last executing test programs: 17m33.383491518s ago: executing program 4 (id=1479): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17) set_mempolicy_home_node(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0) 17m32.297012324s ago: executing program 4 (id=1499): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x80000004, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000640)={0x1, &(0x7f0000000680)=[{0x6, 0x0, 0x0, 0x2}]}, 0x10) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x41}}, 0xfffffffc}, 0x1c) listen(r0, 0x8) 17m32.145045739s ago: executing program 4 (id=1501): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x8) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) 17m31.297100411s ago: executing program 4 (id=1518): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000280)='./file0\x00') 17m31.110043384s ago: executing program 4 (id=1523): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_pidfd_open(r0, 0x0) fcntl$setstatus(r1, 0x4, 0x800) waitid$P_PIDFD(0x3, r1, 0x0, 0x4, 0x0) 17m30.39137649s ago: executing program 4 (id=1541): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) write$uinput_user_dev(r1, &(0x7f0000000f80)={'syz0\x00', {0x5, 0xfff7, 0x3, 0x7}, 0x50, [0x800002, 0x9, 0x0, 0x1, 0x8, 0xea45, 0xe, 0x1, 0x63, 0x0, 0x7f, 0xc, 0x2, 0x8, 0x1, 0x4, 0x8000ffc, 0x80000002, 0x51, 0x200008, 0x800, 0xa4d, 0x3ff, 0x5, 0x6, 0x10001, 0xffff, 0xfffffffd, 0x4, 0x6, 0x401, 0xc, 0x9, 0x4, 0x2, 0x1, 0x2, 0x4, 0x1, 0x4, 0xa, 0x6, 0x3, 0x9, 0x804d7f, 0x2, 0x8c00, 0x6, 0x939, 0x5, 0x9, 0x2, 0x2, 0x8, 0xfffffff7, 0x7fff, 0x6, 0x5, 0x80000001, 0xd77, 0x5, 0x2a, 0x1, 0x23], [0x8, 0x401, 0x9, 0x9, 0x80000005, 0x12, 0x7fc, 0xc, 0x0, 0x2329, 0xfd8, 0x3, 0x7, 0x5, 0x0, 0x24a, 0x2, 0xfffffff7, 0x2, 0x3, 0x5, 0x4009, 0x80, 0xb, 0x8001, 0x40, 0xa1, 0x10000, 0xffffffff, 0x5, 0x10004, 0x9e, 0x8, 0x7ff, 0x6, 0x7, 0x0, 0x6, 0xffff3f16, 0xc, 0x2, 0x9, 0xa, 0x5, 0xfffffeff, 0x7, 0x800, 0x5, 0xc5, 0x3, 0x1, 0x9, 0x8, 0x3, 0xffff7ff7, 0x3, 0x24c, 0x1ff, 0x2a0, 0x5, 0x6, 0x6, 0x200007, 0x8], [0x2, 0x9, 0x1a9e1bfa, 0xfffffffc, 0x8, 0x9, 0x3, 0x6, 0x7aae, 0x80000000, 0x2, 0x7ffffff7, 0x8000, 0x1, 0x1, 0x5, 0x400, 0x80000002, 0x2b0, 0x5, 0x97f82544, 0x8, 0xfffffffd, 0x0, 0x9, 0x5, 0x4, 0x9, 0xc90, 0xffffff3c, 0x2, 0x13, 0x4, 0xff, 0x140, 0x2, 0x2, 0x1000000c, 0x0, 0x6, 0x3, 0x8007c12, 0x5, 0x1, 0x17, 0x8000, 0xe, 0xfff, 0x4, 0x8, 0x1, 0xffffff00, 0x100, 0x1fff80, 0x2, 0x0, 0x8, 0xdd, 0x1, 0x9, 0xc3, 0x20ffff, 0x79c], [0x9, 0x3a8d, 0xffff9a7f, 0x200, 0x6, 0x1, 0x6, 0xfffffff3, 0xd077, 0x2, 0xffffffff, 0x21, 0x284, 0xa, 0x6, 0x2, 0x1ff, 0xfe, 0x2, 0x66608000, 0x5e82, 0x7fb, 0x6, 0x0, 0x4, 0x5, 0x80000001, 0xffff, 0xd, 0x40, 0xfffffffd, 0x1, 0x10001, 0x61, 0x10, 0x1000, 0xc, 0x100, 0x8, 0x20000000, 0x8, 0x15, 0xb32a, 0xec000000, 0x8001, 0x1900, 0x4, 0xc, 0x8, 0x7ff, 0x280, 0x2, 0xfffffffb, 0x7, 0x6e79, 0x0, 0xc, 0x9371, 0x3, 0x7, 0x580, 0x2d1, 0x83, 0x8]}, 0x45c) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 'syz0\x00', 0x0}) 17m30.09573433s ago: executing program 32 (id=1541): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) write$uinput_user_dev(r1, &(0x7f0000000f80)={'syz0\x00', {0x5, 0xfff7, 0x3, 0x7}, 0x50, [0x800002, 0x9, 0x0, 0x1, 0x8, 0xea45, 0xe, 0x1, 0x63, 0x0, 0x7f, 0xc, 0x2, 0x8, 0x1, 0x4, 0x8000ffc, 0x80000002, 0x51, 0x200008, 0x800, 0xa4d, 0x3ff, 0x5, 0x6, 0x10001, 0xffff, 0xfffffffd, 0x4, 0x6, 0x401, 0xc, 0x9, 0x4, 0x2, 0x1, 0x2, 0x4, 0x1, 0x4, 0xa, 0x6, 0x3, 0x9, 0x804d7f, 0x2, 0x8c00, 0x6, 0x939, 0x5, 0x9, 0x2, 0x2, 0x8, 0xfffffff7, 0x7fff, 0x6, 0x5, 0x80000001, 0xd77, 0x5, 0x2a, 0x1, 0x23], [0x8, 0x401, 0x9, 0x9, 0x80000005, 0x12, 0x7fc, 0xc, 0x0, 0x2329, 0xfd8, 0x3, 0x7, 0x5, 0x0, 0x24a, 0x2, 0xfffffff7, 0x2, 0x3, 0x5, 0x4009, 0x80, 0xb, 0x8001, 0x40, 0xa1, 0x10000, 0xffffffff, 0x5, 0x10004, 0x9e, 0x8, 0x7ff, 0x6, 0x7, 0x0, 0x6, 0xffff3f16, 0xc, 0x2, 0x9, 0xa, 0x5, 0xfffffeff, 0x7, 0x800, 0x5, 0xc5, 0x3, 0x1, 0x9, 0x8, 0x3, 0xffff7ff7, 0x3, 0x24c, 0x1ff, 0x2a0, 0x5, 0x6, 0x6, 0x200007, 0x8], [0x2, 0x9, 0x1a9e1bfa, 0xfffffffc, 0x8, 0x9, 0x3, 0x6, 0x7aae, 0x80000000, 0x2, 0x7ffffff7, 0x8000, 0x1, 0x1, 0x5, 0x400, 0x80000002, 0x2b0, 0x5, 0x97f82544, 0x8, 0xfffffffd, 0x0, 0x9, 0x5, 0x4, 0x9, 0xc90, 0xffffff3c, 0x2, 0x13, 0x4, 0xff, 0x140, 0x2, 0x2, 0x1000000c, 0x0, 0x6, 0x3, 0x8007c12, 0x5, 0x1, 0x17, 0x8000, 0xe, 0xfff, 0x4, 0x8, 0x1, 0xffffff00, 0x100, 0x1fff80, 0x2, 0x0, 0x8, 0xdd, 0x1, 0x9, 0xc3, 0x20ffff, 0x79c], [0x9, 0x3a8d, 0xffff9a7f, 0x200, 0x6, 0x1, 0x6, 0xfffffff3, 0xd077, 0x2, 0xffffffff, 0x21, 0x284, 0xa, 0x6, 0x2, 0x1ff, 0xfe, 0x2, 0x66608000, 0x5e82, 0x7fb, 0x6, 0x0, 0x4, 0x5, 0x80000001, 0xffff, 0xd, 0x40, 0xfffffffd, 0x1, 0x10001, 0x61, 0x10, 0x1000, 0xc, 0x100, 0x8, 0x20000000, 0x8, 0x15, 0xb32a, 0xec000000, 0x8001, 0x1900, 0x4, 0xc, 0x8, 0x7ff, 0x280, 0x2, 0xfffffffb, 0x7, 0x6e79, 0x0, 0xc, 0x9371, 0x3, 0x7, 0x580, 0x2d1, 0x83, 0x8]}, 0x45c) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 'syz0\x00', 0x0}) 10m58.762478785s ago: executing program 1 (id=8158): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) arch_prctl$ARCH_GET_FS(0x1003, 0x0) 10m58.596504226s ago: executing program 1 (id=8162): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000680)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x4b) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x200480d8) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) sendmsg$inet6(r1, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=[@hopopts={{0x18, 0x29, 0x36, {0x84}}}], 0x18}, 0x4) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) 10m58.347728092s ago: executing program 1 (id=8169): syz_open_procfs(0x0, &(0x7f0000000500)='ns\x00') fanotify_init(0x40, 0x40000) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00') syz_open_dev$tty1(0xc, 0x4, 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) io_uring_setup(0xcba, &(0x7f0000000180)={0x0, 0x24bb, 0x10000, 0x3, 0x142}) getdents(r0, &(0x7f0000001f80)=""/4096, 0x1000) 10m58.109023322s ago: executing program 1 (id=8172): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socketpair(0x1e, 0x3, 0x1, &(0x7f0000000080)) 10m57.959423682s ago: executing program 1 (id=8175): mkdirat(0xffffffffffffff9c, &(0x7f0000000500)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) r0 = open(&(0x7f0000000000)='.\x00', 0x800080, 0x11) ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0) 10m57.696640024s ago: executing program 1 (id=8179): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) prctl$PR_MCE_KILL(0x35, 0x1, 0x2) 10m41.634255379s ago: executing program 33 (id=8179): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) prctl$PR_MCE_KILL(0x35, 0x1, 0x2) 6m25.069461257s ago: executing program 6 (id=14239): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = syz_usb_connect$sierra_net(0x5, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x1199, 0x68a3, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x0, 0x80, 0xfa, {{0x9, 0x4, 0x7, 0x0, 0x3, 0xff, 0x0, 0x0, 0x0, "", {{0x9, 0x5, 0x0, 0x2, 0x40, 0x80, 0xa, 0x9}, {0x9, 0x5, 0xf, 0x2, 0x8, 0x0, 0x4}, {0x9, 0x5, 0xe, 0x3, 0x200, 0x0, 0x6, 0x8}}}}}}]}}, 0x0) syz_usb_disconnect(r2) 6m23.405612183s ago: executing program 6 (id=14255): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) recvmsg(r2, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001) 6m23.250066722s ago: executing program 6 (id=14258): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) 6m22.918810356s ago: executing program 6 (id=14262): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, 0x0) setpgid(0x0, r0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$AUTOFS_IOC_READY(r1, 0x9360, 0x800000000000001) 6m22.350670358s ago: executing program 6 (id=14267): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket(0xa, 0x3, 0xff) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x2, @remote, 0x6}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000540)="de69dec00fadfee7955e56a8d0ad36b637bb74bddbee4bbd994380ac92c927b0c4b9007fd817092d", 0x28}], 0x1}}], 0x1, 0x840) 6m21.239735004s ago: executing program 6 (id=14280): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r3 = dup2(r2, r2) setsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, 0x0) 6m20.446660736s ago: executing program 34 (id=14280): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r3 = dup2(r2, r2) setsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, 0x0) 2.165869956s ago: executing program 7 (id=20725): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket(0x18, 0x1, 0x1) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000001010100000000000000000200de0104001640240001801483d68008000100e009000108000200e00000010c00028005000100657f84beca878907a09b319f"], 0x3c}, 0x1, 0x0, 0x0, 0x4004881}, 0x20008820) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) getsockopt$inet_int(r2, 0x111, 0x32, 0x0, &(0x7f0000000040)=0x2d) 1.968051667s ago: executing program 7 (id=20730): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB='max=00000000000000000000001']) 1.799319309s ago: executing program 7 (id=20733): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sigaltstack(0x0, 0x0) 1.541740196s ago: executing program 7 (id=20737): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_BT_VOICE(r3, 0x112, 0xb, 0x0, 0x0) 1.461723931s ago: executing program 2 (id=20738): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2) setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7}, 0x1c) io_setup(0x6, &(0x7f0000000680)=0x0) io_submit(r3, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r2, 0x0, 0x1802}]) 1.381354624s ago: executing program 5 (id=20740): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) syz_clone(0x80001000, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0) 1.342626115s ago: executing program 7 (id=20741): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) 1.093317266s ago: executing program 2 (id=20744): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, 0x0, 0x310) 1.063701252s ago: executing program 3 (id=20745): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x5}) 1.022058829s ago: executing program 5 (id=20746): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) openat$cgroup(r1, &(0x7f0000000140)='syz0\x00', 0x200002, 0x0) 821.682832ms ago: executing program 2 (id=20749): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000000000)=""/95, 0x5f}], 0x1, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) 818.452627ms ago: executing program 3 (id=20750): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mincore(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x0) 728.886072ms ago: executing program 5 (id=20752): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = dup3(r4, r2, 0x80000) ioctl$KVM_GET_MSRS_cpu(r5, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xc001001f, 0x0, 0x7b}]}) 628.129862ms ago: executing program 0 (id=20753): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r3, 0xee01, 0x0) 627.223676ms ago: executing program 2 (id=20754): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) writev(r4, 0x0, 0x0) 588.629962ms ago: executing program 3 (id=20755): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) capset(&(0x7f0000000080)={0x19980330}, &(0x7f00000000c0)={0x0, 0x0, 0xfffffffd}) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r2, 0x0, 0x0, 0x404c802, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x4004084, 0x0, 0x0) 485.166083ms ago: executing program 0 (id=20756): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) 399.761525ms ago: executing program 3 (id=20757): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) keyctl$search(0xa, 0x0, &(0x7f0000000140)='keyring\x00', 0x0, 0xfffffffffffffffa) 399.514851ms ago: executing program 5 (id=20758): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0) fsmount(r4, 0x0, 0x0) 391.396489ms ago: executing program 0 (id=20759): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) fchdir(r3) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000004100)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_INPUT(r4, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45b58956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba745d1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d442950f4e0620e0a2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e20000d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e10e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c43d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfe53b4c8d505ab83cf46512739116694765658bae6410dde4a2d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32fb9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5fc50abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b632bbc2db40bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006) 351.837813ms ago: executing program 2 (id=20760): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0) 346.505448ms ago: executing program 5 (id=20761): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) 263.203472ms ago: executing program 0 (id=20762): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) rt_sigaction(0xd, 0x0, 0x0, 0x0, 0x0) 262.352431ms ago: executing program 3 (id=20763): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17) 144.812859ms ago: executing program 7 (id=20764): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x14, &(0x7f0000002240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffc01}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x101}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000009c0)={0x11, 0x1fffffc0, &(0x7f0000000000)=ANY=[@ANYRES64, @ANYRES16, @ANYRESDEC, @ANYRES32], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil) 111.985797ms ago: executing program 0 (id=20765): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r3, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$can_raw(r3, &(0x7f0000000340)={&(0x7f0000000080)={0x1d, r4}, 0x10, &(0x7f00000005c0)={&(0x7f0000000240)=@canfd={{0x1}, 0x15, 0x3, 0x0, 0x0, "d6654fb393eb970e005e920024e8fe45ae01ab710300000000000000c6b6aa275866f025eecb750a3371571c516f4d7ec48f1dbabe3172939f52577f72fcd45d"}, 0x48}, 0x1, 0x0, 0x0, 0x48005}, 0x80) 111.422866ms ago: executing program 3 (id=20766): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@volatile}]}) 110.92196ms ago: executing program 5 (id=20767): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x6]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141b42, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r5, 0x0, r4, 0x0, 0x1000, 0x0) splice(r2, 0x0, r6, 0x0, 0x80, 0x0) write$binfmt_misc(r3, &(0x7f00000002c0)='t', 0x1) 67.773921ms ago: executing program 2 (id=20768): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e05, 0x1, @mcast1, 0x7}, 0x1c) sendto$inet6(r3, &(0x7f00000001c0)="80006466d3805699", 0x8, 0x20004840, 0x0, 0x0) recvmmsg(r3, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/7, 0x7}, 0x1}], 0x40000000000025b, 0x40000002, 0x0) 0s ago: executing program 0 (id=20769): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r4, &(0x7f0000000a40)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @remote, 0x9}, 0x1c, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="38020000000000"], 0x590}}], 0x1, 0x8008800) kernel console output (not intermixed with test programs): bytes leftover after parsing attributes in process `syz.5.11506'. [ 745.703226][T31143] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11523'. [ 749.013432][T31242] bpf: Bad value for 'mode' [ 750.915608][T31343] netlink: 'syz.3.11619': attribute type 21 has an invalid length. [ 751.002827][T31346] netlink: 'syz.6.11621': attribute type 27 has an invalid length. [ 752.116305][T31413] netlink: 260 bytes leftover after parsing attributes in process `syz.2.11649'. [ 752.497390][ T6061] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 752.586958][T31444] overlayfs: missing 'lowerdir' [ 752.671270][ T6061] usb 6-1: config 0 has no interfaces? [ 752.684547][ T6061] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 752.684628][ T6061] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 752.684648][ T6061] usb 6-1: Product: syz [ 752.684660][ T6061] usb 6-1: Manufacturer: syz [ 752.684674][ T6061] usb 6-1: SerialNumber: syz [ 752.701227][ T6061] usb 6-1: config 0 descriptor?? [ 752.937265][ T6061] usb 6-1: USB disconnect, device number 26 [ 756.262484][T31632] netlink: 288 bytes leftover after parsing attributes in process `syz.5.11756'. [ 756.531251][T31648] overlay: Unknown parameter '/' [ 756.578687][T31653] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 758.060141][ T6061] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 758.220657][ T6061] usb 7-1: Using ep0 maxpacket: 8 [ 758.245592][ T6061] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 758.245622][ T6061] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 758.245642][ T6061] usb 7-1: Product: syz [ 758.245656][ T6061] usb 7-1: Manufacturer: syz [ 758.245669][ T6061] usb 7-1: SerialNumber: syz [ 758.263243][ T6061] usb 7-1: config 0 descriptor?? [ 758.514580][ T6061] usb 7-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 758.708514][T31760] overlayfs: missing 'lowerdir' [ 759.161840][ T6061] dvb_usb_rtl28xxu 7-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 759.166057][ T6061] usb 7-1: USB disconnect, device number 4 [ 760.202199][ T6061] usb 6-1: new full-speed USB device number 27 using dummy_hcd [ 760.371757][ T6061] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 760.371807][ T6061] usb 6-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 760.371829][ T6061] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 760.377972][ T6061] usb 6-1: config 0 descriptor?? [ 760.379125][T31824] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 760.846394][ T6061] elan 0003:04F3:0755.0016: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.5-1/input0 [ 761.299875][ T9] usb 6-1: USB disconnect, device number 27 [ 761.720278][T31901] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11885'. [ 761.720367][T31901] bridge_slave_1: left allmulticast mode [ 761.720390][T31901] bridge_slave_1: left promiscuous mode [ 761.720656][T31901] bridge0: port 2(bridge_slave_1) entered disabled state [ 761.792111][T31901] bridge_slave_0: left allmulticast mode [ 761.792138][T31901] bridge_slave_0: left promiscuous mode [ 761.792399][T31901] bridge0: port 1(bridge_slave_0) entered disabled state [ 762.621845][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 762.621906][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 763.060207][ T37] kauditd_printk_skb: 2 callbacks suppressed [ 763.060225][ T37] audit: type=1326 audit(2033555438.294:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=31966 comm="syz.5.11918" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0a3ce9f6c9 code=0x0 [ 763.077640][T31981] netlink: 'syz.2.11923': attribute type 4 has an invalid length. [ 763.077659][T31981] netlink: 3581 bytes leftover after parsing attributes in process `syz.2.11923'. [ 765.520957][T17537] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 765.521138][T17537] Bluetooth: hci5: Injecting HCI hardware error event [ 765.524814][T17537] Bluetooth: hci5: hardware error 0x00 [ 765.594476][ T9] usb 3-1: new full-speed USB device number 35 using dummy_hcd [ 765.780042][ T9] usb 3-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0 [ 765.780072][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 765.780105][ T9] usb 3-1: New USB device found, idVendor=056a, idProduct=0018, bcdDevice= 0.00 [ 765.780126][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 765.786674][ T9] usb 3-1: config 0 descriptor?? [ 766.273845][ T9] hid (null): report_id 4175452328 is invalid [ 766.282762][ T9] wacom 0003:056A:0018.0017: report_id 4175452328 is invalid [ 766.282785][ T9] wacom 0003:056A:0018.0017: item 0 4 1 8 parsing failed [ 766.325031][ T9] wacom 0003:056A:0018.0017: parse failed [ 766.329041][ T9] wacom 0003:056A:0018.0017: probe with driver wacom failed with error -22 [ 766.492978][ T6061] usb 3-1: USB disconnect, device number 35 [ 766.656986][T32058] cgroup: name respecified [ 767.343742][T32086] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11970'. [ 767.984725][T17537] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 768.526290][T32143] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 768.552845][T32147] No source specified [ 769.087819][T32172] netlink: 'syz.2.12011': attribute type 6 has an invalid length. [ 769.211468][T32176] netlink: 16 bytes leftover after parsing attributes in process `syz.5.12013'. [ 770.135598][T32234] netlink: 288 bytes leftover after parsing attributes in process `syz.5.12039'. [ 772.017301][T32350] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12093'. [ 772.869651][ T37] audit: type=1326 audit(2033555447.500:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32391 comm="syz.6.12119" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f94815cf6c9 code=0x0 [ 773.220836][T32416] netlink: 56 bytes leftover after parsing attributes in process `syz.5.12129'. [ 773.220862][T32416] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12129'. [ 773.220876][T32416] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12129'. [ 773.326489][T32423] netlink: 'syz.3.12133': attribute type 1 has an invalid length. [ 773.326510][T32423] netlink: 1 bytes leftover after parsing attributes in process `syz.3.12133'. [ 773.416853][T32429] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12135'. [ 774.939340][T32500] netlink: 96 bytes leftover after parsing attributes in process `syz.5.12169'. [ 775.418874][ T37] audit: type=1326 audit(2033555449.883:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32525 comm="syz.3.12182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 775.419905][ T37] audit: type=1326 audit(2033555449.883:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32525 comm="syz.3.12182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 775.443261][ T37] audit: type=1326 audit(2033555449.911:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32525 comm="syz.3.12182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 775.443402][ T37] audit: type=1326 audit(2033555449.911:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32525 comm="syz.3.12182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 775.443472][ T37] audit: type=1326 audit(2033555449.911:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32525 comm="syz.3.12182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 775.443970][ T37] audit: type=1326 audit(2033555449.911:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32525 comm="syz.3.12182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 775.456525][ T37] audit: type=1326 audit(2033555449.930:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32525 comm="syz.3.12182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 775.457556][ T37] audit: type=1326 audit(2033555449.930:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32525 comm="syz.3.12182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 775.457601][ T37] audit: type=1326 audit(2033555449.930:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32525 comm="syz.3.12182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 776.007611][T32545] binder: Bad value for 'stats' [ 776.226313][T32560] binder: Bad value for 'stats' [ 776.660129][T32586] overlayfs: failed to resolve './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 776.890727][T32604] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12216'. [ 777.143750][T32610] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 777.143767][T32610] overlayfs: missing 'lowerdir' [ 777.487338][T32629] netlink: 100 bytes leftover after parsing attributes in process `syz.3.12230'. [ 777.659865][T32635] netlink: 24 bytes leftover after parsing attributes in process `syz.2.12231'. [ 779.539762][T32745] netlink: 'syz.5.12283': attribute type 12 has an invalid length. [ 780.015481][ T305] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12295'. [ 780.957984][ T345] can0: slcan on ptm0. [ 781.183875][ T344] can0 (unregistered): slcan off ptm0. [ 782.052652][ T414] netlink: 12 bytes leftover after parsing attributes in process `syz.6.12347'. [ 782.519405][ T439] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12361'. [ 784.202963][ T37] kauditd_printk_skb: 13 callbacks suppressed [ 784.202981][ T37] audit: type=1326 audit(2033555458.122:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=534 comm="syz.3.12408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 784.203026][ T37] audit: type=1326 audit(2033555458.122:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=534 comm="syz.3.12408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 784.203067][ T37] audit: type=1326 audit(2033555458.122:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=534 comm="syz.3.12408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 784.203109][ T37] audit: type=1326 audit(2033555458.122:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=534 comm="syz.3.12408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 784.203149][ T37] audit: type=1326 audit(2033555458.122:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=534 comm="syz.3.12408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 784.203190][ T37] audit: type=1326 audit(2033555458.122:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=534 comm="syz.3.12408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 784.203229][ T37] audit: type=1326 audit(2033555458.122:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=534 comm="syz.3.12408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 784.206877][ T37] audit: type=1326 audit(2033555458.131:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=534 comm="syz.3.12408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 784.206926][ T37] audit: type=1326 audit(2033555458.131:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=534 comm="syz.3.12408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 784.206969][ T37] audit: type=1326 audit(2033555458.131:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=534 comm="syz.3.12408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 784.545661][ T552] netlink: 'syz.6.12416': attribute type 4 has an invalid length. [ 784.594463][ T553] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 784.928775][ T573] netlink: 20 bytes leftover after parsing attributes in process `syz.3.12425'. [ 786.165014][ T632] bridge0: port 4(veth0) entered blocking state [ 786.165224][ T632] bridge0: port 4(veth0) entered disabled state [ 786.165475][ T632] veth0: entered allmulticast mode [ 786.171200][ T632] veth0: entered promiscuous mode [ 786.404009][ T645] netlink: 12 bytes leftover after parsing attributes in process `syz.6.12459'. [ 786.941592][ T670] overlayfs: missing 'lowerdir' [ 788.346073][ T762] netlink: 76 bytes leftover after parsing attributes in process `syz.2.12514'. [ 788.346194][ T761] netlink: 20 bytes leftover after parsing attributes in process `syz.5.12517'. [ 788.720027][ T788] netlink: 88 bytes leftover after parsing attributes in process `syz.2.12527'. [ 788.951753][ T799] netlink: 'syz.2.12531': attribute type 27 has an invalid length. [ 790.734989][ T906] bridge0: port 3(ip6gretap0) entered blocking state [ 790.735131][ T906] bridge0: port 3(ip6gretap0) entered disabled state [ 790.735336][ T906] ip6gretap0: entered allmulticast mode [ 790.738013][ T906] ip6gretap0: entered promiscuous mode [ 792.456548][ T1010] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12623'. [ 792.456568][ T1010] tc_dump_action: action bad kind [ 792.639134][ T37] kauditd_printk_skb: 5 callbacks suppressed [ 792.639152][ T37] audit: type=1326 audit(2000000002.326:1416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1014 comm="syz.5.12626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a3ce9f6c9 code=0x7fc00000 [ 793.280392][ T1064] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12641'. [ 793.803585][ T1099] Unsupported ieee802154 address type: 0 [ 793.876215][ T1103] Invalid ELF header type: 2 != 1 [ 794.204626][ T1122] netlink: 'syz.6.12667': attribute type 11 has an invalid length. [ 794.204650][ T1122] netlink: 'syz.6.12667': attribute type 2 has an invalid length. [ 794.366760][ T1125] netlink: 'syz.5.12670': attribute type 29 has an invalid length. [ 794.602230][ T1140] netlink: 'syz.2.12676': attribute type 6 has an invalid length. [ 794.602253][ T1140] IPv6: NLM_F_CREATE should be specified when creating new route [ 794.930755][ T1157] netlink: 84 bytes leftover after parsing attributes in process `syz.5.12682'. [ 796.543817][ T37] audit: type=1326 audit(2000000005.957:1417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1218 comm="syz.5.12710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a3ce9f6c9 code=0x7ffc0000 [ 796.543851][ T37] audit: type=1326 audit(2000000005.995:1418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1218 comm="syz.5.12710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f0a3ce9f6c9 code=0x7ffc0000 [ 796.543875][ T37] audit: type=1326 audit(2000000005.995:1419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1218 comm="syz.5.12710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a3ce9f6c9 code=0x7ffc0000 [ 796.543901][ T37] audit: type=1326 audit(2000000005.995:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1218 comm="syz.5.12710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a3ce9f6c9 code=0x7ffc0000 [ 796.543923][ T37] audit: type=1326 audit(2000000005.995:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1218 comm="syz.5.12710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f0a3ce9f6c9 code=0x7ffc0000 [ 796.551581][ T37] audit: type=1326 audit(2000000005.995:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1218 comm="syz.5.12710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a3ce9f6c9 code=0x7ffc0000 [ 796.552065][ T37] audit: type=1326 audit(2000000005.995:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1218 comm="syz.5.12710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0a3ce9f6c9 code=0x7ffc0000 [ 796.552091][ T37] audit: type=1326 audit(2000000005.995:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1218 comm="syz.5.12710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a3ce9f6c9 code=0x7ffc0000 [ 796.553056][ T37] audit: type=1326 audit(2000000005.995:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1218 comm="syz.5.12710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0a3ce9f6c9 code=0x7ffc0000 [ 798.067271][ T1291] netlink: 'syz.5.12744': attribute type 12 has an invalid length. [ 798.445879][ T1314] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 798.445897][ T1314] overlayfs: missing 'lowerdir' [ 798.621131][ T1328] netlink: 68 bytes leftover after parsing attributes in process `syz.6.12760'. [ 799.171152][ T1359] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12776'. [ 799.349162][ T1374] netlink: 24 bytes leftover after parsing attributes in process `syz.6.12781'. [ 801.217017][ T1456] netlink: 57 bytes leftover after parsing attributes in process `syz.5.12816'. [ 801.448845][ T1466] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12822'. [ 802.895327][ T1558] netlink: 32 bytes leftover after parsing attributes in process `syz.6.12867'. [ 803.932779][ T1593] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 803.936337][ T1593] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 804.405857][ T1593] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 804.405894][ T1593] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 804.809609][ T1593] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 804.809647][ T1593] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 805.158492][ T1593] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 805.158530][ T1593] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 805.614095][T18342] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 805.614129][T18342] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.677055][T18349] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 805.677089][T18349] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.730289][T18300] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 805.730319][T18300] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.769930][T18342] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 805.769962][T18342] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.191476][ T1713] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12942'. [ 806.513599][ T1733] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2340085918 (2340085918 ns) > initial count (281086070 ns). Using initial count to start timer. [ 807.812417][ T1808] netlink: 37 bytes leftover after parsing attributes in process `syz.2.12986'. [ 808.675556][ T1854] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13009'. [ 808.721350][ T37] kauditd_printk_skb: 10 callbacks suppressed [ 808.721367][ T37] audit: type=1326 audit(2000000017.414:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1857 comm="syz.6.13010" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f94815cf6c9 code=0x0 [ 809.958097][ T1932] usb usb8: usbfs: process 1932 (syz.5.13045) did not claim interface 0 before use [ 812.144003][ T2054] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13103'. [ 813.720736][ T2140] netlink: 9 bytes leftover after parsing attributes in process `syz.3.13143'. [ 814.904892][ T2192] overlayfs: missing 'lowerdir' [ 815.631866][ T2231] netlink: 9 bytes leftover after parsing attributes in process `syz.6.13185'. [ 815.664496][ T2231] gretap0: entered promiscuous mode [ 815.851806][ T2237] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13187'. [ 815.884409][ T2242] netlink: 182 bytes leftover after parsing attributes in process `syz.5.13188'. [ 816.857217][ T2302] netlink: 28 bytes leftover after parsing attributes in process `syz.3.13218'. [ 816.870052][ T37] audit: type=1804 audit(2000000025.032:1437): pid=2305 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.13216" name="/newroot/2032/file0" dev="tmpfs" ino=11500 res=1 errno=0 [ 818.310900][ T2351] netlink: 'syz.3.13240': attribute type 1 has an invalid length. [ 818.360250][ T2351] bond2: entered promiscuous mode [ 818.360286][ T2351] bond2: entered allmulticast mode [ 818.360746][ T2351] 8021q: adding VLAN 0 to HW filter on device bond2 [ 818.538510][ T2351] 8021q: adding VLAN 0 to HW filter on device bond3 [ 818.570674][ T2351] bond3: entered promiscuous mode [ 818.571060][ T2351] bond3: entered allmulticast mode [ 818.572337][ T2351] bond2: (slave bond3): Enslaving as a backup interface with a down link [ 819.305771][ T37] audit: type=1326 audit(2000000027.340:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2403 comm="syz.2.13263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 819.305827][ T37] audit: type=1326 audit(2000000027.340:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2403 comm="syz.2.13263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 819.307300][ T37] audit: type=1326 audit(2000000027.340:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2403 comm="syz.2.13263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 819.307348][ T37] audit: type=1326 audit(2000000027.340:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2403 comm="syz.2.13263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 819.307390][ T37] audit: type=1326 audit(2000000027.340:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2403 comm="syz.2.13263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 819.341880][ T37] audit: type=1326 audit(2000000027.378:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2403 comm="syz.2.13263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 819.349978][ T37] audit: type=1326 audit(2000000027.378:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2403 comm="syz.2.13263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 819.350036][ T37] audit: type=1326 audit(2000000027.378:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2403 comm="syz.2.13263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 819.352121][ T37] audit: type=1326 audit(2000000027.378:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2403 comm="syz.2.13263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 819.590353][ T2416] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13268'. [ 819.851662][ T984] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 820.016859][ T984] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 820.016892][ T984] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 820.018961][ T984] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 820.018988][ T984] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 820.019006][ T984] usb 7-1: SerialNumber: syz [ 820.306969][ T984] usb 7-1: 0:2 : does not exist [ 820.332079][ T2459] tipc: Started in network mode [ 820.332103][ T2459] tipc: Node identity 100000, cluster identity 4711 [ 820.332117][ T2459] tipc: Node number set to 1048576 [ 820.378906][ T984] usb 7-1: USB disconnect, device number 5 [ 820.700308][ T2482] lo: entered allmulticast mode [ 820.702559][ T2480] lo: left allmulticast mode [ 820.826464][ T2492] 9pnet_fd: Insufficient options for proto=fd [ 820.879337][ T2497] veth0_vlan: left promiscuous mode [ 822.146372][ T2579] netlink: 100 bytes leftover after parsing attributes in process `syz.3.13334'. [ 823.699525][ T2683] netlink: 60 bytes leftover after parsing attributes in process `syz.6.13375'. [ 824.616066][ T6061] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 824.617515][ T2748] tipc: MTU too low for tipc bearer [ 824.647718][ T37] kauditd_printk_skb: 40 callbacks suppressed [ 824.647735][ T37] audit: type=1107 audit(2000000032.351:1487): pid=2749 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='' [ 824.775988][ T6061] usb 7-1: Using ep0 maxpacket: 32 [ 824.778518][ T6061] usb 7-1: config 0 has an invalid interface number: 148 but max is 0 [ 824.778542][ T6061] usb 7-1: config 0 has no interface number 0 [ 824.778602][ T6061] usb 7-1: config 0 interface 148 has no altsetting 0 [ 824.785670][ T6061] usb 7-1: New USB device found, idVendor=067b, idProduct=0307, bcdDevice=dd.c8 [ 824.785697][ T6061] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 824.785725][ T6061] usb 7-1: Product: syz [ 824.785738][ T6061] usb 7-1: Manufacturer: syz [ 824.785751][ T6061] usb 7-1: SerialNumber: syz [ 824.813495][ T6061] usb 7-1: config 0 descriptor?? [ 824.818402][ T6061] pl2303 7-1:0.148: required interrupt-in endpoint missing [ 825.042308][ T6061] usb 7-1: USB disconnect, device number 6 [ 825.151526][ T2780] binder: 2778:2780 ioctl c018620b 0 returned -14 [ 825.328686][ T2796] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13418'. [ 825.891428][ T2812] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13426'. [ 826.561326][ T2864] 9pnet: Unknown protocol version 9 [ 828.096367][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 828.096439][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 828.163112][ T2955] netlink: 'syz.2.13481': attribute type 11 has an invalid length. [ 828.163134][ T2955] netlink: 32 bytes leftover after parsing attributes in process `syz.2.13481'. [ 828.585197][ T2982] netlink: 68 bytes leftover after parsing attributes in process `syz.2.13494'. [ 829.819184][ T3036] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13520'. [ 831.870201][ T984] usb 3-1: new full-speed USB device number 36 using dummy_hcd [ 832.039367][ T984] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 832.039396][ T984] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 832.039415][ T984] usb 3-1: Product: syz [ 832.039429][ T984] usb 3-1: Manufacturer: syz [ 832.039441][ T984] usb 3-1: SerialNumber: syz [ 832.086238][ T984] usb 3-1: config 0 descriptor?? [ 832.110786][ T984] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 832.673353][ T6061] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 833.550236][ T984] gspca_stk1135: reg_w 0x5 err -110 [ 833.551296][ T984] gspca_stk1135: serial bus timeout: status=0x00 [ 833.551308][ T984] gspca_stk1135: Sensor write failed [ 833.551331][ T984] gspca_stk1135: serial bus timeout: status=0x00 [ 833.551340][ T984] gspca_stk1135: Sensor write failed [ 833.551363][ T984] gspca_stk1135: serial bus timeout: status=0x00 [ 833.551376][ T984] gspca_stk1135: Sensor read failed [ 833.551399][ T984] gspca_stk1135: serial bus timeout: status=0x00 [ 833.551408][ T984] gspca_stk1135: Sensor read failed [ 833.551415][ T984] gspca_stk1135: Detected sensor type unknown (0x0) [ 833.551442][ T984] gspca_stk1135: serial bus timeout: status=0x00 [ 833.551451][ T984] gspca_stk1135: Sensor read failed [ 833.551474][ T984] gspca_stk1135: serial bus timeout: status=0x00 [ 833.551483][ T984] gspca_stk1135: Sensor read failed [ 833.551505][ T984] gspca_stk1135: serial bus timeout: status=0x00 [ 833.551514][ T984] gspca_stk1135: Sensor write failed [ 833.551536][ T984] gspca_stk1135: serial bus timeout: status=0x00 [ 833.551545][ T984] gspca_stk1135: Sensor write failed [ 833.551636][ T984] stk1135 3-1:0.0: probe with driver stk1135 failed with error -110 [ 833.746838][ T6061] usb 6-1: Using ep0 maxpacket: 16 [ 833.833168][ T6061] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 833.833205][ T6061] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 833.847319][ T6061] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 833.847348][ T6061] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 833.847366][ T6061] usb 6-1: Product: syz [ 833.847379][ T6061] usb 6-1: Manufacturer: syz [ 833.847392][ T6061] usb 6-1: SerialNumber: syz [ 833.869681][ T6061] usb 6-1: config 0 descriptor?? [ 833.875250][ T6061] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 833.875282][ T6061] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class) [ 834.522671][ T6061] em28xx 6-1:0.0: unknown em28xx chip ID (0) [ 834.524104][ T6061] em28xx 6-1:0.0: Config register raw data: 0xfffffffb [ 834.899712][ T10] usb 3-1: USB disconnect, device number 36 [ 835.171038][ T6061] em28xx 6-1:0.0: Unknown AC97 audio processor detected! [ 835.403217][ T6061] em28xx 6-1:0.0: couldn't setup AC97 register 2 [ 835.403614][ T6061] em28xx 6-1:0.0: couldn't setup AC97 register 4 [ 835.403986][ T6061] em28xx 6-1:0.0: couldn't setup AC97 register 6 [ 835.404381][ T6061] em28xx 6-1:0.0: couldn't setup AC97 register 54 [ 835.408589][ T6061] em28xx 6-1:0.0: couldn't setup AC97 register 56 [ 835.420673][ T6061] usb 6-1: USB disconnect, device number 28 [ 835.769846][ T3253] overlayfs: regular lower layers cannot follow data lower layers [ 836.631071][ T3301] netlink: 100 bytes leftover after parsing attributes in process `syz.5.13641'. [ 836.817088][ T3315] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13652'. [ 837.936544][ T3379] netlink: 28 bytes leftover after parsing attributes in process `syz.5.13683'. [ 838.037758][ T3383] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13685'. [ 839.249851][ T3459] fuse: Bad value for 'fd' [ 840.245915][T18349] tipc: Subscription rejected, illegal request [ 841.763401][ T3554] netlink: 28 bytes leftover after parsing attributes in process `syz.3.13760'. [ 842.555589][ T3592] tipc: Enabling of bearer rejected, failed to enable media [ 842.802310][ T3608] netlink: 'syz.5.13786': attribute type 1 has an invalid length. [ 843.154128][ T1361] tipc: Subscription rejected, illegal request [ 843.372230][ T3644] tipc: Enabling of bearer rejected, failed to enable media [ 843.625847][ T3653] overlayfs: workdir and upperdir must be separate subtrees [ 845.527785][ T3737] netlink: 'syz.6.13850': attribute type 19 has an invalid length. [ 846.702258][ T37] audit: type=1326 audit(2000000006.952:1488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3786 comm="syz.5.13873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a3ce9f6c9 code=0x7fc00000 [ 847.364078][ T37] audit: type=1326 audit(2000000007.571:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3786 comm="syz.5.13873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0a3ce3b779 code=0x7fc00000 [ 847.364344][ T37] audit: type=1326 audit(2000000007.571:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3786 comm="syz.5.13873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f0a3ce3b83f code=0x7fc00000 [ 847.364684][ T37] audit: type=1326 audit(2000000007.571:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3786 comm="syz.5.13873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f0a3ce9f6c9 code=0x7fc00000 [ 848.809152][ T3910] netlink: 20 bytes leftover after parsing attributes in process `syz.3.13931'. [ 850.601251][ T3998] netlink: 288 bytes leftover after parsing attributes in process `syz.3.13972'. [ 850.781348][ T3233] usb 3-1: new full-speed USB device number 37 using dummy_hcd [ 850.952326][ T3233] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 850.952360][ T3233] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 74, setting to 64 [ 850.953609][ T3233] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 850.953633][ T3233] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 850.953651][ T3233] usb 3-1: SerialNumber: syz [ 850.960655][ T3995] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 851.178052][ T3995] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 851.400937][ T3233] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71 [ 851.401867][ T3233] usb-storage 3-1:1.0: USB Mass Storage device detected [ 851.434534][ T3233] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 851.437787][ T3233] scsi host1: usb-storage 3-1:1.0 [ 851.493602][ T3233] usb 3-1: USB disconnect, device number 37 [ 851.609527][ T4036] netlink: 64 bytes leftover after parsing attributes in process `syz.3.13985'. [ 853.128664][ T37] audit: type=1326 audit(2000000012.976:1492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4106 comm="syz.6.14023" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f94815cf6c9 code=0x0 [ 854.793927][ T4167] wireguard: wg2: Could not create IPv4 socket [ 855.513657][ T9] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 855.673715][ T9] usb 7-1: Using ep0 maxpacket: 32 [ 855.676425][ T9] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 855.676452][ T9] usb 7-1: config 0 has no interface number 0 [ 855.676602][ T9] usb 7-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 855.676629][ T9] usb 7-1: config 0 interface 1 has no altsetting 0 [ 855.679943][ T9] usb 7-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a [ 855.679970][ T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 855.679989][ T9] usb 7-1: Product: syz [ 855.680003][ T9] usb 7-1: Manufacturer: syz [ 855.680017][ T9] usb 7-1: SerialNumber: syz [ 855.766664][ T4214] netlink: 328 bytes leftover after parsing attributes in process `syz.2.14071'. [ 855.795308][ T9] usb 7-1: config 0 descriptor?? [ 856.049070][ T9] cx231xx 7-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces [ 856.071310][ T9] cx231xx 7-1:0.1: Failed to read PCB config [ 856.071387][ T9] cx231xx 7-1:0.1: probe with driver cx231xx failed with error -71 [ 856.075432][ T9] usb 7-1: USB disconnect, device number 7 [ 856.396787][ T4243] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 856.396814][ T4243] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 856.402565][ T4243] vhci_hcd vhci_hcd.0: Device attached [ 856.411861][ T4243] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(5) [ 856.411892][ T4243] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 856.411977][ T4243] vhci_hcd vhci_hcd.0: Device attached [ 856.414711][ T4243] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 856.420306][ T4243] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 856.430859][ T4243] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(11) [ 856.430886][ T4243] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 856.430937][ T4243] vhci_hcd vhci_hcd.0: Device attached [ 856.434562][ T4243] vhci_hcd vhci_hcd.0: pdev(2) rhport(5) sockfd(13) [ 856.434589][ T4243] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 856.436641][ T4243] vhci_hcd vhci_hcd.0: Device attached [ 856.479566][ T4250] vhci_hcd: connection closed [ 856.488967][ T4247] vhci_hcd: connection closed [ 856.494110][ T4244] vhci_hcd: connection closed [ 856.526299][T18304] vhci_hcd: stop threads [ 856.526320][T18304] vhci_hcd: release socket [ 856.526354][T18304] vhci_hcd: disconnect device [ 856.527639][T18304] vhci_hcd: stop threads [ 856.527649][T18304] vhci_hcd: release socket [ 856.559887][T18304] vhci_hcd: disconnect device [ 856.568855][T18304] vhci_hcd: stop threads [ 856.568872][T18304] vhci_hcd: release socket [ 856.568946][T18304] vhci_hcd: disconnect device [ 856.602831][ T1677] vhci_hcd: vhci_device speed not set [ 856.607028][ T4252] vhci_hcd: connection closed [ 856.611437][T18304] vhci_hcd: stop threads [ 856.611453][T18304] vhci_hcd: release socket [ 856.611521][T18304] vhci_hcd: disconnect device [ 856.653951][ T9] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 856.813804][ T9] usb 7-1: Using ep0 maxpacket: 32 [ 856.816662][ T9] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 856.816688][ T9] usb 7-1: config 0 has no interface number 0 [ 856.816739][ T9] usb 7-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 856.816759][ T9] usb 7-1: config 0 interface 1 has no altsetting 0 [ 856.820123][ T9] usb 7-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a [ 856.820153][ T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 856.820172][ T9] usb 7-1: Product: syz [ 856.820186][ T9] usb 7-1: Manufacturer: syz [ 856.820198][ T9] usb 7-1: SerialNumber: syz [ 856.893690][ T9] usb 7-1: config 0 descriptor?? [ 857.128193][ T9] cx231xx 7-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces [ 857.155349][ T9] cx231xx 7-1:0.1: Identified as Conexant Hybrid TV - RDU253S (card=4) [ 857.276843][ T9] cx231xx 7-1:0.1: cx231xx_send_gpio_cmd: failed with status --110 [ 857.277323][ T9] cx231xx 7-1:0.1: cx231xx_send_gpio_cmd: failed with status --32 [ 857.277758][ T9] cx231xx 7-1:0.1: cx231xx_send_gpio_cmd: failed with status --32 [ 857.282849][ T9] cx231xx 7-1:0.1: cx231xx_send_gpio_cmd: failed with status --32 [ 857.283335][ T9] cx231xx 7-1:0.1: cx231xx_send_gpio_cmd: failed with status --32 [ 857.283355][ T9] cx231xx 7-1:0.1: Failed to set devmode to analog: error: -32 [ 857.415818][ T9] i2c i2c-2: Added multiplexed i2c bus 4 [ 857.428318][ T9] i2c i2c-2: Added multiplexed i2c bus 5 [ 857.429854][ T9] cx231xx 7-1:0.1: cx231xx_dev_init: Failed to set Power - errCode [-71]! [ 857.429876][ T9] cx231xx 7-1:0.1: cx231xx_init_dev: cx231xx_i2c_register - errCode [-71]! [ 857.515656][ T9] cx231xx 7-1:0.1: probe with driver cx231xx failed with error -71 [ 857.549660][ T9] usb 7-1: USB disconnect, device number 8 [ 858.480817][ T4348] netlink: 72 bytes leftover after parsing attributes in process `syz.5.14131'. [ 861.326327][ T4435] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 861.327529][ T4435] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 862.803644][T17537] Bluetooth: hci2: command 0x0406 tx timeout [ 865.012750][T17537] Bluetooth: hci2: command 0x0406 tx timeout [ 866.259108][ T1677] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 866.436503][ T1677] usb 7-1: config 1 has an invalid interface number: 7 but max is 0 [ 866.436531][ T1677] usb 7-1: config 1 has no interface number 0 [ 866.436577][ T1677] usb 7-1: config 1 interface 7 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 866.436650][ T1677] usb 7-1: config 1 interface 7 altsetting 0 bulk endpoint 0xF has invalid maxpacket 8 [ 866.436674][ T1677] usb 7-1: config 1 interface 7 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7 [ 866.440765][ T1677] usb 7-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00 [ 866.440797][ T1677] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 866.440895][ T1677] usb 7-1: Product: syz [ 866.440909][ T1677] usb 7-1: Manufacturer: syz [ 866.440924][ T1677] usb 7-1: SerialNumber: syz [ 866.452905][ T4585] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 866.453033][ T4585] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 866.456273][ T1677] usb 7-1: Expected 3 endpoints, found: 2 [ 866.695060][ T9] usb 7-1: USB disconnect, device number 9 [ 866.820500][ T4597] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14244'. [ 868.750295][ T4647] cgroup: Unknown subsys name 'cpuset' [ 869.187896][ T5808] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 869.349623][ T5808] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 869.349643][ T5808] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 869.349665][ T5808] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 869.349677][ T5808] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 869.353717][ T4651] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 869.405623][ T5808] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 869.797476][ T10] usb 6-1: USB disconnect, device number 29 [ 870.624229][T18318] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 871.454223][T18318] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 871.520204][T32040] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 871.546058][T32040] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 871.547908][T32040] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 871.549705][T32040] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 871.550528][T32040] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 871.934725][T18318] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 872.444706][T18318] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 872.769776][ T4766] netlink: 100 bytes leftover after parsing attributes in process `syz.3.14324'. [ 873.792162][T32040] Bluetooth: hci1: command tx timeout [ 875.363078][ T4864] netlink: 'syz.2.14368': attribute type 4 has an invalid length. [ 875.363099][ T4864] netlink: 17 bytes leftover after parsing attributes in process `syz.2.14368'. [ 876.013193][T32040] Bluetooth: hci1: command tx timeout [ 876.881903][T18318] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 876.936771][T18318] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 876.982703][T18318] bond0 (unregistering): Released all slaves [ 877.022758][ T4706] chnl_net:caif_netlink_parms(): no params data found [ 877.435385][T18318] tipc: Left network mode [ 878.225845][T32040] Bluetooth: hci1: command tx timeout [ 878.450802][ T4706] bridge0: port 1(bridge_slave_0) entered blocking state [ 878.450946][ T4706] bridge0: port 1(bridge_slave_0) entered disabled state [ 878.451190][ T4706] bridge_slave_0: entered allmulticast mode [ 878.502192][ T4706] bridge_slave_0: entered promiscuous mode [ 878.548874][ T4706] bridge0: port 2(bridge_slave_1) entered blocking state [ 878.549020][ T4706] bridge0: port 2(bridge_slave_1) entered disabled state [ 878.549259][ T4706] bridge_slave_1: entered allmulticast mode [ 878.595279][ T4706] bridge_slave_1: entered promiscuous mode [ 879.676577][ T4706] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 879.700228][ T4706] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 879.939088][T18318] hsr_slave_0: left promiscuous mode [ 879.975087][T18318] hsr_slave_1: left promiscuous mode [ 879.976077][T18318] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 879.976114][T18318] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 880.028815][T18318] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 880.028844][T18318] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 880.031204][ T5055] binder: 5053:5055 ioctl c0306201 200000000680 returned -14 [ 880.052833][ T5056] 9pnet_fd: p9_fd_create_unix (5056): problem connecting socket: ./file0: -30 [ 880.235182][T18318] veth1_macvtap: left promiscuous mode [ 880.235291][T18318] veth0_macvtap: left promiscuous mode [ 880.235542][T18318] veth1_vlan: left promiscuous mode [ 880.235726][T18318] veth0_vlan: left promiscuous mode [ 880.442776][T32040] Bluetooth: hci1: command tx timeout [ 883.332043][T18318] team0 (unregistering): Port device team_slave_1 removed [ 883.641242][T18318] team0 (unregistering): Port device team_slave_0 removed [ 887.175242][ T5069] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14467'. [ 887.333055][ T4706] team0: Port device team_slave_0 added [ 887.336857][ T4706] team0: Port device team_slave_1 added [ 887.494651][ T5372] netlink: 'syz.3.14614': attribute type 64 has an invalid length. [ 887.494673][ T5372] netlink: 5 bytes leftover after parsing attributes in process `syz.3.14614'. [ 887.527570][ T5372] gretap0: entered allmulticast mode [ 887.529873][ T5372] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 887.728111][ T4706] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 887.728128][ T4706] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 887.728152][ T4706] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 887.730546][ T4706] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 887.730561][ T4706] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 887.730588][ T4706] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 887.855689][ T5388] lo: entered allmulticast mode [ 887.875383][ T5382] lo: left allmulticast mode [ 888.137149][ T5403] overlayfs: failed to clone upperpath [ 888.389619][ T4706] hsr_slave_0: entered promiscuous mode [ 888.391024][ T4706] hsr_slave_1: entered promiscuous mode [ 888.392667][ T4706] debugfs: 'hsr0' already exists in 'hsr' [ 888.392691][ T4706] Cannot create hsr debugfs directory [ 888.691805][ T5427] fuse: Bad value for 'fd' [ 889.910017][ T4706] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 890.051285][ T4706] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 890.138857][ T4706] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 890.210880][ T4706] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 890.627613][ T4706] 8021q: adding VLAN 0 to HW filter on device bond0 [ 890.719789][ T4706] 8021q: adding VLAN 0 to HW filter on device team0 [ 890.746757][T18318] bridge0: port 1(bridge_slave_0) entered blocking state [ 890.746886][T18318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 890.775999][ T1361] bridge0: port 2(bridge_slave_1) entered blocking state [ 890.776214][ T1361] bridge0: port 2(bridge_slave_1) entered forwarding state [ 891.420767][ T4706] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 891.515553][ T5550] netlink: 80 bytes leftover after parsing attributes in process `syz.3.14690'. [ 892.222200][ T4706] veth0_vlan: entered promiscuous mode [ 892.247064][ T4706] veth1_vlan: entered promiscuous mode [ 892.310384][ T4706] veth0_macvtap: entered promiscuous mode [ 892.322836][ T4706] veth1_macvtap: entered promiscuous mode [ 892.364170][ T4706] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 892.397945][ T4706] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 892.418209][T18318] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 892.432543][T18318] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 892.432609][T18318] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 892.432646][T18318] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 892.757446][ T1361] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 892.757468][ T1361] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 892.873477][T18342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 892.873497][T18342] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 893.604007][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 893.604080][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 896.189790][ T5756] tmpfs: Unknown parameter 'no' [ 897.647580][ T5866] tipc: Started in network mode [ 897.647610][ T5866] tipc: Node identity 0000000000002d210000000000000001, cluster identity 4711 [ 897.647663][ T5866] tipc: Enabling of bearer rejected, failed to enable media [ 901.199771][ T6049] netlink: 4 bytes leftover after parsing attributes in process `syz.7.14894'. [ 901.199796][ T6049] netlink: 4 bytes leftover after parsing attributes in process `syz.7.14894'. [ 901.462108][ T6066] netlink: 32 bytes leftover after parsing attributes in process `syz.5.14902'. [ 901.506725][ T6067] tipc: Enabling of bearer rejected, media not registered [ 901.897994][ T6090] netlink: 'syz.5.14913': attribute type 12 has an invalid length. [ 902.647664][ T6135] Invalid ELF header len 1 [ 903.211101][ T6169] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14952'. [ 909.649758][ T6455] netlink: 40 bytes leftover after parsing attributes in process `syz.7.15086'. [ 910.646816][ T6511] input: syz1 as /devices/virtual/input/input40 [ 911.254836][ T6545] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15127'. [ 913.899224][ T6682] fuse: Bad value for 'fd' [ 915.626500][ T6735] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 915.626518][ T6735] overlayfs: missing 'lowerdir' [ 916.701529][ T5808] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 916.867756][ T5808] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 916.867785][ T5808] usb 3-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3 [ 916.867804][ T5808] usb 3-1: Product: syz [ 916.867817][ T5808] usb 3-1: Manufacturer: syz [ 916.867831][ T5808] usb 3-1: SerialNumber: syz [ 916.911683][ T5808] usb 3-1: config 0 descriptor?? [ 916.920313][ T5808] ch341 3-1:0.0: ch341-uart converter detected [ 917.327980][ T6823] tipc: Enabling of bearer rejected, failed to enable media [ 917.988475][ T5808] usb 3-1: failed to send control message: -71 [ 917.988535][ T5808] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 918.018353][ T5808] usb 3-1: USB disconnect, device number 38 [ 918.020639][ T5808] ch341 3-1:0.0: device disconnected [ 922.604236][ T6952] fuse: Bad value for 'fd' [ 922.619899][ T6952] overlayfs: failed to clone upperpath [ 922.866935][ T6968] netlink: 4 bytes leftover after parsing attributes in process `syz.7.15327'. [ 923.141451][ T6975] kvm: pic: non byte read [ 923.141696][ T6975] kvm: pic: non byte read [ 923.141900][ T6975] kvm: pic: non byte read [ 923.142106][ T6975] kvm: pic: non byte read [ 923.142481][ T6975] kvm: pic: level sensitive irq not supported [ 923.142540][ T6975] kvm: pic: non byte read [ 923.142747][ T6975] kvm: pic: non byte read [ 923.142948][ T6975] kvm: pic: non byte read [ 923.143144][ T6975] kvm: pic: non byte read [ 923.143345][ T6975] kvm: pic: non byte read [ 923.143549][ T6975] kvm: pic: non byte read [ 923.144062][ T6975] kvm: pic: single mode not supported [ 923.144071][ T6975] kvm: pic: level sensitive irq not supported [ 923.144291][ T6975] kvm: pic: single mode not supported [ 923.144491][ T6975] kvm: pic: single mode not supported [ 923.144707][ T6975] kvm: pic: level sensitive irq not supported [ 923.144918][ T6975] kvm: pic: single mode not supported [ 923.145319][ T6975] kvm: pic: single mode not supported [ 923.145521][ T6975] kvm: pic: level sensitive irq not supported [ 923.146113][ T6975] kvm: pic: single mode not supported [ 923.146122][ T6975] kvm: pic: level sensitive irq not supported [ 923.146322][ T6975] kvm: pic: single mode not supported [ 923.146331][ T6975] kvm: pic: level sensitive irq not supported [ 923.146532][ T6975] kvm: pic: single mode not supported [ 923.181831][ T6975] kvm: pic: level sensitive irq not supported [ 923.182841][ T6975] kvm: pic: single mode not supported [ 923.182851][ T6975] kvm: pic: level sensitive irq not supported [ 923.183048][ T6975] kvm: pic: single mode not supported [ 923.183624][ T6975] kvm: pic: level sensitive irq not supported [ 924.078784][ T7030] netlink: 'syz.7.15354': attribute type 2 has an invalid length. [ 925.372658][ T7043] mkiss: ax0: crc mode is auto. [ 929.101737][ T7218] netlink: 104 bytes leftover after parsing attributes in process `syz.2.15446'. [ 929.577477][ T7242] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15457'. [ 929.625015][ T7241] netlink: 72 bytes leftover after parsing attributes in process `syz.7.15456'. [ 929.835625][ T7252] netlink: 312 bytes leftover after parsing attributes in process `syz.3.15461'. [ 930.408433][ T7290] netlink: 9 bytes leftover after parsing attributes in process `syz.7.15481'. [ 930.736519][ T7309] netlink: 12 bytes leftover after parsing attributes in process `syz.7.15489'. [ 933.206534][ T7382] binder: Bad value for 'max' [ 933.882406][ T5808] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 934.055331][ T5808] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 934.055389][ T5808] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 934.055411][ T5808] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 934.060687][ T5808] usb 3-1: config 0 descriptor?? [ 934.066709][ T5808] pwc: Askey VC010 type 2 USB webcam detected. [ 934.504538][ T5808] pwc: recv_control_msg error -32 req 02 val 2b00 [ 934.505850][ T5808] pwc: recv_control_msg error -32 req 02 val 2700 [ 934.506750][ T5808] pwc: recv_control_msg error -32 req 02 val 2c00 [ 934.507617][ T5808] pwc: recv_control_msg error -32 req 04 val 1000 [ 934.508803][ T5808] pwc: recv_control_msg error -32 req 04 val 1300 [ 934.510925][ T5808] pwc: recv_control_msg error -32 req 04 val 1400 [ 934.514175][ T5808] pwc: recv_control_msg error -32 req 02 val 2000 [ 934.733715][ T5808] pwc: recv_control_msg error -71 req 04 val 1500 [ 934.734216][ T5808] pwc: recv_control_msg error -71 req 02 val 2500 [ 934.734776][ T5808] pwc: recv_control_msg error -71 req 02 val 2400 [ 934.735568][ T5808] pwc: recv_control_msg error -71 req 02 val 2600 [ 934.736076][ T5808] pwc: recv_control_msg error -71 req 02 val 2900 [ 934.736587][ T5808] pwc: recv_control_msg error -71 req 02 val 2800 [ 934.737345][ T5808] pwc: recv_control_msg error -71 req 04 val 1100 [ 934.739121][ T5808] pwc: recv_control_msg error -71 req 04 val 1200 [ 934.756710][ T5808] pwc: Registered as video103. [ 934.769070][ T5808] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input41 [ 934.788054][ T5808] usb 3-1: USB disconnect, device number 39 [ 936.037300][ T7486] netlink: 'syz.5.15576': attribute type 27 has an invalid length. [ 936.125411][ T7494] netlink: 28 bytes leftover after parsing attributes in process `syz.2.15578'. [ 937.063860][ T7540] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15601'. [ 937.405141][ T7540] team0: Port device team_slave_1 removed [ 937.842821][ T7566] netlink: 182 bytes leftover after parsing attributes in process `syz.2.15614'. [ 938.241135][ T7586] dummy0: entered allmulticast mode [ 938.241517][ T7582] dummy0: left allmulticast mode [ 938.659536][ T7607] netlink: 12 bytes leftover after parsing attributes in process `syz.7.15634'. [ 938.820653][ T7614] netlink: 83 bytes leftover after parsing attributes in process `syz.7.15638'. [ 939.774704][ T7669] netlink: 108 bytes leftover after parsing attributes in process `syz.2.15664'. [ 943.648765][ T7807] block nbd2: NBD_DISCONNECT [ 943.716416][ T7807] block nbd2: Disconnected due to user request. [ 943.730309][ T7807] block nbd2: shutting down sockets [ 944.102778][ T7825] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 944.102798][ T7825] overlayfs: missing 'lowerdir' [ 944.338862][ T7837] overlayfs: missing 'lowerdir' [ 944.897130][ T7869] netlink: 32 bytes leftover after parsing attributes in process `syz.7.15753'. [ 945.097157][ T7879] netlink: 140 bytes leftover after parsing attributes in process `syz.3.15759'. [ 945.384315][ T7897] netlink: 32 bytes leftover after parsing attributes in process `syz.2.15768'. [ 945.643569][ T7911] overlayfs: conflicting lowerdir path [ 945.874123][ T7924] netlink: 'syz.3.15780': attribute type 4 has an invalid length. [ 945.874146][ T7924] netlink: 3649 bytes leftover after