last executing test programs: 10m29.022886485s ago: executing program 3 (id=30): socket$vsock_stream(0x28, 0x1, 0x0) syz_usb_connect(0x6, 0x7a, 0x0, 0x0) ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084503, &(0x7f0000000140)=""/202) unshare(0x6a040000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) io_setup(0x4, &(0x7f0000000340)=0x0) mremap(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffe000/0x2000)=nil) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="050000000306010200000000008000000a0000010500010007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4004810}, 0x840) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) fcntl$getflags(0xffffffffffffffff, 0x3) r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000380)={'veth1_to_bond\x00'}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x149282, 0x10) io_submit(r0, 0x0, &(0x7f00000002c0)) write$cgroup_int(r6, &(0x7f0000000040)=0x902, 0x12) io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) modify_ldt$write(0x1, &(0x7f0000000000)={0xfff}, 0x10) modify_ldt$write(0x1, &(0x7f0000000000)={0x80, 0x0, 0x400}, 0x10) 10m22.246298583s ago: executing program 3 (id=39): syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file2\x00', 0x40000, &(0x7f0000000640)=ANY=[], 0x1, 0x0, 0x0) syz_mount_image$vfat(&(0x7f00000003c0), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x801053, 0x0, 0xfc, 0x0, &(0x7f0000000400)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341) ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200)=@usbdevfs_driver={0x0, 0xfffffff8, &(0x7f00000003c0)}) 10m18.936642216s ago: executing program 3 (id=40): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) 10m18.492708362s ago: executing program 3 (id=43): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110c230000) ioctl$TUNSETOFFLOAD(r1, 0x8010743f, 0xf0ff1f00000000) 10m15.996050264s ago: executing program 3 (id=45): r0 = msgget(0x2, 0x102) msgsnd(r0, 0x0, 0x1004, 0x800) syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x0, &(0x7f0000000080), 0xc1, 0x7b7, &(0x7f00000007c0)="$eJzs3ctrXNcZAPDvjl6W7FYqFFp3JSi0AuNR5ap2C124dFEKNRjadW0xGgtXI43RjIwlBLYpgWwCScgikGy8zsPZZZvHNvkvsgg2TiKLKGQRJtzRHWlkzciSo5kR6PeDq3vOfeicb859nJlzmQngxBpP/+QizkbEq0nEaLY8iYiBeqo/4vLWdpvra4V0SqJW+/fXSX2bjfW1QjTtkzqdZX4dEZ+8FHEuly44tavcysrq/EypVFzK8pPVhVuTlZXV8zcXZuaKc8XFi1PT0xcu/enSxaOL9dvPV888fu0fv3//8vf//9XDVz5N4nKcydY1x3FUxmM8e00G0pdwl78fdWE9lvS6AryQ9NTs2zrL42yMRl891cZwN2sGAHTK3YioAQAnTOL+DwAnTONzgI31tUJj6u0nEt315G9bQ5Mb2djm5nb8/dmY3an6OOjIRrJrZCSJiLEjKH88It7+8L/vplN0aBwSoJV79yPi+tj43ut/sueZhcP6w34ra0P12fgzi13/oHs+Svs/f27V/8tt93+iRf9nqMW5+yKef/7nHh1BMW2l/b+/Nj3bttkUf2asL8v9rN7nG0hu3CwV02vbzyNiIgaG0vxUfdPWT0FNPP3habvym/t/37z+v3fS8tP5zha5R/1Du/eZnanO/NS4G57cj/hNf6v4k+32T9r0f68esIx//uXlt9qtS+NP421Me+PvrNqDiN+1bP+dtkz2fT5xsn44TDYOihY++OLNkXbl77T/UH2elt94L9ANafuP7B//WNL8vGbl8GV89mD043brmo//1vG3Pv4Hk//U04PZsjsz1erSVMRg8q+9yy/s7NvIN7ZP45/4bevzv93xn8uejb2+ndtf/+Ov3sv+Vcv46+61i7+z0vhnD9X++yRq2T7PrHq4Od/XrvyDtf90PTWRLTnI9e85NW0knt94AAAAAAAAAAAAAAAAAAAAAAAAAHAEchFxJpJcfjudy+XzW7/h/csYyZXKleq5G+Xlxdmo/1b2WAzkGl91Odr0fahT2ffhN/IXnsn/MSJ+ERFvDA3X8/lCuTTb6+ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHN69+//301n+fzWui+Hel07AKBjTvW6AgBA17n/A8DJc7j7/3DH6gEAdM+h3//Xks5UBADomgPf/693th4AQPcY/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDDrl65kk6179bXCml+9vbK8nz59vnZYmU+v7BcyBfKS7fyc+XyXKmYL5QX2v6je1uzUrl8azoWl+9MVouV6mRlZfXaQnl5sXrt5sLMXPFacaBrkQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwVVWVudnSqXiksS+ieHjUY1jk+iPY1GNI0vU+rbOh+NRn/5oLBnsWTWarxLDPbo6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABx/PwYAAP//eUchiw==") bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r1 = getpid() ptrace$ARCH_GET_CPUID(0x1e, r1, 0x0, 0x1011) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6a) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, 0x0, 0x0) close(r5) pwritev2(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x6000, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x20) 10m9.957879142s ago: executing program 3 (id=47): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000140)={'veth0\x00', @random="37b3d72c2908"}) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) 9m54.65897999s ago: executing program 32 (id=47): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000140)={'veth0\x00', @random="37b3d72c2908"}) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) 2m46.037204881s ago: executing program 2 (id=903): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000005080000024d564b"]) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x200) ioctl$KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)) 2m44.811564207s ago: executing program 2 (id=905): sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000040)) r1 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0) semctl$SETALL(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="611570000000000061136c0000000000bfa000000000000014000000ee0016055e03010000000000160500000001000069163e0000000000bf07000000000000260507000fff07206706000020000000140600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 2m40.424861424s ago: executing program 2 (id=915): socket$nl_generic(0x10, 0x3, 0x10) socket$inet_sctp(0x2, 0x5, 0x84) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x101800, 0x0) openat(r1, 0x0, 0x490102, 0x0) getdents(r1, &(0x7f00000002c0)=""/93, 0x5d) pread64(0xffffffffffffffff, &(0x7f0000002440)=""/68, 0x44, 0x5) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000240)=[@mss, @sack_perm, @timestamp, @mss={0x2, 0x800}, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @timestamp], 0x8) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11) recvfrom$inet(0xffffffffffffffff, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25) 2m37.791624747s ago: executing program 2 (id=918): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x800000000000, 0x0, 0x0, 0x751, 0x7, 0x200000000080], 0x0, 0x0, &(0x7f0000000080)=ANY=[]}, 0x78) r1 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000340)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000080], 0x0, 0x0, &(0x7f0000000080)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108) r2 = socket(0x1f, 0x5, 0x400) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_GET(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=ANY=[@ANYBLOB="340000e6", @ANYRES16=r4, @ANYBLOB="01000000000000000000540000000e0002006e657464657673696d0000000f0002006e657464657673696d3000"], 0x34}}, 0x0) connect$inet(r2, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_rdma(0x10, 0x3, 0x14) mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000100)='affs\x00', 0x200000, 0x0) socket$nl_route(0x10, 0x3, 0x0) 2m32.708368163s ago: executing program 2 (id=925): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r1, 0x0, 0x1, 0x0, 0x0) syz_emit_vhci(0x0, 0xf2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x4, 0x1000085}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102384, 0x18ff0) syz_open_dev$sndctrl(0x0, 0x1, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000480)={0xa, 0x0, 0x3c000, @dev={0xfe, 0x80, '\x00', 0x1f}, 0x5}, 0x1c) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_getaddrlabel={0x38, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x0, 0x20}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}, @IFAL_LABEL={0x8}]}, 0x38}}, 0x0) 2m32.507467895s ago: executing program 2 (id=927): accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10, 0x800) accept$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000200)=0x1c) r0 = syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB="bcea"]) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) socket$nl_audit(0x10, 0x3, 0x9) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140), 0x8) sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0xffe4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r3 = syz_open_dev$sg(0x0, 0x0, 0x401) ioctl$SG_BLKTRACETEARDOWN(r3, 0x1276, 0x20000000) socket$kcm(0x10, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0xffff) r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) ioctl$EVIOCSFF(r4, 0x40304580, &(0x7f00000001c0)={0x51, 0x3, 0x560c, {0x803, 0x5d5}, {0xfffa, 0x2}, @period={0x58, 0x4, 0x9, 0x9, 0x9, {0xbf, 0x1, 0x52fd, 0x3}, 0xfffffffffffffd7a, 0x0}}) ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0) 2m17.380480921s ago: executing program 33 (id=927): accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000080)={0x28, 0x0, 0x2711, @host}, 0x10, 0x800) accept$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000200)=0x1c) r0 = syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB="bcea"]) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) socket$nl_audit(0x10, 0x3, 0x9) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140), 0x8) sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0xffe4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r3 = syz_open_dev$sg(0x0, 0x0, 0x401) ioctl$SG_BLKTRACETEARDOWN(r3, 0x1276, 0x20000000) socket$kcm(0x10, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0xffff) r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) ioctl$EVIOCSFF(r4, 0x40304580, &(0x7f00000001c0)={0x51, 0x3, 0x560c, {0x803, 0x5d5}, {0xfffa, 0x2}, @period={0x58, 0x4, 0x9, 0x9, 0x9, {0xbf, 0x1, 0x52fd, 0x3}, 0xfffffffffffffd7a, 0x0}}) ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0) 19.40717467s ago: executing program 0 (id=1205): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r1, 0x0, 0x1, 0x0, 0x0) syz_emit_vhci(0x0, 0xf2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x4, 0x1000085}, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2) read$msr(r2, &(0x7f0000019680)=""/102384, 0x18ff0) syz_open_dev$sndctrl(0x0, 0x1, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000480)={0xa, 0x0, 0x3c000, @dev={0xfe, 0x80, '\x00', 0x1f}, 0x5}, 0x1c) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_getaddrlabel={0x38, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x0, 0x20}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}, @IFAL_LABEL={0x8}]}, 0x38}}, 0x0) 17.769864601s ago: executing program 0 (id=1210): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) accept$unix(0xffffffffffffffff, 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0) semctl$SETALL(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="611570000000000061136c0000000000bfa000000000000014000000ee0016055e03010000000000160500000001000069163e0000000000bf07000000000000260507000fff07206706000020000000140600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 13.655547935s ago: executing program 5 (id=1215): bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave']) chdir(0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0) ftruncate(r0, 0x2007ffc) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) sendfile(r0, r0, 0x0, 0x800000009) 10.542119555s ago: executing program 4 (id=1220): ioctl$SNDCTL_SEQ_GETINCOUNT(0xffffffffffffffff, 0x80045105, &(0x7f00000000c0)) bpf$ENABLE_STATS(0x20, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x6c00, 0x0, 0x49080}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x9}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0) read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) sendmmsg(r0, 0x0, 0x0, 0x8000) mkdir(&(0x7f00000002c0)='./file0\x00', 0x10) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='gadgetfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) openat(0xffffffffffffff9c, 0x0, 0x1, 0x0) r2 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18) getdents64(r2, &(0x7f0000000300)=""/154, 0x9a) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) unshare(0x22020600) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000640)=@raw={'raw\x00', 0x3c1, 0x3, 0x12a8, 0x11c0, 0xffffff80, 0x178, 0x11c0, 0x178, 0x12f0, 0x22b, 0x258, 0x12f0, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0x10d8, 0x1100, 0x340, {0x1e0002a8, 0x7203000000000000}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x0, 0x2, './cgroup.cpu/syz0\x00'}}]}, @common=@unspec=@CLASSIFY={0x28}}, {{@ipv6={@loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth1_to_bridge\x00', 'ip6gre0\x00'}, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x1308) 10.425874186s ago: executing program 6 (id=1221): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r1, 0x0, 0x1, 0x0, 0x0) syz_emit_vhci(0x0, 0xf2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x4, 0x1000085}, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2) read$msr(r2, &(0x7f0000019680)=""/102384, 0x18ff0) syz_open_dev$sndctrl(0x0, 0x1, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000480)={0xa, 0x0, 0x3c000, @dev={0xfe, 0x80, '\x00', 0x1f}, 0x5}, 0x1c) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_getaddrlabel={0x38, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x0, 0x20}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}, @IFAL_LABEL={0x8}]}, 0x38}}, 0x0) 9.521113008s ago: executing program 6 (id=1223): mkdir(&(0x7f0000000280)='./file0\x00', 0x148) symlink(&(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='./file0\x00') unlink(&(0x7f0000000280)='./file0\x00') 9.456653988s ago: executing program 0 (id=1224): mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave']) chdir(&(0x7f0000000240)='./file0\x00') r0 = open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0) ftruncate(r0, 0x2007ffc) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) sendfile(r0, r0, 0x0, 0x800000009) 8.884605926s ago: executing program 1 (id=1225): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000005080000024d564b"]) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newtfilter={0x4c, 0x2c, 0x400, 0x10, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0xa}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5}]}]}]}}]}, 0x4c}}, 0x0) ioctl$KVM_GET_MSRS(r2, 0xc008ae88, 0x0) 8.786038967s ago: executing program 6 (id=1226): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x34, 0x2, {{0x6, 0x2, 0x0, 0x2, 0xffffffff}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd}}, @TCA_NETEM_RATE64={0xc, 0x8, 0xc1160cbda5ab1ab}]}}}]}, 0x64}}, 0x20000000) mknod$loop(&(0x7f0000000200)='./file0\x00', 0x200, 0x1) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r5 = dup(r4) write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f00000000c0)={0x14c}, 0x137) chmod(&(0x7f0000000180)='./file0\x00', 0x1d0) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) 8.727790088s ago: executing program 5 (id=1227): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x11, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161100, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) sendmsg$nl_crypto(0xffffffffffffffff, 0x0, 0x20004000) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) 8.644313239s ago: executing program 4 (id=1228): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000180)=0x2, 0x4) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x3da, 0x4) sendto$packet(r0, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 8.370085043s ago: executing program 1 (id=1229): ioctl$SNDCTL_SEQ_GETINCOUNT(0xffffffffffffffff, 0x80045105, &(0x7f00000000c0)) bpf$ENABLE_STATS(0x20, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x6c00, 0x0, 0x49080}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x9}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0) read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) sendmmsg(r0, 0x0, 0x0, 0x8000) mkdir(&(0x7f00000002c0)='./file0\x00', 0x10) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='gadgetfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) openat(0xffffffffffffff9c, 0x0, 0x1, 0x0) r2 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18) getdents64(r2, &(0x7f0000000300)=""/154, 0x9a) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) unshare(0x22020600) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000640)=@raw={'raw\x00', 0x3c1, 0x3, 0x12a8, 0x11c0, 0xffffff80, 0x178, 0x11c0, 0x178, 0x12f0, 0x22b, 0x258, 0x12f0, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0x10d8, 0x1100, 0x340, {0x1e0002a8, 0x7203000000000000}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x0, 0x2, './cgroup.cpu/syz0\x00'}}]}, @common=@unspec=@CLASSIFY={0x28}}, {{@ipv6={@loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth1_to_bridge\x00', 'ip6gre0\x00'}, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x1308) 6.720332734s ago: executing program 0 (id=1230): ioctl$SNDCTL_SEQ_GETINCOUNT(0xffffffffffffffff, 0x80045105, &(0x7f00000000c0)) bpf$ENABLE_STATS(0x20, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x6c00, 0x0, 0x49080}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x9}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0) read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x10) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='gadgetfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) openat(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18) 6.714089054s ago: executing program 6 (id=1231): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60303, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) r3 = dup(r2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000004d040000000000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x9, 0xfc, 0x2, '\x00', 0x8001}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 6.643820185s ago: executing program 1 (id=1232): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000540)={0x44, 0x0, &(0x7f0000000400)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x1, 0xfcff, &(0x7f0000000f00)="9e"}) 6.632401735s ago: executing