203d365eb11102d48c93c09b700e177aef00f8bf729c0406b89de32490fca998bd34f80c99be60601d4de10e9a86a5a22652eb9df948daa66529b6445cdde70ad125d06e41a3469216233a8b9eeb928f2d041eded321d518f0435ca377e90ae49e95793aabccf299c1f1a82ddec49b2b8732aecd1610d5f09cc5e509d4065c5cfb4edc55f6a15fbaf4dea24439ea95b63bae312ed90e47787000810f22ab9b6aa0622ab969fa30b724b24d82447d6a357468b2d1ec61a80ae680ff7b8b894158218b0e63f99103879f3c1dae33aedec60a1e755755604e33a6698cd0e378b0a0b04017278411f33eade9c4c0e3b7d0d6e62fdc3ebf5559310e0a2913d5aff1ce1bead51578b3879c0e25d96a7a150ba655c97875d864c3a6d5b595ff9dd9698857b3b0bab2d087bbf7f80f5a7225cdebf794ede16a61ca73201f311f87ef9cececb8fd07b2bf384a22a8ae988a5e91e6355e26ac923e78004968bf7f4ae3b319e61a422a43841831a51e2c41df8a118da5239c87b4b0aceb32854413d53e0228090babc167ed6600041390ce04e96c94c65c51fdc00e617e4ed870fe9ed2bbef84c1e1f3f796b2867b0f383b6e01ba2b82ecfced722ac5a7c092716d18b9b41674c342a1a6a7ef961893d451648cce5d0ccb4c180e0493a53f5453de43a6535c486acbfb9f480f3255f998831b684a468a88840e1e7e8a310ef296ce89bef65b7e54265c88bff204e48963cea9945608260e5de37b949acacc938e8e2de9fff925022c010f94a0cd6c7bf16d4e3132034a8a3301f1c1950b9a31ee8227b17cbf460db666f6207a59783064115eac2d4f29f9483ebcd34e8792809d5c25a380b2137bbcd7cda502f4a41a043f7d626e922adec9b4c6478ac0df9842bd4e8912deb2ad2026461510ca392383ee9a7ad0388ae499951a4283db39ca57ed9bebf43dcaa6caa391169077a189641fda3151d8e3a3a0b525dcafa2d9d7b2a01468e658c10c27a8ba74b487a968b05031a3d53b59139068b28ca87c5bfd9db867c0e9b9abd91142c96dbf8883e1a89db8d96c9f0a8999a4f9d6b07f32d6f8bb2ea6d2eaa8a531edf85f25aef35c84eb4bf3f46ab4213602be20cad885d404ef47fafc7793247247848f1c3a06ea31c23d0cbffa07aa5981714dc85736e95cd4d60ed1f25351b1c723e4f042f55f02d24a089862df124c75cc4f618853914439c1406a393a0f1ec0f2346f4cbd6beb17713149d67b9bf1854c814bd8ba3a199218e6eac655db998c955df382c8dee2b4d30c750a63a08e9a88009840e96a331bde3767bce177fc5c44528cb673e862e24c2dc2399be1435cd20916e9e060f8bef39d4b47f335dde4493e0e44b0f619822a35e69b7c5d93dc69575ff71ced7c858e43dbee46f4e50846288cbc8fecbb9291d455a015fdd6e1412aec0e6104d0377074b8e160ec7d813bbc6d3b8e6b0256bce8d255d7a592b408cdf6e63164c99d94f00a693e06c2ecba9dc6d36c6a35697c1647f942df4c805c18344b8e5ac885689068f864c395e8c970702e40cf6c683d10455c7ad75fc035ae260f359c2d8c91305406c6f56ec535be445601c75ffdde1758904787f29a558d0f3bd04bfa08f1612a7ee8a7acf129ed5eb854bba757d34afa354098ed8b4e3a599db4b7611a665fcbbb182a0774cb026a00714d8b91c7fb8691b629b6a93f92da2f3701348885dcefe5a548c90101e50dbaf3f4907611623f7616bcea943bd3feedecf3b3681b4d04a938ac83d9f18a21991a90dc17005e7c56d2e09a0f4ad9f3c676e7da478e96122046d0a167f7e1a28d97d514aa68d24dac8501a1a35ddb6f3703311b26bfa3319361ff5e4d38cd55a04ef1b4fb417a3b638cde7f8569531a22c0fa12ad3a55dfe3c2642205fe1ba0c82d36f8815ec52f6381fe789fcf89efb305498a9b1f0ffafe01bcc5581f5b5d195bba77797085ab1837fd081cf5f086da2a16b6a7f8ca9efbc4c9cf771961b70626120e3715b16b222932291e4ee2449591b1807d56a53d4d86f25011704e7d5efcb799ab130ec2aacd54afd3c43c8acda1c5874ce23234b090c4eaa8ddaedf979b1218a5b9dfb36b8196ce05924dcdc7f50d96b95d0c288551a0498ff23f56c7ccdfb8966480477849c7471bea99cb0af35dbcaa5e781b5ddecf3cde51d78067aed9ca267550dfae119a3d83710ecb92fe80841837b41a40d262f5fad16c20203d1cc3455ca63ebdf0f5dbb7a498b4629dcb87333f2d58726871e6b5adf60faa0f8c9cb4718005e5e199457330da1a11cd0d7e78f617b6805fff8fa45c2cb56e1e17904773e165d2a39470ce1616418e7e15481c798afed92efad9c2babcc3e3346f8022ce30b3e1db015a2b9f5dbd4560ee9776c77eb9cff5cf2af28ebf1085650e29bd8dac01b814e6c285bf964da2eb1a442aeb671589a02c29d58208829c9501c355644ac28c38835f4025dcdabfd3852b1a16e45e9c032e97f7f2f0f612739c6569f44731692e3f3b97ba5bcd0b7f2dea1ee6303b5f92514c022e54aa4c587eff74a5d509c17785686c613bf6b778e3624ff3653674e6daab3f788ec9cf879f06957a673a20fdccf721ced05a0d23e074de82614f775a84dfcd31c621cf0369e28791ab742b62f271218fa1bc8681e9d41b4a93b05cc693013d54d367b1e6e1a7e74b43b44b920192ed8fbb63b89f393e5ffab584d7c201d1b99b7bc6907033109986a4fe7bb79e803315c4df94ed471cba889e148645fd1748374015ea8c696ff64bf6d23bce7e5efa7c7e6215ceefa938cd88aa0374da4ee1e10cbfa96d5283b4a0867f4d76b8492fc618e2bca34ba9bc2ff3368756080a78a1ece2f0d1d1cc30cb721677de3c4cd6da378697c40419bc1f2184b86b8e40abd627aab9c308d8fd2db8daf8b43225003ea9124c11dfcbd1b6ea959a86623e360b40c381d991892c1fa6c0c81bb4d03d8d3656cedd1e48539192fc8bd1474ce961159816dcdc76e95ed9d9893e91a0ca670cd1152cb014310facf952fa9fd0d30900196b604c10596c1a31c1e70416824c207656426b09ef9b558496ae87fc7449bfdba0d5628e9af6397385ddadc986424fde545c07664fb6ef2756ed9e443e39257eef2179fb9e4a9e84062f9b6048125151e2e7fad2560df277323b5e22ab2731dc802d6f372d2a335b5da7e5a86508329b3dceb56f0d4f9f6f9e48507af3ec99fc172c237e67ece3d51198a033a9c66f3243ef694893af85421ff6f93ecb95eacceba5fdc1a76810e999a40733b46433328b24ee17b718b135b74dd535202c7966de2de5a26412e600971704bb90007e42d3e6a3acd33e7358da6b32883c9ad30c2abb1cdef7452e211734c6fb6d199a397bea8aa3cf1f014929941c34ba06096e70d852fc420effc7924ec29c03bea29f289c82338f0115e00de549007456d5867253a5b9bb4493bcff815a3100fc45a0de0aad7b0b5c641ed1be3e8f07fb3b1a8a496ecfd3dff5abf0d8f5854621faeb4a9920d8c52b7a0338d49fd21d99c24e1943de3ba2668aea7bc95bcf21e2bf0b2d5f899f33d0cec31b60df4ef5a23e1b173cc89390c8bc3ee96e38de06f6016a2b0eafe86af9dc59bead4f5f948a81b1008a95e3ab39f8009bdb4f268f3002245e73ee2ff50cf1cd37e867cbe44ad370b9336e0dddcffb6dd8f2f79155235300bce6385e544105e6d278d345870216e61100337a871ab51b2cde74fe976e1f8b77a90bb8b51eefe7e4201db41915f482edbe1f8ae268314d5af95ffdeb94aba3f4e316990792d281a123d7febbba7f6abaed7ccfc0c567d4bd1c2d9ca217535167c9a09f1ad0ecaa99cc08338fead5deef7fab77d2082d893b91c27f8ea4e48e052a2a31c8e3f9510c4ce94ef16053bcc25eafa324e5a1d045a3de8f7d731e58ec9130427552323bcfde47f6b55b5634e8cb190fe183af132f12d72ef5e4d98508b57106ccb647ab505369c728958a0789c67ee80acc4bbf41b97fa56d8701c3ec5ead411aed16882dfb026c50c28b5fcc442c432837a82f8bfd47650b83aa71b909be61ea77cc029a0c615f8e390874995d19e224c38349c64bc166f50c54332d1a3eff0071d7a0b11a901c56a847b93ab5bd0bfad8f965cbfb53c2184c588fb7dbc5c693a3ade89b303e801a650b79c1ea957aabed937998b5df77ff29fd43515e8a5ffe441e323fefa45a2775237e1c749897d448f1f3ef60c7755d1a1441b96a136a86d341471d57c68c859813656658266c40b8bb8bafded8ed0d940f8c5954923eb43ad5afb58eb452d6430990bc924afb97191f31cd1a1f58e30b0c243f9636245c459280d16da1df1a30ff63de677554d6b252487455e8aff91370c4a0ba9f341384cf8483d18b9d3f2fc51b07ba8a5fa795d7925189ca344f0fddb8bf55e35013f6fab3806b3c4d17499ec1ae819d4f3aa6b6a570c2ea68558fa33373394584dbf11d41f7059b55f186bd54bdc30dea390872737bf0312f4c68dc963d28d5b218eca6314e23b7381cfbcd01c325d9a3869f1176eb82c183b37d65c8500a48e9bbb1c465e27bfb668a16100e5384d9116aa35f3b00b4ee3bc84700ab17283d4db6b420e6140d14d09b51ad020fc8e505d2c820ac307d45b211213c18487ce12dff233a5caf87cd94a77d0eba69d61452f41c1f82cbe32b567a39a4615a6d2155cc73c3b90dc55daf33c8d9eba3eb0e182c79dede1293dd30840ebf048df8a93e38d0136e856d94ea105cd04323406dc429b5551538625109105d88b1ac480d0fb1e9d1977099707f9f9534b683d855c4d3c30a29c6678a3221e0dea7772f8859f572420708da9a030ddf973cf9f221404117b05efb76bb08ecf34aa9b36b0418c74f90a07e8e5c91e1d7c8a8ea596c0de9b10c222e9588c2bbc77d860b7197b42b42a1ab834ce24fccbbe20f2579ec6dbd4efb9aa1a3d2e062de594d289273e98342440045a0c134e400003b50d4243826b029ecd177cf3d2cf3d164ddc58f88a970a0bbdc7f0d60271cab0df2dde79d1b929cd3028effccbe94c05008f4261297024e4f72604d52db9da7b0e5f2f4f59ebe77b319c54aaab9581a8355b75594eb6dc0fc25e91052c89764256ca464f9f6e45bc34d6e5aa28e1fd93997b58f21feff551aa3ecb5375c19ee4543f7339418c11b9ea18fe2637a9bc9744cc9fcb21a7643eb87683694732154bd1eec746f1c57bac65cf18a83267ea437f7993644c510ac44307703ea28b20e52644dbaabbe9ee1e23a38b29b91cf9077fecdb98ff4e4749c9d6ad2901c5a891c07a8b0c26ad1f8126e6db537df7fff65486afeb85eda80e2a04d09d46720330700267cbcf205b5c00076c01d9db0a64d5426864d14cce1781098afdc28f9f5948ab7791627baf78c3e9df2c0ed9ce50b083bc7a34ee0087f4efde579e2dea313e4e20580c5e63d5ef4509c05a9dc38ced91340bbb9cf948bb03ea5e60c666a1a5c4acd385d0c1a01797b9b3183f4afbc925dd2641d21410b4b1af2f21f8cca330fbc08834e1e8210fdcf332f70f08b48a2655cf017ec8a19640f2f263c54876d6f4ad2193be944667f6498baa32225d2b5b82abd3f2fc64033f1db9adff6b1c788555d5ffa1a35d4a691802447b163ba9a615d6c958036528bbab84230d676145054828d530f0e3af417ad0480eaf2004b9002b644bcd8f0ecf860c31766ace95769ab4fd01f297c595b45e6c7b1c9f662044f43fc82b6244e5d08b1e556599096c034600e20ff000d996b6ba3a6700116127b9468c9567ad920ddcf7ccf9c0a74f49984e24a7aaa2321ee58583c1bdba668cb98c319f682ffc5957015ba1799930d4b676bd3bc76037f6bc2d9ddcb47efebd366a90dc7e67076ebc25e2ef2929a89faee06aa04538a3ae7b196dfecd33725ce9f859c5df4713b220ecd18b1613ba76aebbe8f9f93eeaea9e88e46e7ed24c4efbd86fcd57a4f9fc76152175782871ab211a18ae303be8e9459aab930597d17875c5f5f24d9b16bd8dc4e25f6a7a1de05763da11ee7e26e1e32ee0a5ab2de5d069d03a6ea95a33abc1025d59800fccfff1f0e0f7335e2778b8731cbae94828dbe70507c5369f36d457e98d6042e342cbffde2ee74e05cf0f8aa7185de485e5050294472cd8c7ae03977b62cb287a9d6e4d66650dbc4d89e58ad4f7c24d46573acf85f633d1af73cf655788b431bf22315bdae78d9f6f9cfe32330cbf77bb0195a60244d4bcd0ea35b94bcdf7255ff58f1fb11a09a06747337c95f332a0ade622d49ce0f2943517fb4da8049f3c1b53cb68475c2eb52551d40cbeaf5e79a748c5314bb531b4fc28494b65ee8513427e1fd3cc990fe4ef5ead14b65f1c3e9e0598edf42e2862e2eb180b3e674fc3005859ac56ad17022a8f48b49dcc97e991cfece1d52b7ca82e711944a877567ca0da0663276480d69fa4be56f425bb84dc9177d3e3ed45fb737ce026b8df38336f9efedb89a8650f9fb73918d300c909e9f9189458e1930f09b05433980e79a2eacd0dda32852bdb1a417e4ba62b83d0e17ac8d39834f41c8cd49517013ec658c4e10b38d0788df96764d13ce074271b51041671240549d18540271c8898a5c9e4be4895881235d59666a1f0f3b3cd098786afd6ab4781b73275232b488fb3d9eff77e71f8448a95c653fc80d069c15aa2a80d5799e6c45eb27ea8d6675f28f7aa7cfe3cef877c91ecf3e576e942a20312ffb48a64a91876ec5d1ad2f6a68946e73db4785894736106906731793c3482365d4151051c8d5f16dcb0348628e3aba4087ea8c9ce24bb93190fa12916f529c8eed6dfd3f5bc24d09b1ad377699de3f687b392ec921d81e35dc27bd14be4d004e713c3d07cf600255d45fdfb326b4327c9507c6f69d01236eb9383133dbaa787ba37de14a12e850ec60381a9ffab939ce16cb9b490685343048c0933bc280e809fc8114096ae2d303bbcbbc941b70b5d1d03f59f0b534fa195cbcf34e57d2aaee9c1dcddb5eafd8399fd1d53bfdb48a6f6d3153bb903ce411800f7220bdcfa312ac603672c163a0896b85409859b817cd304e73f278634fab0b1dbe226d7e4f93f220180c3434c7c22ac3143e06702f9a21e66a46d4980bd20d9b0c62846362d0a1151584a28a87902dd0f35187850d501c68900", 0x2000, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x8, {0xffffffffffffffff, 0x1, 0x16, 0x0, 0x7ff, 0x0, {0x2, 0x80000a418, 0x3, 0x6, 0x800000000003, 0x100000000000008, 0x80000000, 0x4, 0x6, 0x8000, 0x80000000, r2, r3, 0x0, 0x4c}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) 3.086603758s ago: executing program 0 (id=4027): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, 0x40810, 0x8000}, [@IFLA_AF_SPEC={0x8, 0x1a, 0x0, 0x1, [@AF_BRIDGE={0x4}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4000000) 3.034336319s ago: executing program 3 (id=4028): socket$inet_udp(0x2, 0x2, 0x0) r0 = socket(0x10, 0x803, 0x0) ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000) kexec_load(0x0, 0x0, 0x0, 0x0) 2.910941721s ago: executing program 0 (id=4029): socket$inet_smc(0x2b, 0x1, 0x0) socket$netlink(0x10, 0x3, 0x8000000004) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x10000802, 0x80, 0x0, 0x40000}, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280000005200010004000000000000001c0000001400", @ANYRES16=r2], 0x28}}, 0x0) 2.827590423s ago: executing program 0 (id=4030): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000380)=0x200000000) r1 = dup2(r0, r0) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x5) read$FUSE(r1, &(0x7f0000004580)={0x2020}, 0x2020) write$vhost_msg_v2(r1, &(0x7f0000000280)={0x2, 0x0, {&(0x7f00000001c0)=""/132, 0x84, 0x0, 0x0, 0x2}}, 0x48) 2.822821983s ago: executing program 2 (id=4031): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x4000000000010046) 2.300737004s ago: executing program 1 (id=4032): r0 = syz_open_dev$admmidi(&(0x7f0000000080), 0x2, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x40045730, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000300)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000008c0)) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="680000000714010025bd7000ffdbdf25080001000100000008000100000000000900020073797a32000000000900020073797a3000000000050042000100000008000100010000000900020073797a30000000000900020073797a3000000000080001"], 0x68}}, 0x0) r5 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f00000001c0)=0x2) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="250a00000000000061114c000000000018000000009500000000000000c95b3d381713beade5e1b5778ff12b349e6fc2c7ebc36793b90313fd468a3b8f4d390c067826bf99ddfb8b7931e419834b"], &(0x7f0000000000)='GPL\x00'}, 0x80) ioctl$VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f0000000580)={0x1ff, 0x8, 0x2, {0x4, @sdr={0x30324c4a, 0x3}}, 0x8}) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000001440)=[@in6={0xa, 0x4e21, 0x3a1, @local, 0x8}], 0x18) r7 = syz_open_dev$swradio(&(0x7f0000000240), 0x0, 0x2) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x30}}, 0x0) ioctl$VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000000)={0x1, 0xb, 0x0, "fbda6b21f1d7479797795318a9b4b19471c838f51ef5dfaee256e99c476c937d", 0x2036315a}) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000680)=ANY=[@ANYRES64=r7, @ANYRES16=0x0, @ANYBLOB="0002fdffffff000000001d0000000800", @ANYRESDEC=r6, @ANYBLOB="48002f800c00020000000000000000000800010002000000300003800800010000000000240003800c0004000200aaaaaa041baaaaaa0c0004000203aaaaaaaaaaaa080002000300"], 0x64}}, 0x44040) sendmsg$IEEE802154_DISASSOCIATE_REQ(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x40) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f00000000c0)="8c4f388cc3ff6fa6c5538344e486e675aff358d64b2973e9d5033a94f2c1a7867168a9c9295740b7598d9d078cef5607699533abb6981a225a837fa582c9c4694d7d7321129efa459efea13953cccbc99bfdcd3caea291210d2f1424261fadb7fc892b39c1120b7f39bc5fb09f967b76a6b2a6eb63c24bf52dc98bfe20d592367b4f9258d5d95326e70504b2a95e5148f10304b571b589394dc4a8e8167f6f00c81a7cc00c42981840504d87f1abc29fd7f7989b942f70941a1dc71385eef8bec360271cd1463e38007038522b660048c44e595e501f14d8d41c3d6a1824a4020ab97c99f5b955e5666f99d660ea137373d2c563169f7cbccd2e72c43d132e95") 1.281939654s ago: executing program 1 (id=4033): openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) r2 = socket(0x10, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000c40)=[@in6={0xa, 0x4e24, 0x5, @private2, 0x4}, @in={0x2, 0x4e22, @local}], 0x2c) write(r2, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/27, 0x1b) r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000140)={@my=0x1}) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r4, 0x7b1, &(0x7f00000000c0)={0x0, 0x2, 0x0, 0x8}) 1.251621935s ago: executing program 0 (id=4034): write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfdfffff3, 0x9, 0x7f, 0x2, 0x1, 0x7f, 0x6, 0xfffffff9, 0xfffffff2, 0x5f, 0x2a35, 0x3, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xfffffffe, 0x1f561e2c, 0x2, 0xe661, 0x4, 0x9, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0xfffffffd, 0x5, 0x5, 0x4, 0x8, 0x3, 0x7, 0x0, 0x5, 0x6, 0x9, 0x4, 0x1, 0x40], [0x10000007, 0x8, 0x12f, 0x8000, 0x10, 0x8, 0x129432e2, 0xcb, 0xf9, 0xd, 0x2bf, 0x2, 0x9, 0xfffffffe, 0x7, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x8, 0xea4, 0xa, 0x4, 0x4000, 0x8000, 0x9, 0xffffffff, 0x1, 0x6, 0xfffffffd, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x1, 0x4, 0x1, 0x7, 0x10001, 0x9, 0x48c93690, 0x3, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x1, 0x7fff, 0x0, 0x8005, 0xb, 0x4, 0x5, 0x3, 0x0, 0x1ef, 0x5, 0x40008, 0x86, 0x3, 0x1000000b, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0xf, 0x8, 0x6, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0x54fe12d6, 0xbf, 0x200, 0x5, 0x400002, 0xfffffff9, 0x0, 0x9, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x4], [0x1000009, 0xbb2f, 0x3, 0x7, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x8ad, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x9, 0x5, 0xffffffff, 0x7ffffffe, 0x5, 0x8, 0xc8, 0x3, 0x3, 0xffff, 0x3, 0x9, 0x800100, 0x9602, 0xa, 0x2, 0x9, 0x6, 0x4000001, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0xb, 0x9, 0x11, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)}) write$char_usb(r0, &(0x7f0000000040)="e2", 0x918) socket$nl_generic(0x10, 0x3, 0x10) ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x230}], 0x1, 0x0, 