last executing test programs: 17m9.02930317s ago: executing program 0 (id=701): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) mremap(&(0x7f0000d59000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000a91000/0x1000)=nil) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000885000/0x1000)=nil, 0x1000}}) 17m8.102747893s ago: executing program 0 (id=710): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x24000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x9}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='vegas', 0x5) shutdown(r0, 0x1) 17m8.021486858s ago: executing program 0 (id=712): sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="020200020c00000000000000000020596300020008000800000004"], 0x60}, 0x1, 0x7}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="bb00000031000b63ddd2006c8c6f59bab50100d0c96ffc6010", 0x19}], 0x1}, 0x4000000) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080010000000e8fe55a1180015000600142603600e120500211dff000401a8001600a400014020", 0x39}], 0x1}, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfe33) 17m7.870611088s ago: executing program 0 (id=714): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='hugetlbfs\x00', 0x0, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0) mount$bind(&(0x7f0000000240)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1a8584c, 0x0) 17m7.787288688s ago: executing program 0 (id=716): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) umount2(&(0x7f0000000380)='./file0\x00', 0x1) 17m7.39415405s ago: executing program 0 (id=722): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xee01, 0x0, 0x1000) close(r0) 17m6.831869102s ago: executing program 32 (id=722): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xee01, 0x0, 0x1000) close(r0) 16m52.79568816s ago: executing program 2 (id=834): setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f00000001c0)={0x3ffe, 0x10001}, 0x10) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) 16m52.383197404s ago: executing program 2 (id=837): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x181041, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000300)={0x28, 0x5, r1, 0x0, &(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x57}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x5, r1, 0x0, &(0x7f0000000a40)="7f", 0x1, 0x4}) ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000240)={0x18, r1, 0x5, 0x100000001}) 16m52.184297491s ago: executing program 2 (id=839): r0 = socket$inet(0x2, 0x2, 0x1) bind$inet(r0, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10) r1 = socket$inet(0x2, 0x2, 0x1) setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000080), 0x4) bind$inet(r1, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10) 16m52.115435456s ago: executing program 2 (id=840): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000240)='./file0/../file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x8bf81a, 0x0) 16m52.035218331s ago: executing program 2 (id=842): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x140280, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x59, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000140)=@vmx={0xf, 0x0, 0x2080, {0xffff1000, 0xeeef0000, {0x1}, 0x1, 0x2}, {"0f436f35affe8dbba0e1e08d39c8b47184852db24511ee2cb6cd2b67d949eb8bfbca31eb941ea67e4aec9e15a0e85bb9c72cf183596fc96776f709328d63112096cc6d5cb63ca3eb6db52919fe350d048b1e759574319556849f1bbb0f097c65da695bc1e23dfd4fdf75bfa802619961f6029ae063e56e1737d911824a580aa63ef6eb331acf17b0c8f965e3caa413d30c58b76b23dc468f7e87510e374d7b2f1c2e998e9407fd6d6c841d828f8783aea5d50847a41fc0a0288fa9599bed433e9d8098cfe7c591531996bbba622ecda21f1f5fbdb5dc7ed657631125271a2937269984d95a69b1491de3346cf5ac377f846f8da0aa6937daca8c8704e62554b07d9e81c3d56d922e8bc2c03855873ca2ada8894d233814ff58a9c360a5d71110fb5b97567672d956fd7df14fb3db2bcc80c1a33ac3648664b5c36e45f001cdcb767b4bf63445a98a836e0135f8207c1296f517f214ffee94654ccf5977f3a6978181df6ecec511031d18f58c363496016750d1fe8c43357c4d855033bb3fe050b1718202f1968817c0e85ab8a54d46e48f636e069f6f2d6d4516636187b43bdbd9ed79447039f3bf77c2df92966b0d9b2bbcc323b68a66b1a780a5f232401e6e7101e79ad6947930db5941e000abf6a6f781850d11f0070429ed00d29cc0761661a8ce06e60c0cf6c754c8f45edce3908781c5fe4fcf4e6ee91ad54138cdeafc67a52760442d10423bdae21dce8bd142cde2357548b974ce15d0226de501f6cab0611e0205a90c917dcae9cf94366022fef4b172a0d6698ca32eb685c88d5855365447e8c4259a421deb1a8736ed97e2a8a7aaba9e2e07bc09892e1cd754a98b56052bc7f0a2ba8e7645da08222b652a1caf342580bcf2c8d14880ced522bf91cb993c661d32c28069eb9bf11c16f9a87ca2f5db71bafdff0eca1ae81bb66edcb0fdc02543435a9a226e2f619795b8c6fa4f83ee75058f775f937eef9c13d0e804867da661b3da46276728a853cca214710be14b7f44abb10aeddb8b380b52359de3b49fdc29a0d0fd8ed1cb77b094836e1913f2e22c9c8a7e1863ff41da0b00bf200f5a054c3dbbf2069c65c8bb7c90d170eccb7f05ce39d1e4337d0b12ca6ec265b11d3ad90d8e64d08a859bb2a415e9101fd4df837f64f48fef10e9bd6e86bb83ce0bdc51208670d79aab31ff0cddc4c3f5f252fc0064cea4f000ac8b9e15812a6b7f27315d937fcac183a313f65634df534eff05a1133839a57fdf343b6086b405aa975912f045c29833aa01ee3f526fd4ffcaa4977744d7318bf2e9e16f23c89829211a45816d10ff120997c904d1c8efd52531d8c0e6f2c8a6553d2c3948dabd51b48709ac905420b42333143839d5850ae9963027cb779be3e7341c5386f30ed3e1075b6b9965a581d87eefe1980cea530e0a96e6e661f0587fb28c6e70e85d842bd6ec144d5dabfa6a4e7537bc8244c5e56cfde53b98f8cfa6e62aed91b90ac25ff835a99312c5332901b8c2ef4873c30d42dd367b65a3274512c906beb71605e1eb7a46b9bc834eedcd4ef50781821ddb2abf0aa04519d2791cfc7482ec23391f633e3c3eb0c2bf8c7dcd6bf7b69fb3399cff7364a137a78599dda7b853e258f80c961fdd21083ab640563a553726a58101e6b51efb4860c1025625949a57982564e6b4635e5e67798acb8a17cd82375829d74f0b9b2cd666b2231f0afc8fdf77e0c04e05c1faead1ba6849e87dff3d0da74fdaf41123f6d7e3c4dfd1753ba33dac1799136769b7fae1dc99f67bcf7f8edf066a35b44dc137475aa0de59312d9669a4b95516c288ee377986bdf4d6d289bb4e4ba7cb4c480d3b367abe3a28a578bfb2244c64404c9b48fb9bf9720489070baa40966e9efd3e7b3656a6a3e750ecae12dbc54c301ad7d995381fd1a9f9327d76f85f1cbcc428f9cd0d1616dc876a19e6b2103dabe18ef5accee46fb7a33fed9c0f20712ecdd157ec90d1a9d3da8d462a6443ee26d35929afc7b7d727c1dc77708aaecd32f2f724c611bd234302f6a287568db9a77960cddf1be9898caa9425c9b559535f0bf2189f4db4824ca969b6bd5619cd1fcfea5d0857ff5d4b8ee519f3f887ab41da1e0d1aeefded2797961f97959d8c45cdf7c622174ea5740647d4235b7044f35ba0dc50ff618fa5f099d360747a34c75658014b2c69cd2e575f6e298aab1dbd17c51a70c2617a458b599367dfa0c880707b21736f4f4345123ca8e77e9ce7482880b79b828f0746e591637643a53cef767c2e5dcf6290f7f65a8294f93cb6a5b0cd634706207c56d5d01e91c3550b1726139e308a905bdcc1f367fe224a080d51c8b9e33d87ee31179c74972f22e5a558cf8a19dbd8456ce11d6b7da5c9e6156ce5222f6e7ecddc08ac56be2a47311b1fc0451ace933f401f2db6ac289ca68c21965c4162070dc3ac0dd36107661c12eb89c084960354358645682921f85174a569c804c0aae1b6449a7b38d11a90e5f71a74476f262493a9987dd5b691e5ed06d04eebb7b1a63e996a2e8987bacfac6ce56c6667cde3c7fd1971236b10a60b2e087b215629f8ada63720bd2f4ca6088ed12e64593f60b85232a96d5cf0c4be5754400145e48be683be5342fbe5059e42095c5092fd5e86d4c498cdabf7f2fd27bed7cf3c2994bd8e5ffe3ce90fff3e93e747ea04faf74fdf901e6a398ea25324624a18eec5b9005480a68c4a868b55a899c455dcb08b78392246b42e9ec0e3e4d406e0bf7fc095598f304743f2fa01ed467a5a4f4028c70e86224e1d4703f644188d5331e46fc7aa381369bc6647881a16432a25d1bfb0029aa9e3827995eae4437550563fd72ec3cd6fcd6c101e24cdcf198fbb98d2a392bc0b06e79e4c82dd1ce186059369268a4b20d3626f395f4dd3af69d5403e50d3bf33e4e3da19db9f8485b91be91a8c30b3d7c73d382f76f58b11d320b3758793bf2b1944db8d81269cec1c614767f84f72ca3f0be93591b51d775750ea59922e58e2afb33fd8613f1e5a5cb122a24e20a8250d48e0bf4955290904380957eb1cfd8989e707cc1604ae58094b7f4082a973f8fe0b010e13cf46d5b968320acb3dfd68242932ceb4d5603546e4e4f7710a9c99895a6a8d375f1332d6435077b6efdc232983f998aace518e817bcc96fe972d17e6a4285e2a0ae34918e48cc030bb123635b4c5739850d3fa80b11303d74c7732d905681eedb96f5c50299bacb94c2e4a159753258b09f0ff870e8974db4fe97a354e19ba6b432336af1945d3885440f8496f08fc5af5a9141171e204ea5da6213b4affed05645f091bbd6f1fa0d199ddf8c08eacd5e0bd90d27e026ab9220ef8fc33d4c0849b9be35c4286da1090cc4781d1f0d63b6104092e08f629f3fc5ce1696982ec4447ab85c22994e9a06891cb911deeebed52d14a5f2d31b7fd223cbab8d58e0f5be83212b148ac3893b552e054efcfbf66670f481b9ef4198e8a904063092ed110bd32b0c743426bcb36a26a44814c67b5f537e26effd70d0516ee180d3982372b92153c937c731b768fb6985174477c838c54fb37dd9d8d15b1619f81bb3f1a1c311428d7313d8c3cfa932c6077c64c03c2c0501cd0e93005487c768d08915413d1844b4ec8375083617237987c5210ff84d0766794890c7ec167aab4b0b790167139d43ae2319306850789a4b4dfe9d248d9b05f5b949ee36d41664a08dfb27aa4fa4d4c6a50a5fc752e15df9a7f579ea07d22e8efacad645bb1a0a9f10a50240f116ede6e4647fdb33040c544825e8bc9cc64a1ac43211954405908ca4d64e17964a56a13a3b94abd4d55ff93630f36f7d54e74f8b0a487057f91eb3d24617583de669905f88647e66c40f3a3e190112f188e62e9e6918c745bb0b2254096bddeff3b1a7856c22a039f77001506993cdaea1f8712bcf5c4e987b5a352835b4bc9620e646ae868ca131986c8b48af3f07c665b0dbb29ae96d9931c86ca05fdac16f496936d47a020e16ca6f987a03c23655f06c61a5e35e8b17958dcc1da7c1ae2cde95af455b9c891f89d5e7a234fe1ea6bba864de509e07eb7e08f0dd3cda341a52ad9fa074deb12b856fd9d2e6abc6aa3815bd6df2bf5e5f06363f955ea9ac1d72c3b2ec33501a553fa10b2ed6446ce2323dfc07331a5a3d56c8bc43287c2ebd2e82211cbe3f3b331381a977722459e0936236c7d5ddb59b54a89d454e8abd1db3191fad3c035544d0063dc1460c3798c0c6f902feb83a4c7d6a9768f26d7bcb5dab8f7d386fa1e3fedcda0112ee88f285f694b2f54e467bd584d8e2462826eec9c68334a50ab17c9dca47312e9c25a127dad588376f35b537d8ff7869bb1222d2e9e5027f4e43943d89ed331bbf3e3f862956a7a4db70efa7ae07cbfcbce38a1f2823936d4c59f49cacd243d5d096fde05c6f8816a6a2a3079599e944081f61342ebc4da220373aa1758555ad68f6391c2fbc32a0d966788455e8ff2423b41b5f1499227628d671d88e0b509546f6b383fc1c43a42f6694f08aac74303d67fa25d0611537ab7ac2d79216bae04cf9c9c3243b6afaf5134197b41f94af1c73feb56a074117ad2096e95e4082cf38928f3c4203ea8371ce6f4f7f26d2c386fd4e76a7bb6d72c9fb4e58d1a2bd41bf0a4215786fb18edda3a7848b71b05f2a74c3493720c047a1232bdbdecb09d5a5a57bd619518d8d2552aa9b51ac9d4876ca1c1ab83a5decb5c5f9b4720708797cbc9b18f1885e2b36840e9f6fedf69ef99f21e13daec2ca5505785fa8fe616fba6b95728053f2ffbbd4c54ed1d507f88276c7d426faf614c7e84b0f82ee39285bce85120fe147270fb979030e15e5306ec83f9242f42644bef030e81ccffcb15a79b477c0ca8c80f1406c0fa49bb3224373c549333167e03d3ee06ae82ce1624ee413929abeb1a33f86e8dbd87f438524674c7762c4b049bc1098b17196f63065c6ac1472c7fa0065fc36dd28e3af3c7b460552ff2e473a9dc70e004aadfd2720693f8c72befe77cd0742070514cb39706c38c436852df0ca00c7392e02e3d4b90b08358fff06ae0d3c77c46914198482c36894f5c68d80d26a32b0c922e2a9700f9ae303bb391616f243644bdb0975e5381a36a87ec0bdcd1a82db6970f0d527ec252885f0a41110d0eafd288b34998699256bf5c508fda128728f8602f3a42e33aea2b9af32654a8d2013fefb47e44a8e916f070250957a93f702e03131947eae5e58f8faa8f1b59e97deefe8bcb9a4d488dcab6437c8dae5dd08e1e86193c9315411b8bb580e92d04685f4c170e971a018325ed860e1ea7a285e513e1cbc7b5d736c23957589b02494feaa60bb29f48125c0bda53e22d6e7d4b4e88988e6232eda016f42d266a122c788bcbede3a8f1a9f1fed87f699e29feee41db00518233a2f5cffa18013140ba87b48b2a1f048a7c0623cd116a3dea425d614fbd34217120faaa8d04a0f4f41b9a1d79be67996ce86429e612df301555b1507091cb870275d82a66a0d9e61749f1e5d19d01b49fb356c49564845344cacb9b83250ea3f027f4ebd83522e505bc3c42c135b6a7e4a4e56ed078bf83b4441922b0774b4a0d5a792f7552d8729892356e0e6d02b33a08f8c07bbc4fe072dfe30dd414877154a570930ae63e39da034beddf9e0f41a81157b0caec02ff6eddfd9643df9dcb806b22813a5ff60ab637d3674466e7b84baffc66059da2479e10cb1ce97220593b908e69b3a263f6332f779509babcc59e8781d32c7330f95818dafb59e212d1e92bd29deaf3", "b6bb7536135297f7fb18211affb3c23bccd2a124ef317c6f4bc333a36d18c9005814ec9b4285e882c650ec8e00ad7d64d41f45fd4c316d2d64af8f18ce8fb0a536c5039d2329d14a8fb9417c46ac7af28bdbd1130fe89265220b55b5ff44571ac1115cdc1b6e3bd97a765054b042498931c8ce71ebccb7a092d5212162da2fa8ea89d6d248d69ecbb1c4011b812fa91bc549cd7d1bbf80768c9157cabcce5dee21b26bc11dadf003aa65cde39ac051c003fbac1d19e1f37b933cf2a4f141aad16f1ded4ac12345b5975c92a643b7a0492665d77b5dadd19d313f8c1095b9fc301cfec9a7b40d6ea1c95a45ac2f30115404bd961b22f750dadfa30c89ad5c5efec1782713687a2dd36d50bf23f8125a04939ccf5702db086f2ebe5278739ab60b8ab679acd68f798ecb569d86869a86474ba69d842aa4b8d622dd441ab46ac0aadd60eb32e0f423171f62880e826db8ae9377a104efa65c743f5eb3597d77ed357a4067fc3314720e6c46d9671f3c2f997823601a113de05bd4240355f5a53664244f428dd885399f04bcbc340193ef84593bf9689dcfd814a3dc2aa1f56847f20daa1b6a7fcf5e34cc5126bb4e101228b9bd3591cfc19e18f8963d02067fc60dfd46bde1d3c0c59761010d6b6374f5eeea92ce64950c319f2ec6d1e57fb64f327f9574447d10e7da96f1bb4860752bdb132ad3de2f256114125c652beb690b149ff19c342b649f6132906ef98cacca3bfb57bb07b033fa99f5ef8a1f1a02c891d8fae0353fba26b86c94c3f01bbb39c7d6a6a0ebcd30ca091c340a40e97dceb6bee0af5841ef423f57f60ab84baec3d984d9bace45b2de4ee9bc4c7bc1e37a6e6a08aeb556869d588c6179b20d40b2b9071b65562daf84bed29fea467fe93c87ae64bea29ff9bfa7abc1b20402720a0b84694c8ebe46b39d4f93d58ac3b238264a5dd81d916f1a68cde458704e705ad3cedfbe2b521135814022062500a62bd339169a51ff0b9b188e48eaee454f09f7d6cbb8a9ae8b60576d82236f45921ce077c164163a34d7e3632fe2521528d2157b4c128f04fe86746cedbb7816bd634d8d7febf18c1f290c79e03fffec3c290e104b0eb5161edf339d25355f3b367e3a59e8a27d2bf5e891f58895ced6ba4ceff7af763de3115857f7f8a558a917eb56c5a04e55f83bd1936461e13971fbd1d27454fcd24f91ca22e3647fb714a9ac8551acec224972854b9ea8e0448d1be80e0b3a60b0905ff6cc16dfdaec4dc34b3d7080c83ce5a63d5015702670e10630882d4be9e94757d0e184f0db676fc31ce86c709c2c83e15ed200d7a157f87c61cb9deb61c7c3eee35ac6803ed6e83ba5d51335dbf13fc520a1c7198925622f40a3f69a30ab8ee0666f3c929ddf937cb42d471858902fe72b651329b625023516761b712902e613487bc08ed1d8ba5d1bdfc097b7925f623253c592a90a8829e51c0bc310bbb22a3721a2b7e2467fb24a2654ce2de276dbb64034aa9098d3302569cc284d38895d951758c66e158526eccb846bf3f34ecbecee49b24005ced5f2ff80997e7d7a5a50e4efc98dcca27c1071c410892836eef2fdb3515d0b64dfe4a8dd0db49d56430b7a3a29c8fa4756adc009eb6f9f6ab7176261dacff5a8878a22e3116b956cafb05a841fb110edb0bdee69dda42ad88a9727d78ea82616339ca1c1263ee1df612f478f4d52633b73eaccd44ca0b84e614670bb40334b179bf5acf0798c08a1c384f340b15f090f9fb7ef08b53dd0a54d871230ef96a0529e88389693a717d7e2857af8e8b37ad73a5b60d3f48ebb71007b166019ff1f481530eabf7fc209a394e47275cbb8a9b0b3fd1f33a61410c64e43c66a8da5289588aa20f20c77db6ed63223c35819d52bf0119d2a313e876c6140f8473b19833e573c681897faf7f2d53f58dc042a57c23122807e6b8b0b9da466c9c42fc97909cc8a20bdd3c69f4616229022e8b09942e3193e917f8adf933fd50003d0f79fb49345a46f7f2953b0c30f0f5a0633780d93dd50c2326664d13e4315bb6658220bbf82314365b0f3bba3ac7a8b5646bdcfc3b8ee4eae48875364accef07092e07e2381f60634fc3117452e5d4f952d810f62d8662db8b571afde149963672241103f27e53bf19e8428752e0b020b5706646f86f4a832c02af835b585519a3fabf63905f94c35bb52aa555a42979eefe75aedeb441f9a7001cfc435ab8cfef11bd9f056f4ba6452a2f02dbd8058086d39a449b5f1394b9da6c3993b464c7a7d1c0b42662c0f5433259bb5dc00871814d4e15937fc00cf295a5a252804ea860fb380a84e2e438f273e36d5c60881a775482c53f3dfeeebb63d7afd57563ab28084ca684ce666deb7143c28562ec771e57cc5a15fca106372781e9cb158c29b0b014d00935eea41afe1be212233df4932fb9e1b314742cd8ee7e2aea15fcbe962ab9cb46b95fb024c9fcb5edfe7f7b86bd9372be38ae176d367e92fa78f371e8bd5089985bc77994e2221603898b8147710f1cd2e90c2df1b770ebf9d059aab326d390010481ae7139f8b287d45d3a4fe7b1ee105da45edee0ab3f0c51582caea0782509adbbeaca312c553b7765dec0800ba90e05ea9f734f8ef773fed70efa9bfd72d824b85e06275894814342e00f5555666a23a209d0fa52516cb3c1a86385cea1244f67bc2d9cdee3e979dd0a32fbf667dc881d4579fed8c799b309527cf0bd1d674e5ec66c62413ad211aaf5488ab74db067618a56624757d219e6ae0f523d4010a77620b5b654e5ef48e5decf2ce33708012ca754d4d8525eae762a8c23bc7293cef1b086cd5fe043ec3477c82a58eb6f3fc1586e2dfdea15fe2b7ef57206c7cd053090bc9842af83e02956a979869e5ea48eeddfd1f606575f4ff113682cf74fe72f673d2d71bbb3a285ce0680130f2ee5ff6636f670438f76eb665857c9ea0d70c0e421e064fe14e14abb04bf96a5bb6c794731e52f0daed1add7f2d1840e1751b50487c5c6d1d8342f8c7f50d2e5e212a7e450b5bab3fce66cf6eaceb8f5c60ef70dcefbafa805963db096d934ad5566490ecc4a89124ea249cc2be09b0bc7182e527fa901a49f9f4390260745486c8ae318a0d89be4ff36e952d7093eddb0815ca4bca01da527ea8b67eb5d67d0bfe0a478b65b58a7763df146c9f7377819ec4a1f1b383224b2d6c8ed8f1ee8fba082bdad145e7d2555a7976c8014c0eda9d59dacd9a1e0834d026549d6b1dc2cb47e0b77c83e820dc51009ea06be598fc43d48a9ebebc408398543e320dd59e01bc403f845bb486bc1a0612be8c05b69c87ea6143023bc6e320ee27213ebca8822ab982e2aa0835f770853336855393ef172d60e2963fb22973a62f548f1fe56f7238fa6bc08b1c0b221ded2b352f0e3fa63c1292e597842984a10bcde9cbcd9436a6dc5ee7a3abbf96dc2dc511f0e3e5b1151034fe8afc489b4810a4c27899901b1b7a1a1fe9085a366ae3e2c238a2d7d24d8f940096d2d284226f8a83c7fa901528b3daf0f018a68f982eeedb9fe8c1017acd205954f422153383442c06f03f03731c41df3ffcbd7cc3935ee3c2c504a0f592a0f65995f4700acdfe7476281450b5ff41f2109b29d23b0749c13f1fcc43a9eb12e1d147156aaeed916f9e55180e0d4ad7eb44e12b6bfbfc006ed5fedbf0d749ac5a59b8c480628295641abba9989d704322e0dd25c6d8dd7e41ab3979d634c44c67d50074fa06efcbceee397d38050b5e02f6a5271e72b866d75f94e4e268accc43db4757337ffe562c6621fd9e9da082f9e9d07b973a06904a886ca5a145e8fb643785f9d4418c79bf7b4b9aad46892e86ef64e96378c83dbd035a0fac6b63f6778c078b9c2f31d9f0f196c40251939af0abd5a03954911b7612245a808605a394eb7171096aa29c8226743f26926691c9ea78df46b1f5414dddc362c1e89a16d1fa88f6b1b6c6f3d338498db2d17f9f2ab4a9896205373e926251302a1b01c942cc621ad289b9bc203f4b1dd78a3550c76b48aaf57f1b8d04e620f4ddaffffd5a0d8f0f97fad4edeefd8f0606caa88f942cae133df62a84e273f45903736a0b622a15ad4b1a75499c037781598db1473487b2527598a75bb066eb7c52c2a3ca1b427a3d7c5ca4c53b7560502521ed0780c998625d463d8a5be302a9e7ffe0a2bdbfcdf06abe5b454df30b965e232893039a2ff57e087812cd526a63c70e281f6e3919d78f93cd585ca373cc48a6d7248294972aa98a5a6708fe303d0014e3793274d45a4244217be744a75b005ce4ed463faa074d3730b38d650c265436c7651bc53314275656b8bae76ede7d3b03b9ffd954bf609599892c750f1bdb41667f35fc872eacd190ba068cf26759def6f1ba5a73f1b20178955b08014d98a5ab8ea5bc8e5dde78c34793f4252368f9f1de3d57cb0cd32a58b8b0b40130fb996b9ee929201e1d0bf59efa0a88450e02b45d1bfe54e8e852643789bbd0ba2a459f93197c9d1d00632a16f9057ff98a9c9a8f0efd6de538785d129a395151276fce4760398e18c4e0dba2a5178c9b46584303839ae493c9483d9df0866ce1cb226f8f68040e29fb6ed3470106cfa268d36c2b161361384948f9a4b7f1875535f4721b00c9ebcba9a7e087cd29fbcedaa096dc6202f06c9549d56c0453e948a0e9584924cb397f49dab0ef2ed9ffb96cdd654d5580af978df09313bc14f71a4ae1327a460765f1ee926e897ac239116c6fdc562b0b9dc0823ded07cc2ae673ed5e818bdd2bcc7c5b549efabcd04827e0fe3674791d9bd40fd4ba11255656e70c020fc2d8c54d7dc29a1e2cf0f942b4027b38955392b38324554a87004c3ab2610fccf7297d182672a20f8476d4d9a845609667ff6226929c1bf02efd19fa5ca98999f49c9e0d05df0d664c102a40581bd0fe62740f4ccc0fef64bd1599708f0eb163a52e984830ae3f91d9a06810c66e7c6aa4171b5684c2a3c983aeec8321650c9e886d9051dd95ee0d341a1841ad7722fbf3e5982b4812e7323b6acfd3e3ceba43549b30f35b2af18e225f0fea476bc97c5be353c1b788c1ec7e41993cc7c795fdd3876e573f2a5a48f0b72fe13fc02105b50ede310e7b49f97788aaff3a2650e80ecbff65e005a3b9d54b7485e7cfd24cc8cb87321ab38c072b60c8f79d5da764523aad32c32a668d75f89335d4230fbc0f9c2c85ae125b234aa200151df568fb6d92dac15f54b50f5014f3b39391580186519c6eca27ea386b8c7721714df0ef3b238dc0050b5f638423233c62569a67d64c68abe02f38c51700125b3cf1876ee88c952e6ad7058e5fc79ddf7e92c30e7ea48280318312761b957023320c0e0f8320b53857e7ecb9c2892de60ebeff9bad85db768a56f200a86e6b69681c456a5c2c73b1f029ed89d752f76b1a3b11bec6ef80c4bca4678e7fa9ccf0b56adb59e560f27dbd255b09ed84103ca59b34c013e6e9a7a18723ff00e13f851633333d057efaaadab65bd1c6a18378dadbbd2c4b11bc6bfa29da0fbd2834bc26d0271b709404077cf4647b36056082637bc2f5b9d2ea44bfb4be7a498af0ae7fb5568a0316021e744081e59d0ddc12828dd2bf2678309b439d42bcdc7afb66a1f212e3deb11e19ca1fc6e5f53cd59e017083656859bf61cfd9c57188db7a0a4965665d409c9ae56e7a4e65b61042c65db7291cc17b401952bf228d8fab0250418e5eba38fbbca9f2d49297ecef6f186892a2750ee54747d472d81bb6dc848a8f9857f4384c92e05697bd3e10d3aec385391b"}}) 