parsing attributes in process `syz.3.15780'. [ 946.073477][ T37] audit: type=1326 audit(2000000100.177:1493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7937 comm="syz.2.15788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 946.073547][ T37] audit: type=1326 audit(2000000100.177:1494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7937 comm="syz.2.15788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 946.075916][ T37] audit: type=1326 audit(2000000100.177:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7937 comm="syz.2.15788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 946.078582][ T37] audit: type=1326 audit(2000000100.186:1496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7937 comm="syz.2.15788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 946.078632][ T37] audit: type=1326 audit(2000000100.186:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7937 comm="syz.2.15788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 946.085800][ T37] audit: type=1326 audit(2000000100.186:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7937 comm="syz.2.15788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 946.086667][ T37] audit: type=1326 audit(2000000100.196:1499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7937 comm="syz.2.15788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 946.100287][ T37] audit: type=1326 audit(2000000100.205:1500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7937 comm="syz.2.15788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 946.100339][ T37] audit: type=1326 audit(2000000100.205:1501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7937 comm="syz.2.15788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 946.107187][ T37] audit: type=1326 audit(2000000100.205:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7937 comm="syz.2.15788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 951.686886][ T8123] netlink: 28 bytes leftover after parsing attributes in process `syz.5.15876'. [ 953.660741][ T8201] netlink: 140 bytes leftover after parsing attributes in process `syz.2.15910'. [ 955.614125][ T10] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 955.784621][ T10] usb 6-1: Using ep0 maxpacket: 16 [ 955.787037][ T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 955.787061][ T10] usb 6-1: config 0 has no interfaces? [ 955.790105][ T10] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 955.790133][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 955.790152][ T10] usb 6-1: Product: syz [ 955.790166][ T10] usb 6-1: Manufacturer: syz [ 955.790180][ T10] usb 6-1: SerialNumber: syz [ 955.798977][ T10] usb 6-1: config 0 descriptor?? [ 957.635486][ T8378] netlink: 20 bytes leftover after parsing attributes in process `syz.3.15999'. [ 958.520186][ T3233] usb 6-1: USB disconnect, device number 30 [ 959.063255][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 959.063401][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 959.309422][ T8464] netlink: 'syz.2.16039': attribute type 58 has an invalid length. [ 961.518755][ T3233] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 961.700213][ T3233] usb 3-1: Using ep0 maxpacket: 32 [ 961.702870][ T3233] usb 3-1: config 0 has an invalid interface number: 196 but max is 0 [ 961.702896][ T3233] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 961.702914][ T3233] usb 3-1: config 0 has no interface number 0 [ 961.702960][ T3233] usb 3-1: config 0 interface 196 altsetting 1 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 961.702987][ T3233] usb 3-1: config 0 interface 196 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 961.703013][ T3233] usb 3-1: config 0 interface 196 has no altsetting 0 [ 961.708218][ T3233] usb 3-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 961.708243][ T3233] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 961.708262][ T3233] usb 3-1: Product: syz [ 961.708276][ T3233] usb 3-1: Manufacturer: syz [ 961.708289][ T3233] usb 3-1: SerialNumber: syz [ 961.817629][ T3233] usb 3-1: config 0 descriptor?? [ 962.059042][ T3233] ipheth 3-1:0.196: Unable to find endpoints [ 962.082579][ T3233] usb 3-1: USB disconnect, device number 40 [ 963.891280][ T8606] netlink: 16 bytes leftover after parsing attributes in process `syz.5.16101'. [ 964.258319][ T8622] overlay: Unknown parameter '/÷·Âí:²>Œ‚Ùw±ÀK£ [ 964.258319][ T8622] ' [ 964.491464][ T8633] netlink: 20 bytes leftover after parsing attributes in process `syz.3.16117'. [ 968.016289][ T8801] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 968.104497][ T8807] netlink: 'syz.2.16195': attribute type 3 has an invalid length. [ 971.396275][ T8901] .N: renamed from veth0_to_bond (while UP) [ 971.574826][ T8908] 9pnet_fd: Insufficient options for proto=fd [ 971.893098][ T8930] binder: 8929:8930 ioctl c0306201 2000000001c0 returned -14 [ 972.273762][ T8951] netlink: 'syz.5.16262': attribute type 4 has an invalid length. [ 972.273782][ T8951] netlink: 'syz.5.16262': attribute type 6 has an invalid length. [ 972.273797][ T8951] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.16262'. [ 975.304111][ T9087] overlayfs: failed to clone upperpath [ 975.784995][ T9112] netlink: 60 bytes leftover after parsing attributes in process `syz.3.16341'. [ 976.073948][ T37] kauditd_printk_skb: 270 callbacks suppressed [ 976.073967][ T37] audit: type=1800 audit(2000000128.315:1773): pid=9128 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.16349" name="file1" dev="overlay" ino=14505 res=0 errno=0 [ 976.422410][ T9151] overlayfs: missing 'lowerdir' [ 977.673744][ T9219] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16393'. [ 977.735133][ T9225] netlink: 4 bytes leftover after parsing attributes in process `syz.5.16395'. [ 977.765650][ T9223] netlink: 8 bytes leftover after parsing attributes in process `syz.7.16392'. [ 979.073813][ T9279] dummy0: entered allmulticast mode [ 979.074155][ T9276] dummy0: left allmulticast mode [ 980.016854][ T9321] netlink: 96 bytes leftover after parsing attributes in process `syz.3.16438'. [ 981.235651][ T9380] binder: Unknown parameter 'subj_user' [ 981.956624][ T9417] netlink: 32 bytes leftover after parsing attributes in process `syz.3.16483'. [ 982.195379][ T5612] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 982.356170][ T5612] usb 3-1: Using ep0 maxpacket: 32 [ 982.358592][ T5612] usb 3-1: config 0 has an invalid interface number: 12 but max is 0 [ 982.358617][ T5612] usb 3-1: config 0 has no interface number 0 [ 982.358692][ T5612] usb 3-1: config 0 interface 12 has no altsetting 0 [ 982.367638][ T5612] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 982.367667][ T5612] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 982.367686][ T5612] usb 3-1: Product: syz [ 982.367699][ T5612] usb 3-1: Manufacturer: syz [ 982.367712][ T5612] usb 3-1: SerialNumber: syz [ 982.375802][ T5612] usb 3-1: config 0 descriptor?? [ 982.384568][ T5612] f81534 3-1:0.12: required endpoints missing [ 983.096977][ T9445] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 983.133289][ T9445] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 983.167681][ T1677] usb 3-1: USB disconnect, device number 41 [ 987.042318][ T9608] netlink: 68 bytes leftover after parsing attributes in process `syz.3.16577'. [ 987.241104][ T9617] tmpfs: Unknown parameter 'n' [ 988.564742][ T9684] devpts: Bad value for 'max' [ 989.321418][ T9713] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16625'. [ 989.782316][ T9729] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 990.225973][ T9762] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 990.225990][ T9762] overlayfs: missing 'lowerdir' [ 991.596718][ T9831] netlink: 12 bytes leftover after parsing attributes in process `syz.5.16682'. [ 991.897487][ T9842] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16687'. [ 992.178900][ T9850] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16691'. [ 992.779121][ T5612] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 992.952502][ T5612] usb 3-1: config 0 has no interfaces? [ 992.955765][ T5612] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 992.955792][ T5612] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 992.955810][ T5612] usb 3-1: Product: syz [ 992.955823][ T5612] usb 3-1: Manufacturer: syz [ 992.955835][ T5612] usb 3-1: SerialNumber: syz [ 992.972665][ T5612] usb 3-1: config 0 descriptor?? [ 993.559885][ T9862] bond0: (slave netdevsim0): Releasing backup interface [ 993.605132][ T9862] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 993.605176][ T9862] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 993.605203][ T9862] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 993.717936][ T3233] usb 3-1: USB disconnect, device number 42 [ 999.047029][T10070] overlayfs: failed to clone lowerpath [ 999.303266][T10087] overlayfs: conflicting lowerdir path [ 999.454295][T10092] netlink: 8 bytes leftover after parsing attributes in process `syz.7.16806'. [ 999.625128][T10106] netlink: 8 bytes leftover after parsing attributes in process `syz.7.16811'. [ 999.856318][T10112] netlink: 84 bytes leftover after parsing attributes in process `syz.2.16815'. [ 999.856344][T10112] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16815'. [ 1000.460422][T10151] netlink: 20 bytes leftover after parsing attributes in process `syz.2.16833'. [ 1001.227622][T10193] netlink: 76 bytes leftover after parsing attributes in process `syz.7.16853'. [ 1001.358876][T10201] 9pnet_fd: p9_fd_create_unix (10201): problem connecting socket: ./bus: -2 [ 1002.243414][T10250] overlayfs: failed to clone lowerpath [ 1005.323390][ T5790] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 1005.483266][ T5790] usb 6-1: Using ep0 maxpacket: 32 [ 1005.486031][ T5790] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 1005.486058][ T5790] usb 6-1: config 0 has no interface number 0 [ 1005.486105][ T5790] usb 6-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 1005.486127][ T5790] usb 6-1: config 0 interface 1 has no altsetting 0 [ 1005.489345][ T5790] usb 6-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a [ 1005.489379][ T5790] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1005.489398][ T5790] usb 6-1: Product: syz [ 1005.489412][ T5790] usb 6-1: Manufacturer: syz [ 1005.489426][ T5790] usb 6-1: SerialNumber: syz [ 1005.564795][ T5790] usb 6-1: config 0 descriptor?? [ 1005.699290][T32040] Bluetooth: hci1: command 0x0406 tx timeout [ 1005.815895][ T5790] cx231xx 6-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces [ 1005.834685][ T5790] cx231xx 6-1:0.1: Failed to read PCB config [ 1005.834779][ T5790] cx231xx 6-1:0.1: probe with driver cx231xx failed with error -71 [ 1005.920968][ T5790] usb 6-1: USB disconnect, device number 31 [ 1006.357250][ T5790] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 1006.547960][ T5790] usb 6-1: Using ep0 maxpacket: 32 [ 1006.562427][ T5790] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 1006.562454][ T5790] usb 6-1: config 0 has no interface number 0 [ 1006.562506][ T5790] usb 6-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 1006.562526][ T5790] usb 6-1: config 0 interface 1 has no altsetting 0 [ 1006.567194][ T5790] usb 6-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a [ 1006.567221][ T5790] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1006.567241][ T5790] usb 6-1: Product: syz [ 1006.567254][ T5790] usb 6-1: Manufacturer: syz [ 1006.567267][ T5790] usb 6-1: SerialNumber: syz [ 1006.683058][ T5790] usb 6-1: config 0 descriptor?? [ 1007.803075][ T5790] cx231xx 6-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces [ 1007.887687][ T5790] cx231xx 6-1:0.1: Identified as Conexant Hybrid TV - RDU253S (card=4) [ 1007.913803][T10369] 8021q: VLANs not supported on xfrm0 [ 1007.999000][ T5790] cx231xx 6-1:0.1: cx231xx_send_gpio_cmd: failed with status --110 [ 1007.999565][ T5790] cx231xx 6-1:0.1: cx231xx_send_gpio_cmd: failed with status --32 [ 1007.999998][ T5790] cx231xx 6-1:0.1: cx231xx_send_gpio_cmd: failed with status --32 [ 1008.000424][ T5790] cx231xx 6-1:0.1: cx231xx_send_gpio_cmd: failed with status --32 [ 1008.000847][ T5790] cx231xx 6-1:0.1: cx231xx_send_gpio_cmd: failed with status --32 [ 1008.000865][ T5790] cx231xx 6-1:0.1: Failed to set devmode to analog: error: -32 [ 1008.085136][ T5790] i2c i2c-2: Added multiplexed i2c bus 4 [ 1008.093032][ T5790] i2c i2c-2: Added multiplexed i2c bus 5 [ 1008.110443][ T5790] cx231xx 6-1:0.1: cx231xx_dev_init: Failed to set Power - errCode [-71]! [ 1008.110467][ T5790] cx231xx 6-1:0.1: cx231xx_init_dev: cx231xx_i2c_register - errCode [-71]! [ 1008.190917][ T5790] cx231xx 6-1:0.1: probe with driver cx231xx failed with error -71 [ 1008.194040][ T5790] usb 6-1: USB disconnect, device number 32 [ 1008.194746][T10380] netlink: 12 bytes leftover after parsing attributes in process `syz.7.16933'. [ 1008.263119][T10384] netlink: 224 bytes leftover after parsing attributes in process `syz.3.16936'. [ 1008.855401][T10405] netlink: 9 bytes leftover after parsing attributes in process `syz.5.16945'. [ 1008.925280][T10405] bridge0: port 3(gretap0) entered disabled state [ 1009.750450][T10438] netlink: 9 bytes leftover after parsing attributes in process `syz.7.16960'. [ 1009.792027][ T37] audit: type=1326 audit(2000000159.972:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10439 comm="syz.2.16963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 1009.797870][ T37] audit: type=1326 audit(2000000159.972:1775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10439 comm="syz.2.16963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 1009.797926][ T37] audit: type=1326 audit(2000000159.972:1776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10439 comm="syz.2.16963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 1009.797966][ T37] audit: type=1326 audit(2000000159.972:1777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10439 comm="syz.2.16963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 1009.798021][ T37] audit: type=1326 audit(2000000159.972:1778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10439 comm="syz.2.16963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 1009.798062][ T37] audit: type=1326 audit(2000000159.972:1779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10439 comm="syz.2.16963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 1009.798105][ T37] audit: type=1326 audit(2000000159.972:1780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10439 comm="syz.2.16963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 1009.798148][ T37] audit: type=1326 audit(2000000159.972:1781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10439 comm="syz.2.16963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 1009.798192][ T37] audit: type=1326 audit(2000000159.972:1782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10439 comm="syz.2.16963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 1009.798235][ T37] audit: type=1326 audit(2000000159.972:1783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10439 comm="syz.2.16963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x7ffc0000 [ 1010.227105][T10450] netlink: 'syz.7.16966': attribute type 64 has an invalid length. [ 1010.321252][T10456] overlayfs: missing 'lowerdir' [ 1010.590289][T10467] netlink: 'syz.2.16972': attribute type 4 has an invalid length. [ 1010.590312][T10467] netlink: 3649 bytes leftover after parsing attributes in process `syz.2.16972'. [ 1011.734876][T10503] overlayfs: failed to clone upperpath [ 1012.187175][ T5808] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 1012.357762][ T5808] usb 3-1: Using ep0 maxpacket: 16 [ 1012.360345][ T5808] usb 3-1: too many endpoints for config 0 interface 0 altsetting 32: 253, using maximum allowed: 30 [ 1012.360390][ T5808] usb 3-1: config 0 interface 0 altsetting 32 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 1012.360415][ T5808] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1012.360445][ T5808] usb 3-1: New USB device found, idVendor=28bd, idProduct=0075, bcdDevice= 0.00 [ 1012.360466][ T5808] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1012.368617][ T5808] usb 3-1: config 0 descriptor?? [ 1012.603783][ T5808] usbhid 3-1:0.0: can't add hid device: -71 [ 1012.603922][ T5808] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1012.648305][ T5808] usb 3-1: USB disconnect, device number 43 [ 1013.276347][T10552] overlay: Unknown parameter '/C][IjâÀìJë Îã{eJòv ‚Øz/@«FÄòæê7ÁðÀG¬çµÀ¨!