0x0, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) r2 = syz_usb_connect(0x0, 0x3f, 0x0, 0x0) syz_usb_control_io(r2, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000000)=0xffb) prctl$PR_GET_SPECULATION_CTRL(0x23, 0x4, 0x7fffffffefff) 1.177439956s ago: executing program 2 (id=4035): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0xc054) sendto$inet6(r0, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c) 1.054099929s ago: executing program 2 (id=4036): prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = syz_io_uring_setup(0x495, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x7, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd, 0x4, 0x0, 0x0, 0x16}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 2 (id=4037): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x4f27, 0x800003, 0x10000, 0x4, 0x4, 0xcc6, 0xc, 0x7, 0x400000a, 0xfffffff5, 0x4, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x1a449, 0x200003, 0x81, 0xfffffffc, 0x9, 0x8, 0x1, 0xb, 0xe67, 0x3c, 0x7f, 0x6, 0x2000000, 0xfffffff4]}) kernel console output (not intermixed with test programs): id=0 gid=0 ses=4294967295 subj=unconfined pid=14308 comm="syz.0.2154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f2308b8e9a9 code=0x7fc00000 [ 962.735167][ T28] audit: type=1326 audit(1753293274.709:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14308 comm="syz.0.2154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2308b8e9a9 code=0x7fc00000 [ 962.962008][ T28] audit: type=1326 audit(1753293274.709:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14308 comm="syz.0.2154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2308b8e9a9 code=0x7fc00000 [ 963.009999][ T28] audit: type=1326 audit(1753293274.709:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14308 comm="syz.0.2154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2308b8e9a9 code=0x7fc00000 [ 963.034623][ T28] audit: type=1326 audit(1753293274.709:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14308 comm="syz.0.2154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2308b8e9a9 code=0x7fc00000 [ 963.057791][ T28] audit: type=1326 audit(1753293274.709:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14308 comm="syz.0.2154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2308b8e9a9 code=0x7fc00000 [ 963.083333][ T28] audit: type=1326 audit(1753293274.709:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14308 comm="syz.0.2154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2308b8e9a9 code=0x7fc00000 [ 963.107593][ T28] audit: type=1326 audit(1753293274.709:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14308 comm="syz.0.2154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2308b8e9a9 code=0x7fc00000 [ 963.505548][T14331] usb usb1: usbfs: process 14331 (syz.3.2156) did not claim interface 0 before use [ 971.442942][T14400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2173'. [ 971.848533][T14401] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2173'. [ 974.685475][T14437] ubi: mtd0 is already attached to ubi31 [ 975.409897][T14443] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2183'. [ 975.463283][T14447] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2180'. [ 978.221159][T14483] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2193'. [ 982.112695][T14533] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2201'. [ 983.136298][T14536] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2204'. [ 992.684357][T14619] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2226'. [ 992.728612][T14619] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2226'. [ 993.231768][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.238557][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 995.262615][ T28] kauditd_printk_skb: 19 callbacks suppressed [ 995.262645][ T28] audit: type=1326 audit(1753293307.159:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14658 comm="syz.2.2237" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x0 [ 997.557048][T14673] vivid-004: kernel_thread() failed [ 999.181905][ T28] audit: type=1326 audit(1753293310.579:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14684 comm="syz.3.2244" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5d3118e9a9 code=0x0 [ 1000.001809][T14701] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2245'. [ 1002.038397][T14707] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2249'. [ 1002.214594][T14707] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2249'. [ 1002.397579][ T28] audit: type=1326 audit(1753293314.339:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14708 comm="syz.1.2248" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x0 [ 1004.217168][T14725] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2253'. [ 1004.227495][T14725] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2253'. [ 1004.236912][T14725] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2253'. [ 1004.829173][T14737] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2254'. [ 1005.510250][T14749] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2256'. [ 1008.164298][ T28] audit: type=1326 audit(1753293320.209:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14762 comm="syz.1.2260" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x0 [ 1010.801574][ T28] audit: type=1326 audit(1753293322.829:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14801 comm="syz.1.2272" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x0 [ 1011.924416][T14825] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2280'. [ 1011.935955][T14825] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2280'. [ 1012.327691][ T5835] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 1012.610528][ T5835] usb 1-1: device descriptor read/64, error -71 [ 1013.740990][ T5835] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 1014.073551][ T5835] usb 1-1: device descriptor read/64, error -71 [ 1014.834019][ T5835] usb usb1-port1: attempt power cycle [ 1015.367650][ T28] audit: type=1326 audit(1753293327.399:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14852 comm="syz.1.2288" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x0 [ 1017.205059][T14878] netlink: 112 bytes leftover after parsing attributes in process `syz.0.2296'. [ 1017.600788][ T6556] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 1018.477564][ T6556] usb 1-1: device descriptor read/64, error -71 [ 1018.767985][ T6556] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 1019.258276][ T6556] usb 1-1: device descriptor read/64, error -71 [ 1019.364873][ T28] audit: type=1326 audit(1753293330.829:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14894 comm="syz.1.2302" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x0 [ 1019.423033][ T6556] usb usb1-port1: attempt power cycle [ 1019.897669][ T6556] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 1019.933728][ T6556] usb 1-1: device descriptor read/8, error -71 [ 1020.024951][T14910] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2304'. [ 1020.207534][ T6556] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 1020.248374][ T6556] usb 1-1: device descriptor read/8, error -71 [ 1020.378024][ T6556] usb usb1-port1: unable to enumerate USB device [ 1022.436257][ T28] audit: type=1326 audit(1753293334.479:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14933 comm="syz.0.2312" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2308b8e9a9 code=0x0 [ 1026.154143][ T28] audit: type=1326 audit(1753293338.159:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14983 comm="syz.2.2323" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x0 [ 1027.688281][T15012] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2328'. [ 1028.928041][T15020] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2330'. [ 1029.910286][T15026] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2331'. [ 1030.062054][T15026] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2331'. [ 1030.557706][T15030] tipc: Trying to set illegal importance in message [ 1031.057873][T15029] netlink: 'syz.2.2333': attribute type 7 has an invalid length. [ 1031.065611][T15029] netlink: 'syz.2.2333': attribute type 8 has an invalid length. [ 1031.916851][T15038] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1032.041919][T15038] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1032.060428][T15038] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1033.558858][T15038] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1033.567857][T15038] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1034.203373][ T28] audit: type=1326 audit(1753293345.699:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15041 comm="syz.1.2335" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x0 [ 1034.232554][T15038] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1035.535876][ T28] audit: type=1326 audit(1753293347.579:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15053 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1035.599792][ T28] audit: type=1326 audit(1753293347.579:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15053 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1035.652778][ T28] audit: type=1326 audit(1753293347.579:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15053 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1035.680160][ T28] audit: type=1326 audit(1753293347.579:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15053 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1035.740905][ T28] audit: type=1326 audit(1753293347.579:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15053 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1035.764714][ T28] audit: type=1326 audit(1753293347.579:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15053 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1035.800645][ T28] audit: type=1326 audit(1753293347.579:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15053 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1035.823963][ T28] audit: type=1326 audit(1753293347.579:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15053 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1035.878693][ T28] audit: type=1326 audit(1753293347.579:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15053 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1036.137004][T15035] chnl_net:caif_netlink_parms(): no params data found [ 1036.815492][ T5794] Bluetooth: hci4: command tx timeout [ 1037.986036][T15035] bridge0: port 1(bridge_slave_0) entered blocking state [ 1037.994328][T15035] bridge0: port 1(bridge_slave_0) entered disabled state [ 1038.117702][T15035] bridge_slave_0: entered allmulticast mode [ 1038.139894][T15035] bridge_slave_0: entered promiscuous mode [ 1038.187282][T15035] bridge0: port 2(bridge_slave_1) entered blocking state [ 1038.205533][T15035] bridge0: port 2(bridge_slave_1) entered disabled state [ 1038.460106][T15035] bridge_slave_1: entered allmulticast mode [ 1038.605811][T15035] bridge_slave_1: entered promiscuous mode [ 1038.838020][ T5794] Bluetooth: hci4: command tx timeout [ 1039.005766][T15035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1039.177057][T15035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1040.354995][T15035] team0: Port device team_slave_0 added [ 1040.404043][T15035] team0: Port device team_slave_1 added [ 1040.519462][T15035] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1040.536662][T15035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1040.615371][T15035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1040.680133][ T1123] dvmrp0 (unregistering): left allmulticast mode [ 1040.853937][T15035] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1040.909286][ T5794] Bluetooth: hci4: command tx timeout [ 1040.956721][T15035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1041.199170][ T28] kauditd_printk_skb: 59 callbacks suppressed [ 1041.199205][ T28] audit: type=1326 audit(1753293353.239:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15102 comm="syz.3.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3118e9a9 code=0x7fc00000 [ 1041.277650][T15035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1041.289625][T15110] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2352'. [ 1041.317707][ T28] audit: type=1326 audit(1753293353.239:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15102 comm="syz.3.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f5d3118e9a9 code=0x7fc00000 [ 1041.357564][ T28] audit: type=1326 audit(1753293353.239:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15102 comm="syz.3.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3118e9a9 code=0x7fc00000 [ 1041.395784][ T28] audit: type=1326 audit(1753293353.239:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15102 comm="syz.3.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3118e9a9 code=0x7fc00000 [ 1041.419645][ T28] audit: type=1326 audit(1753293353.239:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15102 comm="syz.3.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3118e9a9 code=0x7fc00000 [ 1041.442231][ T28] audit: type=1326 audit(1753293353.239:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15102 comm="syz.3.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3118e9a9 code=0x7fc00000 [ 1041.466686][ T28] audit: type=1326 audit(1753293353.239:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15102 comm="syz.3.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3118e9a9 code=0x7fc00000 [ 1041.508586][ T28] audit: type=1326 audit(1753293353.239:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15102 comm="syz.3.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3118e9a9 code=0x7fc00000 [ 1041.539548][ T28] audit: type=1326 audit(1753293353.289:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15102 comm="syz.3.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3118e9a9 code=0x7fc00000 [ 1041.566936][ T28] audit: type=1326 audit(1753293353.289:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15102 comm="syz.3.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3118e9a9 code=0x7fc00000 [ 1041.754948][T15035] hsr_slave_0: entered promiscuous mode [ 1041.766162][T15035] hsr_slave_1: entered promiscuous mode [ 1043.252429][ T5794] Bluetooth: hci4: command tx timeout [ 1043.592009][T15035] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1043.601247][T15035] Cannot create hsr debugfs directory [ 1044.635169][T15131] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2359'. [ 1044.654451][T15131] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2359'. [ 1045.361500][T15137] ubi: mtd0 is already attached to ubi31 [ 1046.026352][ T1123] hsr_slave_0: left promiscuous mode [ 1046.055742][ T1123] hsr_slave_1: left promiscuous mode [ 1046.075673][ T1123] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1046.100978][ T1123] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1046.121666][ T1123] bridge_slave_1: left allmulticast mode [ 1046.140887][ T1123] bridge_slave_1: left promiscuous mode [ 1046.148431][ T1123] bridge0: port 2(bridge_slave_1) entered disabled state [ 1046.159564][ T1123] bridge_slave_0: left allmulticast mode [ 1046.165235][ T1123] bridge_slave_0: left promiscuous mode [ 1046.171741][ T1123] bridge0: port 1(bridge_slave_0) entered disabled state [ 1046.697641][ T5835] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 1046.833201][ T1123] team0 (unregistering): Port device team_slave_1 removed [ 1046.877591][ T5835] usb 4-1: Using ep0 maxpacket: 8 [ 1046.880511][ T1123] team0 (unregistering): Port device team_slave_0 removed [ 1046.887126][ T5835] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1046.903543][ T5835] usb 4-1: config 0 has no interfaces? [ 1046.913735][ T5835] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1046.924201][ T5835] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1046.940497][ T5835] usb 4-1: config 0 descriptor?? [ 1046.949432][ T1123] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1046.973519][ T28] kauditd_printk_skb: 59 callbacks suppressed [ 1046.973532][ T28] audit: type=1326 audit(1753293359.029:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15143 comm="syz.2.2363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1047.044459][ T1123] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1049.482855][ T6556] usb 4-1: USB disconnect, device number 29 [ 1050.201216][T15174] ubi: mtd0 is already attached to ubi31 [ 1050.766864][ T1123] bond0 (unregistering): Released all slaves [ 1051.387675][ T28] audit: type=1326 audit(1753293363.419:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.2.