16m51.68378926s ago: executing program 2 (id=845): openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) syz_clone(0x2000, &(0x7f0000001340), 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = socket(0x15, 0x5, 0x0) getsockopt(r0, 0x200000000114, 0x271b, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9) 16m51.353663716s ago: executing program 33 (id=845): openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) syz_clone(0x2000, &(0x7f0000001340), 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = socket(0x15, 0x5, 0x0) getsockopt(r0, 0x200000000114, 0x271b, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9) 13m48.307812438s ago: executing program 1 (id=2894): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_DEBUGREGS(r2, 0x8080aea1, &(0x7f0000000080)) 13m47.130925992s ago: executing program 1 (id=2907): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0xf1, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000640)=@vmx={0x103, 0x0, 0x2080, {0x50000, 0x60000, {}, 0x1, 0x8}, {"d07ee5110000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f500000000000000000000000000000000000000000000000000000000001c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000057ae000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100008000", "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e8ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007a7f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000"}}) 13m46.987603918s ago: executing program 1 (id=2899): sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000002c0)="6321a1780e3fe8d9098f1f28f3c1f1895857b6b4afebba414b5998fa7c73702eb715d85b6a7709a53bf91325a9fbf7387371592c3533a8a34a28e9364405bb05cdeedb9ddfbe45a6933c33e5019991d691e8e8817a584f5392630d34c12a00aac5c546266df9fbb755447a0ff32acb32fc4b9c54b7fa15f82a9848478df5354f7158ece711c634aead9f427b8a3e580b3bd0920814473069f285753c945e0baa9072f76c542acf2986649075a243126f6d73", 0xb2}], 0x1}}], 0x1, 0x20000001) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'gre0\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000140)=0x8, 0x4) sendto$packet(r0, &(0x7f0000000340)="05030006e8fe091c6202a0ffffffff006003000000007f141434e3177f43055762cb80948864113b022543424aa608", 0xfef2, 0x0, &(0x7f0000000a80)={0x11, 0x88a8, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 13m46.886006796s ago: executing program 1 (id=2903): mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='proc\x00', 0x810c03, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000280)='./file0\x00', &(0x7f0000000180)='./file0/../file0\x00') 13m46.780017531s ago: executing program 1 (id=2909): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c03000017"], 0x34c}, 0x1, 0x0, 0x0, 0x404c831}, 0x44) 13m46.309871077s ago: executing program 1 (id=2911): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006007c09e8fe55a10a00154001", 0x21}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8001c00180081064e81f782db44b9b545c7910006007c09e8fe55a10a0017", 0x1f}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000210081044e81f7d28344b904020000", 0x2}], 0x1}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x33fe0) 13m45.926668538s ago: executing program 34 (id=2911): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006007c09e8fe55a10a00154001", 0x21}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8001c00180081064e81f782db44b9b545c7910006007c09e8fe55a10a0017", 0x1f}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000210081044e81f7d28344b904020000", 0x2}], 0x1}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x33fe0) 9m9.973063517s ago: executing program 6 (id=6175): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xaa02, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x41, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000007c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 9m9.539872621s ago: executing program 6 (id=6180): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socket$kcm(0xa, 0x3, 0x87) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_int(r0, &(0x7f0000000240)=0x2, 0x12) 9m4.016098871s ago: executing program 6 (id=6219): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000001c0)={"568139cb5050a7a31ebfc4330c2bf68f86101d9a301cbe14b15f4f23031ceb319db01a783479d6b9a1201fb1cc7235f57f425131b1d59b14c7588e103ad23d61fc6b05b60536a1611da4d3a6a06d308650343e59d307e34d8c2ec3ef05629a47f994dd2e9f8b9ce05b338ae7db5267bc4082bd43ca93b78947a7c79e82df466d4fee2b222f1ebde976d2272a4f52329796330ee917cc4f5b3ec45ac1ecdaaf3dffe03c40b7c209e44cfeb08aad00e1b48da4289228d7d82d4f6a661942ace64f115d3cc6ac80f74420c390d89e7ab2133567aa41047d775e333184cc0b468ec5eb9bc3cb0fa00516e5452bf32a9e760f07efd5a5e5eb37eaff28ef92bb59498369808bdd310a4a95a5414a8ff450411ff67d3167eec8372455a19c0c5a608adfebded6974660fd85308a07860e16f62963da37448d6e1218f2092fb3d1662804623b63a07f3e5e881df9a5ac27ce3f1519003118aa6170ff423eb292dc70147bde37963f72d0642660e7107753167886fc10e108631a9ea4d6752145b8646187ba7e152b6bcbcedd6b83fb9435d5c8e8d5d25a3f173745eab94a4a296572d459a50d622c8769dc57a7cdf7efe9f259dc36f538d1836362f1bcb2c4ebceae7e3655d5e98ba481906f284bd03716c15894eca8cbf8302dc8e2c21736b697b5f868e8af96fa8bbb1ae56571616a70ce05970d1e4142f303f7586fd2fc6f0ee3dce1db6524dd6aa28faab046e074df38430a49e8a6dde71028f16539744b7867e19c856e670e8b799d52da435bb07beea6274bf512e7d6ebb8ff8f83a52e4d13602e7d4675a798a12c898ad5b00caa34313ff8fb6c3407cf815eca9795cffd9a24959653cc816851048ebf0772bebdd3ff9b8cfbd2c65c30e41586b00a14943e4815361789158139d440c4f627edb8ed59e1ca0bb0c60106e09635fa9335677337c554db885f75b899638e8df1ea9796f8258de36636346ab768856bbdfc51843a53701423d75c1f43be24469aa03d366bbfb81218b31e5c0ad716efea52175c2fa78317cafb16ee173eb5e9428509ca4c8f9bf798adc7da1758a9c0334e44200c0578495ff805fce84456205caa70f0976a8603f84cb542d0df1416602321c587556785af525ddf5548b4f51113c52a7a17042faf6c8c02d8d1835e0f67f60ab392c20fc12188db029e45bb77cfccc423671d52ec5a92d08c2bb27a676b66f3b89ac084d99e3f516426a015268a1f3fb91b13c8baba49a0765a305c13cd1f47b3ea7a6393182759b614a08d36192a8b68abef6e5c16849452c74af3a9f854e1f2bc1c2eac2f055f8ffd8fdaa6bb04a68850c585f433c0e6b8dba1401fce5aab11d75d2323d8079891175096e31013ca0a3763511c86f2fbc31a33458c52059ebe253dcd3e837fed39765a11842028df450479dd56e1325cd8d088ff12a8f7dd23f2"}) ioctl$KVM_CAP_HYPERV_SYNIC2(r2, 0x4068aea3, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 9m3.791393489s ago: executing program 6 (id=6225): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mkdir(&(0x7f0000000280)='./file0/file1\x00', 0xb) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180)='./file0/file1\x00', 0x0, 0x2243005, 0x0) chdir(&(0x7f0000000140)='./file0\x00') umount2(&(0x7f0000000040)='.\x00', 0x0) 9m3.693767529s ago: executing program 6 (id=6229): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000480)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0xe53729bd61505fe4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) shutdown(r0, 0x1) sendmsg$inet6(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000100)="9fa4e4b88e4a62334c502e805ca3a956e3536b0ab3ecb97b79b7175ef95365bb65a6a0140bb6c0d2ebc1b87fc2fe4adc7500a9f451bbd16628de26713d0a582eb8d1606e61b59708096fe236426a22f91c8f6ee7dc097e3a6a53450b6cbc80ecd08aae1bdfd2a52bd26a7558c90e7cd217176b0d2f549e0878bf41cf9bcb8f7ecfc32a440fed94e2f81cf6a0bfce6788f41cb25021de6bf2ee0151d18d415087e9a14011b91a5fd21250336e8de0d86db07042d461edc3ce1bd599dc72f0bee8", 0xc0}, {&(0x7f00000001c0)="5ff1cc35d0822e71a8806c50babf1918695bd1c4a542782f77553812ea0f914e04ed0ad8e28d6784dae618f07d8d1c93189d6c90de17e5aee6ec52574f63f295c8f6ced3e2f2e7469642d36c893506c7fac55a6634f548215c77aaa52ecf085845e5785c6ad7ef0798073b59327f1ca30a210d571aecb6f282f0da5a9a56f7f12ba63a4012c2975118d22a6b483536e317b0c19a503c4eefdca17c653cd6f187f3e346cce51e48251f512ef8fa563e0353f5915c36478821e2a897ec01b75090fecec1bb27ed7485b434533524e63c2baa9798cc", 0xd4}, {&(0x7f0000000840)="57e7d582bcac830bbb53f07a548e1305ebc65c3b03f2c717f6b8c852c6334b73b51baa6b114d09f72f7e235f4dcb7e96910279c007774514755a5ebbab4b6ccc71425b53bf4fbee80abf26c5ffa9162fe17eb7528a4e11c3e873db2cdce4831b5bbfe7e5b6f582ab48692b6cb86ea48b892d8847293a2cd456c9c4855e87763ec4b8d66cf0cb87300f91a868346197224ca62ec057c27d93c0d22a6243b176ce8f53cda1b882c71965d90a1620dbafc4031aaa24c6e53989b5fce05fe332ba63b9475539eb0aed1aee716212f4e6a06acf4b804ad3488f41fb3adf9dc1459c35a71f72b6e95ea0f6530f09b56347f8ff08e3e0f37361016145e1baa028e30514e6c3be8d81edf546ab8c602ea0d58727c09951f77cd93bf1f3985c6eb4bfe158115882dd28d47c7633d58b6e7e999dc1cb7f2a263d296575055ed2c167c58bc0652cce093fd63a6f598548f39da367626d3010c3dcb46c71392c9d92b7eeaa68006ebf07d974ef52d5a28d3bfeef34b78ae89fc0526766c480a956ee3bd4433e68fb1d4730fbcc00344895f955e1b5e7e645242627afe5a09a6a626c0d77d9c79aa1df41aa6654cc97aedd0344d118fba8766cbd1f469f5b3203459af538c15eabf06c01742ad7ce52abcab342d51901f9fb1bc2c32011b414b4cbc847ea2fc2c646f62679a251e887e1b33c079935a4ceaf5bcce9687a4400741d61d04ffeeb82f8bd3a8ec959f38ceb1cfbb2ea7b572db8ed29d6b724d85d5b4dfa7edc2476036216b73452cac2e4d7df2854d208077762867bd77e1380c92866e7a4c521bfa374161628f57af573d3208de9553a11749a80032d2513661af01d140ae22dbe4942b3cd705fc027c429a6f220caf3962e5da9c2faa18ce50b9df5546f4a62e9d33453b10e5c5f9643a308a4baba6bd440e1bc24be7510425b93044044c1ae27294299e476e597ef5fc02f621524a6ba4651f3698fbc293c3f73dabae7c8ec73ba905c22b3a1f2e7c45e6ffe0899c44a8b3438953ba0ff2e971630293bb814debacf680b8d4b512046bd1c0029df0c7b69f5074de9f73512bbb243f6ee7e67c5f89c51134eb182e01d0a8b3d3c7f1402052c1d841fc7530eef6c4bff2d6d4d349f82f2d834c3d11349bf6e42e11f46f4c284ade9ffc393c5fdc474a16ef108af27ea1970d97875668fd3deca2e9cc529a283678a782956bfd72e734871ef6920d4322702f1236cbef27a1ebeea9209ee589b392fa6ab51b3c020985bb1022304eeb13ad2967717bfba960b73ed0c0b2e69fd5b91da73d164f41565706a457ad0010febfbfbf9e469c8a486a2e4ab241b583a057599e257d11cfd53e650c08ca7290559cdde7f0efedfcdaed8aa1b80775c5a51af8a196672911b4caad34cd72c45a87b689108a133772d0f860af1a0fb24dff690bb73ebeb8aa8292a7703a7a71c4836b1b3", 0x405}], 0x3}, 0x80) 9m3.200503411s ago: executing program 6 (id=6235): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f00000002c0)={0x7f, 0x4, 0x0, 0xb9ff, 0x9}) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xbfb3) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0xfffffffd, 0x0, 0x0, 0xff, "0000000000000400f7ff00"}) r1 = syz_open_pts(r0, 0x101000) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17) 9m2.825665519s ago: executing program 35 (id=6235): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f00000002c0)={0x7f, 0x4, 0x0, 0xb9ff, 0x9}) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xbfb3) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0xfffffffd, 0x0, 0x0, 0xff, "0000000000000400f7ff00"}) r1 = syz_open_pts(r0, 0x101000) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17) 7m26.348087318s ago: executing program 7 (id=7242): setreuid(0xee00, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0}, &(0x7f00000013c0)=0xc) sendmmsg$unix(r1, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000440)='1', 0x1}], 0x1, &(0x7f0000001480)=[@cred={{0x1c, 0x1, 0x2, {r2, r3}}}], 0x20, 0x40044}}], 0x1, 0x4) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f00000002c0)=0x8001, 0x4) write$binfmt_elf64(r1, &(0x7f0000000500)=ANY=[], 0x78) splice(r0, 0x0, r4, 0x0, 0x39000, 0x0) 7m26.206306405s ago: executing program 7 (id=7253): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2040, 0x0) ioctl$TCSETSF(r3, 0x5457, 0x0) 7m26.050912707s ago: executing program 7 (id=7248): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r0 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0) landlock_restrict_self(r0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x1c0) r1 = landlock_create_ruleset(&(0x7f0000000200)={0x2081, 0x1, 0x3}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2) 7m25.973546838s ago: executing program 7 (id=7250): openat$binderfs(0xffffffffffffff9c, &(0x7f0000002100)='./binderfs2/custom1\x00', 0x2, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000}) 7m25.571854516s ago: executing program 7 (id=7252): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) lchown(&(0x7f0000000880)='./file0\x00', 0x0, 0x0) 7m24.695377318s ago: executing program 7 (id=7273): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0x0, 0x0, {}, 0x0, 0x2}}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000000)="0f73d0ad0f01c4640f01c2ba610066b89100000066ef66b8010000000f01d9642e0f20670f35eab65ac50038afc064660fee04", 0x33}], 0x1, 0x4c, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 7m9.403176344s ago: executing program 36 (id=7273): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0x0, 0x0, {}, 0x0, 0x2}}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000000)="0f73d0ad0f01c4640f01c2ba610066b89100000066ef66b8010000000f01d9642e0f20670f35eab65ac50038afc064660fee04", 0x33}], 0x1, 0x4c, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2m39.627346594s ago: executing program 5 (id=10805): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x4, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000000)) 2m39.576977638s ago: executing program 5 (id=10806): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'vlan0\x00', 0x2}, 0x18) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000040)={0x2, 'vcan0\x00', 0x3}, 0x18) 2m39.497868676s ago: executing program 5 (id=10807): r0 = syz_open_dev$loop(&(0x7f0000000100), 0x4, 0x2a282) ioctl$LOOP_SET_STATUS(r0, 0x1277, &(0x7f0000000000)={0x0, {}, 0x0, {}, 0x0, 0x0, 0x25, 0xd, "eeddb7c25540993ad642248c7b0157ce0dc9b4e500476312cd6cb416f686ce0058265f66cdddf2e9ce8bb87ae03e87a61fb648d5c6a3e9977956be87176a30a9", "a863a5170a11d26a730cb3d1e9fb18cb0e58986d58e881bbe5e4230de84eea7a", [0x3, 0x800]}) ioctl$XFS_IOC_FSBULKSTAT(r0, 0xc0205865, &(0x7f0000000600)={&(0x7f00000000c0)=0x3, 0x4, &(0x7f0000000140)=[{}, {}, {}], &(0x7f00000005c0)}) 2m39.420478628s ago: executing program 5 (id=10809): syz_usb_connect$lan78xx(0x4, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0) syz_usb_connect(0x3, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xb7, 0x9e, 0x69, 0x8, 0x2040, 0xd300, 0x16b3, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1}}]}}, 0x0) 2m38.886849217s ago: executing program 5 (id=10819): syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000000)="d2c113c29ca1f0329c09333c4e57bb838cfea716579dab7d1cbdce058b04b86cd2573f5a46ec9ad1bb3c276903ebcad8758f3bdb0ea994c5ea01d7771c5b21040018c812e3b3d2c92d14193a28633e7a06c3239d8e97c69f11a821f535082d74ee0c1925c46bfba566d8c9647889a9dde67089b24871471415a695730085f81a0b7c8dc2eae85ccd015b85d7d1fecd2528f2a8369ee0315327ba0d506a583c716ea4fa23575566c8cf1a2a844691717179b82f10998b7d540188e57e864820665ab70db2d483c4fdcb115ea6bbd4a888f9d383f6fea063635b69686590f540c638a77fe8e8cb266cf72667e61871faf1d1810c749c30c5a7b61609d81114f7aa0355967a7513f659d021338ddb687b0f7372386170902b612c56f58dc73a1ccecb389ccd39f926ee91220a5c053dc277919ed4e32b63da14781cb46227a71388f2aeb37e8971d4a554824bb05f7e6861a916c94204feae48f115680a40b7b2da6ec3af295979016cb78ee53d347a2a8de81c26d0468db8b59df449513e109f26ccdff64403180deba17211813b69ef3f0c42f498a6f3d05a4e7f47f99a8b9ff6bb375fcd1cf444a794a7c2a274f2786c8c220b1f80f2d0c1f311960b37357e31198a44f1e25aaa320f6daad7a42c0367de29a2d0d5567098dfc4ac2b0393a7accfaed79afeec5c9d526503e8fbbd3d1f6365c698775999e5109bada3ec51a9d4b884631086bcfa4fe99135a7c482d9e3d2cbd0a58a42f8cd737a812c21185d909bab234d412bd450da975be70eac2a8db479f7030ff5f41817cd798d59a2db9d8d829765459531044ba3bfa6fc89d046c75e707133e5211fd05d20f63d4f493b23bcd966e3f4314a512451b761fb3b3ed815da07c604f71d2a86937142ede6fce427766dbde15f74f2c45d4c3c08e815b507bb05ee97ddf7ed79ea2ddd5c6ef057d455d84c79bdfd6e68ba6f5cd806a6b9dfd5ed65e394554fb59df7aba2676779a547cf8a7c97379abc760e94e01264a2a23c8c63296ec0d9a4e0aa5c9c470fe46beb8db8322372f3649b7d2ad0b8d09e77e4757a2f40835860b56d41382fabc35d891deedd2168ff3b20f3345ec3238ce795fd9b0311fbd7cf10bbefe4e9349bdf7ea5294f3fc3ded1203c01c9a057641ea122eea48e30b942fdebdc4e7263353361dfcf3562eb3f7eb491fe5394ac1e9af734950b3de71b557bd1baf334d39c5dd9e6842a3ef24004eafc5eb85fbdad5c1e49f60f565da146b119f27ec9077774e21300edf2883f34e299ae0465779ab80ba2d097f5d791a72785f35090dbc369864476c33d3279382a49ac45be1706211659d6fac1ae12d772fa270eb3746a69082e67664f4be335f2d172d52f5083a0768e5d4332352be40eb41e3406de4498e740a470141032ea251c144cdb5352d8049281898c72f13a5d3509c9c77308fe45016abfd7d42b1a022a60b9a5bbcece7c0a10bf9f157995465729b38fdcadd0d977574636206982a6b4e8f24bc75e3eb054fb9ae81e878afd24cfa9756f053bb89f0e4a42e195bd2af8a91a6dd5c9fbccd938681a7387ed22a0e3a8284d3182aa7ef1905a267850fc405494d7079f6d0364287cf7b16dc2310b15bc49fb68d1a96075cb5f30f4fc2ec0c51d0b7e806e78f108f4060a55b8c23b3c89a2f2fa321d5138019c417a504d230ec496583933daba2998e20d8f9a2e6798f681e1d4df88fa4e084513d3648ed4f6624d8b894470cf325e837ad177a634bf58d21378fa0d3370bcb724fa88314bbd0749bbe6ff9dd5d7826701891c180278833c3327a8b1500c3e86fbdaacaaba0e0f708052ddecaae4fe142689c812aeccc7211f61159e0787a8f639d1f0a4db373c17317fea5d3ca1c6060fc44a2d02502f0230334acb69861f0cdb82220827f5887a14e7eab133ce4ecd9a414b2a6b31d8c631325319bbb65ad01aaea7e157fea6cbb434c67f4582028c32f5890ceb243dc972e61e122cb36840d5838dff32d4b613ae1909f3970404fb1973f1e80b0e388141b2e24d47276be045880a4ac18fd136c08cf266b35c75e9b796f6210817439833b613195fe4688b22127a978d20f8b32e3df3297e09a565e659857d8052bf69c5006c5870bd25e6c3aeb411553924d06ccb849cdeca659448cb220d259b4ee20d256d44149814b5e13ab365c448369a43553e01874acded99d24da7d1c9c283dae95b0b5311344af85c7c9a8483fb18a5bfd7a4fb4bbade211edfa4c30f3d1b5bc9672a02adb5d638faea66424e2c82540937dc4cf21392fe16e05811f1bcfb83132deb1cf2a522f9b543758b25d6949400af5d2a7a566f4ab0f5fe0b0a8e8379850e3ed78cb823f5b59b3df4de700427b197720ec69b86c76080b2cfdc4a2619e9d2a901e247e591d79dea91257c0d4a3c7ebb86af42de6833aaaa2d69b71e684236705744b79c62079236759def4a37a0b97742dcdc1af8e54385ad496af31cffe7539e4a69d65ae28845439e5e3eea34785e6065c32f3c7b71ef4edfdb16ca9ee9d5d4e066a60f9919461ce932a61c4100276dad7a22447c681bfebac9186f23dd38509090e0c0fd60219d33174d0d1f5a2b3eb194ae1c7003b159dd560e909fcd0b14b803ded8a94f2a61ca59f9015a673c018515b7605512ecdec58b60aafcba88e88b790e6dabc09a6721613d4e60ffd8d01b07ccacc1c7f2415347f5f5aa9eb7e5d27090403a55d0364721bf0363e34bdf9d92c8e83fe39e8d23e0a038717c00f82dd27709ea69a7a857575f0e039b067750b0e226dd01091b6aecae409d563a72e0805c8c101401a9d4356c532ec27cf25ad0ea92eb137e5bb367623155b3e62baa1cb29d86e4765a635d180d26f37f58a24683494cca93547b1f9ff0cc81c085cc4509b746c5327f1f169ca3bd059d324ac91e3c05bb225e5f81655d2f5b5f0cd6389d35be14f63cf76ef856634c5c42f5f6763a457be1745d9ddc4e7a77cbe86398585dd18159eb7dadc2da143cabd5794c4caafab774c5b0ad661f6f9e7bd5163af6f214bbd6351560cfb5e9fe42d3b67912e0bb52926429a43c27aa6c52e904660029285c4b763d6becb5cd4e9a029fb092ae20df18e073627d896a8de5f89474cbc2d2a525edbaa635a9704ec9f30bc0d18dea437a986553da723befb7f91d73a9976a528d2ff2ff80aef0fb80b4c84fca0d810e1f0c3857aef2616c9908aa7dc6a02e28085ccbb88e13c8c8c1acc631e4121e39b453a5897602dfcff5629f88d75ae7375cb9d08969dc6e870870c7aaad3c62f1f39c363d7edfda2d5ce1e9e62b25cf3b31bf4da9b90616a79d3be8f031837844c13fa6ea8af83db6eaa6abcb5158c38abe7fd39b8710c7d8d830ac93d5d3cec1d038c7947861c4ea118b3c205be5c441d35ef856c9a81f970c2850397e735a2fb991fe2dd0f293224ed263963a1041dcefc67b77b25b82d6ab047eb282702ddab528cc4bfb8c82d86352057e893bfd4b41e3396d64d7f1a78f6a0d4cd420d4bf84eb791a513163f837556c1a2e7c4e84ab9bfaa3a23a7114bfd301ea1f6b5e5c94e076e8f42a4da7e05224589005625245672ef85a11d6ac4b379b72660583ccb62b3d6cf00090c9c0ef7f3e3bce7bc6e10baa0498799de647451281afb45cf053c7a57eca0732a8f9e9f02437be51649bc7d1a391aca1561fb6b2d47817394e97e426afda0fb9fdd248579b8eb768ef9e249dbef8b0ebbd0e8dec2f149e2356df3a9f728b5392875ea476b54a1c990040ef4e63373566611c5b555b5d60a0e69f32e05db3f9047ea3e261ee6e3d87516bb0fff783333eef6444c8d9d17f8b23514d6358c62cd34dbf0e9dd60f54f286c533d68f2610c82eaedd9e512884f37211f190a08cd3766c7ca6a5043ee9dbabf5994c48d03a2fa5ccedce7ffbe9cee1e9d54036ca4ca7c4fdc339011448c7aad3d14b639dc179e7a97f03b606b0e47a32b8c9ab82c59fbba5e0ab663538aba9ba71d27216614f59bdccb050cc2512f65f465e8476d36855df64b8bb181907e91f45c6262dba02b35dc238bb32b9cc7070d31f7f95f2193b5fca347874a64041ab629cb5c3a3d77ba999793badacf01c4244ae13c0d77fe01fae16c489fcd58010afc3084ffadb9bf7264f23f1ad0e8d9d762dcc431163c343054181812c9cd1a6ecdc9964caa0a2ba8cd29271e6824891129b89efc1ea2996100f1932940a49a324e8eb688d05ac7d6ba273aade15c2be8cc74ef1eafad9b9ebfdfa36edc5c6d109485a48ac6a8395ccdf23779919953cf3c61c3a635c7e782f84098f3cc6bea7644cf3924c2352c97c76bc7141227dd29f1d47ef209adc3aaefd8cf204fb265e6b262e83736c2f26b22d80870af83095338c23a47a5a86af2ae7decd1aaabd925ae900bfe8e82728e14fd82677769bc9962dbb507a61e206821ac9c0940b12d79ecb7a916b9f6573fa3d9a7ef773f66de8cf8db6536d986a29d7b50a2973d228ec48468c5ebec6253130c578e5ec2848b62e8e1082a3d584e84b86e24211a9546e1abf79e568827af5d9ba98ba7b33b5cd9cb7a81dc873ea11276049d9d6206d2ed0933ada7ef9b6823f24b756ebea834297743ffb146350f320ec9044df55b20df0ff84584c16350f465b5ad7d364f9b166fb534c2a0e65f6bb4d61feeb84463ceb4a4f7853c0c2410955881a60170b0bbc131f6699e2616752851063c7e8b0a82e4357b84e48bad8002610e5770c17ee0cb301f9dfe8d5cbb66c6962b5edcae17b5c5dd42026737ea9e2c79bfb9392d290b44d66ade6eb62e26321ee214a6d15facb7cca610b6209392179a50f3dcba1494d3f302745461f6172d329a12d68405be5ee05ad2a641a7aa3da1d1fd3198671bf1af5b39e2bdeed49df80cf0c6e0edc5c4812350097bda47d3fafb3827d73eeb0b29320c74dae6d4d61d8fc269652835f5a7f98710c644dd50d3af618651b41916bbabb9ea7cc46c8208dd7fb99474be66e1a970c899f17129a9ed17ccce0d93411e71b8f1c7790c787f7a97a50d54acbc6f4eee49a38882c34e3477c97e1c6da0b39a1e9d0d25a3cea9364033bf4f625a02412174d03dafd642526867578f71f2e52920833b8d23713d5ac48165f49545f6c7c75b5b4ef2e0682f8f2e191fdb6c0ba529856f887391f8d5aa3f7dfc5230170b97662611e53a4436bf4e98a5ceaeb16a79bb95f962b2675cb6da9f1cfcdc1ab604ef7749fe87ccb5a3660f463ff5f488b5c544cf847be84dab22d038730a7021cdc7f7ab714c1561c98a39cc92cd6aaf53c82b28665114ac18b2149ee7f1b52f894c28a49eb45d4cf6a0e65df39b3c717039ae41958fe810c1e05ad62ceef2980e0cfd891bfae0db61fb1c8d65b6812ef1bf5d426f955ab4826eae69f531979699685f5312882032a5f47ed8cf2e98e67d9f6c299d2060a04b4aa677500b48a33586b10f71293d57de846d2683621b588630a6ef06a41437bd99366787b787a68c71779132d0ee73aa5f97d5b9ca18a7ae26b7002512df1073e2eccdb4d2f137a15d9604e10547fa465aeb4f2e5899b531adeb5e72fb76c2c1c9d18ceb4a23a5f6174ba86a7119d82e35cb5a5d1c6a093351aaee0094b32b92417dc50c1d3806fffdafd2ec0e3ba176d84bdb7d59755e9083e61ded802e2a089ae9d6746f738b55845bcd4ff0a21888c2c6b972db043973fb323fd1c15e70137aa6a4bce3f60f27c1d1488f3751e5425a5776c7cc3a3c8acbfbd2171407e1a242e8e241e6e9e1287d8995265a8092ec59ad99652e63a41b744f34392017f29c1b1ca4ce7728200743d4497a70cfd2369d0ecf9e0ba6f28da25b2d918a06ad1173091b8d750b8c2120321818a0912bf47b96c9a8962930a843ea8419b24b8618b7b43482291906e151bf39d3634756d9e1ff5a6e787d1fc4be7349c38a3b882e059a5da930a9cb2a01eb8b24b54def2a2949538fc063542921947f1997dbee59842a50a043d431649ea0adde68c43259ab51592107b2618c5f761364d4d3d5d0f4d4ae1b94650cb4b695db5831c6dd789140b87525d9ed46fb8dce8fa75d68f317dfc3858d810928fb3530b7ae8701d622b0e69ab16cbbd46c8165c467850d081292da8147fe07f472776d1e2c75c17bdc0f8bafbc964da953a5efe64af69944f0f8858b2a4dece04428ede8967d0e93827910400af8a859b59579d9628191b291732bae90a3b50f8b2b7728725568a83e006ed21e940d4b7e7291ad6365138aa2d59c0b303cc298f7a70d0c39e4f17a878083631b1f96a65d7b4c5a4403929180694f55b71ba29685bdf472f0e21a1c8b3c2dbfc4892ffbc0f0f23f38ed0b785080c11b0766ffc5a0c2c750080b764df159e42ac8eb82681baec5b0ad7948153679162c223f63bf22545718accf2a30bc4402f6b54996baa00508c6def488975a2e2bf2a8dbcff49293e83f998f8baebe722cdfef96c46ac3d945d56ada194353f7cd03d2b86cb9844f7d63f008fbe553fe0023f6968e8bea9054ed3c567e5c55b283fb2337fbd20510e5e098537f5c1baa6b509f63b1e812840aaf470690894a2725f4460a106a3b0e14b12b47c3fc1a083ae7e8cd2e710b5d428b2063f7bb91105255cc0fcc8ac51398ec3df6416d283c4aba6ed44846e82be02d242c710c973c5f0a9b3b16da8a96f5cd2a164a3fa040075b0cb99944f1b34f7e79ae039d15a6c992cb40aa403de90992c064e1771f2a396734480f43b024dc799b8e242df235dc0d33cfdce41755722907f4533a1480d78e99320412326c27e15434fd3fdb19ed33a07063a8a62b39ce14be2ea1e0adadec65fcf4f19901bd801b87e90fc91f1270b420fb530b71b7aea9ad23c4a4ad28d4b63444bc2fa7b44247d5e9f0ca0209a489035b4521b5e886a419df1f9d0e27b9c5007ee75fd3909d4e0156973bdf2ff8d1a88cad1d534ba93648ecb34a30b1e760f1ee8cfb90c27c36385fd68ee48982e5f0c190e8786b7ef0e1dfd3cb1cc00efc19a92020b509d3e2c74b4265bdc765085bc49c6fc61476aa22cff375a78c59f33394cc6ff460584ebbd8dba2cbfe97feb1c9147068dbc1d3e25631ad8478d826d88c28b2cf967d07d3ff845cbb25699406d106eabd31066e9cf8abbe7598f71cca663a6f63bfb63caa95d3a363e69e9a3bc889d026df28c37e41786bf8c9a1ccc06c3499986a72bb10367f32b1b8a55365c2a5b46061b58b81c5da69ad39db6c468906f1c1225527f1b26a3dbad94b1419f3671086b061117206a634cd08beee1fcdfb4a3a7cc78b3cb1293dc900d0859505018b38033a1cc9a0051968af1f8fa60350865328b6834f9c30bb1734949fcdab62cc6904b285322da3d49f188019648cac314d65a7c57f4e25864f17e346e7ebbe411695a237622356ecc10e66c8ba33e7106a756b8d3abc1a1aababc26413adcfda74a59b9002a7e2e3edb3e7551d32c461c2e40c25cb9de751ffda44d7f353513c5bbbc473594127c09775844dec5dc922caea5532dfa98fe80d80243233a4f0c15520d9dc76da3623aabef3582380ca4d2f9558d6c71b672f259b94f26710aa1d933b3ad79c8755a96c18fcfd62a972ca80ea0d33afbfc80045ba7dab492aa06c73ea3a598b2bc6eb1549627d183c25c3486814960eb1e1b02200a92f51b8642683f88185a9ee91c6dbb576dd8a869e1338b81ec205d979242bd963308af90ec23e01d253a70440edd3ebfac8e489db0a70bb5c887f22e7a5de33918374a9ae5229d419b1948eeb23bdf8dce3c5df3b81d1a3e3b38e095f261cb9e00f5567413a5c13abb469fdf64adc830cc442a099609cf0ebd3ffe936d77d6099d816be2b4cdd31e4fdf5af5904120ec65e81138416462f9e9bbe9ba6d5980c7de01288bd9f4741848802c32f3774678367c70014e531ad7f95b5527d022232ada51148012328f1693b2d08b8eba80dc26d8e9fc369b410331ed720e410ded5bd03ce69942ffb97489a2c5b6e4da93cc73811738a141c3a16d4ff6edf2ad1b3d3ae45a21c5ca2613b92e7871dea89d3cd699b86520c80f6a391cc2911538f8108dc90203b0e74ee43a087e033265e0745a9c991facff49339c40601420bb72ef014bc4b9a51cad1dcde9f1567b4ae9d11b1416ff3d8dee15f4672bdbca4348e7e71f8d75a73851bc0ad539312b7d52c498602a5eda4630296fb40aaa90d8f6122da7fb56d02755f861df193bdc5effd8a0e54c2ef78a284f7543c2b25a81bf545be3a3f549aabe86700bf058877e3fec53813f9992814a2cebf341cedcad346dba70596da899add4d723d98366ab60997cae7e5b9d417252734d9145ab8c5ece5b5b0efdc2f2578838c500ee17b866323a951979c6f1a50da2833bc437bcddd6efaed0244df44e6069daf359289d9c50c073f0fef4be1fb3802be5ea643761ed6347a35a3f537cbde402911c28d7c7c7e6b8612facbe87221f3505ff078d0dbb28ec469fe6eba2efcb4efdcfc5745299c0850e21ee2c9ef77db8070d589c547cc7379b58677d16077093514849869ab5bf8f896fa933ba3edc676dcb73e91386cc48f01782ba635564e0f91988cf98a3a17544abfedcdc1d80540e9499bf98180feb80325194cbc369be3275ed390f8e91b8d75b1364e9fabe50a1e3b9531c3fe1aaf6523e54bb05738bd3a67ca5de01b2e479ef7678a86b13d6b747fb3cb5fe1be8913228705fc232ce422186cb79c3b66c944f6124eb414322806d47978044336221f26d3a09ed8dceb52e3c7e3413535faf1f7868cb47bbbf02c37b4cc877a1d5f4023083d5b36650b673a4e51387c64d44daf58057adaa5610d22a15329804cd51a42f663311c4e5ece9d99b5a813c4025e8e0a98c0f3ec13cf07de0b18d7e1ba7d3eb143f5825f62ae5b5f6d92b167f9dbb2177e84f23322566814296277fc2933956f818f5475b6aa031545e6e2265679d16cbedff96c4f419d5fabe99ee652feac8acf9a90771ab8ade8291b42d25ebbdc03faac02b9599fdb83621f6ae1e2e7f946520f3cff881cd600c17b4a00c08d0996f7d2bb97d35647f72b80ba8ad3b4a16cb71094b2d1193a5fa1456e4671788bc51c0d506f4809ca34620d4a75a62ddfa20ab5c4d347a08eb8784d4c572fcb473b766f5e1ce9d92db70ebee83accd58b8253da36b9542686edce545261f309144a3d64900f796620003b36ee3d44a06cc4d088f73aa45288b90476d2e1e461795d473d59500aa23a6b7724a2f0d6473dc2f0af6ea311a648e193072016e199b920bc8c0830ae18f1c17e33d73badadc0f9d34cd52b54f4d3d480a7ddfe0f140f8de1a382a4c5a722d3e0f875b69054d88b8bab94e9394ba8d28937f1ffd871d1666a377620e7f032633fe58ebc87e533bd6461b537cdde38352ece085378dd7b24fa3fd5a3dc3f5b77492e4fc91238a8bfcc4e20bb396bd3317155981ec593926f2e9f15e5ac1aa533e122441649a681d88142a93386a6ed6b2d5b18d7fb57541e31a69acee17345b08c6667ebbc53a082fbcd980b4751937ba729dd2fd9b43d06091517922dd3ea524db002db7525902a465081843191d2d7ac76adb7724ac2bb88e4cb2f3188dbf0cd47acf5011b4519ec100a44b2ee6a1dacac5aade2cdcdca777c6b5edf596b05691d247f671491f68bf2e113a7e8674309ea98ab794d05c664ade246288796270e10f4a308420a62bf0df1d1636330e88bf4cc78051e5f715c8f97b8a83119b3fb5129ac6d0733256bec96d8cf435fa005e14d88884a0ca24266a4e78e25e2519796ba31971e4d0cb44ea58c5ddf54a15e3b449642e395679fc5ba600cc6bb7f2b004bfb0d621e51f9cf16309e4a02ce4f23f4a2d225aa8c84840bf2d3522a5f7a983cfbbfe4adb62d6ea622ebb784072bc6673878c5eaa865a7657b619f48cf0c51a4b0d47b20f426adc7f8ab68238b97abf68443f0eaac3796bfd99e0bc644e4f6fc43e551eccd615db802dfb031444e09aedcb04846bb894a2cf42dd0a578dc94d727736e502194ae25bf8556373969cb7f27788b6edf5b2bf25a79c7f89289f827ed4be611d65f6bd89698b130aaadd0f2d914819f41a0185dfc73adcea80d2ee592bf32d15010cb32a95ef112bccb2b780b461637ffa1641d34e1b114cdd3dd1ceb365933efef1781f9ec620a73097594c945969c2ea036e36b2380b33599c3e1d4eb2b7f210324aee3bba5a944b71cf0246ceed878897fe00e30d0bd32b3dde08c8805e30efe39cbc9d11b97491d82fbb5d93b1997e5f3128252472ecd256b9f79611175b6f686629ee744d0ba2494607a4476ea5f934c936403509c14bddbc2403ad5d97bfed0da36707b66f39ffdcee7ab39602e740c1ca9761570cdbab5f56b2060db428921457445b15c4c92b9c4b0ebb0746936bc3053836fa884e97c96e44d18a5a52feca033ec4caf950927bf9a281ea1aacb2a8b1a1f74b20de25ad5f3e459ab8b61ba5d00eaedcb6b5467dcd8608cfd48cc8c1a01f2c9f68bc9ef9adf2fd81cb3e28277c52d58f42ea87c8896383c2fa88dd15dba7172990893fe28ad1b50095b2ca20856de64693f3a663be6e34a9ccbb09add5724c5599495d0c95d2b900444651048bf418070b324016678d694b82565931159ffc37d3eefd7b482c41637cdd69b8f7051b6e88cf87a01d26d0689057ca0f66f65a2c3fbca608f7dec52d8e41ea98d21be162eeb38b27e9465d5525e0ffac3bd989adae19bdcf98edc48ff9d9d2a2f0850fa2cac8421ee6e211b1930f9fe9cb7138e8058ae476aa93c0ca49b170eb4ebbbb6fb4020d000eae537b4dd4bdfc63e3fb281848c057b94fc14dc12f8833d5ada50c8f0178137964c3b1524c59eae7ae19066a8003b9f4036b0be91f6f24baf6839f360473907135a8eb777dfe4dcf18d15fb8e16d069c48c5a128f046667f66bb22d36e986c73d2ebaa1a9638a9e8c049d0c766e2008fb19c4aabd96e3443c48377214b01dec0f73538fa5a882553a60664e549030fc9cc21a74a73cf79cfdbbfa3676a474910a295044d804b9f6a30104fc8250da4efcfddc379c3a1b84a2050ee78b18ba84ec5cb4db62540ea7be026b48d2b9294f06aa48e44087dbc494d92fe3e8648792c2b9f5d0d580afac814f8fc74208239b5f8fa6c20fc75c9d73fbe448a4fd1eb1af10165c37e7aa72c83c47dbb92bf3203bc0bea3b3ae261636b9a6b621725aed16de5c33502f152ca3704b1e83a60cfc5807177d9e561b12f43c3ded0951c4ec7af0ab29f55e3745df0f10bedcdcee2d443c0023d7547018c94e2cbb04a5c67a81d33df4dda99f80777b1db00f91bf8abb96ca360353c08b8979d00860ee3af86988171d6739a0f546f64ec34c045afd1be790176228204782836484f6d118d734c8e1b302788aa20e704502da74cd11bc5a22bb717a1d10d5176a4426e88cc132479aa7e8370772b9776ea38d5bd217b08c50f94072acbdf93e732e6ce41f92159b626e59e39925b458465ec3b0191a56d8e1c3a76110200e38380ccfcc1a05f85608bc3ea0bdbbf326bfe003158c8c9e01e90a7ae164cc20de5b23146baa9786111", 0x2000, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000068e04d206f0e2c586831010203010902240001000000000904000002ff47d000090509e702008000040905", @ANYBLOB="b707"], 0x0) syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) 2m38.349759126s ago: executing program 5 (id=10827): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) 2m23.305298106s ago: executing program 37 (id=10827): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) 3.620208351s ago: executing program 3 (id=12642): fsopen(&(0x7f00000000c0)='exofs\x00', 0x1) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000000)=0x6, 0x4) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0xfe1d, @loopback={0xe0}, 0x9371}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x20004000, &(0x7f00000001c0)={0xa, 0x4e22, 0x40000000, @empty, 0x1}, 0x1c) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000000540)=ANY=[@ANYBLOB="4c0000001200050926bd7000fddbdf251a0904024e224e23fbffffffff000000090000008100000099dd00000500", @ANYRESOCT], 0xae}, 0x1, 0x0, 0x0, 0x22004014}, 0x800) socket$inet(0x2, 0x4000000000000001, 0x0) 3.508661945s ago: executing program 3 (id=12644): r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0) poll(&(0x7f0000000280)=[{r0, 0x2280}], 0x1, 0x2) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) accept4(r1, 0x0, 0x0, 0x0) accept(r1, &(0x7f0000000380), 0x0) 3.404033313s ago: executing program 3 (id=12647): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fddbdf2505002d00140001800d0001007564703a73798b5888c65f442dc92a54b22802707a3200000000"], 0x28}, 0x1, 0x0, 0x0, 0x4c445}, 0x4040140) r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$COMEDI_BUFCONFIG(r2, 0x8020640d, &(0x7f0000000040)={0x7, 0xa5d, 0x6, 0xfffffff8}) syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@code={0x1, 0x87, {"0f22e5c744240060420000c744240233d8cecbc7442406000000000f011c24660f38816810c4027958b20000000064449966baf80cb83284af80ef66bafc0c66ed66baf80cb8cc07ff8aef66bafc0cb8d4000000ef48b8f8000000000000000f23c00f21f835030009000f23f8450f2244c4417c50cc"}}], 0x87}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x10}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x2000, 0x5000, 0xc, 0x0, 0x7, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfe, 0xfc}, {0x3000, 0x8000000, 0x0, 0x8, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4}, {0x10000, 0x1, 0xd, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3c, 0x0, 0x13}, {0x0, 0x3000, 0x0, 0x0, 0x0, 0x3, 0x2}, {0x0, 0x5000, 0xe, 0xfe}, {0xeeee8000, 0x0, 0x0, 0x0, 0x0, 0x8f, 0x0, 0xa, 0x26, 0x4}, {0x80a0000}, {0xdddd1000, 0x8}, 0xddf8ffdb, 0x0, 0x0, 0x2b, 0x0, 0x3800, 0x0, [0x0, 0x0, 0x1]}) openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0) mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bpf(0x200000000000, &(0x7f0000000000)='.