®Ié«$‚@VÀ\' [ 1015.325969][T10598] netlink: 'syz.3.17035': attribute type 11 has an invalid length. [ 1015.325989][T10598] netlink: 36 bytes leftover after parsing attributes in process `syz.3.17035'. [ 1016.145375][T10631] netlink: 'syz.3.17050': attribute type 4 has an invalid length. [ 1016.146332][T10631] netlink: 'syz.3.17050': attribute type 4 has an invalid length. [ 1016.654647][T10655] netlink: 52 bytes leftover after parsing attributes in process `syz.2.17063'. [ 1017.044245][T10669] netlink: 'syz.2.17069': attribute type 1 has an invalid length. [ 1017.044269][T10669] netlink: 'syz.2.17069': attribute type 2 has an invalid length. [ 1017.241324][T10672] 9pnet: Could not find request transport: 0xffffffffffffffff [ 1018.718195][ T37] kauditd_printk_skb: 16 callbacks suppressed [ 1018.718213][ T37] audit: type=1326 audit(2000000168.341:1800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10734 comm="syz.7.17099" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc23dc1f6c9 code=0x0 [ 1019.218520][T10760] netlink: 188 bytes leftover after parsing attributes in process `syz.3.17110'. [ 1019.752216][T17697] tipc: Subscription rejected, illegal request [ 1021.035221][T10815] netlink: 44 bytes leftover after parsing attributes in process `syz.2.17135'. [ 1021.414651][T10829] netlink: 12 bytes leftover after parsing attributes in process `syz.2.17141'. [ 1021.449577][T10827] netlink: 5 bytes leftover after parsing attributes in process `syz.5.17140'. [ 1021.449903][T10827] 0ªî{X¹¦: renamed from gretap0 [ 1021.518611][T10827] bridge0: port 3(30ªî{X¹¦) entered blocking state [ 1021.518832][T10827] bridge0: port 3(30ªî{X¹¦) entered forwarding state [ 1021.520207][T10827] A link change request failed with some changes committed already. Interface 30ªî{X¹¦ may have been left with an inconsistent configuration, please check. [ 1023.804964][T10906] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17177'. [ 1024.065096][T17699] tipc: Subscription rejected, illegal request [ 1024.411732][T10906] hsr_slave_1 (unregistering): left promiscuous mode [ 1024.547442][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 1024.547516][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 1024.808396][T10942] netlink: 36 bytes leftover after parsing attributes in process `syz.5.17196'. [ 1024.808424][T10942] netlink: 32 bytes leftover after parsing attributes in process `syz.5.17196'. [ 1025.579321][T10963] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17205'. [ 1025.579355][T10963] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17205'. [ 1026.007804][T10986] overlayfs: failed to clone lowerpath [ 1026.289162][T11002] vivid-000: disconnect [ 1026.292296][T11001] vivid-000: reconnect [ 1027.788469][T11086] netlink: 'syz.2.17261': attribute type 11 has an invalid length. [ 1029.002825][T11104] netlink: 12 bytes leftover after parsing attributes in process `syz.5.17271'. [ 1031.134128][T11209] overlayfs: failed to clone lowerpath [ 1037.460100][T11395] tmpfs: Bad value for 'huge' [ 1037.818015][T11401] veth0_to_team: entered promiscuous mode [ 1037.818042][T11401] veth0_to_team: entered allmulticast mode [ 1038.298377][T11436] overlay: ./file1 is not a directory [ 1038.309028][T11432] netlink: 12 bytes leftover after parsing attributes in process `syz.3.17424'. [ 1040.052014][T11468] ip6gretap0 (unregistering): left allmulticast mode [ 1040.052042][T11468] ip6gretap0 (unregistering): left promiscuous mode [ 1040.052160][T11468] bridge0: port 3(ip6gretap0) entered disabled state [ 1040.696615][T11511] netlink: 140 bytes leftover after parsing attributes in process `syz.2.17461'. [ 1042.214845][T11540] netlink: 84 bytes leftover after parsing attributes in process `syz.7.17473'. [ 1042.534347][T11529] fuse: Bad value for 'user_id' [ 1042.534367][T11529] fuse: Bad value for 'user_id' [ 1045.326417][T11617] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 1045.424514][T11617] picdev_read: 26 callbacks suppressed [ 1045.424589][T11617] kvm: pic: non byte read [ 1045.425035][T11617] kvm: pic: level sensitive irq not supported [ 1045.425097][T11617] kvm: pic: non byte read [ 1045.425487][T11617] kvm: pic: level sensitive irq not supported [ 1045.425540][T11617] kvm: pic: non byte read [ 1045.425736][T11617] kvm: pic: level sensitive irq not supported [ 1045.425788][T11617] kvm: pic: non byte read [ 1047.869251][T11721] netlink: 'syz.2.17554': attribute type 1 has an invalid length. [ 1047.996644][T11729] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1047.996689][T11729] IPv6: NLM_F_CREATE should be set when creating new route [ 1047.996722][T11729] IPv6: NLM_F_CREATE should be set when creating new route [ 1048.003743][T11729] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1048.114713][T11721] bond4: entered promiscuous mode [ 1048.119653][T11721] 8021q: adding VLAN 0 to HW filter on device bond4 [ 1048.240122][T11726] 8021q: adding VLAN 0 to HW filter on device bond4 [ 1048.240747][T11726] bond4: (slave wireguard0): The slave device specified does not support setting the MAC address [ 1048.240769][T11726] bond4: (slave wireguard0): Setting fail_over_mac to active for active-backup mode [ 1048.342774][T11726] bond4: (slave wireguard0): making interface the new active one [ 1048.342799][T11726] wireguard0: entered promiscuous mode [ 1048.351002][T11726] bond4: (slave wireguard0): Enslaving as an active interface with an up link [ 1048.406678][T11729] bond4: (slave wireguard1): The slave device specified does not support setting the MAC address [ 1048.476718][T11729] bond4: (slave wireguard1): Enslaving as a backup interface with an up link [ 1048.531373][T11744] netlink: 'syz.3.17560': attribute type 12 has an invalid length. [ 1050.369442][ T37] audit: type=1326 audit(2000000198.037:1801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11796 comm="syz.3.17585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1050.371999][ T37] audit: type=1326 audit(2000000198.037:1802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11796 comm="syz.3.17585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1050.372048][ T37] audit: type=1326 audit(2000000198.037:1803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11796 comm="syz.3.17585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1050.375531][ T37] audit: type=1326 audit(2000000198.047:1804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11796 comm="syz.3.17585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1050.387185][ T37] audit: type=1326 audit(2000000198.047:1805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11796 comm="syz.3.17585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1050.387240][ T37] audit: type=1326 audit(2000000198.056:1806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11796 comm="syz.3.17585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1050.388701][ T37] audit: type=1326 audit(2000000198.056:1807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11796 comm="syz.3.17585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1050.388750][ T37] audit: type=1326 audit(2000000198.056:1808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11796 comm="syz.3.17585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1050.388802][ T37] audit: type=1326 audit(2000000198.056:1809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11796 comm="syz.3.17585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1050.396742][ T37] audit: type=1326 audit(2000000198.056:1810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11796 comm="syz.3.17585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1051.443841][T11823] netlink: 28 bytes leftover after parsing attributes in process `syz.3.17596'. [ 1054.922995][T11919] loop5: detected capacity change from 0 to 7 [ 1054.932644][ C1] blk_print_req_error: 6 callbacks suppressed [ 1054.932664][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1054.932696][ C1] buffer_io_error: 6 callbacks suppressed [ 1054.932709][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1054.932996][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1054.933025][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1054.933286][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1054.933314][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1054.933529][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1054.933556][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1054.933804][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1054.933838][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1054.934125][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1054.934159][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1054.934399][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1054.934426][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1054.934510][T11919] ldm_validate_partition_table(): Disk read failed. [ 1054.934714][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1054.934742][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1054.934997][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1054.935024][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1054.935227][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1054.935253][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 1054.936348][T11919] Dev loop5: unable to read RDB block 0 [ 1055.002141][T11919] loop5: unable to read partition table [ 1055.002385][T11919] loop5: partition table beyond EOD, truncated [ 1055.002402][T11919] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 1055.549350][T11936] netlink: 'syz.7.17646': attribute type 1 has an invalid length. [ 1055.646930][T11936] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1055.666274][T11944] veth0_virt_wifi: entered promiscuous mode [ 1055.729533][T11944] bond1: (slave veth0_virt_wifi): making interface the new active one [ 1055.731268][T11944] bond1: (slave veth0_virt_wifi): Enslaving as an active interface with an up link [ 1056.062298][T11960] overlayfs: workdir and upperdir must reside under the same mount [ 1058.426351][T12065] netlink: 64 bytes leftover after parsing attributes in process `syz.5.17705'. [ 1058.571128][ T37] kauditd_printk_skb: 15 callbacks suppressed [ 1058.571148][ T37] audit: type=1326 audit(2000000205.712:1826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12070 comm="syz.5.17711" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0a3ce9f6c9 code=0x0 [ 1063.079225][T12146] netlink: 'syz.3.17742': attribute type 1 has an invalid length. [ 1063.146960][T12146] bond4: entered promiscuous mode [ 1063.147421][T12146] 8021q: adding VLAN 0 to HW filter on device bond4 [ 1063.284099][T12153] 8021q: adding VLAN 0 to HW filter on device bond4 [ 1063.284696][T12153] bond4: (slave gre1): The slave device specified does not support setting the MAC address [ 1063.284716][T12153] bond4: (slave gre1): Setting fail_over_mac to active for active-backup mode [ 1063.300847][T12153] bond4: (slave gre1): making interface the new active one [ 1063.300870][T12153] gre1: entered promiscuous mode [ 1063.304447][T12153] bond4: (slave gre1): Enslaving as an active interface with an up link [ 1064.902116][T12233] Device name cannot be null; rc = [-22] [ 1065.104675][ T5612] usb 6-1: new high-speed USB device number 33 using dummy_hcd [ 1065.267287][ T5612] usb 6-1: config 0 has no interfaces? [ 1065.284171][ T5612] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1065.284200][ T5612] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1065.284218][ T5612] usb 6-1: Product: syz [ 1065.284231][ T5612] usb 6-1: Manufacturer: syz [ 1065.284242][ T5612] usb 6-1: SerialNumber: syz [ 1065.294819][ T5612] usb 6-1: config 0 descriptor?? [ 1065.532494][ T5612] usb 6-1: USB disconnect, device number 33 [ 1070.036045][T12367] netlink: 32 bytes leftover after parsing attributes in process `syz.2.17846'. [ 1070.191353][T12375] netlink: 'syz.7.17849': attribute type 25 has an invalid length. [ 1071.232511][T12437] 9pnet_fd: Insufficient options for proto=fd [ 1072.880532][T12513] binder: 12510:12513 ioctl 4018620d 0 returned -22 [ 1072.881508][T12513] binder: 12510:12513 ioctl c0306201 0 returned -14 [ 1073.497771][T12536] netlink: 'syz.5.17922': attribute type 12 has an invalid length. [ 1074.749875][T12568] netlink: 'syz.7.17937': attribute type 12 has an invalid length. [ 1078.481947][ T37] audit: type=1326 audit(2000000224.421:1827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12688 comm="syz.3.17992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1078.482115][ T37] audit: type=1326 audit(2000000224.421:1828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12688 comm="syz.3.17992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1078.487489][ T37] audit: type=1326 audit(2000000224.421:1829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12688 comm="syz.3.17992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1078.547023][ T37] audit: type=1326 audit(2000000224.477:1830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12688 comm="syz.3.17992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1078.547077][ T37] audit: type=1326 audit(2000000224.477:1831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12688 comm="syz.3.17992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1078.548251][ T37] audit: type=1326 audit(2000000224.477:1832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12688 comm="syz.3.17992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1078.548298][ T37] audit: type=1326 audit(2000000224.477:1833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12688 comm="syz.3.17992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1078.548338][ T37] audit: type=1326 audit(2000000224.477:1834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12688 comm="syz.3.17992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1078.561903][ T37] audit: type=1326 audit(2000000224.487:1835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12688 comm="syz.3.17992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1078.561957][ T37] audit: type=1326 audit(2000000224.487:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12688 comm="syz.3.17992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1079.346506][ T5612] usb 6-1: new high-speed USB device number 34 using dummy_hcd [ 1079.508439][ T5612] usb 6-1: config 15 has too many interfaces: 102, using maximum allowed: 32 [ 1079.508467][ T5612] usb 6-1: config 15 has an invalid descriptor of length 224, skipping remainder of the config [ 1079.508487][ T5612] usb 6-1: config 15 has 0 interfaces, different from the descriptor's value: 102 [ 1079.508524][ T5612] usb 6-1: New USB device found, idVendor=0c70, idProduct=f011, bcdDevice= 0.00 [ 1079.508546][ T5612] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1080.239322][ T5612] usb 6-1: string descriptor 0 read error: -71 [ 1080.241982][ T5612] usb 6-1: USB disconnect, device number 34 [ 1080.434318][T12769] netlink: 36 bytes leftover after parsing attributes in process `syz.7.18030'. [ 1080.434346][T12769] netlink: 12 bytes leftover after parsing attributes in process `syz.7.18030'. [ 1080.434361][T12769] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18030'. [ 1080.872478][T12795] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18043'. [ 1080.872509][T12795] netlink: 12 bytes leftover after parsing attributes in process `syz.7.18043'. [ 1080.872524][T12795] netlink: 16 bytes leftover after parsing attributes in process `syz.7.18043'. [ 1082.556988][T12878] can0: slcan on ttyS3. [ 1082.725519][T12878] can0 (unregistered): slcan off ttyS3. [ 1082.893639][T12896] netlink: 'syz.3.18094': attribute type 1 has an invalid length. [ 1082.893660][T12896] netlink: 'syz.3.18094': attribute type 2 has an invalid length. [ 1083.580940][T12937] 9pnet_fd: Insufficient options for proto=fd [ 1083.949585][T12959] overlayfs: workdir and upperdir must reside under the same mount [ 1084.622439][T12968] netlink: 37 bytes leftover after parsing attributes in process `syz.3.18128'. [ 1084.958174][T12988] netlink: 72 bytes leftover after parsing attributes in process `syz.7.18137'. [ 1086.046762][T13039] input: syz1 as /devices/virtual/input/input47 [ 1086.869102][T32040] Bluetooth: hci5: command 0x1003 tx timeout [ 1086.902229][T17537] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1090.123134][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 1090.123758][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 1092.532814][T13195] netlink: 20 bytes leftover after parsing attributes in process `syz.2.18232'. [ 1092.971269][T13210] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1095.283492][T13264] tap0: tun_chr_ioctl cmd 1074025675 [ 1095.283514][T13264] tap0: persist enabled [ 1095.394922][T13261] 9pnet: Could not find request transport: 0xffffffffffffffff [ 1096.644055][T13315] overlayfs: failed to clone lowerpath [ 1096.688136][T13314] overlayfs: failed to clone lowerpath [ 1097.151206][T13332] overlay: Unknown parameter '/' [ 1097.678777][T13349] binder: 13347:13349 unknown command 0 [ 1097.678798][T13349] binder: 13347:13349 ioctl c0306201 200000000080 returned -22 [ 1101.109977][T13400] netlink: 'syz.7.18322': attribute type 3 has an invalid length. [ 1101.718439][T13422] overlayfs: unescaped trailing colons in