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1051.441010][ T28] audit: type=1326 audit(1753293363.419:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.2.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1051.468560][ T28] audit: type=1326 audit(1753293363.419:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.2.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1051.740363][ T28] audit: type=1326 audit(1753293363.419:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.2.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1051.767544][ T28] audit: type=1326 audit(1753293363.419:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.2.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1051.887028][ T28] audit: type=1326 audit(1753293363.419:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.2.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1051.992364][ T28] audit: type=1326 audit(1753293363.419:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.2.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1052.016394][ T28] audit: type=1326 audit(1753293363.419:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.2.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1052.039110][ T28] audit: type=1326 audit(1753293363.429:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.2.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1052.063826][ T28] audit: type=1326 audit(1753293363.429:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.2.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1052.087586][ T28] audit: type=1326 audit(1753293363.429:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.2.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1052.752830][ T6556] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 1052.779706][ T28] audit: type=1326 audit(1753293364.789:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15196 comm="syz.2.2379" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x0 [ 1052.836572][T15204] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2378'. [ 1053.096033][ T6556] usb 4-1: Using ep0 maxpacket: 8 [ 1053.124215][ T6556] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1053.155365][ T6556] usb 4-1: config 0 has no interfaces? [ 1053.176249][ T6556] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1053.204542][ T6556] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1053.471224][ T6556] usb 4-1: config 0 descriptor?? [ 1053.968712][ T1123] IPVS: stop unused estimator thread 0... [ 1054.022541][T15035] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1054.046679][T15035] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1054.060946][T15035] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1054.093387][T15035] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1054.376237][T15226] ubi: mtd0 is already attached to ubi31 [ 1054.999997][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.007331][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.096061][T15035] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1055.143979][T15035] 8021q: adding VLAN 0 to HW filter on device team0 [ 1055.168451][ T8315] bridge0: port 1(bridge_slave_0) entered blocking state [ 1055.175742][ T8315] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1055.211449][ T8315] bridge0: port 2(bridge_slave_1) entered blocking state [ 1055.219666][ T8315] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1055.338687][ T6556] usb 4-1: USB disconnect, device number 30 [ 1055.924456][ T28] audit: type=1326 audit(1753293367.969:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15227 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1056.057308][ T28] audit: type=1326 audit(1753293367.969:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15227 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1056.081927][ T28] audit: type=1326 audit(1753293368.019:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15227 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1056.119973][ T28] audit: type=1326 audit(1753293368.019:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15227 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x7fc00000 [ 1058.150590][ T28] kauditd_printk_skb: 58 callbacks suppressed [ 1058.150637][ T28] audit: type=1326 audit(1753293369.579:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15244 comm="syz.2.2388" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f788b38e9a9 code=0x0 [ 1059.134658][T15035] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1059.176602][T15241] mmap: syz.1.2387 (15241) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 1059.355616][T15035] veth0_vlan: entered promiscuous mode [ 1059.381647][T15035] veth1_vlan: entered promiscuous mode [ 1059.563004][T15035] veth0_macvtap: entered promiscuous mode [ 1059.587048][T15035] veth1_macvtap: entered promiscuous mode [ 1059.687727][ T6556] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 1060.086806][T15035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1060.131684][T15035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1060.183657][T15035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1060.305078][T15035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1060.352861][T15035] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1060.390609][T15035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1060.527724][ T6556] usb 4-1: Using ep0 maxpacket: 8 [ 1060.559274][ T6556] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1060.580186][T15035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1060.600792][ T6556] usb 4-1: config 0 has no interfaces? [ 1060.606336][ T6556] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1060.634683][T15035] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1060.656113][T15035] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1060.667132][T15035] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1060.681439][T15035] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1060.687337][ T6556] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1060.745554][T15273] atomic_op ffff888021614198 conn xmit_atomic 0000000000000000 [ 1060.822399][ T5894] IPVS: starting estimator thread 0... [ 1060.852314][ T6556] usb 4-1: config 0 descriptor?? [ 1060.876943][T15035] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1060.997774][T15275] IPVS: using max 17 ests per chain, 40800 per kthread [ 1061.420747][ T1123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1061.440269][ T1123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1061.475265][ T28] audit: type=1326 audit(1753293373.519:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15271 comm="syz.1.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1061.499621][T12549] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1061.518420][T12549] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1061.531450][ T28] audit: type=1326 audit(1753293373.519:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15271 comm="syz.1.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1061.605989][ T28] audit: type=1326 audit(1753293373.519:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15271 comm="syz.1.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1061.659893][ T28] audit: type=1326 audit(1753293373.519:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15271 comm="syz.1.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1061.724152][ T28] audit: type=1326 audit(1753293373.519:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15271 comm="syz.1.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1061.784344][ T28] audit: type=1326 audit(1753293373.519:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15271 comm="syz.1.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1061.874161][ T28] audit: type=1326 audit(1753293373.519:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15271 comm="syz.1.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1062.530745][ T28] audit: type=1326 audit(1753293373.519:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15271 comm="syz.1.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1062.554292][ T28] audit: type=1326 audit(1753293373.559:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15271 comm="syz.1.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1062.838563][ T5842] usb 4-1: USB disconnect, device number 31 [ 1063.049285][T15290] netlink: 112 bytes leftover after parsing attributes in process `syz.3.2399'. [ 1063.080521][T15291] netlink: 592 bytes leftover after parsing attributes in process `syz.0.2332'. [ 1064.434657][T15311] netlink: 100 bytes leftover after parsing attributes in process `syz.1.2406'. [ 1065.130837][T15038] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1065.166597][ T28] kauditd_printk_skb: 21 callbacks suppressed [ 1065.166644][ T28] audit: type=1326 audit(1753293377.159:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15313 comm="syz.1.2408" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x0 [ 1065.210912][T15038] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1065.232790][T15038] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1065.248218][ T1123] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1065.249307][T15038] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1065.268966][T15038] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1065.277271][T15038] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1065.370921][ T28] audit: type=1326 audit(1753293377.349:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15306 comm="syz.3.2405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3118e9a9 code=0x7fc00000 [ 1065.618779][ T1123] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1065.968081][ T1123] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1066.037106][T15317] chnl_net:caif_netlink_parms(): no params data found [ 1067.079270][T15317] bridge0: port 1(bridge_slave_0) entered blocking state [ 1067.105060][T15317] bridge0: port 1(bridge_slave_0) entered disabled state [ 1067.124898][T15317] bridge_slave_0: entered allmulticast mode [ 1067.195096][T15317] bridge_slave_0: entered promiscuous mode [ 1067.224168][ T1123] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1067.251920][T15317] bridge0: port 2(bridge_slave_1) entered blocking state [ 1067.517890][T15038] Bluetooth: hci3: command tx timeout [ 1067.612088][T15317] bridge0: port 2(bridge_slave_1) entered disabled state [ 1067.674863][T15317] bridge_slave_1: entered allmulticast mode [ 1067.746676][T15317] bridge_slave_1: entered promiscuous mode [ 1067.965619][ T28] audit: type=1326 audit(1753293379.999:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15351 comm="syz.1.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1068.009509][ T28] audit: type=1326 audit(1753293379.999:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15351 comm="syz.1.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1068.032557][ T28] audit: type=1326 audit(1753293379.999:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15351 comm="syz.1.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1068.056335][ T28] audit: type=1326 audit(1753293379.999:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15351 comm="syz.1.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1068.084316][ T28] audit: type=1326 audit(1753293379.999:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15351 comm="syz.1.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1068.107113][ T28] audit: type=1326 audit(1753293379.999:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15351 comm="syz.1.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1068.135592][ T28] audit: type=1326 audit(1753293379.999:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15351 comm="syz.1.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1068.159693][ T28] audit: type=1326 audit(1753293379.999:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15351 comm="syz.1.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1798e9a9 code=0x7fc00000 [ 1068.294360][T15317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1069.039686][T15317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1069.056222][T15373] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2419'. [ 1069.399833][T15317] team0: Port device team_slave_0 added [ 1069.408799][T15317] team0: Port device team_slave_1 added [ 1069.451241][T15317] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1069.465305][T15317] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1070.014421][T15317] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1070.019097][T15038] Bluetooth: hci3: command tx timeout [ 1070.044268][T15317] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1070.053232][T15317] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1070.096196][T15317] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1070.409999][T15317] hsr_slave_0: entered promiscuous mode [ 1071.811162][T15317] hsr_slave_1: entered promiscuous mode [ 1071.944023][T15317] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1071.957495][T15317] Cannot create hsr debugfs directory [ 1072.108860][T15038] Bluetooth: hci3: command tx timeout [ 1073.396273][T15424] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2432'. [ 1074.203596][T15038] Bluetooth: hci3: command tx timeout [ 1074.332157][T15411] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2428'. [ 1074.598352][T15430] netlink: 100 bytes leftover after parsing attributes in process `syz.1.2434'. [ 1075.757026][T15449] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2441'. [ 1076.845509][T15317] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1076.874755][T15317] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1076.908299][T15317] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1077.095812][ T1123] hsr_slave_0: left promiscuous mode [ 1077.114223][ T1123] hsr_slave_1: left promiscuous mode [ 1077.155857][ T1123] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1077.164410][ T1123] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1077.172420][ T1123] bridge_slave_1: left allmulticast mode [ 1077.179610][ T1123] bridge_slave_1: left promiscuous mode [ 1077.185468][ T1123] bridge0: port 2(bridge_slave_1) entered disabled state [ 1077.229884][ T1123] bridge_slave_0: left allmulticast mode [ 1077.235580][ T1123] bridge_slave_0: left promiscuous mode [ 1077.263523][ T1123] bridge0: port 1(bridge_slave_0) entered disabled state [ 1078.116166][ T1123] veth1_macvtap: left promiscuous mode [ 1078.135071][ T1123] veth0_macvtap: left promiscuous mode [ 1078.144993][ T1123] veth1_vlan: left promiscuous mode [ 1078.158202][ T1123] veth0_vlan: left promiscuous mode [ 1078.867044][ T1123] bond1 (unregistering): (slave batadv_slave_1): Releasing active interface [ 1078.882939][ T1123] bond1 (unregistering): Released all slaves [ 1080.788520][ T1123] team0 (unregistering): Port device team_slave_1 removed [ 1081.009952][ T1123] team0 (unregistering): Port device team_slave_0 removed [ 1081.130038][ T1123] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1081.217291][ T1123] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1082.143518][ T1123] bond0 (unregistering): Released all slaves [ 1082.331284][T15317] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1082.352210][T15465] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2442'. [ 1082.397657][T15502] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2453'. [ 1082.721500][T15317] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1082.825182][T15317] 8021q: adding VLAN 0 to HW filter on device team0 [ 1082.841926][ T1123] IPVS: stop unused estimator thread 0... [ 1082.871400][T12214] bridge0: port 