\x00', 0x0, 0x8b7848, 0x0) mount$bpf(0x200000000000, &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x8b7848, 0x0) r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000380), r6) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000400)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_HARDIF(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000500000008000600", @ANYRES32=r6, @ANYBLOB="08000300", @ANYRES32=r8], 0x34}, 0x1, 0x0, 0x0, 0x40400b0}, 0x0) 3.202576643s ago: executing program 3 (id=12651): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0xfff0, &(0x7f00000005c0)=[{&(0x7f0000000040)={0x17, 0x78, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\a\x00\x00'}]}, 0x18}], 0x1}, 0x0) 3.056401796s ago: executing program 3 (id=12654): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000854}, 0x20000040) syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="12010000b1bd2f087d0403508c2f010203010902120001000000000904"], 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000f80)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000001080)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x74, &(0x7f0000000200)={r3, 0x9, 0x30, 0xd8ba, 0x9}, &(0x7f0000000080)=0x36) vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) splice(r4, 0x0, r1, 0x0, 0x10000008ebc, 0x0) close(0x3) socket$inet(0x2, 0x5, 0xffffffff) 2.030667984s ago: executing program 8 (id=12675): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSETMODE(r0, 0x4b63, 0x4) r1 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, "", {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x80000001}, {0x6, 0x24, 0x1a, 0x1, 0x30}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200, 0xd}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0) syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x42, 0x4, 0x0, 0x0, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040), 0x2, 0x6}}, 0x20) syz_usb_control_io(r1, 0x0, &(0x7f0000000900)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB="801e0000000073900a1afb41995597f37164c7ed2289039f0c99cfb905060000000000000050bc3ad5097919"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.872334556s ago: executing program 9 (id=12678): socket$nl_netfilter(0x10, 0x3, 0xc) openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) (async) open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101) (async) syz_usb_connect$uac1(0x4, 0xa4, &(0x7f0000000000)=ANY=[], 0x0) 1.455479985s ago: executing program 8 (id=12681): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x1500, &(0x7f0000000500)={&(0x7f0000000540)=@newsa={0x160, 0x10, 0x633, 0x0, 0x0, {{@in6=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x7ff, 0x0, 0x0, 0xa, 0x0, 0x0, 0x39}, {@in=@rand_addr=0x64010102, 0x4d2, 0x32}, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, {0xfffffffffffffffc, 0x0, 0xb, 0x5, 0xfffffffffffffffc, 0x0, 0x1, 0xc}, {0x0, 0x7fff, 0x0, 0xadb8}, {0x5, 0x0, 0x1}, 0x0, 0x0, 0x2, 0x4, 0x0, 0xb0}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @replay_esn_val={0x20, 0x17, {0x400000000000001d, 0x70bd2c, 0x70bd27, 0x70bd29, 0x70bd25, 0x5, [0x80]}}, @replay_thresh={0x8, 0xb, 0xa63}]}, 0x160}, 0x1, 0x0, 0x0, 0x90}, 0x0) 1.372454053s ago: executing program 8 (id=12682): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)) sendmsg$BATADV_CMD_SET_MESH(r0, 0x0, 0x80) 1.369469467s ago: executing program 8 (id=12683): prctl$PR_SET_VMA(0x53564d41, 0x604, &(0x7f0000ffc000/0x2000)=nil, 0xfffffe93, 0x0) 1.360397063s ago: executing program 9 (id=12684): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000000180)) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x4e21, 0x1fc66db9, @empty, 0x7}}, 0x4, 0x4, 0x624e, 0xa, 0x55, 0x7f}, 0x9c) 1.292114629s ago: executing program 8 (id=12685): fsopen(&(0x7f00000000c0)='exofs\x00', 0x1) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000000540)=ANY=[@ANYBLOB="4c0000001200050926bd7000fddbdf251a0904024e224e23fbffffffff000000090000008100000099dd00000500", @ANYRESOCT], 0xae}, 0x1, 0x0, 0x0, 0x22004014}, 0x800) socket$inet(0x2, 0x4000000000000001, 0x0) 1.248435046s ago: executing program 9 (id=12686): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r1) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, r2, 0x4, 0x70bd27, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8}, {0x6, 0x11, 0x3}, {0x8, 0x15, 0xdbd}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20004000}, 0x1) (async) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x30, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x30}}, 0x0) 1.200683389s ago: executing program 9 (id=12688): pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f0000000340), 0x11000) vmsplice(r0, &(0x7f00000002c0)=[{&(0x7f0000000680)="85", 0x1}], 0x1, 0xb) r1 = syz_open_dev$swradio(&(0x7f0000001500), 0x1, 0x2) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x18c00, 0x0) syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x141000) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r2, 0x6, 0x1000000005, 0x7}) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) pwritev2(r1, &(0x7f0000000000), 0x0, 0x3, 0x7ffffffb, 0x3) getsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f0000000040), 0x2) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x8528c000) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x9, @mcast2, 0xfffffffc}, @in6={0xa, 0x7, 0xe06, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9be00000}], 0x38) r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{0x6, 0x9e, 0x9, 0x8}]}) sendmsg$RDMA_NLDEV_CMD_SYS_GET(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001480)=ANY=[], 0x10}, 0x1, 0x0, 0x0, 0x4008804}, 0x8054) ptrace(0x10, r3) wait4(r3, 0x0, 0x40000000, 0x0) ptrace$setregs(0xd, r3, 0x20000000002, &(0x7f0000000700)) ptrace$cont(0x21, r3, 0x80000001, 0x4) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 1.146089262s ago: executing program 8 (id=12690): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00') name_to_handle_at(r2, &(0x7f0000000380)='./mnt\x00', &(0x7f0000000340)=@xfs={0x18, 0x81, {0x5, 0x1000, 0xc, 0xfffffffd}}, &(0x7f0000000240), 0x200) syz_usb_disconnect(r1) r3 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_G_FMT(r3, 0xc0d05604, &(0x7f0000000c80)={0x9, @sdr}) syz_usb_connect(0x4, 0x24, &(0x7f0000000400)=ANY=[], 0x0) ioctl$EVIOCRMFF(r1, 0x40085507, &(0x7f00000000c0)=0x1000000) pipe2$watch_queue(&(0x7f0000000200), 0x80) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r4, 0x84, 0xf, &(0x7f00000043c0)={0x0, @in={{0x2, 0x4e24, @private=0xa010101}}, 0x9, 0x8, 0x4, 0xfffff43e, 0x97}, &(0x7f0000004480)=0x98) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_usb_connect$cdc_ecm(0x5, 0x60, &(0x7f0000000d80)=ANY=[@ANYBLOB="12010102020000202505a1a440000102030109024e000101000005090400e1020206000306240600007405240059000d240f01ffffff7f010006007f06241a480173b2241b02000500000717000109058202200008500e0905030220000d0b089edb74a52cc73bc1ed8497a781a7b4491231bf586977d3e5aa1fa575f0b5ae70cdf8bf3b050b21430e3a9b"], &(0x7f0000000bc0)={0xa, &(0x7f0000000a00)={0xa, 0x6, 0x201, 0xd, 0xd2, 0x9, 0x10, 0xf7}, 0x121, &(0x7f0000000a40)={0x5, 0xf, 0x121, 0x6, [@ext_cap={0x7, 0x10, 0x2, 0x14, 0x9, 0x9, 0x9}, @ssp_cap={0xc, 0x10, 0xa, 0x5, 0x0, 0x40, 0x1e, 0xfffe}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0xd, 0x4, 0x3, 0x8}, @generic={0xcf, 0x10, 0x1, "3534fdb965779bf2ce2443f88b1d7b38f67111b26e16e186dd2429a581cf3541b54183e4a580ed17de2ff86bec7ecbf5313e23ced921d22ad874e675a756a8eac54188ab84a9447878c3e5acca02a9b21502ba0bc75ba658fb451ecc4790ee3859d22c65b8d5fafab3816e059fe5663b5becc8efd3be61e11522dd68dff8f7320feafc3d61c9261442ff67965d30db018919c9e178a9f0fb02a66333ba343b72e032c2df1514163cd2ed640dbbd4a0e773565b134dc1f60ba082cf8988e087cbf4f9d976e2a67308eaffe441"}, @ssp_cap={0x1c, 0x10, 0xa, 0xa, 0x4, 0x4, 0xff00, 0x9, [0x0, 0xc000, 0x0, 0xc0]}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "6fb3d4ca6af4bdf162283cceba96e996"}]}, 0x1, [{0x4, &(0x7f0000000b80)=@lang_id={0x4, 0x3, 0x816}}]}) syz_usb_connect$midi(0x6, 0x95, &(0x7f0000000240)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x582, 0x3, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x83, 0x1, 0x1, 0x4, 0x80, 0x9, "", {{{0x9, 0x4, 0x0, 0x0, 0x4, 0x1, 0x3, 0x30, 0x1, [@midi_in_jack={0x6, 0x24, 0x2, 0x2, 0x9, 0x4}, @ms_header={0x7, 0x24, 0x1, 0x7, 0x7}, @midi_in_jack={0x6, 0x24, 0x2, 0x0, 0xf, 0x2}, @ms_header={0x7, 0x24, 0x1, 0x4, 0x7}, @ms_header={0x7, 0x24, 0x1, 0x20, 0x7}, @midi_in_jack={0x6, 0x24, 0x2, 0x1, 0x2, 0x9}], [{{0x9, 0x5, 0x8, 0x10, 0x3ff, 0x9, 0x2, 0x8, {0xa, 0x25, 0x1, 0x6, "2fb483cc6f61"}}}, {{0x9, 0x5, 0xf, 0x10, 0x400, 0x4, 0x40, 0x0, {0xc, 0x25, 0x1, 0x8, "73df70bb1d63c5ed"}}}, {{0x9, 0x5, 0xb, 0x10, 0x3ff, 0x9, 0x4, 0x6, {0xc, 0x25, 0x1, 0x8, "122ad621b6a6eae7"}}}, {{0x9, 0x5, 0xc, 0x10, 0x8, 0x0, 0x1, 0x7, {0x4}}}]}}}}}]}}, &(0x7f0000000880)={0xa, &(0x7f0000000300)={0xa, 0x6, 0x300, 0x9, 0x80, 0x1, 0x10, 0x4f}, 0x2d, &(0x7f0000000340)={0x5, 0xf, 0x2d, 0x4, [@ss_container_id={0x14, 0x10, 0x4, 0xa, "744193f456220d96328120c84f792433"}, @ptm_cap={0x3}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0xf, 0x1, 0x6, 0x7}, @ext_cap={0x7, 0x10, 0x2, 0xe, 0x6, 0x5}]}, 0x9, [{0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x1c01}}, {0x51, &(0x7f0000000440)=@string={0x51, 0x3, "15e562f6c087fb0569491701993a2ca4d1c7bbb6d0c68a72aacb3ba3cde755be8dfc403ffc0cd062037c638e54c7a922506af7385c8166c9b803cf0a1805f1e1c3a58ac61476a4d9b024240c3c143e"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4}}, {0x7e, &(0x7f0000000540)=@string={0x7e, 0x3, "789e913ace16e57f1e749492b7ae7a9f155a3760a288f2ea6b0c4abb15a5bc7ec3dd3be6514551e07558532a04244109c1a7fcea7a1dbcb77143274e8f21c94167e8e9cdf0797e0cd8e960a1a70c7ad491acdc6144cca5e87d665b7fbd353df7c6e75bbb14a027a5764a8de2719b1ed4ae4eeb4871930608b54e581c"}}, {0xff, &(0x7f00000005c0)=@string={0xff, 0x3, "6ac71eb7577bf7a99d72061d78b1d41634b9cec1c2b7b538653ae163b943115563cc14bb21d63f9ff10a951a1c46e3374b4b7c1837e1b3bd7ad94ba2a954cf31b6ef51c26e468811fc50c8c608d874ecd39ba9b9e3afa812a43b10221d14686405f25b0d38146fe88aca7f8691455e3f3456c835ddccea107728563575b56dc2515542219bacc4b5a6ff80335327c9716aed6cd4c01300dd903b77632a8dea5b32bdfd4e4616a52b8a43513aea4273125afc2b4e9288572cd0381600afbfd81bec7e1da12107a3cd5b8a1bb8f509bb542a26ef52c0f3f7a3987047485c33a8f3bebbb72b682c83e7c55f69198489b2ea5a326e3bc4ef160209398f8f0d"}}, {0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0x100a}}, {0xdd, &(0x7f0000000700)=@string={0xdd, 0x3, "77b57da24c7f1fd9af365d6de7cf785681935812bc02f4ab98a9fb62b518d9c2cf98bc022c09bc358893da11d8f0ae9f713ea893bd3148bfdc24cf8a1cf64e5f758e1d82761851a898a3d197cf4f062b573737c89532a728f4b3caef562d43be5df321a43a0f1f37096359679fbbc57e144a814b7ebebabe6db148774376e1cf736ee9dd307a1eb7da53ef7d4d3f7e8c715dcf46bec5d195ac0eba53297ea0fc1dcf3883348d9166bec111c5f768661022c39fd3a1b3fb77e16414313f734cfcb6964c8ca4886ffd40f8ba32dfb4fcba51d6c77f4ad28159e665f4"}}, {0x1e, &(0x7f0000000800)=@string={0x1e, 0x3, "372a27f6c3fb48022b1f5e3f1e5298903180750fd5024c8f254183b4"}}, {0x4, &(0x7f0000000840)=@lang_id={0x4, 0x3, 0x426}}]}) r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r5) r7 = socket$inet_smc(0x2b, 0x1, 0x0) accept(r7, 0x0, 0x0) r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r5) sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x24, r8, 0x100, 0x70bd2c, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x2}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x404c850}, 0x800) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000940)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_HARDIF(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000500000008000600", @ANYRES64, @ANYBLOB="08000300", @ANYRES32=r9], 0x34}, 0x1, 0x0, 0x0, 0x40400b0}, 0x0) 1.00863572s ago: executing program 4 (id=12692): sendmsg$NL80211_CMD_GET_COALESCE(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={0x24, 0x3e, 0x107, 0x70bd2b, 0x0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x6, 0x0, 0x0, @pid}]}]}, 0x24}, 0x1, 0x0, 0x0, 0xc000}, 0x4040) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000080)=@x={0x94, 0x2, "3018b91920fc"}) socket$xdp(0x2c, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$RNDADDENTROPY(r3, 0x5207, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x20, 0x1e, 0x21, 0x70bd2b, 0x0, {0xa}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @nested={0x4, 0xf4}]}, 0x20}}, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x7) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14) r4 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) ioctl$BTRFS_IOC_ENCODED_READ(r0, 0x80809440, &(0x7f0000000340)={&(0x7f00000001c0)=[{&(0x7f0000000100)="d0c37133d22d9f452bf3fe8ed6de8af3b2fd588ef2f5b91c44170e3c6d8b5d03051277cc14bdebbd9c24b8abab1b57f4003eaab95224c75785b62cf95e30d5158b1d3ce958122b352194af362d636bba4aff3ad67a5c2e86299eb22d74af54257d7eb8d640a75695dc7d0129fe05e01a38da4522627272c74074bf082918b66b608aa179c3c5fc529860ad8131a710d05e6d7b6b76d3586cc084603af5832bf7df5ac322fa52a4", 0xa7}], 0x1, 0x4, 0x0, 0x401, 0x8, 0x4, 0x6, 0x5}) connect$can_bcm(r4, &(0x7f00000000c0)={0x1d, r5}, 0x10) r6 = socket$rds(0x15, 0x5, 0x0) ioctl$sock_SIOCSIFBR(r6, 0x8941, &(0x7f00000002c0)=@generic={0x0, 0x6}) syz_usb_connect(0x0, 0x24, &(0x7f00000005c0)=ANY=[@ANYBLOB="12010000ff000040720501cb6526010203010902120001000000000904"], 0x0) 443.115602ms ago: executing program 4 (id=12693): syz_80211_join_ibss(&(0x7f0000000100)='wlan1\x00', &(0x7f0000000140)=@random="61e135ef1bd5ab1d6c", 0x9, 0x0) 332.453546ms ago: executing program 4 (id=12694): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000200)={r1, @in6={{0xa, 0x4e21, 0x1fc66db9, @empty, 0x7}}, 0x4, 0x4, 0x624e, 0xa, 0x55, 0x7f}, 0x9c) 322.757487ms ago: executing program 4 (id=12695): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e44b904021d08000b000000e8fe55a1180015000600142603600e1209000d", 0x27}], 0x1}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="2539000020000365f507f62aa6172f7881"], 0x33fe0) 258.394057ms ago: executing program 9 (id=12696): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)={0x18, 0x78, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\a\x00\x00'}]}, 0x18}], 0x1}, 0x0) 200.592964ms ago: executing program 4 (id=12697): openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000280)={0x7, 0x0, [{0xfee281e2302f45d3, 0x8, 0x1, 0x7d, 0x6, 0x6, 0x2}, {0x1, 0x4, 0x6, 0x8000, 0x27, 0x7, 0x9}, {0xb, 0x8, 0x3, 0x3ff, 0x27a1dbfb, 0x208003, 0xffff}, {0x80000019, 0xe5f, 0x0, 0x7, 0xdf3, 0x6, 0x80000001}, {0x80000000, 0x2bb, 0x1, 0xd, 0x3, 0x7fd, 0x404}, {0x80000000, 0x100, 0x4, 0x6, 0x3, 0x2, 0x3}, {0x80000001, 0x2, 0x3, 0xfffffff7, 0xfffffff5, 0xff, 0x6}]}) 192.652864ms ago: executing program 4 (id=12698): fsopen(&(0x7f00000000c0)='exofs\x00', 0x1) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000000540)=ANY=[@ANYBLOB="4c0000001200050926bd7000fddbdf251a0904024e224e23fbffffffff000000090000008100000099dd00000500", @ANYRESOCT], 0xae}, 0x1, 0x0, 0x0, 0x22004014}, 0x800) socket$inet(0x2, 0x4000000000000001, 0x0) 108.421918ms ago: executing program 9 (id=12699): r0 = memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0 rejected, failed to enable media [ 852.972903][T26511] tipc: Enabled bearer , priority 0 [ 853.201669][T26524] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8228'. [ 853.302280][T26532] fuse: fd is not a fuse device [ 853.327760][T26524] nbd: socks must be embedded in a SOCK_ITEM attr [ 853.368123][T26530] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8228'. [ 853.398958][T26530] nbd: device at index 64 is going down [ 853.532028][T26539] fuse: fd is not a fuse device [ 854.070065][T21342] tipc: Node number set to 3758096385 [ 855.556072][T26580] nla_validate_range_unsigned: 17 callbacks suppressed [ 855.556130][T26580] netlink: 'syz.4.8251': attribute type 11 has an invalid length. [ 855.576501][T26580] netlink: 'syz.4.8251': attribute type 11 has an invalid length. [ 855.589196][T26580] netlink: 'syz.4.8251': attribute type 11 has an invalid length. [ 855.598943][T26580] netlink: 'syz.4.8251': attribute type 11 has an invalid length. [ 855.608458][T26580] netlink: 'syz.4.8251': attribute type 11 has an invalid length. [ 855.626351][T26580] netlink: 'syz.4.8251': attribute type 11 has an invalid length. [ 855.666593][T26580] netlink: 'syz.4.8251': attribute type 11 has an invalid length. [ 855.692898][T26580] netlink: 'syz.4.8251': attribute type 11 has an invalid length. [ 855.715167][T26580] netlink: 'syz.4.8251': attribute type 11 has an invalid length. [ 855.725241][T26580] netlink: 'syz.4.8251': attribute type 11 has an invalid length. [ 855.821872][T26579] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 856.632493][T26607] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000 [ 857.658150][T26618] binder: 26616:26618 ioctl c0306201 200000000680 returned -14 [ 857.794986][T26625] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 857.806717][T26625] overlayfs: failed to set xattr on upper [ 857.813610][T26625] overlayfs: ...falling back to redirect_dir=nofollow. [ 857.820881][T26625] overlayfs: ...falling back to index=off. [ 857.826859][T26625] overlayfs: ...falling back to uuid=null. [ 857.843703][T26631] tipc: Started in network mode [ 857.848949][T26631] tipc: Node identity ac1414aa, cluster identity 4711 [ 857.862385][T26625] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 857.880798][T26631] tipc: Enabled bearer , priority 10 [ 857.893000][T26631] tipc: Enabled bearer , priority 0 [ 858.575964][T26667] netlink: 14 bytes leftover after parsing attributes in process `syz.3.8282'. [ 858.621921][T26667] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 858.701484][T26667] bond0 (unregistering): (slave c@0): Releasing backup interface [ 858.740549][T26667] bond0 (unregistering): Released all slaves [ 858.980446][T26674] fuse: fd is not a fuse device [ 858.997730][T24286] tipc: Node number set to 2886997162 [ 859.365656][T26694] net_ratelimit: 178 callbacks suppressed [ 859.365679][T26694] Dead loop on virtual device ip6_vti0, fix it urgently! [ 859.544032][T26699] netlink: 14 bytes leftover after parsing attributes in process `syz.5.8294'. [ 859.594126][T26699] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 859.650058][T26703] netlink: 104 bytes leftover after parsing attributes in process `syz.4.8295'. [ 859.682796][T26699] bond0 (unregistering): (slave c@0): Releasing backup interface [ 859.696185][T26699] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 859.707982][T26699] bridge0: port 3(syz_tun) entered disabled state [ 859.714725][T26699] bridge0: port 2(bridge_slave_1) entered disabled state [ 859.722343][T26699] bridge0: port 1(bridge_slave_0) entered disabled state [ 859.739186][T26699] bond0 (unregistering): Released all slaves [ 859.759618][T26701] pimreg: entered allmulticast mode [ 861.083814][ T30] audit: type=1326 audit(1773861069.808:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26746 comm="syz.4.8312" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa680f9c799 code=0x0 [ 861.336410][T26743] could not allocate digest TFM handle cryptd(blake2b-160) [ 862.643019][T26783] fuse: fd is not a fuse device [ 863.036869][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880544b8400: rx timeout, send abort [ 863.382445][ T30] audit: type=1326 audit(1773861072.108:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26793 comm="syz.8.8327" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdd37d9c799 code=0x0 [ 863.537022][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880544b9800: rx timeout, send abort [ 863.545514][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880544b8400: abort rx timeout. Force session deactivation [ 863.891363][T26810] fuse: fd is not a fuse device [ 863.990909][T26814] netlink: 'syz.5.8336': attribute type 10 has an invalid length. [ 863.999592][T26816] fuse: fd is not a fuse device [ 864.034534][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880544b8000: rx timeout, send abort [ 864.043116][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880544b8000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 864.057941][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880544b9800: abort rx timeout. Force session deactivation [ 864.367130][T26833] fuse: fd is not a fuse device [ 864.820784][T26816] orangefs_mount: mount request failed with -4 [ 865.866969][ T30] audit: type=1326 audit(1773861074.588:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26850 comm="syz.5.8352" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4df3b9c799 code=0x0 [ 867.081888][T26880] overlayfs: failed to clone upperpath [ 867.729273][ T30] audit: type=1326 audit(1773861076.448:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26895 comm="syz.5.8370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4df3b9c799 code=0x7ffc0000 [ 867.774141][ T30] audit: type=1326 audit(1773861076.488:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26895 comm="syz.5.8370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4df3b9c799 code=0x7ffc0000 [ 867.850779][ T30] audit: type=1326 audit(1773861076.488:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26895 comm="syz.5.8370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4df3b9c799 code=0x7ffc0000 [ 867.905167][ T30] audit: type=1326 audit(1773861076.488:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26895 comm="syz.5.8370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4df3b9c799 code=0x7ffc0000 [ 867.940026][ T30] audit: type=1326 audit(1773861076.488:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26895 comm="syz.5.8370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4df3b9c799 code=0x7ffc0000 [ 867.973214][ T30] audit: type=1326 audit(1773861076.488:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26895 comm="syz.5.8370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f4df3b9c799 code=0x7ffc0000 [ 868.010473][ T30] audit: type=1326 audit(1773861076.488:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26895 comm="syz.5.8370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4df3b9c799 code=0x7ffc0000 [ 868.035021][ T30] audit: type=1326 audit(1773861076.488:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26895 comm="syz.5.8370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f4df3b9c799 code=0x7ffc0000 [ 868.067084][ T30] audit: type=1326 audit(1773861076.488:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26895 comm="syz.5.8370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4df3b9c799 code=0x7ffc0000 [ 868.092429][ T30] audit: type=1326 audit(1773861076.488:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26895 comm="syz.5.8370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f4df3b9c799 code=0x7ffc0000 [ 868.195180][T26910] tmpfs: Bad value for 'nr_blocks' [ 868.803576][T26929] netlink: 'syz.3.8384': attribute type 10 has an invalid length. [ 869.536994][T26944] pimreg: entered allmulticast mode [ 870.145449][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.861211][T26967] fuse: fd is not a fuse device [ 871.543424][T26983] netlink: 'syz.5.8403': attribute type 4 has an invalid length. [ 871.556772][T26983] netlink: 'syz.5.8403': attribute type 4 has an invalid length. [ 871.771493][T26988] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000 [ 871.795505][T26994] fuse: fd is not a fuse device [ 872.293167][T27021] netlink: 'syz.8.8418': attribute type 10 has an invalid length. [ 872.357738][T27021] team0 (unregistering): Port device team_slave_0 removed [ 872.392415][T27025] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8420'. [ 872.394002][T27021] team0 (unregistering): Port device team_slave_1 removed [ 873.897869][ T8286] wlan0: Trigger new scan to find an IBSS to join [ 874.543493][T27063] fuse: fd is not a fuse device [ 875.321628][T27067] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8435'. [ 875.338226][T27067] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8435'. [ 875.421669][T27070] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8436'. [ 876.667243][T27092] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8445'. [ 876.679099][T27092] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8445'. [ 877.426737][T27103] fuse: fd is not a fuse device [ 877.544631][T27106] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8449'. [ 878.857693][ T1116] wlan0: Trigger new scan to find an IBSS to join [ 879.026428][T27132] netlink: 'syz.5.8459': attribute type 4 has an invalid length. [ 879.386786][T27146] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8465'. [ 879.414378][T27149] overlayfs: failed to clone upperpath [ 879.740760][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 879.864949][T27161] fuse: fd is not a fuse device [ 880.545234][T27183] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8480'. [ 880.573991][T27183] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8480'. [ 882.999055][ T30] kauditd_printk_skb: 52 callbacks suppressed [ 882.999076][ T30] audit: type=1804 audit(1773861091.718:205): pid=27229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.8499" name="bus" dev="ramfs" ino=106610 res=1 errno=0 [ 883.046859][ T30] audit: type=1804 audit(1773861091.748:206): pid=27229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.8499" name="bus" dev="ramfs" ino=106610 res=1 errno=0 [ 883.093841][T27232] netlink: 'syz.5.8500': attribute type 11 has an invalid length. [ 885.232888][T27278] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8517'. [ 886.260832][T27297] overlayfs: failed to clone upperpath [ 886.415707][T27311] netlink: 'syz.5.8524': attribute type 29 has an invalid length. [ 886.435482][T27311] netlink: 'syz.5.8524': attribute type 29 has an invalid length. [ 886.459126][T27311] netlink: 500 bytes leftover after parsing attributes in process `syz.5.8524'. [ 886.645820][T27324] netlink: 'syz.4.8532': attribute type 11 has an invalid length. [ 888.032227][T27351] netlink: 'syz.3.8542': attribute type 10 has an invalid length. [ 888.882271][T27369] netlink: 'syz.8.8549': attribute type 29 has an invalid length. [ 888.896733][T27369] netlink: 'syz.8.8549': attribute type 29 has an invalid length. [ 888.908773][T27369] netlink: 500 bytes leftover after parsing attributes in process `syz.8.8549'. [ 889.338645][T27388] team_slave_0: entered promiscuous mode [ 889.347016][T27388] team_slave_1: entered promiscuous mode [ 889.357157][T27388] netlink: 'syz.4.8558': attribute type 10 has an invalid length. [ 889.365419][T27388] team_slave_0: left promiscuous mode [ 889.373873][T27388] team_slave_1: left promiscuous mode [ 889.414350][T27388] team0 (unregistering): Port device team_slave_0 removed [ 889.451019][T27388] team0 (unregistering): Port device team_slave_1 removed [ 891.874547][T27456] netlink: 14 bytes leftover after parsing attributes in process `syz.4.8591'. [ 894.531833][ T30] audit: type=1804 audit(1773861103.258:207): pid=27498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.8598" name="bus" dev="ramfs" ino=107002 res=1 errno=0 [ 894.588725][ T30] audit: type=1804 audit(1773861103.288:208): pid=27498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.8598" name="bus" dev="ramfs" ino=107002 res=1 errno=0 [ 894.794934][ T5841] Bluetooth: hci1: Malformed Event: 0x02 [ 895.534398][T27525] netlink: 8 bytes leftover after parsing attributes in process `syz.8.8604'. [ 897.149945][T27560] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8616'. [ 898.129627][T27592] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8628'. [ 898.563429][T27608] mac80211_hwsim hwsim7 4: renamed from wlan1 [ 899.564124][ T30] audit: type=1800 audit(1773861108.288:209): pid=27632 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.8643" name="bus" dev="tmpfs" ino=11086 res=0 errno=0 [ 900.962762][T27655] mac80211_hwsim hwsim20 4: renamed from wlan1 (while UP) [ 901.133085][T27662] netlink: 'syz.5.8655': attribute type 10 has an invalid length. [ 901.159578][T27662] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8655'. [ 902.304698][T27709] netlink: 'syz.3.8670': attribute type 10 has an invalid length. [ 902.927693][T27731] netlink: 'syz.5.8684': attribute type 10 has an invalid length. [ 903.201890][T27745] bridge0: port 1(bridge_slave_0) entered blocking state [ 903.209188][T27745] bridge0: port 1(bridge_slave_0) entered forwarding state [ 903.253090][T27741] netlink: 'syz.4.8688': attribute type 10 has an invalid length. [ 903.372577][T27741] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8688'. [ 903.721129][T27769] netlink: 'syz.4.8694': attribute type 10 has an invalid length. [ 905.427897][T27818] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8713'. [ 905.482141][T27818] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8713'. [ 905.713051][T27822] overlayfs: failed to clone upperpath [ 906.282274][T27830] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8718'. [ 908.414981][T27873] netlink: 312 bytes leftover after parsing attributes in process `syz.8.8738'. [ 908.446670][T27873] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8738'. [ 912.381619][ T37] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 915.974884][T28085] netlink: 'syz.3.8831': attribute type 27 has an invalid length. [ 916.029511][T28085] 0{X: left allmulticast mode [ 916.120612][T28085] bridge0: port 2(bridge_slave_1) entered disabled state [ 916.128030][T28085] bridge0: port 1(bridge_slave_0) entered disabled state [ 916.589769][T28085] tipc: Resetting bearer [ 916.651935][T28093] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 916.798911][ T5841] Bluetooth: hci1: hardware error 0x07 [ 916.799990][T28087] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 916.952516][T28087] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 917.008935][ T13] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 917.056697][ T13] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 917.084284][ T13] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 917.114444][ T13] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 918.863761][ T5841] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 918.964096][ T30] audit: type=1326 audit(1773861127.688:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28161 comm="syz.3.8854" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe1f399c799 code=0x0 [ 920.014466][T28206] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8874'. [ 921.158595][T28270] netlink: 'syz.4.8905': attribute type 27 has an invalid length. [ 921.230403][T28270] bridge0: port 2(bridge_slave_1) entered disabled state [ 921.237917][T28270] bridge0: port 1(bridge_slave_0) entered disabled state [ 921.477331][T28270] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 921.496019][T28270] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 921.887324][ T13] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 921.906887][ T13] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 921.932858][ T13] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 921.958142][ T13] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 922.535242][T28336] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8935'. [ 923.112143][T28353] netlink: 'syz.8.8944': attribute type 27 has an invalid length. [ 923.232601][T28357] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8947'. [ 923.263466][T28353] bridge0: port 2(bridge_slave_1) entered disabled state [ 923.271325][T28353] bridge0: port 1(bridge_slave_0) entered disabled state [ 923.434871][T28353] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 923.454093][T28353] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 923.558981][T28353] tipc: Resetting bearer [ 923.820818][ T13] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 923.865595][ T13] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 923.893755][ T13] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 923.911764][ T13] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 926.113028][T28520] netdevsim netdevsim5: Direct firmware load for .. failed with error -2 [ 926.129774][T28520] netdevsim netdevsim5: Falling back to sysfs fallback for: .. [ 927.886325][T28604] netlink: 'syz.3.9058': attribute type 1 has an invalid length. [ 927.902735][T28604] netlink: 'syz.3.9058': attribute type 1 has an invalid length. [ 927.918794][T28604] netlink: 9172 bytes leftover after parsing attributes in process `syz.3.9058'. [ 927.952077][T28610] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9059'. [ 928.784128][T28664] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9086'. [ 928.893145][T28670] netlink: 'syz.4.9088': attribute type 1 has an invalid length. [ 928.914412][T28670] netlink: 'syz.4.9088': attribute type 1 has an invalid length. [ 928.935707][T28670] netlink: 9172 bytes leftover after parsing attributes in process `syz.4.9088'. [ 929.464559][T28708] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9108'. [ 929.826302][T28730] netlink: 6 bytes leftover after parsing attributes in process `syz.4.9121'. [ 929.845249][T28728] netdevsim netdevsim3: Direct firmware load for .. failed with error -2 [ 929.854404][T28730] A link change request failed with some changes committed already. Interface vxcan1 may have been left with an inconsistent configuration, please check. [ 929.871636][T28728] netdevsim netdevsim3: Falling back to sysfs fallback for: .. [ 930.279877][T28756] netlink: 6 bytes leftover after parsing attributes in process `syz.8.9132'. [ 930.289232][T28756] A link change request failed with some changes committed already. Interface vxcan1 may have been left with an inconsistent configuration, please check. [ 930.323838][T28758] netlink: 'syz.4.9134': attribute type 10 has an invalid length. [ 930.715923][T28782] netlink: 'syz.4.9152': attribute type 10 has an invalid length. [ 930.752849][T28782] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 931.046947][T28804] netdevsim netdevsim8: Direct firmware load for .. failed with error -2 [ 931.063153][T28804] netdevsim netdevsim8: Falling back to sysfs fallback for: .. [ 931.159047][T28810] netlink: 'syz.4.9159': attribute type 33 has an invalid length. [ 931.176056][T28810] netlink: 152 bytes leftover after parsing attributes in process `syz.4.9159'. [ 931.585199][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.225354][T28869] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9187'. [ 932.451851][T28883] netlink: 'syz.3.9194': attribute type 10 has an invalid length. [ 932.665245][T28894] netlink: 'syz.3.9199': attribute type 10 has an invalid length. [ 932.995987][ T13] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 933.035074][T28915] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9209'. [ 933.044760][T28915] netlink: 48 bytes leftover after parsing attributes in process `syz.8.9209'. [ 933.459446][T28937] netlink: 'syz.5.9220': attribute type 10 has an invalid length. [ 933.467722][T28937] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 933.495959][T28937] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 933.866921][T28961] netlink: 'syz.5.9230': attribute type 39 has an invalid length. [ 934.302895][T28988] netlink: 'syz.8.9241': attribute type 39 has an invalid length. [ 937.460956][T29169] xt_l2tp: missing protocol rule (udp|l2tpip) [ 938.811530][T29256] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9356'. [ 939.678102][T29315] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 939.993978][T29335] netlink: 184 bytes leftover after parsing attributes in process `syz.8.9392'. [ 940.018065][T29335] xt_socket: unknown flags 0xd0 [ 940.406170][T29364] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9404'. [ 940.578744][T29372] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9409'. [ 940.765522][T29384] x_tables: ip_tables: TCPMSS target: only valid for protocol 6 [ 941.314315][T29417] netlink: 184 bytes leftover after parsing attributes in process `syz.4.9430'. [ 941.324939][T29417] xt_socket: unknown flags 0xd0 [ 941.440525][T29424] "syz.4.9433" (29424) uses obsolete ecb(arc4) skcipher [ 941.683658][T29439] xt_nfacct: accounting object `\$9ZM#mU|^c\F9YⳈ' does not exist [ 945.041100][T29564] openvswitch: netlink: Flow key attr not present in new flow. [ 945.704682][T29600] netlink: 204 bytes leftover after parsing attributes in process `syz.8.9510'. [ 945.719637][T29600] netlink: 72 bytes leftover after parsing attributes in process `syz.8.9510'. [ 948.146032][T29730] netlink: 104 bytes leftover after parsing attributes in process `syz.8.9565'. [ 950.877987][T29834] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9609'. [ 950.954223][T29838] bridge0: port 3(erspan0) entered blocking state [ 950.978613][T29838] bridge0: port 3(erspan0) entered disabled state [ 950.996624][T29838] erspan0: entered allmulticast mode [ 951.007221][T29838] erspan0: entered promiscuous mode [ 951.086386][T29845] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9614'. [ 951.596964][T29860] nla_validate_range_unsigned: 9 callbacks suppressed [ 951.596979][T29860] netlink: 'syz.3.9621': attribute type 11 has an invalid length. [ 951.908631][T29876] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9626'. [ 952.182997][T29883] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9630'. [ 953.501172][T29938] netdevsim netdevsim4 netdevsim0: IPsec offload requires 128 bit authentication [ 956.449990][T30058] netlink: 32 bytes leftover after parsing attributes in process `syz.5.9702'. [ 958.002965][T30104] fuse: fd is not a fuse device [ 958.789416][T30145] fuse: fd is not a fuse device [ 959.549880][T30197] netlink: 32 bytes leftover after parsing attributes in process `syz.5.9758'. [ 962.579013][T30318] netlink: 176 bytes leftover after parsing attributes in process `syz.4.9805'. [ 963.710229][T30359] netlink: 'syz.4.9820': attribute type 11 has an invalid length. [ 