program 4 (id=1233): prlimit64(0x0, 0xe, &(0x7f0000000380)={0xb, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r0 = syz_open_dev$usbfs(0x0, 0x76, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000000c0)={0x40, 0x3, 0x8e0, 0x2, 0xfe64, 0x2, 0x0}) r1 = socket(0x2, 0x80805, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000001080)=0x8) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r1) sendmsg$DEVLINK_CMD_RATE_DEL(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)={0x24, r2, 0x8, 0x70bd27, 0x25dfdbfc, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}]}, 0x24}, 0x1, 0x0, 0x0, 0x2000c080}, 0x8010) fcntl$lock(0xffffffffffffffff, 0x26, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001100), 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = syz_open_procfs(0x0, &(0x7f00000004c0)='stat\x00') read$FUSE(r3, &(0x7f0000004180)={0x2020}, 0x2020) 6.537844407s ago: executing program 5 (id=1234): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x22000000) pwrite64(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x7ffffffe) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000c4b20710200e01015a7a0102030109021b000100000000090400"], 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000) syz_open_dev$cec(0x0, 0x0, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r2 = socket$pppoe(0x18, 0x1, 0x0) r3 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) ioctl$EVIOCGLED(r3, 0x80284504, &(0x7f0000000000)=""/56) connect$pppoe(r2, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) openat$ppp(0xffffffffffffff9c, 0x0, 0x40a40, 0x0) sendmmsg(r2, &(0x7f0000001640)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0) 6.371384338s ago: executing program 1 (id=1235): bpf$ENABLE_STATS(0x20, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040}, 0x80800) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x40, 0x6, @remote}, 0x14) syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce", @ANYRES32=0x41424344], 0x0) r3 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000080)="bc", 0x1, 0xfffffffffffffffe) r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000080)='asymmetric\x00', &(0x7f0000000180)=@keyring={'key_or_keyring:', 0x0, 0x2}) r5 = add_key$user(&(0x7f00000002c0), &(0x7f0000000280)={'syz', 0x2}, &(0x7f00000004c0)="a559a3fa8ba1879f49d843e6b76d9450192d5374f324c987bee01db5ce08747d4c1e25d2a2cc633aaf081e7a90eee3cd8a6d59e611df3861ad28f45b4336644175e262f87158edab3cee6503e3706354e0282d3f6593dc66ae2193bde54f0fab1af8e4faba7c5e08a583a75fdc5e2ee819ff087a1d0c08da787d303df75fceaf7901bd011aa2d69b787faef67c61fe953371adf397493d9a121528d4b6949fad2f118969dbc3890ef9abb0ed060da0ef925171c1b7f742203fb6f22a5ebc1ad8cdd8297c0c82e6e9fea30c8f887f9c54669b030e525ef6049aa2b0526a", 0xdd, r4) keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r5, r3}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write(r6, &(0x7f0000000000)="41000300010006", 0x7) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) r7 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r7, 0x6, 0x0, 0x0, 0x0) fsmount(r7, 0x0, 0x0) syz_open_dev$video4linux(&(0x7f0000000100), 0x0, 0x40000) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000480)={[{0x2b, 'rdma'}]}, 0x6) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_GET_PIT2(r2, 0x8070ae9f, &(0x7f0000000580)) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x9}]}, 0x10) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xa8, 0xff}) r8 = semget$private(0x0, 0x5, 0x0) semctl$SETALL(r8, 0x0, 0x11, 0x0) 5.744657387s ago: executing program 4 (id=1236): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x800000000000, 0x0, 0x0, 0x751, 0x7, 0x200000000080], 0x0, 0x0, &(0x7f0000000080)=ANY=[]}, 0x78) r1 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000340)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000080], 0x0, 0x0, &(0x7f0000000080)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108) socket(0x1f, 0x5, 0x400) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_GET(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=ANY=[@ANYBLOB="340000e6", @ANYRES16=r3, @ANYBLOB="01000000000000000000540000000e0002006e657464657673696d0000000f0002006e657464657673696d3000"], 0x34}}, 0x0) mount(0x0, 0x0, &(0x7f0000000200)='hugetlbfs\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000100)='affs\x00', 0x200000, 0x0) 5.085791605s ago: executing program 6 (id=1237): bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave']) chdir(0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0) ftruncate(r0, 0x2007ffc) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) sendfile(r0, r0, 0x0, 0x800000009) 5.068106825s ago: executing program 4 (id=1238): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_ENUM_FREQ_BANDS(r2, 0xc0405665, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) syz_mount_image$minix(&(0x7f0000000180), &(0x7f0000000300)='./file0\x00', 0x2000000, &(0x7f00000018c0)=ANY=[], 0x3, 0x1c4, &(0x7f0000000380)="$eJzs282K02AUxvHnTdLOZPx2dOOqoKAbJ04HPwY3unMztyAMM3EopirWTYtQBMHr8Iq8AS/Bgm4VjCRNU5qm1H6k0fb/W52TMy85meZtTxYRgI1VU01GRlaSd3dNRb/CfmKV2RmAokU7/XcIYDPZ38vuAEA5ek+jKcD0hwG7MjYffDXSE0nffrw/kVUdq/c+SDfcpG62tJ2dLz5LtwfrjZu7fiet7+TW79wcnP+czuuCLuqSLuuKrib103T99QUmIWDzGO1l85EDll40Av9emlfifD/Nq3Fez+QHab4V53snr4PToi4BwJysKfvfzux/J7P/Afy/Wu3Oy+Mg8N/OHDz+GYazr4oDW1JOKXkKySstLwhtKbdULfCkMwUfzYQOFw9qWtVVRE+K46XoiXPCXbedd0M+07/xoTgTdoozZXlXUueLpKW04S7tv+Fq+t+U950EYDW8d803XqvdudtoHp/5Z/6r+qP64YOD+/sPD7148vdG538A62P4o192JwAAAAAAAAAAAAAAYF67upZEzvDgp7K6AQAAAFCkv3pn6OjW0fMFXjkq+xoBAAAAAAAAAAAAAAAAAACAdfEnAAD//wweEbY=") r5 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)) r6 = socket$unix(0x1, 0x2, 0x0) bind$unix(r6, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000c00)=[{{&(0x7f0000000240)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x40000}}, {{&(0x7f00000002c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0}}], 0x2, 0x44804) socket$pppl2tp(0x18, 0x1, 0x1) close(r4) gettid() iopl(0x3) setgid(0x0) sendmsg$nl_generic(r1, 0x0, 0xc000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c00ce23b629cc6ebb8437c15b797f65e4d26779be5f2d9c48474669df8024642866fa189cd0c2e51c2c2f7effeb4f62c26efab7475c92ffd18d9f4780bf7edb6c0721f3b81dd90907264e7f435e7f50b714"]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) readahead(r0, 0xf, 0x8) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r7}, 0x50) 5.025669016s ago: executing program 0 (id=1239): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000005080000024d564b"]) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newtfilter={0x4c, 0x2c, 0x400, 0x10, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0xa}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5}]}]}]}}]}, 0x4c}}, 0x0) ioctl$KVM_GET_MSRS(r2, 0xc008ae88, 0x0) 1.867474256s ago: executing program 1 (id=1240): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x11, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161100, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) sendmsg$nl_crypto(0xffffffffffffffff, 0x0, 0x20004000) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0xd}, 0x0) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) 1.794940477s ago: executing program 6 (id=1241): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0x9, &(0x7f0000000300)={0xed, 0x2}, &(0x7f0000000340)) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='4\x00'/12, @ANYBLOB="cd15f5c66e1ef327ead425d0fcc1a0dd41b184bf14cc5a9c4233507575ba8d9c37a4444ae3aebfa28c97b97a95610c0770f5f7", @ANYRES64], 0x20) r1 = syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r2, &(0x7f0000000100)=[{&(0x7f00000001c0)='!', 0x1}], 0x1, 0x400003, 0x4, 0x7) lseek(r2, 0xe, 0x3) r3 = dup2(r1, r1) preadv(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0) bind$tipc(r3, &(0x7f0000000240)=@name={0x1e, 0x2, 0x3, {{0x1, 0x4}, 0x3}}, 0x10) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0xa00, 0x63c, 0x1, 0x3, 0xd59f83, 0x19f5, 0x3f, 0x7, 0x3, 0x6, 0x2800, 0x2800, 0x2, 0xba2, 0x0, 0x3e, {0x8, 0xffffffff}, 0xd0, 0x9}}) getsockopt$inet_buf(0xffffffffffffffff, 0x6, 0x29, 0x0, &(0x7f0000695ffc)) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r4, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xf0f05e, 0x1ff, '\x00', @p_u32=0x0}}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$SEG6(&(0x7f00000001c0), r5) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000040)={0x14, r6, 0x301, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4) pwritev(r4, &(0x7f0000000180)=[{&(0x7f0000000640)="13d8fa01a6a14532081d4d4e26844c993ed62a895f435fd3c4f4cb3dce89a270", 0x20}], 0x1, 0x10000012, 0x40) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0xc01c2, 0x1fe) 1.738570628s ago: executing program 5 (id=1242): mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave']) chdir(&(0x7f0000000240)='./file0\x00') r0 = open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0) ftruncate(r0, 0x2007ffc) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) sendfile(r0, r0, 0x0, 0x800000009) 1.60674642s ago: executing program 0 (id=1243): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x34, 0x2, {{0x6, 0x2, 0x0, 0x2, 0xffffffff}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd}}, @TCA_NETEM_RATE64={0xc, 0x8, 0xc1160cbda5ab1ab}]}}}]}, 0x64}}, 0x20000000) mknod$loop(&(0x7f0000000200)='./file0\x00', 0x200, 0x1) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r5 = dup(r4) write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f00000000c0)={0x14c}, 0x137) chmod(&(0x7f0000000180)='./file0\x00', 0x1d0) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) 374.800906ms ago: executing program 1 (id=1244): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x11, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161100, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) sendmsg$nl_crypto(0xffffffffffffffff, 0x0, 0x20004000) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) 320.057866ms ago: executing program 5 (id=1245): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000540)={0x44, 0x0, &(0x7f0000000400)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x1, 0xfcff, &(0x7f0000000f00)="9e"}) 198.480908ms ago: executing program 4 (id=1246): mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) setrlimit(0x8, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_mount_image$iso9660(&(0x7f00000025c0), &(0x7f0000000800)='./file0\x00', 0x221488e, &(0x7f00000002c0)=ANY=[], 0xfd, 0x6b6, &(0x7f0000002600)="$eJzs3d1v29b9x/EP5SfZ/SEofhuCIEiTk2QFHCxTJLlxYGRAq1GUzU0SBVIebGBAkTV2EUROtyQDFl+s880egA7Y9e56s4vd7R8Y0Ov+F7vbgGK7G7AbDTzUoyVKVv3QZX2/jFYU+eU5X5IKv6AtHgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMhxy/l8wVHVr2/vmHRuOQxqE5YnrS3oTjJxZ2q/khP/p2xWV5JZV77ZX3w5/t8tXUveXVM2fsnq8I3Lbz78xnymu/6EhL4Mzdrgi1eHTx+1WnvPTxA7p5mb/yopc4KgTa/uR4FfK216xo8Cs7G+nr+3VYlMxa960W7U9GrGDb1MMwjNqnvHFDY21oyX2w2265vlUtXrznzwnWI+v26+v5QcaEm5yN3yq1W/vmlj4sVxzAPzyY+SAK9UM2b/SWtvbVqScVDhJEHFkX1w7JAV88VioVAsFtbvb9x/kM/Pj8zIx5x8j0YizvxDi9fMmZ27gdPKxPX/r45UVVZ1bWtHZuyPq7JCBaqlLO/o1v+373kT+x2s/90qf0V6t7P4qmz9v568u55W/1NyMTJ2hXFLnJT5s/0s2IyMXuiVDvVUj9RSS3t6fgZtG5kbZ9LKBfxsylNdviIF8lVTyc4xnTlGG1rXuvJ6X1uqKJJRRb6q8hRpV5Ga8uwnylUoTyU1FSiU0apc3ZFRQRva0JqMPOW0q0DbqmtTZZX0r3a7va8ndr+vTchR3aBCSsDSYFBxQktp9f/HHyef0079z1P/v66Sz8FS8vJ5Skz2DM/fwGm0O9f/M7pxPtkAAAAAAIDz4Njfvjv2b/dvSWqr4le9fPoKixeZHQAAAAAAOAuO2ku6Jie+/pf0lpwp1/8AAAAAAOC149h77BxJK/ZL/U7/TqiT/BJg7gJSBAAAAAAAp2Tv/L++KLXtoBU35Mx0/Q8AAAAAAF4DvxkYY3++O8Zuu/tn/YykqLHk/OUfSwoXnKPGzrecg1K8pHQwl7EhI98AaFauOtHvk4F67Xi9i5LsO9e75nR66wyU2Rt38Iv90bH+e8Nk2rF+nfBYAotzgw0cS+BSZ6RgJ+55fb7zTp/o5rtDsY8PM7JLkl5WKn7Vy7lB9WFBpdKlTNPbaf7s2ZOfS2FvO/eftPZyH3zUemxzOYpnHR3EeXzcTefPi51dN5yLfenn8tKOt2DvuRg3uvGyKt0uf1uvrTi233x3++dUOsj0j1Hq9h/r81e6lRyzWytJ7MphbzTSePuz8fYXcvaQDW19uOD0sygc3/JxByIli6zN4nYSc3v1dvLSzS9uJ+Nkvz0nFXOjx2Aoi+JgFtP3hfPPkX0xKYvOvliLs/gsbigli7XZshg5IgDwVdnvVyE7iPnIGPvd8tA9qX2pujOmug/34rw3XN1f/qHdtivMSfOdv01M7CWr+Iy+6tg6tCh7Yp2/OnJG725N6VJWKWf0/CmqW9zXn/rPQOqkPZLFv9vt9sOC7fd3x6rqp/EKn6b2G1WT3X7v5cFP7AD4sQ/3Ptx7ViyureffyefvF7VgN6PzMidqDwBgxPRn7EyNcN7RzSTi5uO/v51MDVW8/+99pSCnD/SRWnqsu91HCNwY3+rKwNcQ7iZXrRq4ajWX33y4LB2PLehu6lWdraUDscVe7IK6qwxX6n7s2jkfBQAALtatKXV4fP3PDtX/u1pNIlavjr3uXulcy8vW8s7Vce+SPq3mFqYn/95Z7gkAAL4+vPALZ6X5aycM/cb7hY2NQqm55ZkwcH9gQr+86Rm/3vRCd6tU3/RMIwyagRtUTSPUkl/2IhNtNxpB2DSVIDSNIPJ37JPfTefR75FXK9Wbvhs1ql4p8owb1Jslt2nKfuSaxvb3qn605YV25ajhuX7Fd0tNP6ibKNgOXS9nTOR5A4F+2as3/YofT9bNLySVwl3zw6C6XfNM2Yvc0G80g6TBbl9+vRKENdtsTu2ZH3QIAMD/ohevDp8+arX2nh+fWI4vzZM5R0qJGZ1YHNMgYwQBAPBfpl+uZ1ip9818fdY+l6wAAAAAAAAAAAAAAAAAAAAAAMCg6bf0zTixMO5mQak356eXOnP0S/VvMRxpx9FZJzbLRGbWtbq3RBw+/XxC8HJvTnf3D8Ycnet2ZQf6+tv/SW/YRUrmzI9bK5veoDO90+UJB/eEE3PxDjpp8Hf3kz2aGhMvHLtoqXcs5s/+n0M88eyPKYva7XZ78upLw/twcdIGDk/MS3q+eIpDcPHnIgAX6z8BAAD//2apM8Q=") open_by_handle_at(r0, &(0x7f0000000100)=ANY=[@ANYRESDEC=r0], 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc1, &(0x7f000000cf3d)=""/193, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e00)}, 0x40002002) r3 = semget$private(0x0, 0x207, 0x0) semtimedop(r3, &(0x7f00000002c0)=[{0x0, 0xa}], 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYRES8=r1], 0xfe, 0x2ae, &(0x7f0000000a40)="$eJzs3c9qY1UYAPDvpkka7SJZuBLBu5iFG8tkti7MIBXErpQs/AM6ODMwNGGggcCoGGblE7hw4Xu4cy+48Q0EH8CdgxSO3NzbJLZp2rSmlfr7bXo45/vu+U7uabO43NPPXxsePHw6evz869+i1cqi1otevMiiE7U4lioBANwKL1KKPy71/V6vbaomAGCzFr7/G2eEbJ/uenvTZQEAG/ThRx+/f39/f++DPG9FDL8d97Mof5bj9x/HkxjEo7gb7TiaPwtIqWy/+97+XtTzQifuDCfjfpE5/OyXxccGRX432tFZnt/NSwv5k3G/ES9HZFnEk15RyL1oxyun8ovxvXtL8qPfjDda1SKL+XejHb9+EU9jEA+nzzTm83/TzfN30nd/fvVJEVzkZ5Nxf3saN5e2rvveAAAAAAAAAAAAAAAAAAAAAABwe+3mM524Myy6qvN3to6m47v/GJ+er1Objpf5WURz2jhxPtAkxQ/H5+vczfM8ZWX8/Hyferxaj/qNLRwAAAAAAAAAAAAAAAAAAAD+Q0bPvjx4MBg8OvxXGtVL/rPX+i97nd5Cz+uxOnh7rbliqwovaj0Z0/350+Gsp1jEZYofN/KIVTU3TvW8VNRz/pX/SimlLIu42m1qXGSucxo7q2OKD/in73fePHiQnfcZto5v3I+LQ804HD07cU8jW6fCtNb2a66IaVY75kLX2bniL9Fbv5eTVT3ZGqtoVI04a/u11trP1/c3CAAAAAAAAAAAAAAAAAAAKM1f+l0y+Hxlam1jRQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANZv///81GpMqeXlMSmky62nG4eiGlwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/wN8BAAD//7DYbww=") truncate(&(0x7f0000000080)='./file1\x00', 0xf62) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x34}, 0x10) pipe(0x0) syz_usbip_server_init(0x1) write$apparmor_current(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='svthk :\x00'], 0x8) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)={0x9c, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0xb}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @CTA_TIMEOUT={0x8}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x2000}]}, 0x9c}}, 0x0) r5 = syz_open_dev$video4linux(&(0x7f0000000080), 0x7ff, 0x100) ioctl$VIDIOC_LOG_STATUS(r5, 0x5646, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) 0s ago: executing program 5 (id=1247): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000001c0)=0x3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) kernel console output (not intermixed with test programs): New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 453.671723][ T26] usb 3-1: Product: syz [ 453.693542][ T26] usb 3-1: Manufacturer: syz [ 453.707554][ T26] usb 3-1: SerialNumber: syz [ 453.788015][ T26] usb 3-1: config 0 descriptor?? [ 453.825705][ T26] pegasus_notetaker 3-1:0.0: Invalid number of endpoints [ 453.833364][ T26] pegasus_notetaker: probe of 3-1:0.0 failed with error -22 [ 454.268179][ T6691] loop4: detected capacity change from 0 to 164 [ 455.136489][ T6701] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 455.287335][ T6706] Lens B: ================= START STATUS ================= [ 455.785728][ T6706] Lens B: Focus, Absolute: 0 [ 455.785927][ T6701] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 455.797161][ T6701] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 456.029565][ T6706] [ 456.622174][ T14] usb 3-1: USB disconnect, device number 4 [ 456.635656][ T6706] Lens B: ================== END STATUS ================== [ 456.765454][ T6701] vhci_hcd vhci_hcd.0: Device attached [ 456.782564][ T6722] loop2: detected capacity change from 0 to 1764 [ 457.025482][ T4308] usb 41-1: new low-speed USB device number 6 using vhci_hcd [ 458.809333][ T6711] vhci_hcd: connection reset by peer [ 458.855557][ T4324] vhci_hcd: stop threads [ 458.859897][ T4324] vhci_hcd: release socket [ 458.873159][ T4324] vhci_hcd: disconnect device [ 459.047679][ T27] audit: type=1326 audit(1748426452.793:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6727 comm="syz.1.582" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x0 [ 461.714061][ T6750] loop2: detected capacity change from 0 to 1764 [ 463.355654][ T4308] vhci_hcd: vhci_device speed not set [ 465.778250][ T6776] loop4: detected capacity change from 0 to 164 [ 465.892876][ T6779] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 465.990429][ T6779] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 465.997012][ T6779] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 466.073481][ T6779] vhci_hcd vhci_hcd.0: Device attached [ 466.111787][ T6779] Lens B: ================= START STATUS ================= [ 466.138785][ T6779] Lens B: Focus, Absolute: 0 [ 466.156120][ T6779] Lens B: ================== END STATUS ================== [ 466.290853][ T6786] 9pnet_fd: Insufficient options for proto=fd [ 466.297914][ T6781] vhci_hcd: connection closed [ 466.298227][ T4447] vhci_hcd: stop threads [ 466.345495][ T4303] usb 41-1: new low-speed USB device number 7 using vhci_hcd [ 466.361910][ T4447] vhci_hcd: release socket [ 466.368956][ T4447] vhci_hcd: disconnect device [ 468.713829][ T6814] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0 [ 