1(bridge_slave_0) entered blocking state [ 1082.878669][T12214] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1082.892775][T12214] bridge0: port 2(bridge_slave_1) entered blocking state [ 1082.900140][T12214] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1083.077962][ T8] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 1083.291583][ T8] usb 4-1: Using ep0 maxpacket: 8 [ 1083.313375][ T8] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1083.340247][ T8] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1083.365871][T15317] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1083.376253][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1083.394922][ T8] usb 4-1: config 0 descriptor?? [ 1083.407817][ T8] iowarrior 4-1:0.0: no interrupt-in endpoint found [ 1083.459890][T15317] veth0_vlan: entered promiscuous mode [ 1083.479210][T15317] veth1_vlan: entered promiscuous mode [ 1083.516309][T15317] veth0_macvtap: entered promiscuous mode [ 1083.537337][T15317] veth1_macvtap: entered promiscuous mode [ 1083.562711][T15317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1083.577531][T15317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1083.591965][T15317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1083.604263][T15317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1083.620753][T15317] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1083.636858][T15317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1083.656614][T15317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1083.668170][T15317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1083.682998][T15317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1083.699143][T15317] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1083.735087][T15317] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1083.747291][T15317] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1083.758717][T15317] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1083.820152][T15317] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1083.966502][ T1123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1083.987771][ T1123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1084.243166][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1084.257772][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1084.322155][T15553] atomic_op ffff88801c7b6198 conn xmit_atomic 0000000000000000 [ 1085.900078][ T6556] usb 4-1: USB disconnect, device number 32 [ 1086.408220][ T5794] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1086.418530][ T5794] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1086.427170][ T5794] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1086.447222][ T5794] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1086.827765][ T5794] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1086.835544][ T5794] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1086.950626][ T5794] Bluetooth: Unexpected continuation frame (len 16) [ 1086.958482][ T28] kauditd_printk_skb: 60 callbacks suppressed [ 1086.958497][ T28] audit: type=1326 audit(1753293399.009:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15560 comm="syz.0.2468" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f212ff8e9a9 code=0x0 [ 1087.476684][T12549] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1087.826751][T12549] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1087.998749][T12549] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1088.125935][T12549] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1088.985987][ T5794] Bluetooth: hci1: command tx timeout [ 1089.794053][T15573] chnl_net:caif_netlink_parms(): no params data found [ 1090.077569][ T5842] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 1090.887599][ T5842] usb 4-1: Using ep0 maxpacket: 8 [ 1090.961592][ T5842] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1090.977734][ T5842] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1091.067736][ T5794] Bluetooth: hci1: command tx timeout [ 1091.073884][ T5842] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1091.202573][ T5842] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1091.248758][ T5842] usb 4-1: config 0 descriptor?? [ 1091.261762][ T5842] iowarrior 4-1:0.0: no interrupt-in endpoint found [ 1091.273607][T15573] bridge0: port 1(bridge_slave_0) entered blocking state [ 1091.297174][T15573] bridge0: port 1(bridge_slave_0) entered disabled state [ 1091.341332][T15573] bridge_slave_0: entered allmulticast mode [ 1091.398683][T15573] bridge_slave_0: entered promiscuous mode [ 1091.633292][T15573] bridge0: port 2(bridge_slave_1) entered blocking state [ 1091.661489][T15573] bridge0: port 2(bridge_slave_1) entered disabled state [ 1091.669844][T15573] bridge_slave_1: entered allmulticast mode [ 1091.677251][T15573] bridge_slave_1: entered promiscuous mode [ 1091.984368][T15573] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1092.288743][T15573] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1092.750959][T15573] team0: Port device team_slave_0 added [ 1092.929155][T15573] team0: Port device team_slave_1 added [ 1093.014465][T15632] tmpfs: Unknown parameter 'quo' [ 1093.149337][ T5794] Bluetooth: hci1: command tx timeout [ 1093.372955][ T23] usb 4-1: USB disconnect, device number 33 [ 1093.768280][T15573] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1093.802880][T15573] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1093.903108][T15573] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1093.957411][T15573] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1093.964488][T15573] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1093.992507][T15573] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1094.088178][T15640] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2488'. [ 1094.914185][T15573] hsr_slave_0: entered promiscuous mode [ 1094.943505][T15573] hsr_slave_1: entered promiscuous mode [ 1095.155019][T12549] hsr_slave_0: left promiscuous mode [ 1095.227744][ T5794] Bluetooth: hci1: command tx timeout [ 1095.326464][T12549] hsr_slave_1: left promiscuous mode [ 1095.341203][T12549] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1095.425717][T12549] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1095.436859][T12549] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1095.453618][T12549] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1095.740803][T12549] bridge_slave_1: left allmulticast mode [ 1095.746599][T12549] bridge_slave_1: left promiscuous mode [ 1095.861663][T12549] bridge0: port 2(bridge_slave_1) entered disabled state [ 1096.037803][T12549] bridge_slave_0: left allmulticast mode [ 1096.166853][T12549] bridge_slave_0: left promiscuous mode [ 1096.275808][T12549] bridge0: port 1(bridge_slave_0) entered disabled state [ 1096.414657][T12549] : left promiscuous mode [ 1096.419543][T12549] veth1_vlan: left promiscuous mode [ 1096.426257][T12549] veth0_vlan: left promiscuous mode [ 1096.567351][T15664] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2494'. [ 1096.586887][T15664] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2494'. [ 1097.412460][T12549] team0 (unregistering): Port device team_slave_1 removed [ 1097.475429][T12549] team0 (unregistering): Port device team_slave_0 removed [ 1097.535055][T12549] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1097.597124][T12549] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1098.042332][T15669] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2497'. [ 1098.701702][T12549] bond0 (unregistering): Released all slaves [ 1098.784141][T15654] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2492'. [ 1099.739906][T15679] vivid-000: kernel_thread() failed [ 1101.393920][T15698] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2505'. [ 1101.404192][T15698] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2505'. [ 1101.413278][T15698] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2505'. [ 1101.972750][T15696] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2504'. [ 1102.057624][T15696] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2504'. [ 1102.313378][T12549] IPVS: stop unused estimator thread 0... [ 1102.491156][T15701] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2506'. [ 1103.333048][T15573] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1103.344143][T15573] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1103.364788][T15573] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1103.819054][T15573] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1103.913461][T15721] ubi: mtd0 is already attached to ubi31 [ 1104.966446][T15573] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1105.184465][T15573] 8021q: adding VLAN 0 to HW filter on device team0 [ 1105.621605][T13849] bridge0: port 1(bridge_slave_0) entered blocking state [ 1105.628903][T13849] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1105.671831][T13849] bridge0: port 2(bridge_slave_1) entered blocking state [ 1105.679096][T13849] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1106.082316][T15737] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2514'. [ 1106.249361][T15739] netlink: 112 bytes leftover after parsing attributes in process `syz.2.2515'. [ 1106.271628][T15740] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2514'. [ 1106.682160][T15750] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2517'. [ 1107.397076][T15756] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2516'. [ 1107.855619][T15573] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1107.941349][T15765] ubi: mtd0 is already attached to ubi31 [ 1109.205901][T15573] veth0_vlan: entered promiscuous mode [ 1109.456573][T15573] veth1_vlan: entered promiscuous mode [ 1109.496602][T15573] veth0_macvtap: entered promiscuous mode [ 1110.270015][T15573] veth1_macvtap: entered promiscuous mode [ 1110.755481][T15779] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2525'. [ 1110.916112][T15573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1111.142227][T15573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1111.155589][T15573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1111.166460][T15573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1111.180213][T15780] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2525'. [ 1111.913293][T15573] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1111.953140][T15573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1111.982903][T15573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1111.994927][T15573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1112.016202][T15573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1112.418564][T15573] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1112.649289][T15573] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1112.761542][T15573] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1112.847580][T15573] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1112.856325][T15573] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1113.123454][T15794] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2527'. [ 1113.274258][ T1123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1113.303246][ T1123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1113.344026][ T1123] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1113.438093][ T1123] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1113.493893][T15804] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2530'. [ 1116.111947][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.119094][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 1117.707178][T15848] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2538'. [ 1121.577952][T15876] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2544'. [ 1121.958711][T15038] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1121.975943][T15038] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1121.984705][T15038] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1121.994804][T15038] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1122.006292][T15038] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1122.014113][T15038] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1122.984251][ T1123] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1123.894816][T15882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2548'. [ 1124.282305][ T5794] Bluetooth: hci0: command tx timeout [ 1124.578532][ T1123] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1125.419422][ T1123] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1125.537336][ T1123] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1125.844626][T15912] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2557'. [ 1126.399952][ T5794] Bluetooth: hci0: command tx timeout [ 1126.768048][T15878] chnl_net:caif_netlink_parms(): no params data found [ 1128.298671][T15926] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2560'. [ 1128.427680][T15038] Bluetooth: hci0: command tx timeout [ 1128.443709][T15935] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2562'. [ 1128.664839][T15937] netlink: 112 bytes leftover after parsing attributes in process `syz.0.2563'. [ 1128.991763][T15878] bridge0: port 1(bridge_slave_0) entered blocking state [ 1129.044459][T15878] bridge0: port 1(bridge_slave_0) entered disabled state [ 1129.109408][T15878] bridge_slave_0: entered allmulticast mode [ 1129.193657][T15878] bridge_slave_0: entered promiscuous mode [ 1129.567736][T15878] bridge0: port 2(bridge_slave_1) entered blocking state [ 1129.587631][T15878] bridge0: port 2(bridge_slave_1) entered disabled state [ 1129.612538][T15878] bridge_slave_1: entered allmulticast mode [ 1129.714998][T15878] bridge_slave_1: entered promiscuous mode [ 1133.097902][T15038] Bluetooth: hci0: command tx timeout [ 1133.186022][ T28] audit: type=1326 audit(1753293445.209:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15945 comm="syz.2.