964.242197][T30380] netlink: 212408 bytes leftover after parsing attributes in process `syz.8.9828'. [ 965.054219][T30422] "syz.5.9848" (30422) uses obsolete ecb(arc4) skcipher [ 965.135779][T30426] overlayfs: failed to clone upperpath [ 965.710357][T30448] fuse: fd is not a fuse device [ 966.012749][T30457] overlayfs: failed to clone upperpath [ 969.053097][T30551] overlayfs: failed to clone upperpath [ 969.361696][T30559] fuse: fd is not a fuse device [ 969.862146][T30582] overlayfs: failed to clone lowerpath [ 970.052718][T30587] fuse: fd is not a fuse device [ 970.059590][T30588] fuse: fd is not a fuse device [ 970.402229][T30601] fuse: fd is not a fuse device [ 970.821310][T30614] fuse: fd is not a fuse device [ 971.742444][T30521] Set syz1 is full, maxelem 65536 reached [ 972.318780][T30662] fuse: fd is not a fuse device [ 972.757495][T30690] overlayfs: failed to clone upperpath [ 972.822378][T30694] overlayfs: failed to clone upperpath [ 972.963000][T30702] overlayfs: failed to clone upperpath [ 973.022489][T30707] netlink: 40 bytes leftover after parsing attributes in process `syz.8.9958'. [ 973.482117][T30727] overlayfs: failed to clone upperpath [ 974.662216][T30768] netlink: 20 bytes leftover after parsing attributes in process `syz.8.9982'. [ 974.671753][T30768] netlink: 20 bytes leftover after parsing attributes in process `syz.8.9982'. [ 975.061309][T30785] fuse: fd is not a fuse device [ 975.140310][T30789] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9991'. [ 975.149812][T30789] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9991'. [ 975.264929][T30798] overlayfs: failed to clone upperpath [ 975.469541][T30810] netlink: 20 bytes leftover after parsing attributes in process `syz.8.10001'. [ 975.480231][T30810] netlink: 20 bytes leftover after parsing attributes in process `syz.8.10001'. [ 977.894348][T30891] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10031'. [ 978.327280][ T30] audit: type=1326 audit(1773861187.048:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30920 comm="syz.5.10042" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4df3b9c799 code=0x0 [ 978.685148][T30930] fuse: fd is not a fuse device [ 979.153353][T30947] fuse: fd is not a fuse device [ 979.306075][T30957] overlayfs: failed to clone upperpath [ 979.943530][T30996] pimreg: left allmulticast mode [ 980.865193][T31036] overlayfs: failed to clone upperpath [ 981.302023][T31044] fuse: fd is not a fuse device [ 982.613742][T31087] overlayfs: failed to clone upperpath [ 983.271840][T31103] fuse: fd is not a fuse device [ 983.518742][T31112] overlayfs: failed to clone upperpath [ 983.947785][T31126] tipc: Enabling of bearer rejected, already enabled [ 983.976910][T31126] tipc: Enabled bearer , priority 10 [ 984.219482][T31135] fuse: fd is not a fuse device [ 984.370459][T31144] overlayfs: failed to clone upperpath [ 984.694506][T31165] fuse: fd is not a fuse device [ 985.353750][T31202] fuse: fd is not a fuse device [ 985.495302][T31208] fuse: fd is not a fuse device [ 985.851284][ T30] audit: type=1326 audit(1773861194.578:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31222 comm="syz.4.10179" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa680f9c799 code=0x0 [ 986.914287][T31275] fuse: fd is not a fuse device [ 987.202728][T31289] netlink: 'syz.3.10203': attribute type 10 has an invalid length. [ 987.275906][T31291] fuse: fd is not a fuse device [ 987.323331][T31293] fuse: fd is not a fuse device [ 987.672540][T31311] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10210'. [ 987.975209][T31326] fuse: fd is not a fuse device [ 988.098822][T31333] fuse: fd is not a fuse device [ 988.226310][T31344] fuse: fd is not a fuse device [ 988.283708][T31347] fuse: fd is not a fuse device [ 988.294806][T31349] fuse: fd is not a fuse device [ 988.550615][T31364] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10231'. [ 989.350390][T31384] fuse: fd is not a fuse device [ 989.582005][T31393] fuse: fd is not a fuse device [ 989.849808][T31400] fuse: fd is not a fuse device [ 991.095210][T31414] netlink: 'syz.4.10254': attribute type 4 has an invalid length. [ 991.139366][T31414] netlink: 'syz.4.10254': attribute type 4 has an invalid length. [ 992.155573][T31429] fuse: fd is not a fuse device [ 992.318026][T31435] "syz.8.10261" (31435) uses obsolete ecb(arc4) skcipher [ 992.515393][T31450] netlink: 'syz.5.10267': attribute type 4 has an invalid length. [ 992.528608][T31450] netlink: 'syz.5.10267': attribute type 4 has an invalid length. [ 993.023107][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.212576][T31458] fuse: fd is not a fuse device [ 993.313127][T31464] overlayfs: failed to clone upperpath [ 993.398748][T31470] overlayfs: failed to clone upperpath [ 993.440336][T31472] netlink: 'syz.3.10278': attribute type 4 has an invalid length. [ 993.453344][T31474] fuse: fd is not a fuse device [ 993.470631][T31472] netlink: 'syz.3.10278': attribute type 4 has an invalid length. [ 993.545921][T31478] fuse: fd is not a fuse device [ 993.919717][T31501] fuse: fd is not a fuse device [ 993.930790][T31503] fuse: fd is not a fuse device [ 994.523289][T31525] fuse: fd is not a fuse device [ 994.618085][T31529] overlayfs: failed to clone upperpath [ 995.256988][T31558] overlayfs: failed to clone upperpath [ 995.270944][T31558] overlayfs: failed to clone upperpath [ 995.334303][T31560] overlayfs: failed to clone upperpath [ 995.706593][T31579] overlayfs: failed to clone upperpath [ 996.473962][T31611] fuse: fd is not a fuse device [ 996.682557][T31621] fuse: fd is not a fuse device [ 996.800083][T31628] fuse: fd is not a fuse device [ 996.889511][T31633] fuse: fd is not a fuse device [ 997.026081][T31640] fuse: fd is not a fuse device [ 997.257346][T31650] overlayfs: failed to clone upperpath [ 997.334658][T31654] fuse: fd is not a fuse device [ 998.106162][T31678] fuse: fd is not a fuse device [ 998.203728][T31682] fuse: fd is not a fuse device [ 998.412692][T31695] fuse: fd is not a fuse device [ 998.490692][T31701] overlayfs: failed to clone upperpath [ 998.599173][T31705] fuse: fd is not a fuse device [ 998.662374][T31707] fuse: fd is not a fuse device [ 998.882583][T31713] fuse: fd is not a fuse device [ 999.923282][T31751] tipc: Enabling of bearer rejected, already enabled [ 999.993311][T31755] netlink: 'syz.4.10399': attribute type 10 has an invalid length. [ 1000.038280][ T30] audit: type=1326 audit(1773861464.775:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31756 comm="syz.5.10400" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4df3b9c799 code=0x0 [ 1000.587690][T31772] overlayfs: failed to clone upperpath [ 1001.135689][T31794] fuse: fd is not a fuse device [ 1001.221434][T31801] overlayfs: failed to clone upperpath [ 1001.689685][T31811] fuse: fd is not a fuse device [ 1002.071619][T31833] netlink: 'syz.5.10430': attribute type 10 has an invalid length. [ 1002.088941][T31833] netlink: 55 bytes leftover after parsing attributes in process `syz.5.10430'. [ 1002.883368][T31863] fuse: fd is not a fuse device [ 1003.085959][T31869] fuse: fd is not a fuse device [ 1003.125409][T31871] tipc: Failed to remove unknown binding: 66,0,0/2886997162:1366350511/1366350512 [ 1003.137500][T31871] tipc: Failed to remove unknown binding: 66,0,0/2886997162:1366350511/1366350512 [ 1003.195370][T31875] fuse: Bad value for 'fd' [ 1003.296517][T31880] tipc: Enabled bearer , priority 0 [ 1003.585300][T31883] overlayfs: failed to clone upperpath [ 1003.708521][T31889] overlayfs: failed to clone upperpath [ 1004.283264][T31911] overlayfs: failed to clone upperpath [ 1004.681359][T31921] fuse: fd is not a fuse device [ 1005.060834][T31934] fuse: fd is not a fuse device [ 1005.875850][T31953] fuse: fd is not a fuse device [ 1005.996186][T31957] fuse: fd is not a fuse device [ 1006.312242][T31970] overlayfs: failed to clone upperpath [ 1006.626679][T31974] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 1006.759244][T31983] fuse: fd is not a fuse device [ 1006.814611][T31985] fuse: fd is not a fuse device [ 1007.017240][T31997] fuse: fd is not a fuse device [ 1007.210032][T32010] overlayfs: failed to clone upperpath [ 1007.845697][T31997] orangefs_mount: mount request failed with -4 [ 1009.232935][T32074] fuse: fd is not a fuse device [ 1009.611400][T32093] fuse: fd is not a fuse device [ 1010.651963][T32114] tipc: Enabled bearer , priority 0 [ 1010.742741][T32118] fuse: fd is not a fuse device [ 1012.155345][T32169] fuse: fd is not a fuse device [ 1012.406052][T32182] fuse: fd is not a fuse device [ 1013.330153][T32225] fuse: fd is not a fuse device [ 1015.287536][ T30] audit: type=1800 audit(1773861480.005:214): pid=32267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.10611" name="bus" dev="tmpfs" ino=3907 res=0 errno=0 [ 1016.823478][T32300] fuse: fd is not a fuse device [ 1018.015243][T32348] overlayfs: failed to clone upperpath [ 1019.548671][T32388] netlink: 'syz.5.10664': attribute type 27 has an invalid length. [ 1019.591016][T32388] 0{X: left allmulticast mode [ 1019.747175][T32388] veth0_to_team: left promiscuous mode [ 1019.771958][T32388] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1019.815288][T32388] tipc: Resetting bearer [ 1019.871937][T32388] tipc: Resetting bearer [ 1019.979172][ T60] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1019.992515][ T60] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1020.011440][ T60] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1023.406094][T32466] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10698'. [ 1026.442589][T32594] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10756'. [ 1026.875015][T32621] netlink: 24 bytes leftover after parsing attributes in process `syz.8.10768'. [ 1027.425296][T32657] netlink: 'syz.3.10786': attribute type 33 has an invalid length. [ 1027.434309][T32657] netlink: 152 bytes leftover after parsing attributes in process `syz.3.10786'. [ 1027.822369][T32683] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10798'. [ 1028.086527][T32702] IPVS: Unknown mcast interface: vlan0 [ 1030.329997][ T312] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 1030.663894][ T323] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10849'. [ 1037.050350][ T492] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10924'. [ 1039.371279][ T544] netlink: 16 bytes leftover after parsing attributes in process `syz.8.10950'. [ 1042.324724][ T607] netlink: 32 bytes leftover after parsing attributes in process `syz.3.10976'. [ 1043.719229][ T640] team_slave_0: entered promiscuous mode [ 1043.725125][ T640] team_slave_0: entered allmulticast mode [ 1043.903401][ T651] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10995'. [ 1044.617152][T28097] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1044.635501][T28097] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1044.647479][T28097] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1044.662615][T28097] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1044.682487][T28097] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1045.246724][ T680] chnl_net:caif_netlink_parms(): no params data found [ 1045.400929][ T680] bridge0: port 1(bridge_slave_0) entered blocking state [ 1045.413827][ T680] bridge0: port 1(bridge_slave_0) entered disabled state [ 1045.424595][ T680] bridge_slave_0: entered allmulticast mode [ 1045.434669][ T680] bridge_slave_0: entered promiscuous mode [ 1045.448254][ T680] bridge0: port 2(bridge_slave_1) entered blocking state [ 1045.455841][ T680] bridge0: port 2(bridge_slave_1) entered disabled state [ 1045.464386][ T680] bridge_slave_1: entered allmulticast mode [ 1045.473842][ T680] bridge_slave_1: entered promiscuous mode [ 1045.526686][ T680] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1045.543416][ T680] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1045.590438][ T680] team0: Port device team_slave_0 added [ 1045.601508][ T680] team0: Port device team_slave_1 added [ 1045.647053][ T680] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1045.654222][ T680] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1045.694653][ T680] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1045.718781][ T680] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1045.727825][ T680] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1045.755531][ T680] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1045.832853][ T718] netlink: 44 bytes leftover after parsing attributes in process `syz.8.11018'. [ 1045.901918][ T680] hsr_slave_0: entered promiscuous mode [ 1045.910180][ T680] hsr_slave_1: entered promiscuous mode [ 1045.917880][ T680] debugfs: 'hsr0' already exists in 'hsr' [ 1045.923741][ T680] Cannot create hsr debugfs directory [ 1046.173744][ T731] IPVS: sh: FWM 3 0x00000003 - no destination available [ 1046.469393][ T742] netlink: 'syz.3.11028': attribute type 29 has an invalid length. [ 1046.491813][ T745] netlink: 'syz.3.11028': attribute type 29 has an invalid length. [ 1046.534110][ T742] netlink: 500 bytes leftover after parsing attributes in process `syz.3.11028'. [ 1046.681778][ T680] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 1046.735909][ T680] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 1046.763515][ T680] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 1046.777861][ T5841] Bluetooth: hci3: command tx timeout [ 1046.804085][ T680] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 1047.024873][ T680] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1047.072171][ T680] 8021q: adding VLAN 0 to HW filter on device team0 [ 1047.111273][ T1116] bridge0: port 1(bridge_slave_0) entered blocking state [ 1047.118562][ T1116] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1047.166103][ T1116] bridge0: port 2(bridge_slave_1) entered blocking state [ 1047.173372][ T1116] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1047.588360][ T680] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1047.949703][ T680] veth0_vlan: entered promiscuous mode [ 1047.976179][ T680] veth1_vlan: entered promiscuous mode [ 1048.023316][ T680] veth0_macvtap: entered promiscuous mode [ 1048.035871][ T680] veth1_macvtap: entered promiscuous mode [ 1048.066120][ T680] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1048.084953][ T680] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1048.106008][ T60] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1048.115072][ T60] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1048.128723][ T60] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1048.139335][ T60] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1048.414521][T27099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1048.440193][T27099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1048.543996][T27099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1048.559538][T27099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1048.857838][ T5841] Bluetooth: hci3: command tx timeout [ 1048.977130][ T5841] Bluetooth: min 6 > max 0 [ 1048.983879][ T844] overlayfs: failed to clone upperpath [ 1049.335807][ T863] overlayfs: failed to clone upperpath [ 1049.387521][ T30] audit: type=1326 audit(1773861514.115:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=865 comm="syz.9.11071" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb3c8f9c799 code=0x0 [ 1050.937657][ T5841] Bluetooth: hci3: command tx timeout [ 1051.094788][ T907] overlayfs: failed to clone upperpath [ 1051.120918][ T909] overlayfs: failed to clone upperpath [ 1051.707536][ T5932] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 1051.858131][ T5932] usb 10-1: Using ep0 maxpacket: 16 [ 1051.864956][ T5932] usb 10-1: config 0 has no interfaces? [ 1051.872612][ T5932] usb 10-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 1051.881994][ T5932] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1051.890182][ T5932] usb 10-1: Product: syz [ 1051.894484][ T5932] usb 10-1: Manufacturer: syz [ 1051.902947][ T5932] usb 10-1: SerialNumber: syz [ 1051.911758][ T5932] usb 10-1: config 0 descriptor?? [ 1052.414386][ T30] audit: type=1326 audit(1773861517.145:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=971 comm="syz.3.11110" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe1f399c799 code=0x0 [ 1053.018023][ T5841] Bluetooth: hci3: command tx timeout [ 1054.138769][ T930] Bluetooth: hci3: Opcode 0x0401 failed: -110 [ 1054.151079][ T1240] usb 10-1: USB disconnect, device number 2 [ 1054.462846][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.099341][ T5841] Bluetooth: hci3: command 0x2021 tx timeout [ 1055.459945][ T1070] binder: 1067:1070 ioctl c0306201 200000000640 returned -22 [ 1055.937930][ T1240] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 1056.089279][ T1240] usb 10-1: Using ep0 maxpacket: 32 [ 1056.109337][ T1240] usb 10-1: config 0 has an invalid interface number: 51 but max is 0 [ 1056.117986][ T1240] usb 10-1: config 0 has no interface number 0 [ 1056.133921][ T1240] usb 10-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 1056.149039][ T1240] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1056.164527][ T1240] usb 10-1: Product: syz [ 1056.175664][ T1240] usb 10-1: Manufacturer: syz [ 1056.182587][ T1240] usb 10-1: SerialNumber: syz [ 1056.201114][ T1240] usb 10-1: config 0 descriptor?? [ 1056.230050][ T1240] quatech2 10-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 1056.368150][ T1094] fuse: fd is not a fuse device [ 1056.430847][ T1240] usb 10-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 1056.469053][ T1240] usb 10-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 1056.828385][ C0] usb 10-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 1056.829584][ T5932] usb 10-1: USB disconnect, device number 3 [ 1056.851990][ T5932] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 1056.876192][ T5932] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 1056.892647][ T5932] quatech2 10-1:0.51: device disconnected [ 1057.179454][ T5841] Bluetooth: hci3: command 0x2021 tx timeout [ 1057.760542][ T5932] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 1057.920219][ T5932] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1057.931775][ T5932] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1057.942686][ T5932] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1057.952779][ T5932] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1057.962039][ T5932] usb 10-1: SerialNumber: syz [ 1058.180370][ T5932] usb 10-1: 0:2 : does not exist [ 1058.270553][ T5932] usb 10-1: USB disconnect, device number 4 [ 1058.309862][ T684] udevd[684]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1058.985858][ T1139] overlayfs: failed to clone upperpath [ 1059.197701][ T5893] usb 10-1: new high-speed USB device number 5 using dummy_hcd [ 1059.369732][ T5893] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1059.384009][ T5893] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1059.409991][ T5893] usb 10-1: New USB device found, idVendor=08b7, idProduct=8000, bcdDevice= 0.00 [ 1059.427439][ T5893] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1059.446064][ T5893] usb 10-1: SerialNumber: syz [ 1059.676547][ T5893] usb 10-1: 0:2 : does not exist [ 1059.729158][ T5893] usb 10-1: USB disconnect, device number 5 [ 1059.787965][ T684] udevd[684]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1060.807464][ T5932] usb 10-1: new high-speed USB device number 6 using dummy_hcd [ 1060.977466][ T5932] usb 10-1: Using ep0 maxpacket: 8 [ 1060.989931][ T5932] usb 10-1: config 0 has an invalid interface number: 1 but max is 0 [ 1061.007446][ T5932] usb 10-1: config 0 has no interface number 0 [ 1061.015290][ T5932] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1061.026730][ T5932] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1061.040459][ T5932] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1061.053572][ T5932] usb 10-1: config 0 descriptor?? [ 1061.073351][ T5932] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 1061.275511][ T5932] usb 10-1: USB disconnect, device number 6 [ 1062.143333][ T1217] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11198'. [ 1062.327554][ T1227] fuse: fd is not a fuse device [ 1062.823440][ T1247] overlayfs: failed to clone upperpath [ 1062.887517][ T5932] usb 10-1: new high-speed USB device number 7 using dummy_hcd [ 1063.057531][ T5932] usb 10-1: Using ep0 maxpacket: 32 [ 1063.080478][ T5932] usb 10-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 1063.090821][ T5932] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1063.104833][ T5932] usb 10-1: config 0 descriptor?? [ 1063.332081][ T5932] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 1063.357475][ T5932] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1063.381703][ T5932] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 1063.390081][ T5932] usb 10-1: media controller created [ 1063.409733][ T5932] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1064.367435][ T5932] stb0899_attach: Driver disabled by Kconfig [ 1064.393519][ T5932] az6027: no front-end attached [ 1064.393519][ T5932] [ 1064.418216][ T5932] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 1064.440821][ T5932] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.9/usb10/10-1/input/input95 [ 1064.483439][ T5932] dvb-usb: schedule remote query interval to 400 msecs. [ 1064.501198][ T5932] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 1064.664714][ T5893] usb 10-1: USB disconnect, device number 7 [ 1064.782895][ T5893] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 1066.576733][ T1340] netlink: 'syz.8.11243': attribute type 10 has an invalid length. [ 1067.136532][ T1358] fuse: fd is not a fuse device [ 1067.462228][ T1367] fuse: fd is not a fuse device [ 1067.627111][ T1374] fuse: fd is not a fuse device [ 1067.858088][ T1381] comedi comedi3: comedi_parport: I/O port conflict (0x7,3) [ 1068.079595][ T1389] tipc: Failed to remove unknown binding: 66,1,1/0:3084973321/3084973323 [ 1068.164436][ T1393] overlayfs: failed to clone upperpath [ 1068.261201][ T1397] fuse: fd is not a fuse device [ 1068.284677][ T1400] fuse: fd is not a fuse device [ 1068.333235][ T1402] fuse: fd is not a fuse device [ 1068.497559][ T10] usb 10-1: new high-speed USB device number 8 using dummy_hcd [ 1068.606011][ T1418] fuse: fd is not a fuse device [ 1068.666229][ T10] usb 10-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 1068.692313][ T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1068.717294][ T10] usb 10-1: Product: syz [ 1068.723024][ T10] usb 10-1: Manufacturer: syz [ 1068.728782][ T10] usb 10-1: SerialNumber: syz [ 1068.739204][ T10] usb 10-1: config 0 descriptor?? [ 1068.759933][ T10] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 1068.986556][ T1432] overlayfs: failed to clone upperpath [ 1069.573336][ T10] gspca_sunplus: reg_w_riv err -71 [ 1069.587986][ T10] sunplus 10-1:0.0: probe with driver sunplus failed with error -71 [ 1069.605178][ T10] usb 10-1: USB disconnect, device number 8 [ 1069.690148][ T1440] fuse: fd is not a fuse device [ 1070.169711][ T1446] fuse: fd is not a fuse device [ 1070.561904][ T1468] fuse: fd is not a fuse device [ 1070.907595][ T5932] usb 10-1: new high-speed USB device number 9 using dummy_hcd [ 1071.057490][ T5932] usb 10-1: Using ep0 maxpacket: 8 [ 1071.072486][ T5932] usb 10-1: config index 0 descriptor too short (expected 74, got 45) [ 1071.091381][ T5932] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 1071.118655][ T5932] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 1071.140718][ T5932] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024 [ 1071.160600][ T5932] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1071.171420][ T5932] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1071.185413][ T5932] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1071.194816][ T5932] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1071.426103][ T5932] usb 10-1: GET_CAPABILITIES returned 0 [ 1071.441132][ T5932] usbtmc 10-1:16.0: can't read capabilities [ 1071.646901][ T1240] usb 10-1: USB disconnect, device number 9 [ 1071.818460][ T1509] overlayfs: failed to clone upperpath [ 1072.379418][ T1521] fuse: fd is not a fuse device [ 1072.795046][ T1548] fuse: fd is not a fuse device [ 1073.275961][ T1572] fuse: fd is not a fuse device [ 1074.334326][ T1609] fuse: fd is not a fuse device [ 1074.543221][ T1617] tipc: Started in network mode [ 1074.548440][ T1617] tipc: Node identity 96b2148ca987, cluster identity 4711 [ 1074.556183][ T1617] tipc: Enabled bearer , priority 0 [ 1074.624749][ T1617] syzkaller0: entered promiscuous mode [ 1074.630464][ T1617] syzkaller0: entered allmulticast mode [ 1074.638079][ T1617] tipc: Resetting bearer [ 1074.662229][ T1616] tipc: Resetting bearer [ 1075.214359][ T1628] fuse: fd is not a fuse device [ 1075.449824][ T1636] fuse: fd is not a fuse device [ 1076.566579][ T1650] fuse: fd is not a fuse device [ 1076.898564][ T1662] fuse: fd is not a fuse device [ 1077.380456][ T1680] fuse: fd is not a fuse device [ 1077.872895][ T1693] fuse: fd is not a fuse device [ 1079.955428][ T1616] tipc: Disabling bearer [ 1079.965351][ T5932] tipc: Node number set to 1060443276 [ 1080.513344][ T30] audit: type=1326 audit(1773861801.240:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1740 comm="syz.4.11409" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa680f9c799 code=0x0 [ 1081.460202][ T1762] kvm: pic: non byte write [ 1081.615585][ T30] audit: type=1326 audit(1773861802.340:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1768 comm="syz.3.11414" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe1f399c799 code=0x0 [ 1082.504837][ T30] audit: type=1326 audit(1773861803.230:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1787 comm="syz.3.11421" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe1f399c799 code=0x0 [ 1082.704821][ T1795] fuse: fd is not a fuse device [ 1084.375085][ T1825] fuse: fd is not a fuse device [ 1086.269888][ T1881] binder_alloc: 1879: pid 1879 spamming oneway? 1 buffers allocated for a total size of 4096 [ 1086.294302][ T1881] binder_alloc: 1879: pid 1879 spamming oneway? 2 buffers allocated for a total size of 5120 [ 1086.646794][ T1899] fuse: fd is not a fuse device [ 1088.037500][ T5893] usb 10-1: new high-speed USB device number 10 using dummy_hcd [ 1088.197465][ T5893] usb 10-1: Using ep0 maxpacket: 16 [ 1088.209998][ T5893] usb 10-1: config 0 has no interfaces? [ 1088.217951][ T5893] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1088.227701][ T5893] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1088.235918][ T5893] usb 10-1: Manufacturer: syz [ 1088.250126][ T5893] usb 10-1: config 0 descriptor?? [ 1088.502242][ T10] usb 10-1: USB disconnect, device number 10 [ 1090.521437][ T5841] Bluetooth: hci3: Unknown advertising packet type: 0x18 [ 1090.521509][ T5841] Bluetooth: hci3: Unknown advertising packet type: 0x1e [ 1090.529625][ T5841] Bluetooth: hci3: Unknown advertising packet type: 0x30 [ 1090.541975][ T5841] Bluetooth: hci3: Malformed LE Event: 0x0d [ 1090.657873][ T5841] Bluetooth: hci3: Unknown advertising packet type: 0x19 [ 1090.657907][ T5841] Bluetooth: hci3: Unknown advertising packet type: 0x1f [ 1090.668175][ T5841] Bluetooth: hci3: Unknown advertising packet type: 0x31 [ 1090.675297][ T5841] Bluetooth: hci3: Malformed LE Event: 0x0d [ 1091.037503][ T5893] usb 10-1: new high-speed USB device number 11 using dummy_hcd [ 1091.207784][ T5893] usb 10-1: Using ep0 maxpacket: 32 [ 1091.227066][ T5893] usb 10-1: config 0 has an invalid interface number: 184 but max is 0 [ 1091.243570][ T5893] usb 10-1: config 0 has no interface number 0 [ 1091.256975][ T5893] usb 10-1: config 0 interface 184 has no altsetting 0 [ 1091.278970][ T5893] usb 10-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 1091.294847][ T5893] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1091.313760][ T5893] usb 10-1: Product: syz [ 1091.321004][ T5893] usb 10-1: Manufacturer: syz [ 1091.325922][ T5893] usb 10-1: SerialNumber: syz [ 1091.338085][ T5893] usb 10-1: config 0 descriptor?? [ 1092.469475][ T5893] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 1092.481343][ T5893] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1093.359991][ T2048] tipc: Enabled bearer , priority 0 [ 1094.306715][ T5893] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000304: -71 [ 1094.322413][ T5893] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to write ADDR_FILTX+4: -71 [ 1094.333508][ T5893] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to set mac address [ 1094.347653][ T5893] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 1094.358352][ T5893] smsc75xx 10-1:0.184: probe with driver smsc75xx failed with error -71 [ 1094.371373][ T5893] usb 10-1: USB disconnect, device number 11 [ 1094.962188][ T2104] netdevsim netdevsim8: Firmware load for '..' refused, path contains '..' component [ 1095.125655][ T2111] netlink: 'syz.8.11548': attribute type 10 has an invalid length. [ 1096.235749][ T2144] netlink: 'syz.3.11562': attribute type 27 has an invalid length. [ 1096.428694][ T2148] tipc: Enabled bearer , priority 0 [ 1096.860532][ T2154] random: crng reseeded on system resumption [ 1096.966887][ T5841] Bluetooth: hci3: unexpected event for opcode 0x203d [ 1097.203030][ T5841] Bluetooth: hci3: SCO packet for unknown connection handle 172 [ 1098.117492][ T10] usb 10-1: new full-speed USB device number 12 using dummy_hcd [ 1098.282345][ T10] usb 10-1: New USB device found, idVendor=14f7, idProduct=0500, bcdDevice=44.85 [ 1098.293046][ T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1098.302970][ T10] usb 10-1: Product: syz [ 1098.309919][ T10] usb 10-1: Manufacturer: syz [ 1098.314769][ T10] usb 10-1: SerialNumber: syz [ 1098.324247][ T10] usb 10-1: config 0 descriptor?? [ 1098.334164][ T10] usb 10-1: selecting invalid altsetting 1 [ 1098.341490][ T10] technisat-usb2: could not set alternate setting to 0 [ 1098.536983][ T10] technisat-usb2: firmware version: 0.0 [ 1098.543456][ T10] dvb-usb: found a 'Technisat SkyStar USB HD (DVB-S/S2)' in warm state. [ 1098.771589][ T10] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1098.791324][ T10] dvb-usb: Technisat SkyStar USB HD (DVB-S/S2) error while loading driver (-19) [ 1098.804087][ T10] usb 10-1: USB disconnect, device number 12 [ 1099.147682][ T2233] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11605'. [ 1099.332627][ T2242] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 1099.385745][ T5841] Bluetooth: hci3: connection err: -111 [ 1099.697477][ T5932] usb 10-1: new high-speed USB device number 13 using dummy_hcd [ 1099.858281][ T5932] usb 10-1: Using ep0 maxpacket: 16 [ 1099.870075][ T5932] usb 10-1: config 0 has an invalid interface number: 126 but max is 0 [ 1099.885241][ T5932] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1099.902130][ T5932] usb 10-1: config 0 has no interface number 0 [ 1099.909720][ T5932] usb 10-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87 [ 1099.924674][ T5932] usb 10-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024 [ 1099.936708][ T5932] usb 10-1: config 0 interface 126 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64 [ 1099.949541][ T5932] usb 10-1: config 0 interface 126 altsetting 0 endpoint 0x4 has invalid maxpacket 2053, setting to 1024 [ 1099.961133][ T5932] usb 10-1: config 0 interface 126 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024 [ 1099.972948][ T5932] usb 10-1: config 0 interface 126 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 1099.989735][ T5932] usb 10-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88 [ 1099.999317][ T5932] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1100.013189][ T5932] usb 10-1: config 0 descriptor?? [ 1100.023906][ T2246] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22 [ 1100.048586][ T2246] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22 [ 1100.066887][ T5932] usb 10-1: Quirk or no altset; falling back to MIDI 1.0 [ 1100.283475][ T5932] usb 10-1: USB disconnect, device number 13 [ 1100.618992][ T2296] IPVS: stopping backup sync thread 2298 ... [ 1100.619619][ T2298] IPVS: sync thread started: state = BACKUP, mcast_ifn = vlan0, syncid = 2, id = 0 [ 1100.887710][ T5841] Bluetooth: hci3: unexpected cc 0x0402 length: 61 > 1 [ 1100.897112][ T5841] Bluetooth: hci3: unexpected event for opcode 0x0402 [ 1102.107773][ T5932] usb 10-1: new high-speed USB device number 14 using dummy_hcd [ 1102.269150][ T5932] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1102.279770][ T5932] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1102.291221][ T5932] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1102.303026][ T5932] usb 10-1: New USB device found, idVendor=056a, idProduct=0000, bcdDevice= 0.00 [ 1102.315221][ T5932] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1102.329206][ T5932] usb 10-1: config 0 descriptor?? [ 1102.765195][ T5932] wacom 0003:056A:0000.0060: Unknown device_type for 'HID 056a:0000'. Assuming pen. [ 1102.790658][ T5932] wacom 0003:056A:0000.0060: hidraw0: USB HID v0.00 Device [HID 056a:0000] on usb-dummy_hcd.9-1/input0 [ 1102.821181][ T5932] input: Wacom Penpartner Pen as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:056A:0000.0060/input/input96 [ 1102.964445][ T10] usb 10-1: USB disconnect, device number 14 [ 1103.019981][ T5841] Bluetooth: hci3: command 0x2021 tx timeout [ 1103.917541][ T5932] usb 10-1: new high-speed USB device number 15 using dummy_hcd [ 1104.080044][ T5932] usb 10-1: config 220 has an invalid interface number: 76 but max is 2 [ 1104.089230][ T5932] usb 10-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1104.099453][ T5932] usb 10-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1104.123032][ T5932] usb 10-1: config 220 has no interface number 2 [ 1104.130666][ T5932] usb 10-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1104.144520][ T5932] usb 10-1: config 220 interface 0 has no altsetting 0 [ 1104.151980][ T5932] usb 10-1: config 220 interface 76 has no altsetting 0 [ 1104.161692][ T5932] usb 10-1: config 220 interface 1 has no altsetting 0 [ 1104.171108][ T5932] usb 10-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1104.180517][ T5932] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1104.190542][ T5932] usb 10-1: Product: syz [ 1104.194916][ T5932] usb 10-1: Manufacturer: syz [ 1104.201000][ T5932] usb 10-1: SerialNumber: syz [ 1104.424798][ T5932] usb 10-1: selecting invalid altsetting 0 [ 1104.450769][ T5932] uvcvideo 10-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 1104.460823][ T5932] uvcvideo 10-1:220.0: No valid video chain found. [ 1104.473029][ T5932] usb 10-1: selecting invalid altsetting 0 [ 1104.479764][ T5932] usbtest 10-1:220.1: probe with driver usbtest failed with error -22 [ 1104.492239][ T5932] usb 10-1: USB disconnect, device number 15 [ 1105.217446][ T5932] usb 10-1: new high-speed USB device number 16 using dummy_hcd [ 1105.369559][ T5932] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 130, using maximum allowed: 30 [ 1105.380973][ T5932] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1105.392156][ T5932] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 130 [ 1105.405661][ T5932] usb 10-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00 [ 1105.416385][ T5932] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1105.431443][ T5932] usb 10-1: config 0 descriptor?? [ 1105.872308][ T5932] hid_parser_main: 4 callbacks suppressed [ 1105.872334][ T5932] corsair 0003:1B1C:1B3E.0061: unknown main item tag 0x0 [ 1105.888998][ T5932] corsair 0003:1B1C:1B3E.0061: unknown main item tag 0x0 [ 1105.896291][ T5932] corsair 0003:1B1C:1B3E.0061: unknown main item tag 0x0 [ 1105.905477][ T5932] corsair 0003:1B1C:1B3E.0061: unknown main item tag 0x0 [ 1105.913207][ T5932] corsair 0003:1B1C:1B3E.0061: unknown main item tag 0x0 [ 1105.920945][ T5932] corsair 0003:1B1C:1B3E.0061: unknown main item tag 0x0 [ 1105.929609][ T5932] corsair 0003:1B1C:1B3E.0061: unexpected long global item [ 1105.938901][ T5932] corsair 0003:1B1C:1B3E.0061: parse failed [ 1105.945044][ T5932] corsair 0003:1B1C:1B3E.0061: probe with driver corsair failed with error -22 [ 1106.067962][ T5932] usb 10-1: USB