469.285627][ T6806] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 469.585747][ T4544] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 469.778996][ T6830] affs: No valid root block on device nullb0 [ 469.790935][ T4544] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 469.826367][ T4544] usb 5-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 469.918971][ T4544] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 469.995685][ T4544] usb 5-1: Product: syz [ 470.028419][ T6833] loop0: detected capacity change from 0 to 164 [ 470.037103][ T4544] usb 5-1: Manufacturer: syz [ 470.056504][ T4544] usb 5-1: SerialNumber: syz [ 470.146997][ T4544] usb 5-1: config 0 descriptor?? [ 470.185055][ T4544] pegasus_notetaker 5-1:0.0: Invalid number of endpoints [ 470.194948][ T4544] pegasus_notetaker: probe of 5-1:0.0 failed with error -22 [ 470.263186][ T6833] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 470.477494][ T27] audit: type=1326 audit(1748426464.213:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6834 comm="syz.1.601" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x0 [ 471.313104][ T6840] Lens B: ================= START STATUS ================= [ 471.728360][ T4303] vhci_hcd: vhci_device speed not set [ 471.920907][ T6833] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 471.927607][ T6833] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 471.955536][ T6840] Lens B: Focus, Absolute: 0 [ 472.808380][ T6833] vhci_hcd vhci_hcd.0: Device attached [ 472.814865][ T6840] Lens B: ================== END STATUS ================== [ 472.841415][ T4308] usb 5-1: USB disconnect, device number 5 [ 473.505660][ T14] usb 33-1: new low-speed USB device number 6 using vhci_hcd [ 473.564711][ T6837] vhci_hcd: connection reset by peer [ 473.577530][ T4405] vhci_hcd: stop threads [ 473.581836][ T4405] vhci_hcd: release socket [ 473.611884][ T4405] vhci_hcd: disconnect device [ 474.756915][ T6871] loop2: detected capacity change from 0 to 164 [ 474.851051][ T6875] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 474.915554][ T4302] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 475.021338][ T6875] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 475.027931][ T6875] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 475.042421][ T6882] netlink: 'syz.5.613': attribute type 1 has an invalid length. [ 475.282673][ T4302] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 475.395692][ T6875] vhci_hcd vhci_hcd.0: Device attached [ 475.409123][ T4302] usb 5-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 475.472788][ T4302] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 475.512464][ T4302] usb 5-1: Product: syz [ 475.536617][ T4302] usb 5-1: Manufacturer: syz [ 475.551686][ T6879] vhci_hcd: connection closed [ 475.552107][ T4447] vhci_hcd: stop threads [ 475.562213][ T4302] usb 5-1: SerialNumber: syz [ 475.587650][ T4447] vhci_hcd: release socket [ 475.592936][ T4447] vhci_hcd: disconnect device [ 475.606926][ T4302] usb 5-1: config 0 descriptor?? [ 475.634789][ T4302] pegasus_notetaker 5-1:0.0: Invalid number of endpoints [ 475.642068][ T4302] pegasus_notetaker: probe of 5-1:0.0 failed with error -22 [ 475.711094][ T6889] loop0: detected capacity change from 0 to 164 [ 475.860271][ T6892] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 475.884521][ T6891] netlink: 'syz.5.617': attribute type 1 has an invalid length. [ 476.013885][ T6893] Lens B: ================= START STATUS ================= [ 476.390542][ T6892] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 476.397236][ T6892] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 476.610224][ T6893] Lens B: Focus, Absolute: 0 [ 476.635455][ T6892] vhci_hcd vhci_hcd.0: Device attached [ 476.937518][ T6893] Lens B: ================== END STATUS ================== [ 477.056756][ T6894] vhci_hcd: connection closed [ 477.115535][ T4420] vhci_hcd: stop threads [ 477.169933][ T4420] vhci_hcd: release socket [ 477.221929][ T4420] vhci_hcd: disconnect device [ 478.137161][ T4303] usb 5-1: USB disconnect, device number 6 [ 478.716098][ T14] vhci_hcd: vhci_device speed not set [ 479.766311][ T6935] 9pnet_fd: Insufficient options for proto=fd [ 479.997009][ T6940] loop2: detected capacity change from 0 to 164 [ 480.111702][ T6941] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 480.236949][ T6941] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 480.243628][ T6941] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 480.457379][ T6941] vhci_hcd vhci_hcd.0: Device attached [ 481.016620][ T6941] Lens B: ================= START STATUS ================= [ 481.055588][ T6941] Lens B: Focus, Absolute: 0 [ 481.075669][ T6941] Lens B: ================== END STATUS ================== [ 481.109264][ T4434] wlan1: Trigger new scan to find an IBSS to join [ 481.176674][ T6943] vhci_hcd: connection closed [ 481.176955][ T9] vhci_hcd: stop threads [ 481.205522][ T9] vhci_hcd: release socket [ 481.210337][ T9] vhci_hcd: disconnect device [ 481.619782][ T6966] netlink: 'syz.1.641': attribute type 2 has an invalid length. [ 481.642010][ T27] audit: type=1326 audit(1748426475.383:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6961 comm="syz.4.639" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x0 [ 482.482185][ T6966] netlink: 132 bytes leftover after parsing attributes in process `syz.1.641'. [ 485.028076][ T4324] wlan1: Trigger new scan to find an IBSS to join [ 486.915855][ T7010] loop4: detected capacity change from 0 to 164 [ 487.512974][ T4434] wlan1: Creating new IBSS network, BSSID 12:8a:34:fc:ed:7f [ 487.522642][ T7016] netlink: 'syz.0.655': attribute type 2 has an invalid length. [ 487.558240][ T7017] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 487.598149][ T7021] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 487.604728][ T7021] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 487.716299][ T7016] netlink: 132 bytes leftover after parsing attributes in process `syz.0.655'. [ 488.449424][ T7021] vhci_hcd vhci_hcd.0: Device attached [ 488.586027][ T7029] netlink: 'syz.1.657': attribute type 1 has an invalid length. [ 489.096771][ T7017] Lens B: ================= START STATUS ================= [ 489.175642][ T7017] Lens B: Focus, Absolute: 0 [ 489.180659][ T7017] Lens B: ================== END STATUS ================== [ 489.345414][ T4302] usb 41-1: new low-speed USB device number 8 using vhci_hcd [ 489.384668][ T7022] vhci_hcd: connection reset by peer [ 489.394372][ T5954] vhci_hcd: stop threads [ 489.398822][ T5954] vhci_hcd: release socket [ 489.435451][ T5954] vhci_hcd: disconnect device [ 494.486798][ T4302] vhci_hcd: vhci_device speed not set [ 494.806381][ T7068] overlayfs: overlapping lowerdir path [ 495.017397][ T7074] netlink: 'syz.2.670': attribute type 2 has an invalid length. [ 495.055723][ T7074] netlink: 132 bytes leftover after parsing attributes in process `syz.2.670'. [ 495.475959][ T7090] loop4: detected capacity change from 0 to 64 [ 497.778119][ T4305] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 498.179152][ T4305] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 498.214545][ T4305] usb 3-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 498.255613][ T4305] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 498.263911][ T4305] usb 3-1: Product: syz [ 498.275537][ T4305] usb 3-1: Manufacturer: syz [ 498.280322][ T4305] usb 3-1: SerialNumber: syz [ 498.304743][ T4305] usb 3-1: config 0 descriptor?? [ 498.331815][ T4305] pegasus_notetaker 3-1:0.0: Invalid number of endpoints [ 498.339141][ T4305] pegasus_notetaker: probe of 3-1:0.0 failed with error -22 [ 498.983889][ T7115] Bluetooth: MGMT ver 1.22 [ 499.209370][ T4714] wlan1: Trigger new scan to find an IBSS to join [ 500.014256][ T7129] netlink: 'syz.4.684': attribute type 2 has an invalid length. [ 500.022176][ T7129] netlink: 132 bytes leftover after parsing attributes in process `syz.4.684'. [ 500.886615][ T6115] usb 3-1: USB disconnect, device number 5 [ 501.664542][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.670976][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 503.158851][ T6041] wlan1: Trigger new scan to find an IBSS to join [ 503.199165][ T7147] loop2: detected capacity change from 0 to 4096 [ 503.424415][ T7161] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns [ 503.498598][ T7161] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 505.427863][ T7177] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 505.434436][ T7177] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 505.465929][ T7177] vhci_hcd vhci_hcd.0: Device attached [ 506.045438][ T4303] usb 37-1: new low-speed USB device number 11 using vhci_hcd [ 506.480856][ T7180] vhci_hcd: connection reset by peer [ 506.488102][ T4427] vhci_hcd: stop threads [ 506.494582][ T4427] vhci_hcd: release socket [ 506.528468][ T4427] vhci_hcd: disconnect device [ 506.635579][ T125] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 506.824743][ T4420] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 506.837015][ T125] usb 5-1: Using ep0 maxpacket: 8 [ 506.857265][ T125] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 506.896641][ T125] usb 5-1: config 179 has no interface number 0 [ 506.932707][ T125] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 506.992959][ T125] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 507.020468][ T125] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 507.303295][ T125] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 507.597887][ T125] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 507.747243][ T7200] netlink: 'syz.2.702': attribute type 1 has an invalid length. [ 508.009250][ T125] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 508.182753][ T125] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 508.245867][ T7183] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 510.267052][ T27] audit: type=1326 audit(1748426504.013:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.5.705" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x0 [ 510.361863][ T6115] usb 5-1: USB disconnect, device number 7 [ 510.361918][ C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 510.376140][ C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 511.015495][ T4305] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 511.415579][ T4303] vhci_hcd: vhci_device speed not set [ 511.763372][ T7233] loop5: detected capacity change from 0 to 164 [ 511.884345][ T7235] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 511.947509][ T4305] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 511.981081][ T4305] usb 5-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 511.994113][ T7235] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6) [ 512.000689][ T7235] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 512.014496][ T7235] vhci_hcd vhci_hcd.0: Device attached [ 512.025400][ T4305] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 512.034654][ T4305] usb 5-1: Product: syz [ 512.045939][ T4305] usb 5-1: Manufacturer: syz [ 512.050629][ T4305] usb 5-1: SerialNumber: syz [ 512.056822][ T7235] Lens B: ================= START STATUS ================= [ 512.076795][ T7235] Lens B: Focus, Absolute: 0 [ 512.137448][ T7235] Lens B: ================== END STATUS ================== [ 512.627642][ T7239] vhci_hcd: connection closed [ 512.630133][ T4305] usb 5-1: config 0 descriptor?? [ 512.642312][ T4434] vhci_hcd: stop threads [ 512.646403][ T4305] pegasus_notetaker 5-1:0.0: Invalid number of endpoints [ 512.653680][ T4305] pegasus_notetaker: probe of 5-1:0.0 failed with error -22 [ 512.696515][ T4434] vhci_hcd: release socket [ 512.718023][ T4434] vhci_hcd: disconnect device [ 512.789974][ T22] usb 43-1: new low-speed USB device number 2 using vhci_hcd [ 512.801308][ T22] usb 43-1: enqueue for inactive port 0 [ 512.915893][ T22] vhci_hcd: vhci_device speed not set [ 513.095867][ T9] wlan1: Trigger new scan to find an IBSS to join [ 513.506774][ T7252] netlink: 'syz.0.716': attribute type 1 has an invalid length. [ 514.602340][ T22] usb 5-1: USB disconnect, device number 8 [ 517.095572][ T46] wlan1: Trigger new scan to find an IBSS to join [ 518.467398][ T7295] affs: No valid root block on device nullb0 [ 518.561755][ T4332] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 519.192980][ T46] wlan1: Trigger new scan to find an IBSS to join [ 520.189466][ T6041] wlan1: Trigger new scan to find an IBSS to join [ 520.380349][ T27] audit: type=1326 audit(1748426514.123:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.0.732" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x0 [ 521.650346][ T7320] binder: 7313:7320 ioctl 4018620d 0 returned -22 [ 521.975465][ T125] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 522.044217][ T7328] loop4: detected capacity change from 0 to 164 [ 522.194649][ T7332] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 522.207548][ T125] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 522.232927][ T125] usb 6-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 522.247344][ T125] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 522.256129][ T125] usb 6-1: Product: syz [ 522.260465][ T125] usb 6-1: Manufacturer: syz [ 522.265184][ T125] usb 6-1: SerialNumber: syz [ 522.274406][ T125] usb 6-1: config 0 descriptor?? [ 522.289583][ T125] pegasus_notetaker 6-1:0.0: Invalid number of endpoints [ 522.297181][ T7332] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 522.303823][ T7332] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 522.305045][ T125] pegasus_notetaker: probe of 6-1:0.0 failed with error -22 [ 522.404813][ T7332] vhci_hcd vhci_hcd.0: Device attached [ 522.406808][ T7336] Lens B: ================= START STATUS ================= [ 522.456691][ T7336] Lens B: Focus, Absolute: 0 [ 522.461940][ T7336] Lens B: ================== END STATUS ================== [ 522.665515][ T125] usb 41-1: new low-speed USB device number 9 using vhci_hcd [ 522.835405][ T22] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 522.958104][ T7337] vhci_hcd: connection closed [ 522.967546][ T9] vhci_hcd: stop threads [ 523.101517][ T46] wlan1: Trigger new scan to find an IBSS to join [ 523.150641][ T22] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 523.209572][ T22] usb 3-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 523.245612][ T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 523.255470][ T22] usb 3-1: Product: syz [ 523.259892][ T22] usb 3-1: Manufacturer: syz [ 523.270201][ T22] usb 3-1: SerialNumber: syz [ 523.311360][ T22] usb 3-1: config 0 descriptor?? [ 523.341652][ T22] pegasus_notetaker 3-1:0.0: Invalid number of endpoints [ 523.349320][ T22] pegasus_notetaker: probe of 3-1:0.0 failed with error -22 [ 523.412520][ T9] vhci_hcd: release socket [ 523.440364][ T9] vhci_hcd: disconnect device [ 523.883707][ T4308] usb 6-1: USB disconnect, device number 2 [ 524.106031][ T4324] wlan1: Trigger new scan to find an IBSS to join [ 524.225466][ T4268] Bluetooth: hci2: command 0x0406 tx timeout [ 524.401026][ T6115] usb 3-1: USB disconnect, device number 6 [ 524.746824][ T27] audit: type=1326 audit(1748426518.493:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7354 comm="syz.0.746" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x0 [ 525.190781][ T4396] wlan1: Trigger new scan to find an IBSS to join [ 526.327660][ T41] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 527.015447][ T41] wlan1: Trigger new scan to find an IBSS to join [ 527.210348][ T27] audit: type=1326 audit(1748426520.953:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.1.748" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x0 [ 527.648550][ T41] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 528.020348][ T7385] affs: No valid root block on device nullb0 [ 528.298474][ T125] vhci_hcd: vhci_device speed not set [ 528.408206][ T7392] netlink: 'syz.2.754': attribute type 1 has an invalid length. [ 528.417659][ T41] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 528.715112][ T7398] loop1: detected capacity change from 0 to 164 [ 528.854829][ T7401] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 528.949448][ T7401] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 528.956013][ T7401] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 528.966778][ T7401] vhci_hcd vhci_hcd.0: Device attached [ 529.021630][ T7401] Lens B: ================= START STATUS ================= [ 529.029513][ T7401] Lens B: Focus, Absolute: 0 [ 529.072042][ T7401] Lens B: ================== END STATUS ================== [ 529.235491][ T4544] usb 35-1: new low-speed USB device number 4 using vhci_hcd [ 529.451754][ T27] audit: type=1326 audit(1748426523.193:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7412 comm="syz.0.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 529.474304][ T4307] usb 3-1: new full-speed USB device number 7 using dummy_hcd [ 529.483614][ T7403] vhci_hcd: connection reset by peer [ 529.496676][ T27] audit: type=1326 audit(1748426523.193:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7412 comm="syz.0.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 529.543237][ T4447] vhci_hcd: stop threads [ 529.551972][ T4447] vhci_hcd: release socket [ 530.053545][ T4447] vhci_hcd: disconnect device [ 530.099232][ T27] audit: type=1326 audit(1748426523.243:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7412 comm="syz.0.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 530.222030][ T27] audit: type=1326 audit(1748426523.243:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7412 comm="syz.0.