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1133.419441][T15878] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1133.436994][T15878] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1133.678122][T15878] team0: Port device team_slave_0 added [ 1133.775560][T15878] team0: Port device team_slave_1 added [ 1133.863825][T15878] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1133.871129][T15878] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1133.900044][T15878] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1133.940881][T15878] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1133.949953][T15878] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1133.982590][T15878] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1134.090942][T15878] hsr_slave_0: entered promiscuous mode [ 1134.103343][T15878] hsr_slave_1: entered promiscuous mode [ 1134.113170][T15878] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1134.125448][T15878] Cannot create hsr debugfs directory [ 1135.433601][ T1123] hsr_slave_0: left promiscuous mode [ 1135.440010][ T1123] hsr_slave_1: left promiscuous mode [ 1135.446274][ T1123] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1135.455293][ T1123] bridge_slave_1: left allmulticast mode [ 1135.461287][ T1123] bridge_slave_1: left promiscuous mode [ 1135.467145][ T1123] bridge0: port 2(bridge_slave_1) entered disabled state [ 1135.477925][ T1123] bridge_slave_0: left allmulticast mode [ 1135.484773][ T1123] bridge_slave_0: left promiscuous mode [ 1135.491654][ T1123] bridge0: port 1(bridge_slave_0) entered disabled state [ 1135.524426][ T1123] veth1_macvtap: left promiscuous mode [ 1135.536888][ T1123] veth0_macvtap: left promiscuous mode [ 1135.544771][ T1123] veth1_vlan: left promiscuous mode [ 1135.550702][ T1123] veth0_vlan: left promiscuous mode [ 1135.691280][ T27] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 1135.897813][ T27] usb 3-1: Using ep0 maxpacket: 8 [ 1135.936609][ T27] usb 3-1: config 0 has an invalid interface number: 55 but max is 0 [ 1135.981195][ T27] usb 3-1: config 0 has no interface number 0 [ 1136.034124][ T27] usb 3-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping [ 1136.096933][ T27] usb 3-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping [ 1136.154317][ T27] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 1136.223257][ T27] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 1136.271995][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1136.427048][ T27] usb 3-1: config 0 descriptor?? [ 1136.448645][ T27] ldusb 3-1:0.55: Interrupt in endpoint not found [ 1136.460924][ T1123] bond1 (unregistering): Released all slaves [ 1136.662390][ T27] usb 3-1: USB disconnect, device number 32 [ 1137.676461][ T1123] team0 (unregistering): Port device team_slave_1 removed [ 1137.791464][ T1123] team0 (unregistering): Port device team_slave_0 removed [ 1137.936654][ T1123] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1138.296446][ T1123] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1141.045912][T16019] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2586'. [ 1141.304416][T16021] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2586'. [ 1142.785150][ T28] audit: type=1326 audit(1753293454.529:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16025 comm="syz.0.2588" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f212ff8e9a9 code=0x0 [ 1142.809501][T15038] Bluetooth: Unexpected continuation frame (len 16) [ 1142.909325][ T1123] bond0 (unregistering): Released all slaves [ 1143.252104][T15977] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2572'. [ 1143.421951][T16037] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2591'. [ 1144.474880][ T1123] IPVS: stop unused estimator thread 0... [ 1144.691484][T15878] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1144.710567][T15878] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1144.731395][T15878] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1144.753822][T15878] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1144.963602][T15878] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1146.316076][T15878] 8021q: adding VLAN 0 to HW filter on device team0 [ 1146.448632][ T1123] bridge0: port 1(bridge_slave_0) entered blocking state [ 1146.455841][ T1123] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1146.500823][ T48] bridge0: port 2(bridge_slave_1) entered blocking state [ 1146.508011][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1146.792932][T16070] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2599'. [ 1147.474696][T15878] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1148.523707][T16080] netlink: 47 bytes leftover after parsing attributes in process `syz.0.2601'. [ 1148.560605][T16080] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2601'. [ 1148.895006][T15878] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1149.072610][T15878] veth0_vlan: entered promiscuous mode [ 1149.148765][T15878] veth1_vlan: entered promiscuous mode [ 1149.286650][T15878] veth0_macvtap: entered promiscuous mode [ 1149.319457][T15878] veth1_macvtap: entered promiscuous mode [ 1149.396940][T15878] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1149.565070][T15878] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1149.575145][T15878] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1149.586032][T15878] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1149.596289][T15878] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1149.606976][T15878] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1149.618781][T15878] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1149.629381][T15878] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1149.639926][T15878] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1149.650491][T15878] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1149.661228][T15878] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1149.671437][T15878] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1149.682086][T15878] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1149.698409][T15878] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1149.720719][T15878] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1150.342034][ T28] audit: type=1326 audit(1753293462.279:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16097 comm="syz.1.2605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f620fb8e9a9 code=0x7fc00000 [ 1150.374048][T15878] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1150.386284][T15878] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1150.414172][T15878] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1150.589009][T16112] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2607'. [ 1151.150383][T16120] atomic_op ffff88805cf54198 conn xmit_atomic 0000000000000000 [ 1151.834228][T14569] IPVS: starting estimator thread 0... [ 1151.954141][ T1123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1151.980985][T16123] IPVS: using max 18 ests per chain, 43200 per kthread [ 1151.993876][ T1123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1152.031568][ T1123] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1152.050895][ T1123] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1152.163652][T16127] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2610'. [ 1154.167942][T16160] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2619'. [ 1155.535020][T16170] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2621'. [ 1158.323106][ T5794] Bluetooth: Unexpected continuation frame (len 16) [ 1158.438280][ T28] audit: type=1326 audit(1753293470.369:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16199 comm="syz.3.2632" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f35e358e9a9 code=0x0 [ 1159.147640][ T5794] Bluetooth: hci4: command 0x0406 tx timeout [ 1160.806658][T16221] vivid-002: kernel_thread() failed [ 1161.714104][ T28] audit: type=1326 audit(1753293473.759:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16229 comm="syz.2.2643" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x0 [ 1161.806167][T15038] Bluetooth: Unexpected continuation frame (len 16) [ 1163.976831][ T28] audit: type=1326 audit(1753293476.019:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16247 comm="syz.1.2646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f620fb8e9a9 code=0x7fc00000 [ 1166.938380][T15038] Bluetooth: Unexpected continuation frame (len 16) [ 1166.946961][ T28] audit: type=1326 audit(1753293478.989:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16270 comm="syz.0.2653" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f212ff8e9a9 code=0x0 [ 1173.389303][T16330] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2668'. [ 1173.854278][T16334] input: syz1 as /devices/virtual/input/input33 [ 1173.977692][ T28] audit: type=1326 audit(1753293485.999:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16318 comm="syz.2.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1176.517643][T16351] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2674'. [ 1177.798044][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.814269][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 1183.738911][T16409] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2687'. [ 1185.577394][T16430] vivid-001: kernel_thread() failed [ 1187.300118][T16448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2698'. [ 1188.793146][T16463] input: syz1 as /devices/virtual/input/input34 [ 1189.037506][T16466] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2703'. [ 1189.487366][T16467] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2703'. [ 1190.470344][T15038] Bluetooth: hci3: command 0x0406 tx timeout [ 1191.196749][ T5794] Bluetooth: Unexpected continuation frame (len 16) [ 1191.196825][ T28] audit: type=1326 audit(1753293503.229:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16484 comm="syz.2.2710" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x0 [ 1191.225395][ C0] vkms_vblank_simulate: vblank timer overrun [ 1192.029105][T16504] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2717'. [ 1192.173515][T16502] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2717'. [ 1193.665600][ T28] audit: type=1326 audit(1753293505.709:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16531 comm="syz.2.2725" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x0 [ 1193.667365][ T5794] Bluetooth: Unexpected continuation frame (len 16) [ 1193.776861][ T5894] usb 2-1: new full-speed USB device number 31 using dummy_hcd [ 1194.708516][T16543] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2726'. [ 1194.814048][ T5894] usb 2-1: config 201 has an invalid interface number: 249 but max is 0 [ 1194.968555][ T5894] usb 2-1: config 201 has no interface number 0 [ 1195.028306][ T5894] usb 2-1: config 201 interface 249 has no altsetting 0 [ 1195.081691][ T5894] usb 2-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df [ 1195.180436][ T5894] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1195.207940][ T5894] usb 2-1: Product: syz [ 1195.212170][ T5894] usb 2-1: Manufacturer: syz [ 1195.234831][ T5894] usb 2-1: SerialNumber: syz [ 1195.434524][T16544] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2726'. [ 1197.412829][ T5894] ath6kl: Failed to submit usb control message: -71 [ 1197.422628][ T5894] ath6kl: unable to send the bmi data to the device: -71 [ 1197.429886][ T5894] ath6kl: Unable to send get target info: -71 [ 1197.464864][ T5894] ath6kl: Failed to init ath6kl core: -71 [ 1197.481646][ T5894] ath6kl_usb: probe of 2-1:201.249 failed with error -71 [ 1197.496922][ T5894] usb 2-1: USB disconnect, device number 31 [ 1202.725082][ T28] audit: type=1400 audit(1753293514.769:844): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF3460B0BA260624F2A08BDBB6D3C92592016EA4E0F401876B1958B3F9AA5153386EED838C49D3AFF pid=16604 comm="syz.3.2743" [ 1204.052480][T16624] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2748'. [ 1204.261956][T16626] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2747'. [ 1204.474043][T16628] binder: 16622:16628 ioctl c0306201 0 returned -14 [ 1204.486361][T16628] binder: BINDER_SET_CONTEXT_MGR already set [ 1204.492874][T16628] binder: 16622:16628 ioctl 4018620d 200000000040 returned -16 [ 1205.958149][T16635] xt_TCPMSS: Only works on TCP SYN packets [ 1206.220255][T16645] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2754'. [ 1206.456537][T16647] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2754'. [ 1207.464196][T16662] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2760'. [ 1209.888339][T16670] block device autoloading is deprecated and will be removed. [ 1210.348822][T15038] Bluetooth: hci1: command 0x0406 tx timeout [ 1210.534222][T16688] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2767'. [ 1210.941266][T16689] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2767'. [ 1212.041940][T16699] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2771'. [ 1215.304675][T16724] netlink: 100 bytes leftover after parsing attributes in process `syz.1.2777'. [ 1215.955257][T16735] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2780'. [ 1216.030376][T16730] netlink: 164 bytes leftover after parsing attributes in process `syz.2.2779'. [ 1218.617564][ T27] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 1218.764389][T16762] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2788'. [ 1220.075001][T16764] netlink: 164 bytes leftover after parsing attributes in process `syz.2.2789'. [ 1220.242456][ T27] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 1220.255669][ T27] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1221.007391][ T27] usb 2-1: config 220 has an invalid descriptor of length 1, skipping remainder of the config [ 1221.028510][ T27] usb 2-1: config 220 has no interface number 2 [ 1221.035219][ T27] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1221.048953][ T27] usb 2-1: config 220 interface 0 has no altsetting 0 [ 1221.168048][ T27] usb 2-1: config 220 interface 76 has no altsetting 0 [ 1221.175157][ T27] usb 2-1: config 220 interface 1 has no altsetting 0 [ 1221.186538][ T27] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1221.195875][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1221.203978][ T27] usb 2-1: Product: syz [ 1221.208714][ T27] usb 2-1: Manufacturer: syz [ 1221.214269][ T27] usb 2-1: SerialNumber: syz [ 1221.280128][T16774] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2791'. [ 1222.096040][ T27] usb 2-1: can't set config #220, error -71 [ 1222.175591][ T27] usb 2-1: USB disconnect, device number 32 [ 1227.008114][T16811] netlink: zone id is out of range [ 1227.707882][T16804] ubi: mtd0 is already attached to ubi31 [ 1230.546174][T16839] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2810'. [ 1232.058062][T16851] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2816'. [ 1232.274624][T16851] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2816'. [ 1233.058869][T16863] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2818'. [ 1233.068206][T16863] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2818'. [ 1233.077180][T16863] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2818'. [ 1236.040912][T16880] ubi: mtd0 is already attached to ubi31 [ 1236.927196][T16887] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2827'. [ 1237.332841][T16887] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2827'. [ 1237.711906][T16899] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2830'. [ 1239.081969][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1239.088440][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 1239.184989][T16911] ubi: mtd0 is already attached to ubi31 [ 1240.921997][T16927] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2838'. [ 1242.586003][T16944] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2842'. [ 1245.386332][T16939] ubi: mtd0 is already attached to ubi31 [ 1246.347882][T15038] Bluetooth: hci0: command 0x0406 tx timeout [ 1247.334819][T16977] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2850'. [ 1247.519489][T16978] ubi: mtd0 is already attached to ubi31 [ 1250.239649][T17003] netlink: 124 bytes leftover after parsing attributes in process `syz.3.2863'. [ 1251.693802][T17015] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2866'. [ 1252.507509][T17018] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2867'. [ 1252.779024][T17018] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2867'. [ 1253.368726][T17024] vivid-001: kernel_thread() failed [ 1253.966772][T17038] overlayfs: failed to resolve './file0': -2 [ 1253.985507][T17038] Bluetooth: MGMT ver 1.22 [ 1256.930724][T17064] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2883'. [ 1257.130246][T17065] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2883'. [ 1259.121590][T17075] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2885'. [ 1261.056404][ T6556] IPVS: starting estimator thread 0... [ 1261.893366][T17100] IPVS: using max 20 ests per chain, 48000 per kthread [ 1262.263480][T17110] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2893'. [ 1263.255948][T17105] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2893'. [ 1263.820658][T17128] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2897'. [ 1264.402131][T17129] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2898'. [ 1264.412275][T17129] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2898'. [ 1264.421324][T17129] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2898'. [ 1267.805893][T17158] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2905'. [ 1268.247739][T17158] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2905'. [ 1268.604306][T17169] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2909'. [ 1270.926099][T17188] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2914'. [ 1272.634524][T17202] Cannot find add_set index 0 as target [ 1273.741331][T17194] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2919'. [ 1273.783727][T17194] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2919'. [ 1273.960631][ T28] audit: type=1400 audit(1753293585.979:845): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF3460B0BA260 pid=17213 comm="syz.2.2926" [ 1273.988500][T17216] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2917'. [ 1273.997723][T17216] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2917'. [ 1274.006847][T17216] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2917'. [ 