lowerdir mount option. [ 1104.229195][T13502] tipc: Enabling of bearer rejected, failed to enable media [ 1104.457620][T13512] netlink: 204 bytes leftover after parsing attributes in process `syz.7.18375'. [ 1105.764563][ T37] kauditd_printk_skb: 18 callbacks suppressed [ 1105.764580][ T37] audit: type=1804 audit(2000000250.007:1855): pid=13571 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.5.18399" name="/newroot/2574/file0" dev="tmpfs" ino=14831 res=1 errno=0 [ 1105.788923][T13571] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1 [ 1105.788948][T13571] ref_ctr increment failed for inode: 0x39ef offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880290ddc00 [ 1105.926696][T13563] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1 [ 1105.926734][T13563] ref_ctr decrement failed for inode: 0x39ef offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880290ddc00 [ 1105.927063][T13563] uprobe: syz.5.18399:13563 failed to unregister, leaking uprobe [ 1107.740929][T13657] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18440'. [ 1108.343756][T13687] netlink: 20 bytes leftover after parsing attributes in process `syz.5.18454'. [ 1108.343783][T13687] netlink: 12 bytes leftover after parsing attributes in process `syz.5.18454'. [ 1108.343798][T13687] netlink: 8 bytes leftover after parsing attributes in process `syz.5.18454'. [ 1108.755486][T13706] binder: 13704:13706 ioctl c0306201 200000000100 returned -14 [ 1108.962738][T13712] netlink: 44 bytes leftover after parsing attributes in process `syz.2.18465'. [ 1108.962763][T13712] netlink: 43 bytes leftover after parsing attributes in process `syz.2.18465'. [ 1108.962779][T13712] netlink: 'syz.2.18465': attribute type 5 has an invalid length. [ 1108.962792][T13712] netlink: 43 bytes leftover after parsing attributes in process `syz.2.18465'. [ 1109.373157][T13723] ptrace attach of "./syz-executor exec"[13730] was attempted by "./syz-executor exec"[13723] [ 1111.482688][T13790] fuse: Bad value for 'group_id' [ 1111.482707][T13790] fuse: Bad value for 'group_id' [ 1111.607016][T13792] tmpfs: Bad value for 'nr_blocks' [ 1113.073837][T13849] binder: 13848:13849 ioctl c0306201 200000000240 returned -14 [ 1115.873815][T13901] fuse: Bad value for 'group_id' [ 1115.873835][T13901] fuse: Bad value for 'group_id' [ 1117.247571][T13996] binder: 13993:13996 ioctl c0306201 200000000180 returned -14 [ 1117.350366][T14000] binder: 13999:14000 ioctl c0306201 200000000100 returned -14 [ 1117.464075][T14004] netlink: 84 bytes leftover after parsing attributes in process `syz.5.18601'. [ 1120.421780][T14092] loop3: detected capacity change from 0 to 7 [ 1120.422771][T14092] Dev loop3: unable to read RDB block 7 [ 1120.422817][T14092] loop3: unable to read partition table [ 1120.423035][T14092] loop3: partition table beyond EOD, truncated [ 1120.423053][T14092] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 1123.620007][T14201] netlink: 32 bytes leftover after parsing attributes in process `syz.7.18691'. [ 1123.953052][ T37] audit: type=1326 audit(2000000267.074:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14214 comm="syz.3.18698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1123.956346][ T37] audit: type=1326 audit(2000000267.074:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14214 comm="syz.3.18698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1123.967627][ T37] audit: type=1326 audit(2000000267.093:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14214 comm="syz.3.18698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1123.967752][ T37] audit: type=1326 audit(2000000267.093:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14214 comm="syz.3.18698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1123.968188][ T37] audit: type=1326 audit(2000000267.093:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14214 comm="syz.3.18698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1124.001440][ T37] audit: type=1326 audit(2000000267.130:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14214 comm="syz.3.18698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1124.002802][ T37] audit: type=1326 audit(2000000267.130:1862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14214 comm="syz.3.18698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1124.002851][ T37] audit: type=1326 audit(2000000267.130:1863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14214 comm="syz.3.18698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1124.004647][ T37] audit: type=1326 audit(2000000267.130:1864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14214 comm="syz.3.18698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1124.004694][ T37] audit: type=1326 audit(2000000267.130:1865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14214 comm="syz.3.18698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1124.310105][ T5612] usb 6-1: new full-speed USB device number 35 using dummy_hcd [ 1125.905708][T14275] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18723'. [ 1126.133313][T14283] overlayfs: failed to clone upperpath [ 1126.880883][ T5612] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1126.883457][ T5612] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 1126.883479][ T5612] usb 6-1: can't read configurations, error -71 [ 1128.463269][T14370] netlink: 172 bytes leftover after parsing attributes in process `syz.3.18769'. [ 1128.463294][T14370] netlink: 16 bytes leftover after parsing attributes in process `syz.3.18769'. [ 1129.331318][ T37] kauditd_printk_skb: 15 callbacks suppressed [ 1129.331368][ T37] audit: type=1326 audit(2000000272.122:1881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14281 comm="syz.7.18726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23dc1f6c9 code=0x7fc00000 [ 1130.853908][T14462] binder: 14460:14462 ioctl c018620c 200000000000 returned -22 [ 1135.778650][T14672] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18911'. [ 1136.014293][T14679] netlink: 12 bytes leftover after parsing attributes in process `syz.7.18914'. [ 1136.786322][T14724] overlayfs: failed to resolve './bus': -2 [ 1136.803713][T14726] netlink: 44 bytes leftover after parsing attributes in process `syz.3.18935'. [ 1136.803740][T14726] netlink: 'syz.3.18935': attribute type 6 has an invalid length. [ 1136.803753][T14726] netlink: 'syz.3.18935': attribute type 5 has an invalid length. [ 1136.803765][T14726] netlink: 'syz.3.18935': attribute type 4 has an invalid length. [ 1139.778127][T14824] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1139.778148][T14824] overlayfs: missing 'lowerdir' [ 1140.771845][T14882] netlink: 'syz.7.19007': attribute type 10 has an invalid length. [ 1140.925543][T14882] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 1140.925771][T14882] team0: Failed to send options change via netlink (err -105) [ 1140.925787][T14882] team0: Port device netdevsim0 added [ 1141.044096][T14895] netlink: 20 bytes leftover after parsing attributes in process `syz.5.19012'. [ 1141.109929][T14901] Invalid ELF header magic: != ELF [ 1141.400471][T14917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.19024'. [ 1141.874658][T14944] binder: 14942:14944 ioctl c0306201 200000000100 returned -14 [ 1143.390244][ T37] audit: type=1326 audit(2000000285.314:1882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15032 comm="syz.3.19078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1143.390386][ T37] audit: type=1326 audit(2000000285.314:1883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15032 comm="syz.3.19078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1143.390547][ T37] audit: type=1326 audit(2000000285.314:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15032 comm="syz.3.19078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1143.391021][ T37] audit: type=1326 audit(2000000285.314:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15032 comm="syz.3.19078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1143.391194][ T37] audit: type=1326 audit(2000000285.314:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15032 comm="syz.3.19078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1143.391359][ T37] audit: type=1326 audit(2000000285.314:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15032 comm="syz.3.19078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1143.475243][ T37] audit: type=1326 audit(2000000285.398:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15032 comm="syz.3.19078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1143.475323][ T37] audit: type=1326 audit(2000000285.398:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15032 comm="syz.3.19078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3b5c93f703 code=0x7ffc0000 [ 1143.475378][ T37] audit: type=1326 audit(2000000285.398:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15032 comm="syz.3.19078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f3b5c93f787 code=0x7ffc0000 [ 1143.475437][ T37] audit: type=1326 audit(2000000285.398:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15032 comm="syz.3.19078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f3b5c8f6b2d code=0x7ffc0000 [ 1144.831658][T15090] netlink: 92 bytes leftover after parsing attributes in process `syz.7.19099'. [ 1147.016936][T15161] netlink: 8 bytes leftover after parsing attributes in process `syz.3.19133'. [ 1147.165257][T15169] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1148.420941][T15245] netlink: 4 bytes leftover after parsing attributes in process `syz.3.19173'. [ 1148.420985][T15245] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1148.421015][T15245] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1148.488466][T15245] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1148.488497][T15245] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1148.526484][T15245] batman_adv: batadv0: Interface deactivated: ip6gretap1 [ 1148.526511][T15245] batman_adv: batadv0: Removing interface: ip6gretap1 [ 1150.203591][T15343] netlink: 20 bytes leftover after parsing attributes in process `syz.5.19218'. [ 1154.125734][T15480] overlayfs: failed to clone upperpath [ 1155.512517][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 1155.512561][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 1157.847601][T15559] overlayfs: failed to clone upperpath [ 1158.816378][T15601] netlink: 'syz.2.19332': attribute type 1 has an invalid length. [ 1158.816400][T15601] netlink: 9 bytes leftover after parsing attributes in process `syz.2.19332'. [ 1162.167669][ T5604] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 1162.349199][ T5604] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1162.349225][ T5604] usb 3-1: config 0 has no interfaces? [ 1162.352265][ T5604] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1162.352292][ T5604] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1162.352310][ T5604] usb 3-1: Product: syz [ 1162.352323][ T5604] usb 3-1: Manufacturer: syz [ 1162.352336][ T5604] usb 3-1: SerialNumber: syz [ 1162.357978][ T5604] usb 3-1: config 0 descriptor?? [ 1162.576777][ T5604] usb 3-1: USB disconnect, device number 44 [ 1163.355800][T15747] netlink: 16 bytes leftover after parsing attributes in process `syz.7.19397'. [ 1166.859962][T15803] netlink: 104 bytes leftover after parsing attributes in process `syz.3.19421'. [ 1172.122530][T15993] fuse: Unknown parameter '0x000000000000000300000000000000000000' [ 1172.659190][T16012] A link change request failed with some changes committed already. Interface veth0 may have been left with an inconsistent configuration, please check. [ 1173.766016][T16066] binder: Bad value for 'stats' [ 1174.167701][T16090] netlink: 8 bytes leftover after parsing attributes in process `syz.3.19545'. [ 1174.547318][T16110] netlink: 4 bytes leftover after parsing attributes in process `syz.2.19554'. [ 1174.909784][ T37] kauditd_printk_skb: 65 callbacks suppressed [ 1174.909802][ T37] audit: type=1326 audit(2000000314.888:1956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16125 comm="syz.2.19561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x50000 [ 1174.909919][ T37] audit: type=1326 audit(2000000314.888:1957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16125 comm="syz.2.19561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x50000 [ 1174.910312][ T37] audit: type=1326 audit(2000000314.888:1958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16125 comm="syz.2.19561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x50000 [ 1174.910455][ T37] audit: type=1326 audit(2000000314.888:1959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16125 comm="syz.2.19561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x50000 [ 1174.910599][ T37] audit: type=1326 audit(2000000314.888:1960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16125 comm="syz.2.19561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x50000 [ 1174.910733][ T37] audit: type=1326 audit(2000000314.888:1961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16125 comm="syz.2.19561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x50000 [ 1174.910897][ T37] audit: type=1326 audit(2000000314.888:1962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16125 comm="syz.2.19561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x50000 [ 1174.911036][ T37] audit: type=1326 audit(2000000314.888:1963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16125 comm="syz.2.19561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x50000 [ 1174.911167][ T37] audit: type=1326 audit(2000000314.888:1964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16125 comm="syz.2.19561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x50000 [ 1174.911308][ T37] audit: type=1326 audit(2000000314.888:1965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16125 comm="syz.2.19561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc18ec4f6c9 code=0x50000 [ 1176.938892][T16191] Invalid ELF header magic: != ELF [ 1177.679417][T16231] overlayfs: failed to resolve './file0': -2 [ 1177.909686][ T5790] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 1178.077478][ T5790] usb 6-1: Using ep0 maxpacket: 16 [ 1178.080222][ T5790] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1178.080258][ T5790] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1178.111660][ T5790] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1178.111688][ T5790] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1178.111706][ T5790] usb 6-1: Product: syz [ 1178.111720][ T5790] usb 6-1: Manufacturer: syz [ 1178.111734][ T5790] usb 6-1: SerialNumber: syz [ 1178.146131][ T5790] usb 6-1: config 0 descriptor?? [ 1178.151604][ T5790] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1178.151633][ T5790] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class) [ 1178.796777][ T5790] em28xx 6-1:0.0: unknown em28xx chip ID (0) [ 1178.797453][ T5790] em28xx 6-1:0.0: Config register raw data: 0xfffffffb [ 1179.443798][ T5790] em28xx 6-1:0.0: Unknown AC97 audio processor detected! [ 1180.088855][ T5790] em28xx 6-1:0.0: couldn't setup AC97 register 4 [ 1180.089288][ T5790] em28xx 6-1:0.0: couldn't setup AC97 register 6 [ 1180.089724][ T5790] em28xx 6-1:0.0: couldn't setup AC97 register 54 [ 1180.090229][ T5790] em28xx 6-1:0.0: couldn't setup AC97 register 56 [ 1180.095617][ T5790] usb 6-1: USB disconnect, device number 37 [ 1181.468620][T16430] binder: 16429:16430 ioctl c018620c 200000000180 returned -22 [ 1181.906012][T16456] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 1181.906029][T16456] overlayfs: missing 'lowerdir' [ 1185.104196][ T44] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 1185.114650][ T44] hid-generic 0000:0000:0000.0018: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1186.604964][T16647] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1186.605025][T16647] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1188.853401][T16763] 9pnet: Could not find request transport: 0xffffffffffffffff [ 1189.893265][T16781] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 1192.272457][T16857] overlayfs: failed to clone lowerpath [ 1193.364121][T16888] netlink: 44 bytes leftover after parsing attributes in process `syz.2.19912'. [ 1194.456431][T16952] netlink: 44 bytes leftover after parsing attributes in process `syz.7.19945'. [ 1194.456457][T16952] netlink: 43 bytes leftover after parsing attributes in process `syz.7.19945'. [ 1194.456474][T16952] netlink: 'syz.7.19945': attribute type 5 has an invalid length. [ 1194.456487][T16952] netlink: 43 bytes leftover after parsing attributes in process `syz.7.19945'. [ 1194.887820][ T5612] usb 6-1: new high-speed USB device number 38 using dummy_hcd [ 1195.060901][ T5612] usb 6-1: config 0 has no interfaces? [ 1195.063972][ T5612] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1195.063999][ T5612] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1195.064018][ T5612] usb 6-1: Product: syz [ 1195.064032][ T5612] usb 6-1: Manufacturer: syz [ 1195.064046][ T5612] usb 6-1: SerialNumber: syz [ 1195.081797][ T5612] usb 6-1: config 0 descriptor?? [ 1195.318000][ T10] usb 6-1: USB disconnect, device number 38 [ 1195.704904][T17025] netlink: 32 bytes leftover after parsing attributes in process `syz.7.19979'. [ 1198.735936][T17137] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 1198.735964][T17137] CIFS mount error: No usable UNC path provided in device string! [ 1198.735964][T17137] [ 1198.736267][T17137] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1199.632921][T17163] netlink: 'syz.2.20043': attribute type 1 has an invalid length. [ 1199.632942][T17163] netlink: 'syz.2.20043': attribute type 4 has an invalid length. [ 1199.632956][T17163] netlink: 15334 bytes leftover after parsing attributes in process `syz.2.20043'. [ 1200.734317][ T37] kauditd_printk_skb: 180 callbacks suppressed [ 1200.734335][ T37] audit: type=1326 audit(2000000339.123:2146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.7.20063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23dc1f6c9 code=0x7ffc0000 [ 1200.734381][ T37] audit: type=1326 audit(2000000339.123:2147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.7.20063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23dc1f6c9 code=0x7ffc0000 [ 1200.735061][ T37] audit: type=1326 audit(2000000339.123:2148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.7.20063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23dc1f6c9 code=0x7ffc0000 [ 1200.735510][ T37] audit: type=1326 audit(2000000339.123:2149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.7.20063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23dc1f6c9 code=0x7ffc0000 [ 1200.735558][ T37] audit: type=1326 audit(2000000339.123:2150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.7.20063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc23dc1f6c9 code=0x7ffc0000 [ 1200.737381][ T37] audit: type=1326 audit(2000000339.123:2151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.7.20063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23dc1f6c9 code=0x7ffc0000 [ 1200.887529][ T37] audit: type=1326 audit(2000000339.123:2152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.7.20063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23dc1f6c9 code=0x7ffc0000 [ 1200.887587][ T37] audit: type=1326 audit(2000000339.123:2153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.7.20063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23dc1f6c9 code=0x7ffc0000 [ 1200.932446][ T37] audit: type=1326 audit(2000000339.254:2154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.7.20063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fc23dc1f6c9 code=0x7ffc0000 [ 1200.938732][ T37] audit: type=1326 audit(2000000339.310:2155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.7.20063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23dc1f6c9 code=0x7ffc0000 [ 1205.924077][T17359] netlink: 36 bytes leftover after parsing attributes in process `syz.3.20133'. [ 1206.575689][T17394] netlink: 4 bytes leftover after parsing attributes in process `syz.2.20145'. [ 1206.946230][T17415] devpts: Bad value for 'max' [ 1208.491346][ C0] vkms_vblank_simulate: vblank timer overrun [ 1208.798447][ C0] vkms_vblank_simulate: vblank timer overrun [ 1209.689481][ C0] vkms_vblank_simulate: vblank timer overrun [ 1210.274077][T17509] overlayfs: failed to clone upperpath [ 1212.238592][T17581] binder: 17580:17581 ioctl c0306201 2000000001c0 returned -14 [ 1221.015799][ T1321] ieee802154 phy0 wpan0: encryption failed: -22 [ 1221.015872][ T1321] ieee802154 phy1 wpan1: encryption failed: -22 [ 1222.347848][T17843] netlink: 64 bytes leftover after parsing attributes in process `syz.7.20348'. [ 1222.364336][ T37] kauditd_printk_skb: 41 callbacks suppressed [ 1222.364354][ T37] audit: type=1800 audit(2000000359.398:2197): pid=17846 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.20350" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 1223.010304][T17859] +$<¶: renamed from bridge0 (while UP) [ 1224.789702][T17945] overlay: Unknown parameter '/' [ 1224.799357][T17948] overlayfs: failed to clone lowerpath [ 1229.157269][T18060] netlink: 9 bytes leftover after parsing attributes in process `syz.7.20443'. [ 1229.336148][T18060] gretap0: entered promiscuous mode [ 1229.972719][T18092] ptrace attach of "./syz-executor exec"[4706] was attempted by ""[18092] [ 1230.926122][T18105] netlink: 9 bytes leftover after parsing attributes in process `syz.3.20461'. [ 1230.976574][T18105] gretap0: left allmulticast mode [ 1234.212016][T18246] netlink: 9 bytes leftover after parsing attributes in process `syz.5.20527'. [ 1234.241359][T18246] bridge0: port 3(30ªî{X¹¦) entered disabled state [ 1234.886279][T18277] binder: Unknown parameter 'context' [ 1235.939311][T18322] netlink: 12 bytes leftover after parsing attributes in process `syz.3.20559'. [ 1237.583833][T18389] batadv_slave_1: entered promiscuous mode [ 1237.584513][T18385] batadv_slave_1: left promiscuous mode [ 1238.544732][T18438] netlink: 44 bytes leftover after parsing attributes in process `syz.2.20611'. [ 1238.544759][T18438] netlink: 12 bytes leftover after parsing attributes in process `syz.2.20611'. [ 1238.544775][T18438] netlink: 8 bytes leftover after parsing attributes in process `syz.2.20611'. [ 1238.768628][T18443] tmpfs: Bad value for 'huge' [ 1241.684265][T18547] netlink: 'syz.7.20659': attribute type 1 has an invalid length. [ 1241.876204][T18547] 8021q: adding VLAN 0 to HW filter on device bond2 [ 1242.211038][T18549] bond2: (slave veth3): Enslaving as an active interface with a down link [ 1242.250030][T18551] vlan2: entered allmulticast mode [ 1242.250050][T18551] veth1: entered allmulticast mode [ 1242.250924][T18551] veth1: entered promiscuous mode [ 1242.251690][T18551] veth1: left promiscuous mode [ 1242.269677][T18551] bond2: (slave vlan2): making interface the new active one [ 1242.273364][T18551] veth1: entered promiscuous mode [ 1242.286877][T18551] vlan2: entered promiscuous mode [ 1242.288722][T18551] bond2: (slave vlan2): Enslaving as an active interface with an up link [ 1246.989824][T18673] veth1_macvtap: left promiscuous mode [ 1246.989860][T18673] macsec0: entered promiscuous mode [ 1247.081947][ T5604] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 1247.256759][ T5604] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1247.256792][ T5604] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1247.256813][ T5604] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1247.256856][ T5604] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1247.256878][ T5604] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1247.266994][ T5604] usb 3-1: config 0 descriptor?? [ 1248.392912][ T5604] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0 [ 1248.392948][ T5604] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0 [ 1248.392975][ T5604] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0 [ 1248.393001][ T5604] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0 [ 1248.393027][ T5604] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0 [ 1248.393052][ T5604] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0 [ 1248.393078][ T5604] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0 [ 1248.393104][ T5604] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0 [ 1248.393130][ T5604] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0 [ 1248.393155][ T5604] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0 [ 1248.484511][ T5604] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 1248.671541][ T5604] usb 3-1: USB disconnect, device number 45 [ 1248.920143][T18713] batman_adv: batadv0: Adding interface: dummy0 [ 1248.920160][T18713] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1248.920190][T18713] batman_adv: batadv0: Interface activated: dummy0 [ 1248.979421][T18713] batadv0: mtu less than device minimum [ 1248.997548][T18713] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 1249.018492][T18713] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 1249.039976][T18713] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 1249.065118][T18713] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 1249.083957][T18713] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 1249.092117][T18713] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 1249.124069][T18713] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 1249.143010][T18713] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 1249.162017][T18713] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 1249.666847][ T37] audit: type=1326 audit(2000000385.032:2198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18741 comm="syz.3.20742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1249.667265][ T37] audit: type=1326 audit(2000000385.032:2199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18741 comm="syz.3.20742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1249.667396][ T37] audit: type=1326 audit(2000000385.032:2200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18741 comm="syz.3.20742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1249.667630][ T37] audit: type=1326 audit(2000000385.032:2201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18741 comm="syz.3.20742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1249.668251][ T37] audit: type=1326 audit(2000000385.032:2202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18741 comm="syz.3.20742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1249.668782][ T37] audit: type=1326 audit(2000000385.032:2203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18741 comm="syz.3.20742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1249.668919][ T37] audit: type=1326 audit(2000000385.032:2204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18741 comm="syz.3.20742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1249.669089][ T37] audit: type=1326 audit(2000000385.032:2205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18741 comm="syz.3.20742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1249.669371][ T37] audit: type=1326 audit(2000000385.032:2206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18741 comm="syz.3.20742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1249.669671][ T37] audit: type=1326 audit(2000000385.032:2207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18741 comm="syz.3.20742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3b5c93f6c9 code=0x7ffc0000 [ 1250.377891][T18769] random: crng reseeded on system resumption [ 1250.723332][T18782] binder: 18781:18782 ioctl c0306201 0 returned -14 [ 1250.894228][T18797] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 1250.894245][T18797] overlayfs: missing 'lowerdir' [ 1251.408565][T18349] ------------[ cut here ]------------ [ 1251.408588][T18349] WARNING: CPU: 0 PID: 18349 at io_uring/io_uring.c:3036 io_ring_exit_work+0x4e5/0x930 [ 1251.408624][T18349] Modules linked in: [ 1251.408653][T18349] CPU: 0 UID: 0 PID: 18349 Comm: kworker/u8:57 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 1251.408676][T18349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1251.408689][T18349] Workqueue: iou_exit io_ring_exit_work [ 1251.408713][T18349] RIP: 0010:io_ring_exit_work+0x4e5/0x930 [ 1251.408734][T18349] Code: c6 05 d0 d5 95 0d 01 48 c7 c7 e0 de 3c 8b be 25 00 00 00 48 c7 c2 80 de 3c 8b e8 26 8a 71 00 e9 7b fe ff ff e8 ac 2f 94 00 90 <0f> 0b 90 b8 70 17 00 00 48 89 44 24 38 e9 5f ff ff ff 89 d9 80 e1 [ 1251.408752][T18349] RSP: 0018:ffffc90018d378c0 EFLAGS: 00010293 [ 1251.408769][T18349] RAX: ffffffff812a7d84 RBX: 0000000100016126 RCX: ffff88802bb7bc00 [ 1251.408784][T18349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1251.408796][T18349] RBP: ffffc90018d37a50 R08: 0000000000000000 R09: 0000000000000000 [ 1251.408809][T18349] R10: dffffc0000000000 R11: fffffbfff1dac78f R12: 0000000100016116 [ 1251.408824][T18349] R13: ffff888038564350 R14: ffff888038564540 R15: dffffc0000000000 [ 1251.408839][T18349] FS: 0000000000000000(0000) GS:ffff888126df7000(0000) knlGS:0000000000000000 [ 1251.408855][T18349] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1251.408869][T18349] CR2: 0000000000000101 CR3: 000000006953e000 CR4: 00000000003526f0 [ 1251.408886][T18349] Call Trace: [ 1251.408897][T18349] [ 1251.408921][T18349] ? __pfx_io_ring_exit_work+0x10/0x10 [ 1251.408959][T18349] ? _raw_spin_unlock_irq+0x23/0x50 [ 1251.408987][T18349] ? process_scheduled_works+0x9ef/0x17b0 [ 1251.409010][T18349] ? process_scheduled_works+0x9ef/0x17b0 [ 1251.409042][T18349] process_scheduled_works+0xae1/0x17b0 [ 1251.409100][T18349] ? __pfx_process_scheduled_works+0x10/0x10 [ 1251.409143][T18349] worker_thread+0x8a0/0xda0 [ 1251.409171][T18349] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1251.409208][T18349] ? __kthread_parkme+0x7b/0x200 [ 1251.409246][T18349] kthread+0x711/0x8a0 [ 1251.409278][T18349] ? __pfx_worker_thread+0x10/0x10 [ 1251.409302][T18349] ? __pfx_kthread+0x10/0x10 [ 1251.409327][T18349] ? rt_spin_unlock+0x150/0x200 [ 1251.409355][T18349] ? rt_spin_unlock+0x161/0x200 [ 1251.409374][T18349] ? __pfx_kthread+0x10/0x10 [ 1251.409403][T18349] ret_from_fork+0x4bc/0x870 [ 1251.409431][T18349] ? __pfx_ret_from_fork+0x10/0x10 [ 1251.409462][T18349] ? __switch_to_asm+0x39/0x70 [ 1251.409481][T18349] ? __switch_to_asm+0x33/0x70 [ 1251.409499][T18349] ? __pfx_kthread+0x10/0x10 [ 1251.409527][T18349] ret_from_fork_asm+0x1a/0x30 [ 1251.409566][T18349] [ 1251.409581][T18349] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1251.409595][T18349] CPU: 0 UID: 0 PID: 18349 Comm: kworker/u8:57 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 1251.409617][T18349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1251.409629][T18349] Workqueue: iou_exit io_ring_exit_work [ 1251.409649][T18349] Call Trace: [ 1251.409657][T18349] [ 1251.409664][T18349] dump_stack_lvl+0x99/0x250 [ 1251.409694][T18349] ? __asan_memcpy+0x40/0x70 [ 1251.409717][T18349] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1251.409745][T18349] ? __pfx__printk+0x10/0x10 [ 1251.409783][T18349] vpanic+0x237/0x6d0 [ 1251.409803][T18349] ? __pfx_vpanic+0x10/0x10 [ 1251.409833][T18349] panic+0xb9/0xc0 [ 1251.409852][T18349] ? __pfx_panic+0x10/0x10 [ 1251.409888][T18349] __warn+0x31b/0x4b0 [ 1251.409905][T18349] ? io_ring_exit_work+0x4e5/0x930 [ 1251.409928][T18349] ? io_ring_exit_work+0x4e5/0x930 [ 1251.409948][T18349] report_bug+0x2be/0x4f0 [ 1251.409974][T18349] ? io_ring_exit_work+0x4e5/0x930 [ 1251.409995][T18349] ? io_ring_exit_work+0x4e5/0x930 [ 1251.410015][T18349] ? io_ring_exit_work+0x4e7/0x930 [ 1251.410040][T18349] handle_bug+0x84/0x160 [ 1251.410060][T18349] exc_invalid_op+0x1a/0x50 [ 1251.410078][T18349] asm_exc_invalid_op+0x1a/0x20 [ 1251.410095][T18349] RIP: 0010:io_ring_exit_work+0x4e5/0x930 [ 1251.410115][T18349] Code: c6 05 d0 d5 95 0d 01 48 c7 c7 e0 de 3c 8b be 25 00 00 00 48 c7 c2 80 de 3c 8b e8 26 8a 71 00 e9 7b fe ff ff e8 ac 2f 94 00 90 <0f> 0b 90 b8 70 17 00 00 48 89 44 24 38 e9 5f ff ff ff 89 d9 80 e1 [ 1251.410131][T18349] RSP: 0018:ffffc90018d378c0 EFLAGS: 00010293 [ 1251.410147][T18349] RAX: ffffffff812a7d84 RBX: 0000000100016126 RCX: ffff88802bb7bc00 [ 1251.410163][T18349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1251.410175][T18349] RBP: ffffc90018d37a50 R08: 0000000000000000 R09: 0000000000000000 [ 1251.410188][T18349] R10: dffffc0000000000 R11: fffffbfff1dac78f R12: 0000000100016116 [ 1251.410202][T18349] R13: ffff888038564350 R14: ffff888038564540 R15: dffffc0000000000 [ 1251.410226][T18349] ? io_ring_exit_work+0x4e4/0x930 [ 1251.410270][T18349] ? __pfx_io_ring_exit_work+0x10/0x10 [ 1251.410309][T18349] ? _raw_spin_unlock_irq+0x23/0x50 [ 1251.410335][T18349] ? process_scheduled_works+0x9ef/0x17b0 [ 1251.410357][T18349] ? process_scheduled_works+0x9ef/0x17b0 [ 1251.410383][T18349] process_scheduled_works+0xae1/0x17b0 [ 1251.410440][T18349] ? __pfx_process_scheduled_works+0x10/0x10 [ 1251.410484][T18349] worker_thread+0x8a0/0xda0 [ 1251.410512][T18349] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1251.410549][T18349] ? __kthread_parkme+0x7b/0x200 [ 1251.410584][T18349] kthread+0x711/0x8a0 [ 1251.410615][T18349] ? __pfx_worker_thread+0x10/0x10 [ 1251.410637][T18349] ? __pfx_kthread+0x10/0x10 [ 1251.410661][T18349] ? rt_spin_unlock+0x150/0x200 [ 1251.410689][T18349] ? rt_spin_unlock+0x161/0x200 [ 1251.410709][T18349] ? __pfx_kthread+0x10/0x10 [ 1251.410738][T18349] ret_from_fork+0x4bc/0x870 [ 1251.410764][T18349] ? __pfx_ret_from_fork+0x10/0x10 [ 1251.410795][T18349] ? __switch_to_asm+0x39/0x70 [ 1251.410813][T18349] ? __switch_to_asm+0x33/0x70 [ 1251.410831][T18349] ? __pfx_kthread+0x10/0x10 [ 1251.410860][T18349] ret_from_fork_asm+0x1a/0x30 [ 1251.410899][T18349] [ 1251.411134][T18349] Kernel Offset: disabled