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 530.227753][ T4307] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 530.328674][ T4307] usb 3-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 530.345451][ T27] audit: type=1326 audit(1748426523.243:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7412 comm="syz.0.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 530.385415][ T4307] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 530.435712][ T4307] usb 3-1: Product: syz [ 530.439958][ T4307] usb 3-1: Manufacturer: syz [ 530.478355][ T4307] usb 3-1: SerialNumber: syz [ 530.487458][ T27] audit: type=1326 audit(1748426523.243:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7412 comm="syz.0.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 530.551017][ T4307] usb 3-1: config 0 descriptor?? [ 530.568074][ T4307] pegasus_notetaker 3-1:0.0: Invalid number of endpoints [ 530.608016][ T4307] pegasus_notetaker: probe of 3-1:0.0 failed with error -22 [ 530.840464][ T27] audit: type=1326 audit(1748426523.753:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7412 comm="syz.0.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 530.936360][ T27] audit: type=1326 audit(1748426523.753:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7412 comm="syz.0.761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 530.965557][ T4307] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 531.181544][ T4307] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 531.208907][ T4307] usb 1-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 531.219394][ T4307] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 531.232328][ T4307] usb 1-1: Product: syz [ 531.238508][ T4307] usb 1-1: Manufacturer: syz [ 531.267873][ T4307] usb 1-1: SerialNumber: syz [ 531.298745][ T4307] usb 1-1: config 0 descriptor?? [ 531.343570][ T4307] pegasus_notetaker 1-1:0.0: Invalid number of endpoints [ 531.351888][ T4307] pegasus_notetaker: probe of 1-1:0.0 failed with error -22 [ 531.462013][ T27] audit: type=1326 audit(1748426525.203:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.5.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 533.789367][ T27] audit: type=1326 audit(1748426525.243:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.5.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 533.823665][ T27] audit: type=1326 audit(1748426525.433:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.5.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 533.991505][ T27] audit: type=1326 audit(1748426527.523:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.5.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 534.014946][ T27] audit: type=1326 audit(1748426527.523:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.5.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 534.038904][ T125] usb 3-1: USB disconnect, device number 7 [ 534.137143][ T27] audit: type=1326 audit(1748426527.593:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.5.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 534.174392][ T22] usb 1-1: USB disconnect, device number 5 [ 534.375565][ T4544] vhci_hcd: vhci_device speed not set [ 535.434709][ T7458] netlink: 'syz.0.775': attribute type 1 has an invalid length. [ 535.560197][ T7462] loop1: detected capacity change from 0 to 4096 [ 535.666947][ T7465] loop2: detected capacity change from 0 to 164 [ 535.757403][ T7465] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 535.786160][ T7465] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 535.792735][ T7465] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 535.800451][ T7465] vhci_hcd vhci_hcd.0: Device attached [ 535.809774][ T7465] Lens B: ================= START STATUS ================= [ 535.817269][ T7465] Lens B: Focus, Absolute: 0 [ 535.821908][ T7465] Lens B: ================== END STATUS ================== [ 536.146005][ T7468] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns [ 536.851748][ T7467] vhci_hcd: connection closed [ 536.856609][ T4332] vhci_hcd: stop threads [ 536.915489][ T22] usb 37-1: new low-speed USB device number 12 using vhci_hcd [ 536.966902][ T4332] vhci_hcd: release socket [ 536.994053][ T4332] vhci_hcd: disconnect device [ 537.000410][ T7468] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 537.647072][ T4544] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 537.847457][ T4544] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 537.868485][ T4544] usb 5-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 537.914137][ T4544] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 537.939384][ T4544] usb 5-1: Product: syz [ 537.953987][ T4544] usb 5-1: Manufacturer: syz [ 537.964121][ T4544] usb 5-1: SerialNumber: syz [ 538.015123][ T4544] usb 5-1: config 0 descriptor?? [ 538.031997][ T4544] pegasus_notetaker 5-1:0.0: Invalid number of endpoints [ 538.052672][ T4544] pegasus_notetaker: probe of 5-1:0.0 failed with error -22 [ 538.121280][ T7487] binder: 7486:7487 ioctl c0306201 0 returned -14 [ 539.215589][ T7500] netlink: 'syz.2.788': attribute type 1 has an invalid length. [ 539.270129][ T7] usb 5-1: USB disconnect, device number 9 [ 539.369802][ T27] audit: type=1326 audit(1748426533.113:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.0.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 539.619719][ T27] audit: type=1326 audit(1748426533.113:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.0.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 540.055653][ T4444] wlan1: Trigger new scan to find an IBSS to join [ 540.072318][ T27] audit: type=1326 audit(1748426533.143:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.0.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 540.775768][ T27] audit: type=1326 audit(1748426533.143:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.0.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 540.932442][ T7522] loop4: detected capacity change from 0 to 164 [ 541.057627][ T27] audit: type=1326 audit(1748426533.143:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.0.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 541.155278][ T7525] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 541.174273][ T27] audit: type=1326 audit(1748426533.143:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.0.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 541.277123][ T7525] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 541.283804][ T7525] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 541.294039][ T7528] Lens B: ================= START STATUS ================= [ 541.325465][ T7528] Lens B: Focus, Absolute: 0 [ 541.344074][ T7528] Lens B: ================== END STATUS ================== [ 541.352106][ T27] audit: type=1326 audit(1748426533.683:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.0.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 541.406197][ T7525] vhci_hcd vhci_hcd.0: Device attached [ 541.454974][ T27] audit: type=1326 audit(1748426533.683:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7497 comm="syz.0.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 541.565515][ T7] usb 41-1: new low-speed USB device number 10 using vhci_hcd [ 541.613116][ T27] audit: type=1326 audit(1748426533.853:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7509 comm="syz.2.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 541.683152][ T27] audit: type=1326 audit(1748426533.853:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7509 comm="syz.2.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 541.710096][ T7529] vhci_hcd: connection reset by peer [ 541.723748][ T4410] vhci_hcd: stop threads [ 541.729644][ T4410] vhci_hcd: release socket [ 541.755970][ T4410] vhci_hcd: disconnect device [ 542.000746][ T7537] affs: No valid root block on device nullb0 [ 542.065631][ T22] vhci_hcd: vhci_device speed not set [ 542.229164][ T7542] binder: 7541:7542 ioctl c0306201 0 returned -14 [ 544.065731][ T4444] wlan1: Trigger new scan to find an IBSS to join [ 544.393519][ T7563] netlink: 'syz.1.804': attribute type 1 has an invalid length. [ 544.712278][ T7574] binder: 7573:7574 ioctl c0306201 0 returned -14 [ 544.789255][ T7576] Zero length message leads to an empty skb [ 544.997249][ T7583] loop4: detected capacity change from 0 to 164 [ 545.096998][ T4405] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 545.234677][ T7564] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 545.440293][ T7584] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 546.230025][ T7586] Lens B: ================= START STATUS ================= [ 546.300602][ T7586] Lens B: Focus, Absolute: 0 [ 546.305955][ T7586] Lens B: ================== END STATUS ================== [ 546.349312][ T7584] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 546.355890][ T7584] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 546.369120][ T7584] vhci_hcd vhci_hcd.0: Device attached [ 546.805652][ T7594] vhci_hcd: connection closed [ 546.820687][ T7596] vhci_hcd: sendmsg failed!, ret=-32 for 48 [ 546.890445][ T9] vhci_hcd: stop threads [ 546.894824][ T9] vhci_hcd: release socket [ 546.924154][ T9] vhci_hcd: disconnect device [ 546.985776][ T7] vhci_hcd: vhci_device speed not set [ 547.019382][ T27] kauditd_printk_skb: 12 callbacks suppressed [ 547.019395][ T27] audit: type=1326 audit(1748426540.763:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7599 comm="syz.2.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 547.200057][ T4396] wlan1: Trigger new scan to find an IBSS to join [ 547.415502][ T27] audit: type=1326 audit(1748426540.763:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7599 comm="syz.2.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 547.867968][ T27] audit: type=1326 audit(1748426540.803:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7599 comm="syz.2.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 548.022532][ T27] audit: type=1326 audit(1748426540.803:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7599 comm="syz.2.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 548.075079][ T7610] netlink: 'syz.0.818': attribute type 1 has an invalid length. [ 548.403767][ T27] audit: type=1326 audit(1748426540.803:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7599 comm="syz.2.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 548.651432][ T27] audit: type=1326 audit(1748426540.803:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7599 comm="syz.2.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 549.115513][ T27] audit: type=1326 audit(1748426541.483:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7599 comm="syz.2.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 549.186098][ T7620] affs: No valid root block on device nullb0 [ 549.236969][ T27] audit: type=1326 audit(1748426541.483:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7599 comm="syz.2.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 549.354314][ T27] audit: type=1326 audit(1748426541.923:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.4.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 549.554602][ T27] audit: type=1326 audit(1748426541.923:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.4.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 549.765661][ T7632] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns [ 549.825494][ T7632] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 551.015679][ T4675] wlan1: Trigger new scan to find an IBSS to join [ 552.058980][ T4675] wlan1: Trigger new scan to find an IBSS to join [ 552.321805][ T7649] netlink: 'syz.5.831': attribute type 1 has an invalid length. [ 552.490055][ T27] kauditd_printk_skb: 6 callbacks suppressed [ 552.490071][ T27] audit: type=1326 audit(1748426546.233:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.4.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 552.715647][ T27] audit: type=1326 audit(1748426546.233:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.4.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 552.742567][ T27] audit: type=1326 audit(1748426546.273:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.4.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 552.836857][ T27] audit: type=1326 audit(1748426546.273:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.4.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 552.870355][ T27] audit: type=1326 audit(1748426546.273:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.4.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 552.925634][ T27] audit: type=1326 audit(1748426546.273:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.4.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 553.145476][ T7662] loop2: detected capacity change from 0 to 64 [ 553.766964][ T46] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 553.920118][ T27] audit: type=1326 audit(1748426547.663:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.4.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 554.015443][ T27] audit: type=1326 audit(1748426547.663:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.4.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 554.642900][ T27] audit: type=1326 audit(1748426548.383:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7681 comm="syz.2.842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 554.806049][ T27] audit: type=1326 audit(1748426548.383:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7681 comm="syz.2.842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 555.085955][ T4405] wlan1: Trigger new scan to find an IBSS to join [ 556.059147][ T4405] wlan1: Trigger new scan to find an IBSS to join [ 556.540248][ T7696] netlink: 'syz.0.845': attribute type 1 has an invalid length. [ 557.518914][ T4714] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 557.672836][ T6041] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 557.707773][ T27] kauditd_printk_skb: 12 callbacks suppressed [ 557.707792][ T27] audit: type=1326 audit(1748426551.453:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7704 comm="syz.2.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 557.985637][ T27] audit: type=1326 audit(1748426551.453:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7704 comm="syz.2.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 559.060330][ T27] audit: type=1326 audit(1748426552.803:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7704 comm="syz.2.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc5eed8d2d0 code=0x7ffc0000 [ 559.112302][ T4714] wlan1: Trigger new scan to find an IBSS to join [ 559.178732][ T27] audit: type=1326 audit(1748426552.803:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7704 comm="syz.2.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 559.541542][ T27] audit: type=1326 audit(1748426552.803:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7704 comm="syz.2.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 559.896870][ T27] audit: type=1326 audit(1748426552.833:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7704 comm="syz.2.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 559.928016][ T7736] loop1: detected capacity change from 0 to 4096 [ 559.956284][ T27] audit: type=1326 audit(1748426552.833:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7704 comm="syz.2.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 560.081426][ T27] audit: type=1326 audit(1748426552.833:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7704 comm="syz.2.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x7ffc0000 [ 560.368848][ T46] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 561.693534][ T7762] loop0: detected capacity change from 0 to 164 [ 561.876594][ T7767] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 561.974178][ T7767] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 561.980850][ T7767] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 562.002393][ T7767] vhci_hcd vhci_hcd.0: Device attached [ 562.010089][ T27] audit: type=1400 audit(1748426555.753:132): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=7760 comm="syz.0.870" [ 562.190128][ T27] audit: type=1326 audit(1748426555.933:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7771 comm="syz.5.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 562.355588][ T7347] usb 33-1: new low-speed USB device number 7 using vhci_hcd [ 562.449092][ T7769] vhci_hcd: connection closed [ 562.450538][ T46] vhci_hcd: stop threads [ 562.474090][ T46] vhci_hcd: release socket [ 562.546400][ T46] vhci_hcd: disconnect device [ 562.965140][ T27] kauditd_printk_skb: 5 callbacks suppressed [ 562.965156][ T27] audit: type=1326 audit(1748426556.703:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7771 comm="syz.5.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 563.101687][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.108415][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.121729][ T4434] wlan1: Trigger new scan to find an IBSS to join [ 563.265978][ T27] audit: type=1326 audit(1748426556.703:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7771 comm="syz.5.