1274.473468][T17223] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2927'. [ 1277.594536][T17255] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2939'. [ 1277.901686][T17267] syz.2.2945 (17267) used greatest stack depth: 19120 bytes left [ 1277.959278][T17268] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2942'. [ 1277.977616][T17268] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2942'. [ 1279.135847][T17277] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2944'. [ 1279.145058][T17277] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2944'. [ 1279.154408][T17277] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2944'. [ 1280.078121][T17289] atomic_op ffff88806121c998 conn xmit_atomic 0000000000000000 [ 1282.957789][ T5894] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 1283.088034][T17331] atomic_op ffff888063a3f198 conn xmit_atomic 0000000000000000 [ 1283.157809][ T5894] usb 3-1: Using ep0 maxpacket: 8 [ 1283.170075][ T5894] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1283.182603][ T5894] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1283.192672][ T5894] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1283.202860][ T5894] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1283.216205][ T5894] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1283.225477][ T5894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1283.452684][ T5894] usb 3-1: GET_CAPABILITIES returned 0 [ 1283.459811][ T5894] usbtmc 3-1:16.0: can't read capabilities [ 1283.482325][T17344] overlayfs: missing 'lowerdir' [ 1283.492559][T17344] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1283.829076][T17322] raw_sendmsg: syz.2.2961 forgot to set AF_INET. Fix it! [ 1283.852998][ T5827] usb 3-1: USB disconnect, device number 33 [ 1285.028711][T17363] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2975'. [ 1285.084389][T17363] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2975'. [ 1286.963068][T17393] atomic_op ffff88807d38a998 conn xmit_atomic 0000000000000000 [ 1287.014866][ T5894] IPVS: starting estimator thread 0... [ 1287.294907][T17394] IPVS: using max 34 ests per chain, 81600 per kthread [ 1287.762096][ T28] audit: type=1400 audit(1753293599.799:846): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF3460B0BA260624F2A08BDBB6D3C92592016EA4E0F401876B1958B3F9AA515 pid=17407 comm="syz.1.2990" [ 1288.412731][ T5794] Bluetooth: Frame is too long (len 16, expected len 4) [ 1288.420948][ T28] audit: type=1326 audit(1753293600.459:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17411 comm="syz.2.2989" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x0 [ 1289.658913][T17443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2994'. [ 1289.672870][T17442] netlink: 164 bytes leftover after parsing attributes in process `syz.2.2999'. [ 1289.675223][T17443] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2994'. [ 1289.823116][T17443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2994'. [ 1289.995624][T17452] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3000'. [ 1290.015388][T17452] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3000'. [ 1291.043213][ T5794] Bluetooth: Frame is too long (len 16, expected len 4) [ 1291.051017][ T28] audit: type=1326 audit(1753293603.089:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17455 comm="syz.0.3002" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f212ff8e9a9 code=0x0 [ 1292.451734][ T28] audit: type=1400 audit(1753293604.499:849): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF3460B0BA260624F2A08BDBB6D3C92592016EA4E0F401876B1958B3F9AA5153386EED8 pid=17480 comm="syz.3.3012" [ 1293.034503][T17487] atomic_op ffff8880787a4998 conn xmit_atomic 0000000000000000 [ 1293.049801][T14569] IPVS: starting estimator thread 0... [ 1293.148045][T17492] IPVS: using max 20 ests per chain, 48000 per kthread [ 1293.483303][T17504] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3017'. [ 1293.492461][T17504] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3017'. [ 1293.504860][T17504] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3017'. [ 1295.404690][T17526] atomic_op ffff88802f778198 conn xmit_atomic 0000000000000000 [ 1297.736144][T17572] netlink: 'syz.3.3048': attribute type 1 has an invalid length. [ 1297.808897][T17572] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1297.874783][T17575] bond1: (slave gretap1): making interface the new active one [ 1297.896451][T17575] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 1300.437089][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.457621][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 1302.285921][T17640] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3068'. [ 1302.304613][T17640] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3068'. [ 1303.015877][T17645] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 1303.544470][T17661] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3076'. [ 1306.046963][T17693] tipc: Started in network mode [ 1306.061040][T17693] tipc: Node identity aaaaaaaaaa2a, cluster identity 4711 [ 1306.078226][T17693] tipc: Enabled bearer , priority 10 [ 1306.434257][ T5794] Bluetooth: hci0: command 0x0406 tx timeout [ 1306.528839][T17703] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3089'. [ 1306.546712][T17703] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3089'. [ 1307.207825][ T8] tipc: Node number set to 8432298 [ 1307.364929][T17714] fuse: Bad value for 'fd' [ 1309.887666][T17746] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3101'. [ 1309.905516][T17740] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3101'. [ 1310.536650][T17751] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1310.552574][T17751] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1312.120252][T17781] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3113'. [ 1313.546070][T17789] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1313.568000][T17789] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1314.209194][T17806] tipc: Started in network mode [ 1314.221919][T17806] tipc: Node identity aaaaaaaaaa2a, cluster identity 4711 [ 1314.238031][T17806] tipc: Enabled bearer , priority 10 [ 1314.924823][T17818] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3126'. [ 1314.944096][T17818] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3126'. [ 1315.268879][ T786] tipc: Node number set to 8432298 [ 1315.305122][T17820] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1315.314324][T17820] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1315.783686][T17833] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3128'. [ 1315.801796][T17833] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3128'. [ 1319.430365][T17861] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1319.437503][T17861] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1323.272130][T17896] usb usb8: usbfs: process 17896 (syz.3.3151) did not claim interface 0 before use [ 1324.311792][T17906] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3153'. [ 1324.320912][T17906] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3153'. [ 1324.330143][T17906] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3153'. [ 1327.311980][T17951] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3166'. [ 1327.321606][T17951] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3166'. [ 1327.330745][T17951] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3166'. [ 1328.585099][T17985] netlink: 'syz.1.3180': attribute type 29 has an invalid length. [ 1328.872089][ T5794] Bluetooth: Unexpected continuation frame (len 16) [ 1328.947757][ T28] audit: type=1326 audit(1753293640.939:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17963 comm="syz.2.3172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1329.226344][ T28] audit: type=1326 audit(1753293640.939:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17963 comm="syz.2.3172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1329.248934][ C0] vkms_vblank_simulate: vblank timer overrun [ 1329.401808][ T8] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 1329.465180][ T28] audit: type=1326 audit(1753293640.939:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17963 comm="syz.2.3172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1329.571795][ T28] audit: type=1326 audit(1753293640.939:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17963 comm="syz.2.3172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1329.623794][ T28] audit: type=1326 audit(1753293640.939:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17963 comm="syz.2.3172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1329.647151][ T28] audit: type=1326 audit(1753293640.939:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17963 comm="syz.2.3172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1329.702026][ T28] audit: type=1326 audit(1753293640.949:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17963 comm="syz.2.3172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1329.735241][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1329.746533][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1329.762609][ T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1329.776874][ T8] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1329.802881][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1329.894466][ T8] usb 2-1: config 0 descriptor?? [ 1331.750341][ T8] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 1331.774185][ T8] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 1331.793487][ T8] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 1331.805956][ T8] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 1331.813523][ T8] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 1331.822814][ T8] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 1331.844191][ T8] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 1332.067553][T15919] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 1332.481292][ T28] audit: type=1326 audit(1753293644.519:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18019 comm="syz.0.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212ff8e9a9 code=0x7fc00000 [ 1333.079611][T15919] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 231, changing to 11 [ 1333.097659][T15919] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 25303, setting to 1024 [ 1333.117533][T15919] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1333.131931][T15919] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1333.153680][T15919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1333.177509][T15919] usb 3-1: Product: syz [ 1333.181717][T15919] usb 3-1: Manufacturer: syz [ 1333.188288][T15919] usb 3-1: SerialNumber: syz [ 1333.194531][T15919] usb 3-1: config 0 descriptor?? [ 1333.210888][T15919] usb 3-1: selecting invalid altsetting 0 [ 1333.339625][ T27] usb 2-1: USB disconnect, device number 33 [ 1333.557591][ T23] usb 3-1: USB disconnect, device number 34 [ 1334.740014][ T5794] Bluetooth: Unexpected continuation frame (len 16) [ 1336.545503][ T28] audit: type=1326 audit(1753293648.579:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18064 comm="syz.3.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e358e9a9 code=0x7fc00000 [ 1336.620986][ T28] audit: type=1326 audit(1753293648.579:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18064 comm="syz.3.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f35e358e9a9 code=0x7fc00000 [ 1336.712745][ T28] audit: type=1326 audit(1753293648.579:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18064 comm="syz.3.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e358e9a9 code=0x7fc00000 [ 1336.735327][ T28] audit: type=1326 audit(1753293648.579:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18064 comm="syz.3.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e358e9a9 code=0x7fc00000 [ 1336.760109][ T28] audit: type=1326 audit(1753293648.579:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18064 comm="syz.3.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e358e9a9 code=0x7fc00000 [ 1336.790719][ T28] audit: type=1326 audit(1753293648.579:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18064 comm="syz.3.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e358e9a9 code=0x7fc00000 [ 1336.821297][ T28] audit: type=1326 audit(1753293648.589:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18064 comm="syz.3.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e358e9a9 code=0x7fc00000 [ 1336.984393][ T28] audit: type=1326 audit(1753293648.589:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18064 comm="syz.3.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e358e9a9 code=0x7fc00000 [ 1337.681272][ T28] audit: type=1326 audit(1753293648.589:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18064 comm="syz.3.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e358e9a9 code=0x7fc00000 [ 1337.792883][ T28] audit: type=1326 audit(1753293648.589:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18064 comm="syz.3.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e358e9a9 code=0x7fc00000 [ 1346.122315][ T8] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 1346.307767][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 1346.317393][ T8] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 1346.326163][ T8] usb 3-1: config 179 has no interface number 0 [ 1346.332963][ T8] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 1346.344983][ T8] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 1346.361434][ T8] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 1346.373118][ T8] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 1346.384835][ T8] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1346.398545][ T8] usb 3-1: config 179 interface 65 has no altsetting 0 [ 1346.405585][ T8] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1346.415256][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1346.433330][ T8] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input35 [ 1346.487891][ T5142] input input35: unable to receive magic message: -110 [ 1346.502323][ T5142] input input35: unable to receive magic message: -32 [ 1346.514734][ T5142] input input35: unable to receive magic message: -32 [ 1346.525154][ T5142] input input35: unable to receive magic message: -32 [ 1346.856617][T14569] usb 3-1: USB disconnect, device number 35 [ 1346.856711][ C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1346.874119][T14569] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1347.687838][ T23] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 1347.980199][ T23] usb 2-1: config index 0 descriptor too short (expected 146, got 18) [ 1348.002215][ T23] usb 2-1: config 0 has an invalid interface number: 153 but max is 0 [ 1348.023061][ T23] usb 2-1: config 0 has no interface number 0 [ 1348.051347][ T23] usb 2-1: New USB device found, idVendor=1199, idProduct=6852, bcdDevice=57.34 [ 1348.060908][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1348.074699][ T23] usb 2-1: Product: syz [ 1348.090698][ T23] usb 2-1: Manufacturer: syz [ 1348.095535][ T23] usb 2-1: SerialNumber: syz [ 1348.106730][ T23] usb 2-1: config 0 descriptor?? [ 1348.129570][ T23] sierra 2-1:0.153: Sierra USB modem converter detected [ 1348.349566][ T23] usb 2-1: USB disconnect, device number 34 [ 1348.369610][ T23] sierra 2-1:0.153: device disconnected [ 1355.241610][T18323] fuse: Bad value for 'fd' [ 1355.437305][T18319] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3285'. [ 1355.586127][T18319] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 1355.608956][T18328] netlink: 'syz.2.3287': attribute type 12 has an invalid length. [ 1359.579954][T18354] fuse: Bad value for 'fd' [ 1360.865539][T18363] sp0: Synchronizing with TNC [ 1361.878115][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.884705][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 1363.055160][T18388] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 1363.098324][T18386] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3307'. [ 1366.000096][T18422] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3316'. [ 1366.017062][T18422] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3316'. [ 1369.528433][T18449] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 1369.562446][T18449] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 1370.075574][T18431] program syz.3.3320 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1371.847678][T18482] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3339'. [ 1371.857262][T18482] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3339'. [ 1371.866833][T18482] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3339'. [ 1372.555491][T18490] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3342'. [ 1372.565481][T18490] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 1376.432968][T18529] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 1376.446303][T18529] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 1376.967864][T18530] autofs4:pid:18530:autofs_fill_super: called with bogus options [ 1379.632499][ T28] kauditd_printk_skb: 86 callbacks suppressed [ 1379.632514][ T28] audit: type=1326 audit(1753293691.669:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18557 comm="syz.2.