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 563.499236][ T27] audit: type=1326 audit(1748426557.243:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7784 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 563.875481][ T27] audit: type=1326 audit(1748426557.243:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7784 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 564.872062][ T27] audit: type=1326 audit(1748426557.273:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7784 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 564.917559][ T27] audit: type=1326 audit(1748426557.273:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7784 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 565.017474][ T27] audit: type=1326 audit(1748426557.273:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7784 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 565.182907][ T27] audit: type=1326 audit(1748426557.273:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7784 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 566.045400][ T27] audit: type=1326 audit(1748426557.953:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7784 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 566.068171][ T27] audit: type=1326 audit(1748426557.953:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7784 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 566.084032][ T4434] wlan1: Trigger new scan to find an IBSS to join [ 566.425578][ T4242] usb 3-1: new full-speed USB device number 8 using dummy_hcd [ 566.708612][ T4242] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 566.756896][ T4242] usb 3-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 566.842924][ T4242] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 567.161837][ T4427] wlan1: Trigger new scan to find an IBSS to join [ 567.200037][ T4242] usb 3-1: Product: syz [ 567.576206][ T7347] vhci_hcd: vhci_device speed not set [ 568.364620][ T4242] usb 3-1: Manufacturer: syz [ 568.369501][ T4242] usb 3-1: SerialNumber: syz [ 568.383434][ T4242] usb 3-1: config 0 descriptor?? [ 568.392595][ T4242] pegasus_notetaker 3-1:0.0: Invalid number of endpoints [ 568.400177][ T4242] pegasus_notetaker: probe of 3-1:0.0 failed with error -22 [ 569.402188][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 569.402235][ T27] audit: type=1326 audit(1748426563.143:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7833 comm="syz.4.881" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x0 [ 569.866951][ T4444] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 570.121151][ T27] audit: type=1326 audit(1748426563.863:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.5.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 570.515377][ T27] audit: type=1326 audit(1748426563.863:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.5.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 570.692582][ T27] audit: type=1326 audit(1748426563.893:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.5.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 570.696513][ T4242] usb 3-1: USB disconnect, device number 8 [ 570.925441][ T27] audit: type=1326 audit(1748426563.893:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.5.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 571.759845][ T27] audit: type=1326 audit(1748426563.893:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.5.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 571.966624][ T27] audit: type=1326 audit(1748426563.893:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.5.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 572.055581][ T41] wlan1: Trigger new scan to find an IBSS to join [ 572.924616][ T27] audit: type=1326 audit(1748426565.383:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.5.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 573.692014][ T27] audit: type=1326 audit(1748426565.383:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.5.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 573.757620][ T9] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 575.170724][ T7872] affs: No valid root block on device nullb0 [ 575.330914][ T7877] loop0: detected capacity change from 0 to 512 [ 575.374449][ T7877] EXT4-fs: Ignoring removed nobh option [ 575.419262][ T7877] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.895: invalid indirect mapped block 256 (level 2) [ 575.461012][ T7877] EXT4-fs (loop0): 2 truncates cleaned up [ 575.521440][ T7877] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 575.555015][ T7884] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 576.225614][ T7883] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 576.650233][ T4259] EXT4-fs (loop0): unmounting filesystem. [ 576.765700][ T4351] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 576.868291][ T27] audit: type=1326 audit(1748426570.613:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.2.899" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc5eed8e969 code=0x0 [ 576.961885][ T4351] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 577.060414][ T4351] usb 6-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 577.184794][ T4351] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 577.293427][ T4351] usb 6-1: Product: syz [ 577.356623][ T4351] usb 6-1: Manufacturer: syz [ 577.420633][ T4351] usb 6-1: SerialNumber: syz [ 577.558877][ T4351] usb 6-1: config 0 descriptor?? [ 577.663226][ T4351] pegasus_notetaker 6-1:0.0: Invalid number of endpoints [ 577.700154][ T27] audit: type=1326 audit(1748426571.443:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 577.832486][ T4351] pegasus_notetaker: probe of 6-1:0.0 failed with error -22 [ 578.833572][ T27] audit: type=1326 audit(1748426571.443:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 579.552064][ T27] audit: type=1326 audit(1748426571.473:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 579.868793][ T27] audit: type=1326 audit(1748426571.473:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 580.061333][ T27] audit: type=1326 audit(1748426571.473:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 580.294158][ T27] audit: type=1326 audit(1748426571.473:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 580.389791][ T7806] usb 6-1: USB disconnect, device number 3 [ 580.441037][ T27] audit: type=1326 audit(1748426571.953:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 580.556842][ T27] audit: type=1326 audit(1748426571.953:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 582.699342][ T27] audit: type=1326 audit(1748426576.443:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 583.613909][ T27] audit: type=1326 audit(1748426576.443:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 583.799567][ T27] audit: type=1326 audit(1748426576.473:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 583.856230][ T6041] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 584.005399][ T27] audit: type=1326 audit(1748426576.473:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 584.115592][ T27] audit: type=1326 audit(1748426576.473:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 584.143980][ T27] audit: type=1326 audit(1748426576.473:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 584.255736][ T7937] loop0: detected capacity change from 0 to 512 [ 584.259373][ T27] audit: type=1326 audit(1748426577.303:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 584.283814][ T7937] EXT4-fs: Ignoring removed nobh option [ 584.365049][ T7937] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.910: invalid indirect mapped block 256 (level 2) [ 584.421287][ T27] audit: type=1326 audit(1748426577.303:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 584.468656][ T27] audit: type=1326 audit(1748426577.773:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 584.486229][ T7948] netlink: 'syz.4.914': attribute type 1 has an invalid length. [ 584.494266][ T27] audit: type=1326 audit(1748426577.773:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 584.506750][ T7937] EXT4-fs (loop0): 2 truncates cleaned up [ 584.675687][ T7937] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 586.320718][ T6041] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 586.615714][ T7945] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 586.774765][ T7948] 8021q: adding VLAN 0 to HW filter on device bond1 [ 586.805766][ T7950] bond1: (slave gretap1): making interface the new active one [ 586.850577][ T7950] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 586.897223][ T4259] EXT4-fs (loop0): unmounting filesystem. [ 586.974464][ T4444] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 587.634949][ T4444] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 588.537566][ T7967] affs: No valid root block on device nullb0 [ 589.324869][ T4427] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 592.171617][ T7982] netlink: 'syz.2.925': attribute type 1 has an invalid length. [ 593.085741][ T6115] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 593.100232][ C0] raw-gadget.0 gadget.2: ignoring, device is not running [ 593.408604][ T4675] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 593.505607][ T6115] usb 3-1: device descriptor read/64, error -32 [ 593.785536][ T6115] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 593.800464][ T7998] affs: No valid root block on device nullb0 [ 593.895900][ T8001] loop4: detected capacity change from 0 to 512 [ 593.920591][ T8001] EXT4-fs: Ignoring removed nobh option [ 593.985456][ T6115] usb 3-1: Using ep0 maxpacket: 8 [ 594.000606][ T6115] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 594.021538][ T6115] usb 3-1: config 179 has no interface number 0 [ 594.033298][ T8001] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.929: invalid indirect mapped block 256 (level 2) [ 594.049571][ T6115] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 594.051209][ T8001] EXT4-fs (loop4): 2 truncates cleaned up [ 594.072276][ T6115] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 594.089511][ T6115] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 594.102313][ T6115] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 594.115123][ T6115] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 594.119072][ T8001] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 594.129633][ T6115] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 594.153078][ T6115] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 594.170569][ T7989] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 595.278309][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 595.329917][ T4306] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input9 [ 597.265468][ T4306] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 597.478180][ T4306] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 597.528116][ T4306] usb 5-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 597.558460][ T4306] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 597.572621][ T4306] usb 5-1: Product: syz [ 597.578096][ T4306] usb 5-1: Manufacturer: syz [ 597.584196][ T4306] usb 5-1: SerialNumber: syz [ 597.641387][ T4306] usb 5-1: config 0 descriptor?? [ 597.699567][ T4306] pegasus_notetaker 5-1:0.0: Invalid number of endpoints [ 597.706897][ T4306] pegasus_notetaker: probe of 5-1:0.0 failed with error -22 [ 597.792983][ T8027] tmpfs: Unknown parameter 'mp' [ 599.942245][ T8038] affs: No valid root block on device nullb0 [ 600.388463][ T4427] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 600.570558][ T4636] usb 5-1: USB disconnect, device number 10 [ 601.797779][ T8048] affs: No valid root block on device nullb0 [ 602.688607][ T8053] overlayfs: overlapping lowerdir path [ 603.811757][ T8063] tmpfs: Unknown parameter 'mp' [ 603.824058][ T4405] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 604.070814][ T4434] wlan1: Trigger new scan to find an IBSS to join [ 605.495521][ T8067] affs: No valid root block on device nullb0 [ 605.925741][ T8073] loop1: detected capacity change from 0 to 164 [ 605.989741][ T9] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 606.135749][ T4306] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 606.149772][ T8076] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 606.277261][ T8078] Lens B: ================= START STATUS ================= [ 606.285448][ T8078] Lens B: Focus, Absolute: 0 [ 606.290220][ T8078] Lens B: ================== END STATUS ================== [ 607.341418][ T7806] usb 3-1: USB disconnect, device number 10 [ 607.341428][ C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 607.341468][ C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 607.378935][ T7806] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 607.527546][ T4306] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 607.572420][ T4306] usb 6-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 607.642384][ T4306] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 607.689326][ T4306] usb 6-1: Product: syz [ 607.709878][ T4306] usb 6-1: Manufacturer: syz [ 607.732720][ T4306] usb 6-1: SerialNumber: syz [ 607.784116][ T4306] usb 6-1: config 0 descriptor?? [ 607.860187][ T4306] pegasus_notetaker 6-1:0.0: Invalid number of endpoints [ 607.935766][ T4306] pegasus_notetaker: probe of 6-1:0.0 failed with error -22 [ 608.931429][ T7] usb 6-1: USB disconnect, device number 4 [ 609.972656][ T4266] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 609.983208][ T4266] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 609.994134][ T4266] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 610.002679][ T4267] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 610.018030][ T4266] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 610.028631][ T4266] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 610.055423][ T9] wlan1: Trigger new scan to find an IBSS to join [ 610.163548][ T4396] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 610.833938][ T4396] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 610.971690][ T4396] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.051412][ T4396] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.484609][ T8107] tmpfs: Unknown parameter 'mp' [ 611.511574][ T56] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 612.055999][ T4266] Bluetooth: hci3: command 0x0409 tx timeout [ 612.408722][ T8095] chnl_net:caif_netlink_parms(): no params data found [ 613.832981][ T8095] bridge0: port 1(bridge_slave_0) entered blocking state [ 613.851868][ T8095] bridge0: port 1(bridge_slave_0) entered disabled state [ 613.880202][ T8095] device bridge_slave_0 entered promiscuous mode [ 613.989463][ T8095] bridge0: port 2(bridge_slave_1) entered blocking state [ 614.005880][ T8095] bridge0: port 2(bridge_slave_1) entered disabled state [ 614.043664][ T8095] device bridge_slave_1 entered promiscuous mode [ 614.135596][ T4266] Bluetooth: hci3: command 0x041b tx timeout [ 614.506295][ T8135] loop5: detected capacity change from 0 to 164 [ 614.525028][ T8095] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 614.708245][ T8141] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 614.818118][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 614.818165][ T27] audit: type=1400 audit(1748426608.563:179): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=8134 comm="syz.5.965" [ 614.904802][ T8141] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6) [ 614.911406][ T8141] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 614.919356][ T8141] vhci_hcd vhci_hcd.0: Device attached [ 615.145334][ T8145] Bluetooth: MGMT ver 1.22 [ 615.250744][ T8095] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 615.265482][ T4306] usb 43-1: new low-speed USB device number 3 using vhci_hcd [ 615.492478][ T8142] vhci_hcd: connection reset by peer [ 615.507663][ T4434] vhci_hcd: stop threads [ 615.517855][ T4434] vhci_hcd: release socket [ 615.570405][ T4434] vhci_hcd: disconnect device [ 616.077466][ T4396] bond1: (slave gretap1): Releasing active interface [ 616.215415][ T4266] Bluetooth: hci3: command 0x040f tx timeout [ 616.966924][ T8152] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 617.015700][ T6041] wlan1: Trigger new scan to find an IBSS to join [ 617.177881][ T8157] affs: No valid root block on device nullb0 [ 617.277702][ T8095] team0: Port device team_slave_0 added [ 617.347787][ T8095] team0: Port device team_slave_1 added [ 617.375956][ T4396] IPVS: stopping backup sync thread 4936 ... [ 617.645226][ T8170] tmpfs: Bad value for 'mpol' [ 618.295406][ T4266] Bluetooth: hci3: command 0x0419 tx timeout [ 619.176038][ T8095] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 619.183481][ T8095] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 619.279999][ T8095] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 619.336288][ T8095] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 619.343298][ T8095] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 619.435603][ T8095] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 619.453954][ T8175] netlink: 'syz.0.976': attribute type 1 has an invalid length. [ 619.499001][ T27] audit: type=1326 audit(1748426613.243:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8182 comm="syz.1.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 620.175058][ T27] audit: type=1326 audit(1748426613.243:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8182 comm="syz.1.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 620.198123][ T27] audit: type=1326 audit(1748426613.273:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8182 comm="syz.1.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 620.221791][ T27] audit: type=1326 audit(1748426613.273:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8182 comm="syz.1.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 620.244894][ T27] audit: type=1326 audit(1748426613.273:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8182 comm="syz.1.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 620.371094][ T27] audit: type=1326 audit(1748426613.273:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8182 comm="syz.1.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 620.475563][ T4306] vhci_hcd: vhci_device speed not set [ 620.507118][ T27] audit: type=1326 audit(1748426613.773:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8182 comm="syz.1.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 620.570519][ T27] audit: type=1326 audit(1748426613.773:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8182 comm="syz.1.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 620.809700][ T8197] overlayfs: overlapping lowerdir path [ 621.151415][ T8195] netlink: 'syz.1.983': attribute type 2 has an invalid length. [ 621.172375][ T8195] netlink: 164 bytes leftover after parsing attributes in process `syz.1.983'. [ 621.311821][ T4396] device hsr_slave_0 left promiscuous mode [ 621.366682][ T4396] device hsr_slave_1 left promiscuous mode [ 621.454366][ T4396] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 621.472983][ T4396] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 621.512771][ T4396] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 621.568200][ T4396] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 621.586564][ T4396] device bridge_slave_1 left promiscuous mode [ 621.595318][ T4396] bridge0: port 2(bridge_slave_1) entered disabled state [ 621.622848][ T4396] device bridge_slave_0 left promiscuous mode [ 621.630261][ T4396] bridge0: port 1(bridge_slave_0) entered disabled state [ 621.709673][ T4396] device veth1_macvtap left promiscuous mode [ 621.737541][ T4396] device veth0_macvtap left promiscuous mode [ 621.758039][ T4396] device veth1_vlan left promiscuous mode [ 621.766845][ T4396] device veth0_vlan left promiscuous mode [ 622.921175][ T8213] tmpfs: Bad value for 'mpol' [ 624.566545][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.574413][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.856032][ T27] audit: type=1326 audit(1748426618.603:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8225 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 625.219711][ T27] audit: type=1326 audit(1748426618.603:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8225 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 625.276049][ T4416] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 625.286979][ T27] audit: type=1326 audit(1748426618.623:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8225 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 625.485544][ T27] audit: type=1326 audit(1748426618.623:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8225 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 625.635773][ T27] audit: type=1326 audit(1748426618.623:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8225 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 625.812866][ T27] audit: type=1326 audit(1748426618.623:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8225 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 625.852444][ T4396] bond1 (unregistering): Released all slaves [ 625.893235][ T27] audit: type=1326 audit(1748426619.223:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8225 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 625.932520][ T27] audit: type=1326 audit(1748426619.223:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8225 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 626.423074][ T8240] affs: No valid root block on device nullb0 [ 627.328394][ T8251] affs: No valid root block on device nullb0 [ 628.175030][ T8258] tmpfs: Bad value for 'mpol' [ 628.251460][ T4396] team0 (unregistering): Port device team_slave_1 removed [ 628.609114][ T4396] team0 (unregistering): Port device team_slave_0 removed [ 628.948932][ T4396] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 629.079134][ T4396] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 629.694439][ T4396] bond0 (unregistering): Released all slaves [ 629.795237][ T8095] device hsr_slave_0 entered promiscuous mode [ 629.802671][ T8095] device hsr_slave_1 entered promiscuous mode [ 629.812738][ T8228] netlink: 'syz.0.993': attribute type 2 has an invalid length. [ 629.821763][ T8228] netlink: 164 bytes leftover after parsing attributes in process `syz.0.993'. [ 630.016171][ T8264] loop0: detected capacity change from 0 to 164 [ 630.035080][ T27] audit: type=1326 audit(1748426623.773:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8261 comm="syz.5.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 630.661170][ T8267] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 630.770314][ T8267] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 630.777096][ T8267] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 630.785402][ T8267] vhci_hcd vhci_hcd.0: Device attached [ 631.016194][ T8268] vhci_hcd: connection closed [ 631.017302][ T4332] vhci_hcd: stop threads [ 631.066053][ T4719] usb 33-1: new low-speed USB device number 8 using vhci_hcd [ 631.539057][ T27] audit: type=1326 audit(1748426623.773:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8261 comm="syz.5.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 631.561530][ T27] audit: type=1326 audit(1748426623.803:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8261 comm="syz.5.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 631.584732][ T27] audit: type=1326 audit(1748426623.803:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8261 comm="syz.5.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 631.607292][ T27] audit: type=1326 audit(1748426623.803:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8261 comm="syz.5.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 631.615538][ T4332] vhci_hcd: release socket [ 631.634005][ T27] audit: type=1326 audit(1748426623.803:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8261 comm="syz.5.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 631.747890][ T4332] vhci_hcd: disconnect device [ 631.753040][ T27] audit: type=1326 audit(1748426624.313:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8261 comm="syz.5.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 631.881660][ T4427] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 631.917776][ T27] audit: type=1326 audit(1748426624.313:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8261 comm="syz.5.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 632.175383][ T27] audit: type=1400 audit(1748426624.513:204): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=8262 comm="syz.0.1004" [ 632.314321][ T27] audit: type=1326 audit(1748426626.053:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8283 comm="syz.1.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 632.557324][ T8095] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 632.614400][ T27] audit: type=1326 audit(1748426626.053:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8283 comm="syz.1.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 632.661014][ T8095] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 633.011841][ T8293] netlink: 'syz.5.1013': attribute type 2 has an invalid length. [ 633.101737][ T8293] netlink: 164 bytes leftover after parsing attributes in process `syz.5.1013'. [ 633.112450][ T4420] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 633.143804][ T8095] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 633.277246][ T8095] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 633.795598][ T22] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 634.021514][ T22] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 634.044514][ T22] usb 5-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 634.054863][ T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 634.065416][ T22] usb 5-1: Product: syz [ 634.070588][ T22] usb 5-1: Manufacturer: syz [ 634.218110][ T22] usb 5-1: SerialNumber: syz [ 634.226052][ T22] usb 5-1: config 0 descriptor?? [ 634.234360][ T22] pegasus_notetaker 5-1:0.0: Invalid number of endpoints [ 634.244342][ T22] pegasus_notetaker: probe of 5-1:0.0 failed with error -22 [ 634.327529][ T8095] 8021q: adding VLAN 0 to HW filter on device bond0 [ 634.418222][ T4396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 634.437215][ T125] usb 5-1: USB disconnect, device number 11 [ 634.476955][ T4396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 634.509737][ T8095] 8021q: adding VLAN 0 to HW filter on device team0 [ 634.550368][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 634.590805][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 634.624104][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 634.631383][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 634.670864][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 634.680246][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 634.712948][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 634.720197][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 634.735648][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 634.752430][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 634.793820][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 634.847429][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 634.873597][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 634.901542][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 634.921484][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 635.054643][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 635.185780][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 635.303693][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 635.654773][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 635.768430][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 635.852810][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 636.238389][ T8336] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 636.659261][ T27] kauditd_printk_skb: 17 callbacks suppressed [ 636.659279][ T27] audit: type=1326 audit(1748426630.403:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8352 comm="syz.1.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 636.857329][ T4719] vhci_hcd: vhci_device speed not set [ 637.505454][ T27] audit: type=1326 audit(1748426630.403:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8352 comm="syz.1.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 637.587494][ T8365] affs: No valid root block on device nullb0 [ 638.073148][ T9] wlan1: Trigger new scan to find an IBSS to join [ 638.356724][ T27] audit: type=1326 audit(1748426630.433:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8352 comm="syz.1.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 638.521365][ T27] audit: type=1326 audit(1748426630.433:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8352 comm="syz.1.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 638.696526][ T27] audit: type=1326 audit(1748426630.433:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8352 comm="syz.1.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 638.808584][ T27] audit: type=1326 audit(1748426630.433:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8352 comm="syz.1.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 638.931318][ T27] audit: type=1326 audit(1748426631.193:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8352 comm="syz.1.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 639.090550][ T27] audit: type=1326 audit(1748426631.193:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8352 comm="syz.1.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 639.146662][ T4410] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 639.163863][ T4410] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 639.221314][ T8095] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 639.961408][ T8382] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 640.360502][ T27] audit: type=1326 audit(1748426634.103:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8396 comm="syz.4.1038" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x0 [ 641.015606][ T4434] wlan1: Trigger new scan to find an IBSS to join [ 641.442395][ T8415] netlink: 'syz.1.1040': attribute type 1 has an invalid length. [ 641.511662][ T46] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 641.903625][ T8418] affs: No valid root block on device nullb0 [ 642.056758][ T4410] wlan1: Trigger new scan to find an IBSS to join [ 643.221817][ T4396] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 643.458024][ T4416] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 643.982485][ T27] audit: type=1326 audit(1748426637.723:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8433 comm="syz.5.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 644.492111][ T4416] wlan1: Trigger new scan to find an IBSS to join [ 644.535027][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 644.562789][ T27] audit: type=1326 audit(1748426637.723:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8433 comm="syz.5.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 644.585729][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 644.683881][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 644.717359][ T27] audit: type=1326 audit(1748426637.763:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8433 comm="syz.5.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 644.731029][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 644.822444][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 644.834570][ T27] audit: type=1326 audit(1748426637.763:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8433 comm="syz.5.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 644.966220][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 645.005501][ T27] audit: type=1326 audit(1748426637.763:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8433 comm="syz.5.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 645.042430][ T8095] device veth0_vlan entered promiscuous mode [ 645.065044][ T27] audit: type=1326 audit(1748426637.763:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8433 comm="syz.5.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 645.159905][ T27] audit: type=1326 audit(1748426638.233:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8433 comm="syz.5.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 645.213899][ T8095] device veth1_vlan entered promiscuous mode [ 645.367404][ T27] audit: type=1326 audit(1748426638.233:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8433 comm="syz.5.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 645.470289][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 645.668691][ T8454] affs: No valid root block on device nullb0 [ 645.774315][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 645.782127][ T27] audit: type=1326 audit(1748426638.413:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8433 comm="syz.5.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 645.808828][ T27] audit: type=1326 audit(1748426638.413:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8433 comm="syz.5.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 645.972753][ T8095] device veth0_macvtap entered promiscuous mode [ 646.029858][ T8095] device veth1_macvtap entered promiscuous mode [ 646.099724][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 646.128199][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 646.259984][ T8095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 646.342467][ T8095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 646.370700][ T8095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 646.382411][ T8095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 646.393058][ T8095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 646.449485][ T8095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 646.496144][ T8095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 646.565523][ T8095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 646.631414][ T8095] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 646.662164][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 646.688790][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 646.756158][ T8095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 646.795189][ T8095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 647.132181][ T8095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 647.228027][ T8095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 647.302901][ T8095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 647.644369][ T8095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 647.656328][ T8095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 647.685598][ T8095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 647.710957][ T8095] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 647.720019][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 647.858087][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 647.909661][ T8095] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.974476][ T8095] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 648.012715][ T8095] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 648.078366][ T8095] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 648.094519][ T4324] wlan1: Trigger new scan to find an IBSS to join [ 649.108496][ T4332] wlan1: Trigger new scan to find an IBSS to join [ 649.358983][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 649.883517][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 650.532630][ T4434] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 650.746803][ T27] kauditd_printk_skb: 28 callbacks suppressed [ 650.746820][ T27] audit: type=1326 audit(1748426644.493:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8485 comm="syz.0.