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1380.553736][ T28] audit: type=1326 audit(1753293691.669:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18557 comm="syz.2.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1380.612609][ T28] audit: type=1326 audit(1753293691.669:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18557 comm="syz.2.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1381.147595][ T28] audit: type=1326 audit(1753293691.669:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18557 comm="syz.2.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1381.317613][ T28] audit: type=1326 audit(1753293691.669:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18557 comm="syz.2.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1382.098235][ T28] audit: type=1326 audit(1753293691.669:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18557 comm="syz.2.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeff78e9a9 code=0x7fc00000 [ 1385.733920][T18615] fuse: Bad value for 'fd' [ 1388.185022][T18634] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3389'. [ 1390.034917][ T5794] Bluetooth: hci1: unexpected event for opcode 0x1003 [ 1390.227651][ T8] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 1390.437589][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 1390.447998][ T8] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 1390.483230][ T8] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1390.510125][T18666] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3398'. [ 1390.526833][T18666] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3398'. [ 1390.561305][ T8] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1390.605389][ T8] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1390.666448][ T8] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1390.785211][ T8] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1390.860320][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1391.220825][ T8] usb 3-1: GET_CAPABILITIES returned 0 [ 1391.247726][ T8] usbtmc 3-1:16.0: can't read capabilities [ 1391.460691][ T8] usb 3-1: USB disconnect, device number 36 [ 1391.515393][T18673] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3399'. [ 1391.525149][T18673] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3399'. [ 1391.534466][T18673] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3399'. [ 1391.896918][T18677] fuse: Bad value for 'fd' [ 1393.305990][T18701] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1393.313020][T18701] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1393.868999][T18715] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3416'. [ 1393.878171][T18715] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3416'. [ 1393.887118][T18715] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3416'. [ 1394.027834][ T5794] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 1394.037875][ T5794] Bluetooth: hci1: Injecting HCI hardware error event [ 1394.046450][ T5794] Bluetooth: hci1: hardware error 0x00 [ 1396.409694][ T5794] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 1397.467111][T18750] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3425'. [ 1397.474635][T18750] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3425'. [ 1398.292983][T18759] fuse: Bad value for 'group_id' [ 1398.342994][T18757] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3429'. [ 1398.352504][T18757] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3429'. [ 1398.361491][T18757] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3429'. [ 1399.904970][T18772] autofs4:pid:18772:autofs_fill_super: called with bogus options [ 1400.227665][ T5827] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 1400.288311][T18786] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3438'. [ 1400.304964][T18786] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3438'. [ 1400.938042][ T5827] usb 4-1: device descriptor read/64, error -71 [ 1401.217748][ T5827] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 1402.221110][T18799] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3441'. [ 1402.230094][T18799] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3441'. [ 1402.239320][T18799] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3441'. [ 1402.972496][T18813] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3445'. [ 1402.998981][T18811] autofs4:pid:18811:autofs_fill_super: called with bogus options [ 1403.158967][T18813] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3445'. [ 1404.820525][T18836] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1405.735284][T18844] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3456'. [ 1406.008762][T18844] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3456'. [ 1407.588198][T18870] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1410.721288][T18907] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3473'. [ 1410.730258][T18907] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3473'. [ 1410.739316][T18907] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3473'. [ 1412.431612][T18924] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3479'. [ 1413.338536][T18938] autofs4:pid:18938:autofs_fill_super: called with bogus options [ 1414.057733][T18957] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3492'. [ 1415.218583][T18967] autofs4:pid:18967:autofs_fill_super: called with bogus options [ 1415.695756][T18984] fuse: Unknown parameter 'group_i00000000000000000000' [ 1415.934588][T18991] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3501'. [ 1416.659204][T18998] autofs4:pid:18998:autofs_fill_super: called with bogus options [ 1418.077511][T19022] fuse: Unknown parameter 'group_id00000000000000000000' [ 1418.085096][T15813] usb 3-1: new full-speed USB device number 37 using dummy_hcd [ 1418.277249][T15813] usb 3-1: device descriptor read/64, error -71 [ 1418.547164][T15813] usb 3-1: new full-speed USB device number 38 using dummy_hcd [ 1418.697270][T15813] usb 3-1: device descriptor read/64, error -71 [ 1418.818292][T15813] usb usb3-port1: attempt power cycle [ 1418.861423][T19033] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3516'. [ 1419.239854][T15813] usb 3-1: new full-speed USB device number 39 using dummy_hcd [ 1419.392680][T15813] usb 3-1: device descriptor read/8, error -71 [ 1419.502970][T19035] autofs4:pid:19035:autofs_fill_super: called with bogus options [ 1419.599800][T19040] overlayfs: failed to resolve './file1': -2 [ 1419.644919][T19044] fuse: Unknown parameter 'group_id00000000000000000000' [ 1419.697245][T15813] usb 3-1: new full-speed USB device number 40 using dummy_hcd [ 1419.759048][T15813] usb 3-1: device descriptor read/8, error -71 [ 1419.881726][T15813] usb usb3-port1: unable to enumerate USB device [ 1420.030103][T19055] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1420.039460][T19055] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1420.713244][ T28] audit: type=1326 audit(2000000008.900:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19050 comm="syz.0.3524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f212ff8e9a9 code=0x7fc00000 [ 1420.766653][ T28] audit: type=1326 audit(2000000008.900:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19050 comm="syz.0.3524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f212ff8e9a9 code=0x7fc00000 [ 1420.996775][T19066] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3527'. [ 1421.022778][T19066] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3527'. [ 1421.298038][T19066] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3527'. [ 1421.307669][T19066] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3527'. [ 1421.722355][T19069] autofs4:pid:19069:autofs_fill_super: called with bogus options [ 1421.954533][T19076] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3529'. [ 1422.017648][T19077] fuse: Unknown parameter 'grou00000000000000000000' [ 1422.724941][T19081] overlayfs: failed to resolve './file0': -2 [ 1423.343881][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1423.350347][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 1423.793220][ T28] audit: type=1326 audit(2000000011.980:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19084 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f620fb8e9a9 code=0x7fc00000 [ 1424.365214][ T28] audit: type=1326 audit(2000000011.980:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19084 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f620fb8e9a9 code=0x7fc00000 [ 1424.415380][ T28] audit: type=1326 audit(2000000011.980:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19084 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f620fb8e9a9 code=0x7fc00000 [ 1424.510139][T19100] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1424.517920][T19100] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1424.524718][ T28] audit: type=1326 audit(2000000012.020:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19084 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f620fb8e9a9 code=0x7fc00000 [ 1424.573730][ T28] audit: type=1326 audit(2000000012.020:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19084 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f620fb8e9a9 code=0x7fc00000 [ 1424.659373][ T28] audit: type=1326 audit(2000000012.020:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19084 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f620fb8e9a9 code=0x7fc00000 [ 1424.707688][T19102] autofs4:pid:19102:autofs_fill_super: called with bogus options [ 1424.754516][ T28] audit: type=1326 audit(2000000012.040:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19084 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f620fb8e9a9 code=0x7fc00000 [ 1424.784763][ T28] audit: type=1326 audit(2000000012.040:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19084 comm="syz.1.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f620fb8e9a9 code=0x7fc00000 [ 1425.148567][T19113] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3540'. [ 1426.250969][T19128] overlayfs: failed to resolve './file0': -2 [ 1426.636957][ T8] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 1427.506789][ T8] usb 4-1: Using ep0 maxpacket: 8 [ 1427.513843][ T8] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 1427.553198][ T8] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1427.571158][ T8] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1427.598285][ T8] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1427.616725][ T8] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1427.629994][ T8] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1427.639436][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1427.898299][ T8] usb 4-1: usb_control_msg returned -71 [ 1427.922905][ T8] usbtmc 4-1:16.0: can't read capabilities [ 1427.933012][ T8] usb 4-1: USB disconnect, device number 36 [ 1428.297765][T19147] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3549'. [ 1428.386647][T19147] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3549'. [ 1429.079062][T19155] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3550'. [ 1431.197905][ T6556] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 1431.565905][T19189] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3562'. [ 1432.256409][ T6556] usb 2-1: Using ep0 maxpacket: 8 [ 1432.295729][ T6556] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 1432.310831][ T6556] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1432.320793][ T6556] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1432.334163][ T6556] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1432.344171][ T6556] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1432.366393][ T6556] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1432.386008][ T6556] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1432.462083][T19195] Cannot find add_set index 0 as target [ 1432.795866][ T6556] usb 2-1: usb_control_msg returned -71 [ 1432.909776][ T6556] usbtmc 2-1:16.0: can't read capabilities [ 1432.996659][ T6556] usb 2-1: USB disconnect, device number 35 [ 1434.960360][T19212] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 1437.215266][T19244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3580'. [ 1437.332198][T19244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3580'. [ 1439.025212][T19271] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3590'. [ 1439.116386][T19272] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3590'. [ 1439.369762][ T28] kauditd_printk_skb: 59 callbacks suppressed [ 1439.369814][ T28] audit: type=1326 audit(2000000027.561:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19265 comm="syz.1.3589" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f620fb8e9a9 code=0x0 [ 1439.825625][T19280] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3591'. [ 1441.686751][T19297] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1441.693767][T19297] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1442.335907][T19301] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3600'. [ 1442.744073][T19304] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3600'. [ 1442.891980][T19311] fuse: Unknown parameter 'group_id00000000000000000000' [ 1443.250530][T19322] overlayfs: failed to resolve './file1': -2 [ 1444.097199][T19334] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3613'. [ 1444.169616][T19334] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3613'. [ 1445.844372][T19358] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3622'. [ 1447.482446][T19370] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3625'. [ 1447.991732][T19369] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3625'. [ 1451.872721][T19442] fuse: Invalid rootmode [ 1453.558403][T19471] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3654'. [ 1453.731554][T19471] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3654'. [ 1454.624183][T19481] fuse: Bad value for 'fd' [ 1455.471286][T19486] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3659'. [ 1456.915879][T19503] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3665'. [ 1457.345117][T15813] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 1457.495247][T15813] usb 2-1: device descriptor read/64, error -71 [ 1457.779254][T15813] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 1458.112884][T15813] usb 2-1: device descriptor read/64, error -71 [ 1458.267865][T15813] usb usb2-port1: attempt power cycle [ 1458.764917][T15813] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 1458.833064][T19533] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3676'. [ 1459.005282][T15813] usb 2-1: device not accepting address 38, error -71 [ 1459.031578][T19538] warning: `syz.2.3678' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 1459.098154][T19540] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3675'. [ 1462.006776][T19565] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3686'. [ 1462.432864][T19579] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1465.720603][T19603] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3698'. [ 