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 650.760038][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 650.848061][ T4434] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 650.849506][ T27] audit: type=1326 audit(1748426644.493:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8485 comm="syz.0.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x7ffc0000 [ 650.966755][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 650.980057][ T9] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 653.502659][ T8527] affs: No valid root block on device nullb0 [ 654.062870][ T4427] wlan1: Trigger new scan to find an IBSS to join [ 654.895994][ T27] audit: type=1326 audit(1748426648.643:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8535 comm="syz.0.1069" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9fb0f8e969 code=0x0 [ 655.118103][ T8541] netlink: 'syz.6.1070': attribute type 1 has an invalid length. [ 655.184310][ T27] audit: type=1326 audit(1748426648.923:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.1.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 655.799607][ T27] audit: type=1326 audit(1748426648.923:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.1.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 655.968018][ T27] audit: type=1326 audit(1748426648.953:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.1.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 656.146801][ T4434] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 656.217627][ T27] audit: type=1326 audit(1748426648.953:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.1.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 657.517421][ T27] audit: type=1326 audit(1748426648.953:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.1.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 657.855747][ T27] audit: type=1326 audit(1748426648.953:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.1.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 658.542744][ T27] audit: type=1326 audit(1748426649.443:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.1.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 658.670334][ T27] audit: type=1326 audit(1748426649.443:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.1.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x7ffc0000 [ 658.785408][ T4306] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 659.111457][ T4306] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 659.166711][ T27] audit: type=1326 audit(1748426650.553:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 659.190240][ T27] audit: type=1326 audit(1748426650.553:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 659.218383][ T4306] usb 2-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 659.223082][ T27] audit: type=1326 audit(1748426650.553:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 659.235342][ T4306] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 660.568315][ T4306] usb 2-1: Product: syz [ 661.145389][ T4306] usb 2-1: Manufacturer: syz [ 661.150191][ T4306] usb 2-1: SerialNumber: syz [ 661.165188][ T4306] usb 2-1: config 0 descriptor?? [ 661.196443][ T27] audit: type=1326 audit(1748426650.553:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 661.219229][ T27] audit: type=1326 audit(1748426650.553:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 661.243160][ T27] audit: type=1326 audit(1748426650.553:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 661.265682][ T27] audit: type=1326 audit(1748426651.053:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 661.289051][ T27] audit: type=1326 audit(1748426651.053:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 661.544262][ T4306] usb 2-1: can't set config #0, error -71 [ 662.106880][ T4306] usb 2-1: USB disconnect, device number 5 [ 662.475760][ T7827] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 662.746830][ T7827] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 662.809364][ T7827] usb 7-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 662.996074][ T7827] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 663.020005][ T8593] affs: No valid root block on device nullb0 [ 663.598461][ T8595] affs: No valid root block on device nullb0 [ 663.878819][ T7827] usb 7-1: Product: syz [ 663.899192][ T7827] usb 7-1: Manufacturer: syz [ 663.915615][ T7827] usb 7-1: SerialNumber: syz [ 663.945906][ T7827] usb 7-1: config 0 descriptor?? [ 664.007569][ T7827] pegasus_notetaker 7-1:0.0: Invalid number of endpoints [ 664.080774][ T7827] pegasus_notetaker: probe of 7-1:0.0 failed with error -22 [ 664.240036][ T4410] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 665.480326][ T8604] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 665.837494][ T8617] loop4: detected capacity change from 0 to 64 [ 666.035429][ T4305] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 666.298547][ T4444] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 666.455606][ T7806] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 667.756472][ T4351] usb 7-1: USB disconnect, device number 2 [ 668.158199][ T4305] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 668.168618][ T7806] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 669.774332][ T4305] usb 2-1: string descriptor 0 read error: -71 [ 669.784303][ T4305] usb 2-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 669.798076][ T7806] usb 6-1: string descriptor 0 read error: -71 [ 669.804461][ T7806] usb 6-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 669.943020][ T4305] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 669.951912][ T27] audit: type=1326 audit(1748426663.693:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.6.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 669.956417][ T7806] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 670.065521][ T7806] usb 6-1: config 0 descriptor?? [ 670.071880][ T4305] usb 2-1: config 0 descriptor?? [ 670.079851][ T7806] usb 6-1: can't set config #0, error -71 [ 670.086702][ T4305] usb 2-1: can't set config #0, error -71 [ 670.096586][ T4305] usb 2-1: USB disconnect, device number 6 [ 670.103153][ T7806] usb 6-1: USB disconnect, device number 5 [ 670.198765][ T27] audit: type=1326 audit(1748426663.693:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.6.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 670.635589][ T7806] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 670.730425][ T27] audit: type=1326 audit(1748426663.733:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.6.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 670.833716][ T7806] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 670.836738][ T8634] netlink: 'syz.1.1094': attribute type 1 has an invalid length. [ 670.889755][ T7806] usb 6-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 670.900566][ T7806] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 670.908980][ T7806] usb 6-1: Product: syz [ 670.913779][ T7806] usb 6-1: Manufacturer: syz [ 670.918654][ T7806] usb 6-1: SerialNumber: syz [ 670.937822][ T7806] usb 6-1: config 0 descriptor?? [ 670.964248][ T7806] pegasus_notetaker 6-1:0.0: Invalid number of endpoints [ 670.972392][ T7806] pegasus_notetaker: probe of 6-1:0.0 failed with error -22 [ 671.185120][ T27] audit: type=1326 audit(1748426663.733:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.6.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 671.207469][ C1] vkms_vblank_simulate: vblank timer overrun [ 671.224781][ T27] audit: type=1326 audit(1748426663.733:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.6.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 671.257810][ T7806] usb 6-1: USB disconnect, device number 6 [ 671.352591][ T27] audit: type=1326 audit(1748426663.733:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.6.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 671.374975][ C1] vkms_vblank_simulate: vblank timer overrun [ 671.575499][ T27] audit: type=1326 audit(1748426664.453:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.6.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 671.724414][ T27] audit: type=1326 audit(1748426664.453:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.6.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 671.929703][ T8651] binder: 8650:8651 ioctl c0306201 0 returned -14 [ 672.212648][ T27] audit: type=1326 audit(1748426665.313:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.6.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 672.271469][ T27] audit: type=1326 audit(1748426665.313:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.6.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 672.300686][ T8659] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns [ 672.360332][ T8659] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 673.456243][ T4409] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 673.621206][ T8676] loop6: detected capacity change from 0 to 164 [ 674.550284][ T8686] Lens B: ================= START STATUS ================= [ 674.558202][ T8686] Lens B: Focus, Absolute: 0 [ 674.562995][ T8686] Lens B: ================== END STATUS ================== [ 675.298666][ T8683] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 675.490501][ T8694] affs: No valid root block on device nullb0 [ 676.080294][ T27] kauditd_printk_skb: 11 callbacks suppressed [ 676.080345][ T27] audit: type=1326 audit(1748426669.823:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8693 comm="syz.1.1105" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a82d8e969 code=0x0 [ 677.350268][ T8709] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns [ 677.374975][ T8709] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 678.452651][ T7827] usb 5-1: new full-speed USB device number 12 using dummy_hcd [ 679.149986][ T7827] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 679.167796][ T8724] binder: 8723:8724 ioctl c0306201 0 returned -14 [ 679.204442][ T7827] usb 5-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 679.245332][ T7827] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 679.318568][ T7827] usb 5-1: Product: syz [ 679.323524][ T7827] usb 5-1: Manufacturer: syz [ 679.345467][ T7827] usb 5-1: SerialNumber: syz [ 679.373297][ T7827] usb 5-1: config 0 descriptor?? [ 679.446180][ T7827] pegasus_notetaker 5-1:0.0: Invalid number of endpoints [ 679.479369][ T7827] pegasus_notetaker: probe of 5-1:0.0 failed with error -22 [ 679.491615][ T8730] binder: 8729:8730 ioctl c0306201 0 returned -14 [ 679.642565][ T7827] usb 5-1: USB disconnect, device number 12 [ 681.058072][ T8749] loop0: detected capacity change from 0 to 164 [ 681.891048][ T8756] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 682.000079][ T8758] Lens B: ================= START STATUS ================= [ 682.007840][ T8758] Lens B: Focus, Absolute: 0 [ 682.012646][ T8758] Lens B: ================== END STATUS ================== [ 682.658888][ T8731] syz.6.1114 (8731): drop_caches: 2 [ 683.050545][ T8768] loop1: detected capacity change from 0 to 64 [ 683.591108][ T27] audit: type=1326 audit(1748426677.333:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.4.1131" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x0 [ 684.707476][ T26] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 684.907610][ T26] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 684.954600][ T26] usb 1-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 684.987819][ T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 684.998861][ T26] usb 1-1: Product: syz [ 685.003537][ T26] usb 1-1: Manufacturer: syz [ 685.012472][ T26] usb 1-1: SerialNumber: syz [ 685.024687][ T26] usb 1-1: config 0 descriptor?? [ 685.060292][ T26] pegasus_notetaker 1-1:0.0: Invalid number of endpoints [ 685.105950][ T26] pegasus_notetaker: probe of 1-1:0.0 failed with error -22 [ 685.140392][ T8787] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns [ 685.191781][ T8787] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 686.358567][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.365931][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.384516][ T56] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 687.460659][ T27] audit: type=1326 audit(1748426681.203:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8809 comm="syz.5.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 688.044884][ T27] audit: type=1326 audit(1748426681.203:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8809 comm="syz.5.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 688.087694][ T27] audit: type=1326 audit(1748426681.233:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8809 comm="syz.5.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 688.203149][ T4328] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 688.218144][ T27] audit: type=1326 audit(1748426681.233:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8809 comm="syz.5.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 688.621388][ T27] audit: type=1326 audit(1748426681.233:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8809 comm="syz.5.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 688.644866][ C0] vkms_vblank_simulate: vblank timer overrun [ 688.838696][ T8821] netlink: 'syz.1.1134': attribute type 1 has an invalid length. [ 688.906588][ T7347] usb 1-1: USB disconnect, device number 6 [ 688.908976][ T27] audit: type=1326 audit(1748426681.233:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8809 comm="syz.5.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 688.988017][ T8825] loop0: detected capacity change from 0 to 164 [ 688.997742][ T8821] 8021q: adding VLAN 0 to HW filter on device bond2 [ 689.006773][ T27] audit: type=1326 audit(1748426681.733:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8809 comm="syz.5.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 689.029057][ C0] vkms_vblank_simulate: vblank timer overrun [ 689.215150][ T8828] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 689.316961][ T8830] Lens B: ================= START STATUS ================= [ 689.324492][ T8830] Lens B: Focus, Absolute: 0 [ 689.329895][ T8830] Lens B: ================== END STATUS ================== [ 690.418827][ T27] audit: type=1326 audit(1748426681.733:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8809 comm="syz.5.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926278e969 code=0x7ffc0000 [ 690.441893][ C0] vkms_vblank_simulate: vblank timer overrun [ 691.511677][ T8839] netlink: 'syz.0.1138': attribute type 1 has an invalid length. [ 691.640729][ T8844] affs: No valid root block on device nullb0 [ 691.956145][ T4351] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 693.122401][ T4351] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 693.236102][ T4351] usb 6-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 693.273120][ T4351] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 693.300850][ T4351] usb 6-1: Product: syz [ 693.305112][ T4351] usb 6-1: Manufacturer: syz [ 693.326472][ T4351] usb 6-1: SerialNumber: syz [ 693.372200][ T4351] usb 6-1: config 0 descriptor?? [ 693.402743][ T4351] pegasus_notetaker 6-1:0.0: Invalid number of endpoints [ 693.416642][ T4351] pegasus_notetaker: probe of 6-1:0.0 failed with error -22 [ 695.339854][ T4306] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 695.715959][ T4305] usb 6-1: USB disconnect, device number 7 [ 695.832191][ T4306] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 696.183005][ T4306] usb 7-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 696.223412][ T8882] netlink: 'syz.0.1149': attribute type 1 has an invalid length. [ 696.262154][ T4306] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 696.290663][ T4306] usb 7-1: Product: syz [ 696.295128][ T4306] usb 7-1: Manufacturer: syz [ 696.307678][ T8882] 8021q: adding VLAN 0 to HW filter on device bond2 [ 696.315089][ T4306] usb 7-1: SerialNumber: syz [ 696.333128][ T4306] usb 7-1: config 0 descriptor?? [ 696.345856][ T4306] pegasus_notetaker 7-1:0.0: Invalid number of endpoints [ 696.354869][ T8886] loop4: detected capacity change from 0 to 164 [ 696.363061][ T4306] pegasus_notetaker: probe of 7-1:0.0 failed with error -22 [ 696.578702][ T8889] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 696.680219][ T8891] Lens B: ================= START STATUS ================= [ 696.687785][ T8891] Lens B: Focus, Absolute: 0 [ 696.692932][ T8891] Lens B: ================== END STATUS ================== [ 698.372799][ T7827] usb 7-1: USB disconnect, device number 3 [ 700.296065][ T41] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 700.423803][ T8914] netlink: 'syz.4.1157': attribute type 1 has an invalid length. [ 701.170094][ T8920] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns [ 701.211491][ T8920] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 702.379823][ T4416] wlan1: Trigger new scan to find an IBSS to join [ 702.905985][ T4405] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 703.192406][ T8944] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns [ 703.234469][ T8949] netlink: 'syz.5.1162': attribute type 1 has an invalid