1465.799125][T19603] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3698'. [ 1466.299816][T19605] sctp: [Deprecated]: syz.3.3699 (pid 19605) Use of int in maxseg socket option. [ 1466.299816][T19605] Use struct sctp_assoc_value instead [ 1466.481578][T19614] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1467.150553][T19626] fuse: Bad value for 'fd' [ 1467.743440][T19634] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3709'. [ 1470.320716][T19652] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1470.627466][T19660] fuse: Unknown parameter 'group_i00000000000000000000' [ 1470.649797][T19664] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3720'. [ 1476.632802][T19699] fuse: Unknown parameter 'group_i00000000000000000000' [ 1480.489118][T19727] fuse: Unknown parameter 'group_id00000000000000000000' [ 1480.585270][T19729] Cannot find add_set index 0 as target [ 1482.347353][T19756] fuse: Unknown parameter 'group_id00000000000000000000' [ 1482.763685][T19761] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1482.771003][T19761] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1483.169168][ T5894] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 1483.325317][T19763] Cannot find add_set index 0 as target [ 1483.350731][ T5894] usb 4-1: device descriptor read/64, error -71 [ 1483.658995][ T5894] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 1483.813528][ T5894] usb 4-1: device descriptor read/64, error -71 [ 1483.943703][ T5894] usb usb4-port1: attempt power cycle [ 1484.404007][ T5894] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 1484.470589][ T5894] usb 4-1: device descriptor read/8, error -71 [ 1484.484283][T19785] fuse: Unknown parameter 'group_id00000000000000000000' [ 1484.746105][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1484.752548][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 1484.763561][ T5894] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 1484.814365][ T5894] usb 4-1: device descriptor read/8, error -71 [ 1484.953679][ T5894] usb usb4-port1: unable to enumerate USB device [ 1485.851822][T19796] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1485.859359][T19796] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1489.864563][T19828] Error: Driver 'c6xdigio' is already registered, aborting... [ 1489.967622][T19830] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1489.968161][T19830] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1490.623102][ T6556] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 1490.774039][ T6556] usb 4-1: device descriptor read/64, error -71 [ 1491.195571][ T6556] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 1491.373517][ T6556] usb 4-1: device descriptor read/64, error -71 [ 1491.793396][ T6556] usb usb4-port1: attempt power cycle [ 1492.164574][T19844] netlink: 'syz.0.3780': attribute type 7 has an invalid length. [ 1492.173366][T19844] netlink: 'syz.0.3780': attribute type 8 has an invalid length. [ 1492.373186][ T6556] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 1492.783100][ T6556] usb 4-1: device not accepting address 43, error -71 [ 1493.775837][T19862] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1493.783313][T19862] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1496.908305][T19902] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1496.922161][T19902] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1499.824288][T19921] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3806'. [ 1500.492359][T19936] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1500.500066][T19936] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1502.471159][T19957] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3818'. [ 1502.924721][T19960] overlayfs: missing 'lowerdir' [ 1504.398305][T19971] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1504.405225][T19971] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1504.458051][T19977] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3825'. [ 1504.865806][T19988] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3826'. [ 1506.988948][T20010] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3836'. [ 1507.360793][T20018] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3838'. [ 1510.109120][T20041] syz.1.3844: attempt to access beyond end of device [ 1510.109120][T20041] nbd1: rw=4096, sector=128, nr_sectors = 8 limit=0 [ 1510.122810][T20041] gfs2: error 10 reading superblock [ 1511.142611][T20051] Cannot find add_set index 0 as target [ 1511.371404][T20050] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3847'. [ 1512.138169][T20063] syz_tun: entered allmulticast mode [ 1512.147837][T20062] syz_tun: left allmulticast mode [ 1512.400779][T20069] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3852'. [ 1512.418271][T20069] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3852'. [ 1513.039913][T20078] fuse: Unknown parameter '0x0000000000000003' [ 1516.079992][T20125] SET target dimension over the limit! [ 1517.188579][T20135] fuse: Unknown parameter '0x0000000000000003' [ 1517.364895][T20146] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3883'. [ 1517.685745][T20158] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1517.693756][T20158] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1518.332775][T20161] fuse: Unknown parameter '0x0000000000000003' [ 1518.976164][T20189] fuse: Unknown parameter 'fd0x0000000000000003' [ 1519.270034][T20195] ntfs3: nullb0: Primary boot signature is not NTFS. [ 1519.277029][T20195] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 1521.454702][T20217] fuse: Unknown parameter 'fd0x0000000000000003' [ 1521.560693][T20218] syz.1.3908: attempt to access beyond end of device [ 1521.560693][T20218] nbd1: rw=4096, sector=128, nr_sectors = 8 limit=0 [ 1521.574058][T20218] gfs2: error 10 reading superblock [ 1522.744069][ T5894] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 1522.931394][ T5894] usb 4-1: Using ep0 maxpacket: 8 [ 1522.943286][ T5894] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1522.963670][ T5894] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1523.004595][ T5894] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1523.043645][ T5894] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1523.061659][ T5894] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1523.075476][ T5894] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1523.351315][ T5894] usb 4-1: GET_CAPABILITIES returned 0 [ 1523.386960][ T5894] usbtmc 4-1:16.0: can't read capabilities [ 1523.835338][ T5842] usb 4-1: USB disconnect, device number 45 [ 1524.811239][ T5894] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 1525.314076][ T5894] usb 2-1: Using ep0 maxpacket: 8 [ 1525.952009][ T5894] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 1525.960399][ T5894] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 1525.972253][ T5894] usb 2-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 1525.985405][ T5894] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1525.994514][ T5894] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1526.007301][ T5894] usbtmc 2-1:16.0: bulk endpoints not found [ 1527.778788][ T5827] usb 2-1: USB disconnect, device number 40 [ 1528.885748][T20319] syz.1.3940: attempt to access beyond end of device [ 1528.885748][T20319] nbd1: rw=4096, sector=128, nr_sectors = 8 limit=0 [ 1528.899212][T20319] gfs2: error 10 reading superblock [ 1529.390018][T20327] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3943'. [ 1530.330994][ T5827] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 1530.530929][ T5827] usb 3-1: Using ep0 maxpacket: 8 [ 1530.575912][ T5827] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 1530.615969][ T5827] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 1530.871596][ T5827] usb 3-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 1530.886546][ T5827] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1530.895995][ T5827] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1530.917947][ T5827] usbtmc 3-1:16.0: bulk endpoints not found [ 1531.953108][T20346] ubi: mtd0 is already attached to ubi31 [ 1533.605351][ T5827] usb 3-1: USB disconnect, device number 41 [ 1533.706191][T20374] syz.2.3958: attempt to access beyond end of device [ 1533.706191][T20374] nbd2: rw=4096, sector=128, nr_sectors = 8 limit=0 [ 1533.737554][T20374] gfs2: error 10 reading superblock [ 1536.030696][ T5827] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 1536.840514][ T5827] usb 3-1: Using ep0 maxpacket: 8 [ 1536.847303][ T5827] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 1536.855683][ T5827] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 1536.869661][ T5827] usb 3-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 1536.890958][ T5827] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1536.900376][ T5827] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1536.915534][ T5827] usbtmc 3-1:16.0: bulk endpoints not found [ 1538.065462][T20421] syz.3.3971: attempt to access beyond end of device [ 1538.065462][T20421] nbd3: rw=4096, sector=128, nr_sectors = 8 limit=0 [ 1538.085282][T20421] gfs2: error 10 reading superblock [ 1538.947960][ T5827] usb 3-1: USB disconnect, device number 42 [ 1541.104536][T20463] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3984'. [ 1542.853696][T20471] SET target dimension over the limit! [ 1545.175089][T20500] overlayfs: missing 'lowerdir' [ 1545.305658][T20504] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3994'. [ 1546.445889][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1546.515426][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 1546.568731][T20513] loop0: detected capacity change from 0 to 40427 [ 1546.583362][T20513] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1546.591388][T20513] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1546.614892][T20513] F2FS-fs (loop0): invalid crc value [ 1546.645230][T20513] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1546.699757][T20513] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1546.707154][T20513] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1547.338600][T20513] syz.0.3998: attempt to access beyond end of device [ 1547.338600][T20513] loop0: rw=2049, sector=77824, nr_sectors = 4072 limit=40427 [ 1547.356683][T20513] syz.0.3998: attempt to access beyond end of device [ 1547.356683][T20513] loop0: rw=2049, sector=81896, nr_sectors = 24 limit=40427 [ 1547.384784][T20513] syz.0.3998: attempt to access beyond end of device [ 1547.384784][T20513] loop0: rw=2049, sector=49152, nr_sectors = 4096 limit=40427 [ 1547.440227][T20513] syz.0.3998: attempt to access beyond end of device [ 1547.440227][T20513] loop0: rw=2049, sector=57344, nr_sectors = 11144 limit=40427 [ 1547.495148][T20513] syz.0.3998: attempt to access beyond end of device [ 1547.495148][T20513] loop0: rw=2049, sector=68488, nr_sectors = 9336 limit=40427 [ 1547.527909][T20513] syz.0.3998: attempt to access beyond end of device [ 1547.527909][T20513] loop0: rw=2049, sector=81920, nr_sectors = 3960 limit=40427 [ 1548.019991][T15035] syz-executor: attempt to access beyond end of device [ 1548.019991][T15035] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1548.044487][T15035] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 1548.618493][T20542] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4005'. [ 1548.765291][T20548] Cannot find add_set index 0 as target [ 1551.992589][T20578] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4014'. [ 1553.820956][T20604] SET target dimension over the limit! [ 1554.406114][T20606] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4023'. [ 1555.470394][T20613] fuse: Invalid rootmode [ 1558.743746][T20648] ================================================================================ [ 1558.762723][T20648] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/pcl812.c:1152:10 [ 1558.816748][T20648] shift exponent 8388611 is too large for 32-bit type 'int' [ 1558.842997][T20648] CPU: 1 PID: 20648 Comm: syz.2.4037 Not tainted 6.6.99-syzkaller #0 [ 1558.851079][T20648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1558.861134][T20648] Call Trace: [ 1558.864415][T20648] [ 1558.867362][T20648] dump_stack_lvl+0x16c/0x230 [ 1558.872045][T20648] ? show_regs_print_info+0x20/0x20 [ 1558.877417][T20648] ? load_image+0x3b0/0x3b0 [ 1558.881926][T20648] ubsan_epilogue+0xa/0x30 [ 1558.886352][T20648] __ubsan_handle_shift_out_of_bounds+0x380/0x400 [ 1558.892778][T20648] pcl812_attach+0x1cd1/0x2440 [ 1558.897546][T20648] comedi_device_attach+0x519/0x660 [ 1558.902751][T20648] comedi_unlocked_ioctl+0x68d/0xf00 [ 1558.908074][T20648] ? tomoyo_path_number_perm+0x477/0x590 [ 1558.913796][T20648] ? comedi_poll+0x8c0/0x8c0 [ 1558.918513][T20648] ? __fget_files+0x28/0x4d0 [ 1558.923118][T20648] ? bpf_lsm_file_ioctl+0x9/0x10 [ 1558.928047][T20648] ? security_file_ioctl+0x80/0xa0 [ 1558.933163][T20648] ? comedi_poll+0x8c0/0x8c0 [ 1558.937757][T20648] __se_sys_ioctl+0xfd/0x170 [ 1558.942430][T20648] do_syscall_64+0x55/0xb0 [ 1558.947029][T20648] ? clear_bhb_loop+0x40/0x90 [ 1558.951827][T20648] ? clear_bhb_loop+0x40/0x90 [ 1558.956699][T20648] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1558.962630][T20648] RIP: 0033:0x7faeff78e9a9 [ 1558.967085][T20648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1558.986957][T20648] RSP: 002b:00007faf006e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1558.995626][T20648] RAX: ffffffffffffffda RBX: 00007faeff9b5fa0 RCX: 00007faeff78e9a9 [ 1559.003698][T20648] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000003 [ 1559.012160][T20648] RBP: 00007faeff810d69 R08: 0000000000000000 R09: 0000000000000000 [ 1559.020484][T20648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1559.028551][T20648] R13: 0000000000000000 R14: 00007faeff9b5fa0 R15: 00007ffc86d4b228 [ 1559.036533][T20648] [ 1559.101839][T20648] ================================================================================ [ 1559.111771][T20648] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 1559.118982][T20648] CPU: 0 PID: 20648 Comm: syz.2.4037 Not tainted 6.6.99-syzkaller #0 [ 1559.127223][T20648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1559.137276][T20648] Call Trace: [ 1559.140574][T20648] [ 1559.143514][T20648] dump_stack_lvl+0x16c/0x230 [ 1559.148218][T20648] ? show_regs_print_info+0x20/0x20 [ 1559.153434][T20648] ? load_image+0x3b0/0x3b0 [ 1559.158059][T20648] panic+0x2c0/0x710 [ 1559.161982][T20648] ? bpf_jit_dump+0xd0/0xd0 [ 1559.166536][T20648] check_panic_on_warn+0x84/0xa0 [ 1559.171499][T20648] __ubsan_handle_shift_out_of_bounds+0x380/0x400 [ 1559.177957][T20648] pcl812_attach+0x1cd1/0x2440 [ 1559.182843][T20648] comedi_device_attach+0x519/0x660 [ 1559.188074][T20648] comedi_unlocked_ioctl+0x68d/0xf00 [ 1559.193384][T20648] ? tomoyo_path_number_perm+0x477/0x590 [ 1559.199037][T20648] ? comedi_poll+0x8c0/0x8c0 [ 1559.203695][T20648] ? __fget_files+0x28/0x4d0 [ 1559.208312][T20648] ? bpf_lsm_file_ioctl+0x9/0x10 [ 1559.213268][T20648] ? security_file_ioctl+0x80/0xa0 [ 1559.218403][T20648] ? comedi_poll+0x8c0/0x8c0 [ 1559.223013][T20648] __se_sys_ioctl+0xfd/0x170 [ 1559.227625][T20648] do_syscall_64+0x55/0xb0 [ 1559.232057][T20648] ? clear_bhb_loop+0x40/0x90 [ 1559.236824][T20648] ? clear_bhb_loop+0x40/0x90 [ 1559.241492][T20648] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1559.247381][T20648] RIP: 0033:0x7faeff78e9a9 [ 1559.251814][T20648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1559.271417][T20648] RSP: 002b:00007faf006e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1559.279823][T20648] RAX: ffffffffffffffda RBX: 00007faeff9b5fa0 RCX: 00007faeff78e9a9 [ 1559.287785][T20648] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000003 [ 1559.295782][T20648] RBP: 00007faeff810d69 R08: 0000000000000000 R09: 0000000000000000 [ 1559.303743][T20648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1559.311703][T20648] R13: 0000000000000000 R14: 00007faeff9b5fa0 R15: 00007ffc86d4b228 [ 1559.319853][T20648] [ 1559.323139][T20648] Kernel Offset: disabled [ 1559.327560][T20648] Rebooting in 86400 seconds..