length. [ 703.242710][ T8944] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 703.897718][ T7827] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 704.005042][ T8949] 8021q: adding VLAN 0 to HW filter on device bond1 [ 704.087286][ T7827] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 704.657914][ T7827] usb 7-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 704.684521][ T7827] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 704.685192][ T8952] bond1: (slave gretap1): making interface the new active one [ 704.700286][ T7827] usb 7-1: Product: syz [ 704.708521][ T7827] usb 7-1: Manufacturer: syz [ 704.713199][ T7827] usb 7-1: SerialNumber: syz [ 704.748763][ T7827] usb 7-1: config 0 descriptor?? [ 704.794834][ T7827] pegasus_notetaker 7-1:0.0: Invalid number of endpoints [ 704.830793][ T8952] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 704.834518][ T7827] pegasus_notetaker: probe of 7-1:0.0 failed with error -22 [ 704.968885][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 704.987540][ T4306] usb 7-1: USB disconnect, device number 4 [ 705.397635][ T8965] loop5: detected capacity change from 0 to 164 [ 705.797852][ T8970] Lens B: ================= START STATUS ================= [ 705.805734][ T8970] Lens B: Focus, Absolute: 0 [ 705.810654][ T8970] Lens B: ================== END STATUS ================== [ 706.303738][ T4409] wlan1: Trigger new scan to find an IBSS to join [ 706.344801][ T8967] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 706.533490][ T46] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 707.064685][ T8978] loop4: detected capacity change from 0 to 512 [ 707.147471][ T8978] EXT4-fs: Ignoring removed nobh option [ 708.363167][ T8978] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1169: invalid indirect mapped block 256 (level 2) [ 708.476333][ T8978] EXT4-fs (loop4): 2 truncates cleaned up [ 708.502990][ T8978] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 708.732538][ T4409] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 708.822777][ T8988] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 708.840144][ T4434] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 709.817719][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 710.118003][ T9010] netlink: 'syz.6.1175': attribute type 1 has an invalid length. [ 711.220079][ T9019] loop0: detected capacity change from 0 to 64 [ 712.883759][ T9015] affs: No valid root block on device nullb0 [ 714.563431][ T9031] loop6: detected capacity change from 0 to 164 [ 714.710816][ T9034] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 714.816987][ T27] audit: type=1400 audit(1748426708.563:321): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=9030 comm="syz.6.1182" [ 714.838492][ T9034] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6) [ 714.845084][ T9034] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 714.853349][ T9034] vhci_hcd vhci_hcd.0: Device attached [ 715.165632][ T7] usb 45-1: new low-speed USB device number 2 using vhci_hcd [ 715.530508][ T9035] vhci_hcd: connection reset by peer [ 715.548429][ T8846] vhci_hcd: stop threads [ 715.948526][ T9038] loop5: detected capacity change from 0 to 164 [ 716.004798][ T8846] vhci_hcd: release socket [ 716.058040][ T8846] vhci_hcd: disconnect device [ 716.173442][ T9042] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 716.235991][ T9042] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6) [ 716.242585][ T9042] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 716.294837][ T9046] Lens B: ================= START STATUS ================= [ 716.302665][ T9046] Lens B: Focus, Absolute: 0 [ 716.307862][ T9046] Lens B: ================== END STATUS ================== [ 716.320285][ T9042] vhci_hcd vhci_hcd.0: Device attached [ 716.450858][ T9043] vhci_hcd: connection closed [ 716.452209][ T4416] vhci_hcd: stop threads [ 716.602222][ T4544] usb 43-1: new low-speed USB device number 4 using vhci_hcd [ 717.574177][ T4416] vhci_hcd: release socket [ 717.677316][ T4416] vhci_hcd: disconnect device [ 718.371109][ T9058] loop4: detected capacity change from 0 to 512 [ 718.467012][ T9058] EXT4-fs: Ignoring removed nobh option [ 718.552913][ T9058] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1186: invalid indirect mapped block 256 (level 2) [ 718.601514][ T9058] EXT4-fs (loop4): 2 truncates cleaned up [ 718.609809][ T9058] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 719.878451][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 720.305432][ T7] vhci_hcd: vhci_device speed not set [ 720.566419][ T4675] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 720.639934][ T9076] netlink: 'syz.6.1191': attribute type 1 has an invalid length. [ 722.251752][ T27] audit: type=1326 audit(1748426715.993:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 722.515664][ T27] audit: type=1326 audit(1748426715.993:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 722.576270][ T27] audit: type=1326 audit(1748426716.023:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 722.625475][ T4544] vhci_hcd: vhci_device speed not set [ 722.775985][ T27] audit: type=1326 audit(1748426716.023:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 722.936822][ T27] audit: type=1326 audit(1748426716.023:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 723.578797][ T27] audit: type=1326 audit(1748426716.023:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 723.643687][ T9107] tmpfs: Bad value for 'mpol' [ 724.562801][ T27] audit: type=1326 audit(1748426717.273:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 724.585774][ T27] audit: type=1326 audit(1748426717.273:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 724.627916][ T27] audit: type=1326 audit(1748426718.303:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 724.652157][ T27] audit: type=1326 audit(1748426718.303:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 726.463252][ T9131] affs: No valid root block on device nullb0 [ 726.905657][ T9135] netlink: 'syz.0.1205': attribute type 1 has an invalid length. [ 727.139992][ T9144] binder: 9143:9144 ioctl c0306201 2000000003c0 returned -14 [ 727.272910][ T9149] netlink: 'syz.4.1211': attribute type 1 has an invalid length. [ 727.406389][ T9149] 8021q: adding VLAN 0 to HW filter on device bond2 [ 728.756514][ T9160] loop4: detected capacity change from 0 to 164 [ 729.393418][ T9144] syz.1.1209 (9144): drop_caches: 2 [ 729.811944][ T9168] Lens B: ================= START STATUS ================= [ 729.819465][ T9168] Lens B: Focus, Absolute: 0 [ 729.824286][ T9168] Lens B: ================== END STATUS ================== [ 730.522398][ T27] kauditd_printk_skb: 11 callbacks suppressed [ 730.522416][ T27] audit: type=1326 audit(1748426724.263:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.6.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 731.100777][ T9165] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 731.175049][ T27] audit: type=1326 audit(1748426724.263:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.6.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 731.352604][ T27] audit: type=1326 audit(1748426724.293:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.6.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 732.022042][ T27] audit: type=1326 audit(1748426724.293:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.6.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 733.710139][ T27] audit: type=1326 audit(1748426724.293:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.6.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 734.135530][ T4268] Bluetooth: hci3: command 0x0406 tx timeout [ 734.479794][ T27] audit: type=1326 audit(1748426724.293:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.6.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 734.625622][ T9191] netlink: 'syz.6.1221': attribute type 1 has an invalid length. [ 734.685605][ T27] audit: type=1326 audit(1748426724.803:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.6.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 734.713593][ T27] audit: type=1326 audit(1748426724.803:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.6.1214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee438e969 code=0x7ffc0000 [ 735.701781][ T9201] affs: No valid root block on device nullb0 [ 736.640260][ T9219] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns [ 736.710753][ T9219] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 738.350982][ T27] audit: type=1326 audit(1748426732.093:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9235 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 738.715687][ T27] audit: type=1326 audit(1748426732.093:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9235 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 738.739840][ T4427] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 738.743233][ T27] audit: type=1326 audit(1748426732.123:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9235 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 738.936846][ T27] audit: type=1326 audit(1748426732.123:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9235 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 739.097217][ T27] audit: type=1326 audit(1748426732.123:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9235 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 739.120708][ T27] audit: type=1326 audit(1748426732.123:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9235 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fcf535907fc code=0x7ffc0000 [ 739.294175][ T9257] affs: No valid root block on device nullb0 [ 739.711333][ T27] audit: type=1326 audit(1748426732.123:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9235 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 739.865430][ T27] audit: type=1326 audit(1748426732.123:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9235 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 739.975426][ T6115] usb 6-1: new full-speed USB device number 8 using dummy_hcd [ 740.139715][ T8534] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 740.761779][ T27] audit: type=1326 audit(1748426732.123:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9235 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 740.791284][ T27] audit: type=1326 audit(1748426732.123:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9235 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf5358e969 code=0x7ffc0000 [ 740.856306][ T9269] loop4: detected capacity change from 0 to 64 [ 740.952952][ T6115] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 742.985413][ T4447] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 743.066067][ T6115] usb 6-1: string descriptor 0 read error: -71 [ 743.072531][ T6115] usb 6-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 743.160726][ T6115] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 743.222681][ T6115] usb 6-1: config 0 descriptor?? [ 743.756597][ T6115] usb 6-1: can't set config #0, error -71 [ 743.776448][ T6115] usb 6-1: USB disconnect, device number 8 [ 744.677121][ T9295] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns [ 744.714798][ T9295] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 744.782517][ T9300] ------------[ cut here ]------------ [ 744.788784][ T9300] WARNING: CPU: 1 PID: 9300 at arch/x86/kvm/x86.c:11214 kvm_arch_vcpu_ioctl_run+0x1e9e/0x2390 [ 744.799175][ T9300] Modules linked in: [ 744.803076][ T9300] CPU: 1 PID: 9300 Comm: syz.1.1244 Not tainted 6.1.140-syzkaller #0 [ 744.811191][ T9300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 744.821580][ T9300] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x1e9e/0x2390 [ 744.828289][ T9300] Code: e8 a7 83 c2 00 e9 4e ef ff ff 44 89 f9 80 e1 07 38 c1 0f 8c db e5 ff ff 4c 89 ff e8 6c 83 c2 00 e9 ce e5 ff ff e8 92 0d 71 00 <0f> 0b e9 da fc ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c ae eb [ 744.848771][ T9300] RSP: 0018:ffffc9000c32fc48 EFLAGS: 00010283 [ 744.854871][ T9300] RAX: ffffffff810fc97e RBX: ffff888062178000 RCX: 0000000000080000 [ 744.863128][ T9300] RDX: ffffc9000e9cb000 RSI: 00000000000003e4 RDI: 00000000000003e5 [ 744.871178][ T9300] RBP: ffff888027bb3000 R08: dffffc0000000000 R09: fffffbfff2117070 [ 744.879206][ T9300] R10: fffffbfff2117070 R11: 1ffffffff211706f R12: ffff8880621782ec [ 744.887234][ T9300] R13: ffff8880621780d8 R14: dffffc0000000000 R15: 0000000000000000 [ 744.895318][ T9300] FS: 00007f6a83bc16c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 744.904336][ T9300] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 744.910999][ T9300] CR2: 00007f92634e56c0 CR3: 0000000068adf000 CR4: 00000000003526e0 [ 744.919018][ T9300] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 744.927034][ T9300] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 744.935127][ T9300] Call Trace: [ 744.938652][ T9300] [ 744.941609][ T9300] ? mutex_lock_nested+0x10/0x10 [ 744.946618][ T9300] ? kvm_arch_vcpu_ioctl_run+0x139/0x2390 [ 744.952371][ T9300] kvm_vcpu_ioctl+0x887/0xb80 [ 744.957108][ T9300] ? xa_release+0x50/0x50 [ 744.961475][ T9300] ? __fget_files+0x28/0x4d0 [ 744.966131][ T9300] ? bpf_lsm_file_ioctl+0x5/0x10 [ 744.971103][ T9300] ? security_file_ioctl+0x7c/0xa0 [ 744.976303][ T9300] ? xa_release+0x50/0x50 [ 744.980657][ T9300] __se_sys_ioctl+0xfa/0x170 [ 744.985346][ T9300] do_syscall_64+0x4c/0xa0 [ 744.989797][ T9300] ? clear_bhb_loop+0x60/0xb0 [ 744.994493][ T9300] ? clear_bhb_loop+0x60/0xb0 [ 744.999223][ T9300] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 745.005159][ T9300] RIP: 0033:0x7f6a82d8e969 [ 745.009643][ T9300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.029408][ T9300] RSP: 002b:00007f6a83bc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 745.037900][ T9300] RAX: ffffffffffffffda RBX: 00007f6a82fb6080 RCX: 00007f6a82d8e969 [ 745.045983][ T9300] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 [ 745.053976][ T9300] RBP: 00007f6a82e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 745.062004][ T9300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.070070][ T9300] R13: 0000000000000000 R14: 00007f6a82fb6080 R15: 00007ffd5523ccd8 [ 745.078156][ T9300] [ 745.081205][ T9300] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 745.088514][ T9300] CPU: 1 PID: 9300 Comm: syz.1.1244 Not tainted 6.1.140-syzkaller #0 [ 745.096591][ T9300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 745.106682][ T9300] Call Trace: [ 745.110006][ T9300] [ 745.112944][ T9300] dump_stack_lvl+0x168/0x22e [ 745.117688][ T9300] ? memcpy+0x3c/0x60 [ 745.121692][ T9300] ? show_regs_print_info+0x12/0x12 [ 745.126920][ T9300] ? load_image+0x3b0/0x3b0 [ 745.131444][ T9300] panic+0x2c9/0x710 [ 745.135394][ T9300] ? bpf_jit_dump+0xd0/0xd0 [ 745.139953][ T9300] __warn+0x2f8/0x4f0 [ 745.143953][ T9300] ? kvm_arch_vcpu_ioctl_run+0x1e9e/0x2390 [ 745.149800][ T9300] ? kvm_arch_vcpu_ioctl_run+0x1e9e/0x2390 [ 745.155635][ T9300] report_bug+0x2ba/0x4f0 [ 745.159992][ T9300] ? kvm_arch_vcpu_ioctl_run+0x1e9e/0x2390 [ 745.165822][ T9300] handle_bug+0x3a/0x70 [ 745.170008][ T9300] exc_invalid_op+0x16/0x40 [ 745.174558][ T9300] asm_exc_invalid_op+0x16/0x20 [ 745.179609][ T9300] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x1e9e/0x2390 [ 745.186153][ T9300] Code: e8 a7 83 c2 00 e9 4e ef ff ff 44 89 f9 80 e1 07 38 c1 0f 8c db e5 ff ff 4c 89 ff e8 6c 83 c2 00 e9 ce e5 ff ff e8 92 0d 71 00 <0f> 0b e9 da fc ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c ae eb [ 745.205959][ T9300] RSP: 0018:ffffc9000c32fc48 EFLAGS: 00010283 [ 745.212040][ T9300] RAX: ffffffff810fc97e RBX: ffff888062178000 RCX: 0000000000080000 [ 745.220118][ T9300] RDX: ffffc9000e9cb000 RSI: 00000000000003e4 RDI: 00000000000003e5 [ 745.228153][ T9300] RBP: ffff888027bb3000 R08: dffffc0000000000 R09: fffffbfff2117070 [ 745.236160][ T9300] R10: fffffbfff2117070 R11: 1ffffffff211706f R12: ffff8880621782ec [ 745.244156][ T9300] R13: ffff8880621780d8 R14: dffffc0000000000 R15: 0000000000000000 [ 745.252168][ T9300] ? kvm_arch_vcpu_ioctl_run+0x1e9e/0x2390 [ 745.258108][ T9300] ? kvm_arch_vcpu_ioctl_run+0x1e9e/0x2390 [ 745.264017][ T9300] ? mutex_lock_nested+0x10/0x10 [ 745.268977][ T9300] ? kvm_arch_vcpu_ioctl_run+0x139/0x2390 [ 745.274806][ T9300] kvm_vcpu_ioctl+0x887/0xb80 [ 745.279521][ T9300] ? xa_release+0x50/0x50 [ 745.283879][ T9300] ? __fget_files+0x28/0x4d0 [ 745.288508][ T9300] ? bpf_lsm_file_ioctl+0x5/0x10 [ 745.293470][ T9300] ? security_file_ioctl+0x7c/0xa0 [ 745.298612][ T9300] ? xa_release+0x50/0x50 [ 745.302984][ T9300] __se_sys_ioctl+0xfa/0x170 [ 745.307633][ T9300] do_syscall_64+0x4c/0xa0 [ 745.312063][ T9300] ? clear_bhb_loop+0x60/0xb0 [ 745.316747][ T9300] ? clear_bhb_loop+0x60/0xb0 [ 745.321528][ T9300] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 745.327449][ T9300] RIP: 0033:0x7f6a82d8e969 [ 745.332404][ T9300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.352027][ T9300] RSP: 002b:00007f6a83bc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 745.360592][ T9300] RAX: ffffffffffffffda RBX: 00007f6a82fb6080 RCX: 00007f6a82d8e969 [ 745.368615][ T9300] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 [ 745.376695][ T9300] RBP: 00007f6a82e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 745.384765][ T9300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.392762][ T9300] R13: 0000000000000000 R14: 00007f6a82fb6080 R15: 00007ffd5523ccd8 [ 745.400768][ T9300] [ 745.404219][ T9300] Kernel Offset: disabled [ 745.408649][ T9300] Rebooting in 86400 seconds..