disconnect, device number 16 [ 1106.679610][ T2491] netlink: 204 bytes leftover after parsing attributes in process `syz.9.11713'. [ 1106.692027][ T2491] netlink: 72 bytes leftover after parsing attributes in process `syz.9.11713'. [ 1107.147431][ T5932] usb 10-1: new high-speed USB device number 17 using dummy_hcd [ 1107.316310][ T5932] usb 10-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb [ 1107.326302][ T5932] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201 [ 1107.335080][ T5932] usb 10-1: Product: syz [ 1107.340260][ T5932] usb 10-1: Manufacturer: syz [ 1107.345019][ T5932] usb 10-1: SerialNumber: syz [ 1107.353836][ T5932] usb 10-1: config 0 descriptor?? [ 1107.371350][ T5932] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state. [ 1107.379535][ T5932] dvb-usb: bulk message failed: -22 (2/0) [ 1107.390997][ T5932] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1107.401191][ T5932] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB) [ 1107.411214][ T5932] usb 10-1: media controller created [ 1107.437063][ T5932] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1107.580951][ T5932] dvb-usb: bulk message failed: -22 (1/0) [ 1107.630404][ T5932] DVB: Unable to find symbol mt352_attach() [ 1107.637147][ T5932] dvb-usb: bulk message failed: -22 (5/0) [ 1107.657216][ T5932] zl10353_read_register: readreg error (reg=127, ret==-121) [ 1107.671411][ T5932] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB' [ 1107.789572][ T5932] rc_core: IR keymap rc-dvico-mce not found [ 1107.811826][ T5932] Registered IR keymap rc-empty [ 1107.828492][ T5932] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.9/usb10/10-1/rc/rc0 [ 1107.852978][ T5932] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.9/usb10/10-1/rc/rc0/input99 [ 1107.871796][ T5932] dvb-usb: schedule remote query interval to 100 msecs. [ 1107.879025][ T5932] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected. [ 1107.893495][ T5932] usb 10-1: USB disconnect, device number 17 [ 1107.967662][ T5932] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected. [ 1108.555456][ T2556] netlink: 104 bytes leftover after parsing attributes in process `syz.8.11734'. [ 1108.807524][T28366] usb 10-1: new high-speed USB device number 18 using dummy_hcd [ 1108.957472][T28366] usb 10-1: Using ep0 maxpacket: 8 [ 1108.964359][T28366] usb 10-1: config index 0 descriptor too short (expected 5924, got 36) [ 1108.973172][T28366] usb 10-1: config 250 has an invalid interface number: 228 but max is -1 [ 1108.984061][T28366] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 1108.993493][T28366] usb 10-1: config 250 has no interface number 0 [ 1109.000390][T28366] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 1109.012215][T28366] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 1109.022993][T28366] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1109.033523][T28366] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 1109.043942][T28366] usb 10-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 1109.057893][T28366] usb 10-1: config 250 interface 228 has no altsetting 0 [ 1109.066963][T28366] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 1109.076299][T28366] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 1109.084747][T28366] usb 10-1: Product: syz [ 1109.089190][T28366] usb 10-1: SerialNumber: syz [ 1109.104356][T28366] hub 10-1:250.228: bad descriptor, ignoring hub [ 1109.110883][T28366] hub 10-1:250.228: probe with driver hub failed with error -5 [ 1109.308518][T28366] usblp 10-1:250.228: usblp0: USB Bidirectional printer dev 18 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 1109.606213][ T5912] usb 10-1: USB disconnect, device number 18 [ 1109.617191][ T5912] usblp0: removed [ 1110.377865][ T5912] usb 10-1: new full-speed USB device number 19 using dummy_hcd [ 1110.539982][ T5912] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1110.552130][ T5912] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1110.562581][ T5912] usb 10-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1110.572845][ T5912] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1110.585484][ T5912] usb 10-1: config 0 descriptor?? [ 1110.601716][ T5912] hub 10-1:0.0: USB hub found [ 1110.801980][ T5912] hub 10-1:0.0: 7 ports detected [ 1110.808438][ T5912] hub 10-1:0.0: insufficient power available to use all downstream ports [ 1111.211225][ T5912] usb 10-1: USB disconnect, device number 19 [ 1112.127513][T28366] usb 10-1: new high-speed USB device number 20 using dummy_hcd [ 1112.279417][T28366] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1112.290664][T28366] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 1112.301457][T28366] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1112.315781][T28366] usb 10-1: config 0 descriptor?? [ 1112.437256][ T2653] netlink: 16 bytes leftover after parsing attributes in process `syz.4.11766'. [ 1112.750966][T28366] keytouch 0003:0926:3333.0062: fixing up Keytouch IEC report descriptor [ 1112.763912][T28366] input: HID 0926:3333 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:0926:3333.0062/input/input100 [ 1112.856045][T28366] keytouch 0003:0926:3333.0062: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.9-1/input0 [ 1113.184838][T28366] usb 10-1: USB disconnect, device number 20 [ 1114.997584][ T5912] usb 10-1: new high-speed USB device number 21 using dummy_hcd [ 1115.149498][ T5912] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1115.159917][ T5912] usb 10-1: config 0 has no interfaces? [ 1115.169107][ T5912] usb 10-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 1115.178741][ T5912] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1115.186919][ T5912] usb 10-1: Product: syz [ 1115.191685][ T5912] usb 10-1: Manufacturer: syz [ 1115.196626][ T5912] usb 10-1: SerialNumber: syz [ 1115.206568][ T5912] usb 10-1: config 0 descriptor?? [ 1115.474862][T28361] usb 10-1: USB disconnect, device number 21 [ 1115.901778][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 1118.407894][ T5912] usb 10-1: new high-speed USB device number 22 using dummy_hcd [ 1118.533664][ T2862] netlink: 25 bytes leftover after parsing attributes in process `syz.3.11835'. [ 1118.579654][ T5912] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1118.598773][ T5912] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1118.613727][ T5912] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1118.624686][ T5912] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1118.638697][ T5912] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1118.648266][ T5912] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1118.661251][ T5912] usb 10-1: config 0 descriptor?? [ 1119.087970][ T5912] plantronics 0003:047F:FFFF.0063: unknown main item tag 0x0 [ 1119.096301][ T5912] plantronics 0003:047F:FFFF.0063: unknown main item tag 0x0 [ 1119.105142][ T5912] plantronics 0003:047F:FFFF.0063: unknown main item tag 0x0 [ 1119.115835][ T5912] plantronics 0003:047F:FFFF.0063: unknown main item tag 0x0 [ 1119.123797][ T5912] plantronics 0003:047F:FFFF.0063: unknown main item tag 0x0 [ 1119.131602][ T5912] plantronics 0003:047F:FFFF.0063: unknown main item tag 0x0 [ 1119.140296][ T5912] plantronics 0003:047F:FFFF.0063: unknown main item tag 0x0 [ 1119.148208][ T5912] plantronics 0003:047F:FFFF.0063: unknown main item tag 0x0 [ 1119.155971][ T5912] plantronics 0003:047F:FFFF.0063: unknown main item tag 0x0 [ 1119.163984][ T5912] plantronics 0003:047F:FFFF.0063: unknown main item tag 0x0 [ 1119.177452][ T5912] plantronics 0003:047F:FFFF.0063: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0 [ 1119.349401][T28366] usb 10-1: USB disconnect, device number 22 [ 1120.705728][ T2921] fuse: fd is not a fuse device [ 1121.407862][ T10] usb 10-1: new high-speed USB device number 23 using dummy_hcd [ 1121.570771][ T10] usb 10-1: config index 0 descriptor too short (expected 28277, got 36) [ 1121.582368][ T10] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1121.594385][ T10] usb 10-1: config 0 has no interfaces? [ 1121.600581][ T10] usb 10-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 1121.614324][ T10] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1121.629516][ T10] usb 10-1: config 0 descriptor?? [ 1121.945723][ T2975] overlayfs: failed to clone upperpath [ 1121.990809][ T5912] usb 10-1: USB disconnect, device number 23 [ 1122.887437][ T5912] usb 10-1: new high-speed USB device number 24 using dummy_hcd [ 1123.050383][ T5912] usb 10-1: Using ep0 maxpacket: 8 [ 1123.063420][ T5912] usb 10-1: config 0 has no interfaces? [ 1123.081194][ T5912] usb 10-1: New USB device found, idVendor=0200, idProduct=0000, bcdDevice= 0.40 [ 1123.107082][ T5912] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1123.132806][ T5912] usb 10-1: Product: syz [ 1123.142876][ T5912] usb 10-1: Manufacturer: syz [ 1123.151190][ T5912] usb 10-1: SerialNumber: syz [ 1123.169198][ T5912] usb 10-1: config 0 descriptor?? [ 1125.700210][T28366] usb 10-1: USB disconnect, device number 24 [ 1125.872196][ T3097] overlayfs: failed to clone upperpath [ 1125.942843][ T3101] fuse: fd is not a fuse device [ 1126.085891][ T30] audit: type=1326 audit(1773861846.810:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3104 comm="syz.4.11932" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa680f9c799 code=0x0 [ 1126.616148][ T30] audit: type=1800 audit(1773861847.340:221): pid=3135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.11942" name="bus" dev="overlay" ino=713 res=0 errno=0 [ 1126.774036][ T3146] fuse: fd is not a fuse device [ 1127.227411][T28361] usb 10-1: new high-speed USB device number 25 using dummy_hcd [ 1127.377428][T28361] usb 10-1: Using ep0 maxpacket: 32 [ 1127.384500][T28361] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1127.396950][T28361] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1127.408750][T28361] usb 10-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1127.419190][T28361] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1127.433005][T28361] usb 10-1: config 0 descriptor?? [ 1127.457098][T28361] hub 10-1:0.0: USB hub found [ 1127.651650][T28361] hub 10-1:0.0: 1 port detected [ 1127.710902][ T3178] fuse: fd is not a fuse device [ 1127.882701][ T3184] fuse: fd is not a fuse device [ 1128.264323][T28361] hub 10-1:0.0: activate --> -90 [ 1129.094369][ T3223] overlayfs: failed to clone upperpath [ 1129.195583][ T3229] overlayfs: failed to clone upperpath [ 1129.339015][T28361] hub 10-1:0.0: hub_ext_port_status failed (err = -32) [ 1129.388074][T28361] usb 10-1: USB disconnect, device number 25 [ 1129.629959][ T3252] overlayfs: failed to clone upperpath [ 1129.831839][ T3265] overlayfs: failed to clone upperpath [ 1130.243415][ T3285] overlayfs: failed to clone upperpath [ 1130.454215][ T3300] fuse: fd is not a fuse device [ 1130.906327][ T3318] overlayfs: failed to clone upperpath [ 1131.014647][ T3325] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12014'. [ 1131.784138][ T3337] fuse: fd is not a fuse device [ 1131.933208][ T3344] overlayfs: failed to clone upperpath [ 1132.019037][ T3348] netlink: 'syz.4.12023': attribute type 10 has an invalid length. [ 1132.266942][ T3359] fuse: fd is not a fuse device [ 1133.180633][ T3275] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 1133.243250][ T3372] fuse: fd is not a fuse device [ 1133.317175][ T3374] overlayfs: failed to clone upperpath [ 1133.667903][ T3391] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1134.285658][ T3413] netlink: 'syz.3.12047': attribute type 10 has an invalid length. [ 1134.307471][ T3419] fuse: fd is not a fuse device [ 1136.122575][ T3489] overlayfs: failed to clone upperpath [ 1136.160605][ T3489] overlayfs: failed to clone upperpath [ 1136.285093][ T3493] fuse: fd is not a fuse device [ 1136.442055][ T3505] fuse: fd is not a fuse device [ 1136.556785][ T3512] fuse: fd is not a fuse device [ 1136.562020][ T5912] usb 10-1: new high-speed USB device number 26 using dummy_hcd [ 1136.689692][ T3520] fuse: fd is not a fuse device [ 1136.718057][ T5912] usb 10-1: Using ep0 maxpacket: 32 [ 1136.729406][ T5912] usb 10-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 1136.744737][ T5912] usb 10-1: config 0 interface 0 has no altsetting 0 [ 1136.752393][ T5912] usb 10-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 1136.762079][ T5912] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1136.780020][ T5912] usb 10-1: config 0 descriptor?? [ 1136.817933][ T3523] fuse: fd is not a fuse device [ 1136.896504][ T3527] fuse: fd is not a fuse device [ 1137.573071][ T5912] corsair-cpro 0003:1B1C:0C10.0064: hidraw0: USB HID v4.06 Device [HID 1b1c:0c10] on usb-dummy_hcd.9-1/input0 [ 1137.854737][ T3564] fuse: fd is not a fuse device [ 1137.929744][ T3566] fuse: fd is not a fuse device [ 1137.970198][ T5912] corsair-cpro 0003:1B1C:0C10.0064: probe with driver corsair-cpro failed with error -71 [ 1138.009138][ T5912] usb 10-1: USB disconnect, device number 26 [ 1138.261254][ T3578] fuse: fd is not a fuse device [ 1138.615295][ T3590] fuse: fd is not a fuse device [ 1138.700108][ T3594] overlayfs: failed to clone upperpath [ 1138.978392][ T3606] fuse: fd is not a fuse device [ 1139.320657][ T3624] fuse: Bad value for 'fd' [ 1139.756573][ T3635] fuse: fd is not a fuse device [ 1140.013414][ T3649] fuse: fd is not a fuse device [ 1140.286112][ T3662] overlayfs: failed to clone upperpath [ 1140.569017][ T5912] usb 10-1: new high-speed USB device number 27 using dummy_hcd [ 1140.728165][ T5912] usb 10-1: Using ep0 maxpacket: 8 [ 1140.735329][ T5912] usb 10-1: config 0 has no interfaces? [ 1140.743795][ T5912] usb 10-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 1140.753299][ T5912] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1140.762011][ T5912] usb 10-1: Product: syz [ 1140.766302][ T5912] usb 10-1: Manufacturer: syz [ 1140.771068][ T5912] usb 10-1: SerialNumber: syz [ 1140.779895][ T5912] usb 10-1: config 0 descriptor?? [ 1140.992416][ T3665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1141.001603][ T3665] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1141.014033][ T5912] usb 10-1: USB disconnect, device number 27 [ 1141.421637][ T3694] fuse: fd is not a fuse device [ 1142.146195][ T3714] fuse: fd is not a fuse device [ 1142.216108][ T3718] fuse: fd is not a fuse device [ 1142.817731][ T5918] usb 10-1: new high-speed USB device number 28 using dummy_hcd [ 1142.967427][ T5918] usb 10-1: Using ep0 maxpacket: 16 [ 1142.974916][ T5918] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1142.987000][ T5918] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1143.001796][ T5918] usb 10-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1143.011138][ T5918] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1143.020096][ T5918] usb 10-1: Product: syz [ 1143.024405][ T5918] usb 10-1: Manufacturer: syz [ 1143.029309][ T5918] usb 10-1: SerialNumber: syz [ 1143.036722][ T5918] usb 10-1: config 0 descriptor?? [ 1143.046717][ T5918] em28xx 10-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1143.056592][ T5918] em28xx 10-1:0.0: Audio interface 0 found (Vendor Class) [ 1143.650184][ T5918] em28xx 10-1:0.0: unknown em28xx chip ID (0) [ 1143.656999][ T5918] em28xx 10-1:0.0: Config register raw data: 0xfffffffb [ 1144.269263][ T5918] em28xx 10-1:0.0: Unknown AC97 audio processor detected! [ 1144.695154][ T5918] em28xx 10-1:0.0: couldn't setup AC97 register 2 [ 1144.706095][ T5918] em28xx 10-1:0.0: couldn't setup AC97 register 4 [ 1144.713658][ T5918] em28xx 10-1:0.0: couldn't setup AC97 register 6 [ 1144.720983][ T5918] em28xx 10-1:0.0: couldn't setup AC97 register 54 [ 1144.729555][ T5918] em28xx 10-1:0.0: couldn't setup AC97 register 56 [ 1144.742738][ T5918] usb 10-1: USB disconnect, device number 28 [ 1144.793675][ T3792] fuse: fd is not a fuse device [ 1146.157497][ T5918] usb 10-1: new high-speed USB device number 29 using dummy_hcd [ 1146.327417][ T5918] usb 10-1: Using ep0 maxpacket: 16 [ 1146.353469][ T5918] usb 10-1: config 0 has no interfaces? [ 1146.378226][ T5918] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1146.395020][ T5918] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1146.404011][ T5918] usb 10-1: Manufacturer: syz [ 1146.410903][ T3826] netlink: 'syz.8.12216': attribute type 10 has an invalid length. [ 1146.422720][ T5918] usb 10-1: config 0 descriptor?? [ 1146.658935][ T5912] usb 10-1: USB disconnect, device number 29 [ 1150.209865][ T5841] Bluetooth: hci3: Unknown advertising packet type: 0x18 [ 1150.209895][ T5841] Bluetooth: hci3: Unknown advertising packet type: 0x1e [ 1150.218812][ T5841] Bluetooth: hci3: Unknown advertising packet type: 0x30 [ 1150.226300][ T5841] Bluetooth: hci3: Malformed LE Event: 0x0d [ 1151.630122][ T5912] usb 10-1: new high-speed USB device number 30 using dummy_hcd [ 1151.798204][ T5912] usb 10-1: Using ep0 maxpacket: 32 [ 1151.813228][ T3969] netlink: 'syz.3.12264': attribute type 10 has an invalid length. [ 1151.832539][ T5912] usb 10-1: config 0 has an invalid interface number: 184 but max is 0 [ 1151.852111][ T5912] usb 10-1: config 0 has no interface number 0 [ 1151.867197][ T5912] usb 10-1: config 0 interface 184 has no altsetting 0 [ 1151.885264][ T5912] usb 10-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 1151.903686][ T5912] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1151.933842][ T5912] usb 10-1: Product: syz [ 1151.944464][ T5912] usb 10-1: Manufacturer: syz [ 1151.946659][ T3971] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1151.962069][ T5912] usb 10-1: SerialNumber: syz [ 1151.975493][ T3961] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1151.986378][ T5912] usb 10-1: config 0 descriptor?? [ 1152.603875][ T5912] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 1152.615189][ T5912] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1153.525206][ T3989] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1154.689854][ T4008] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1154.759595][ T4008] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1154.930064][ T4020] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1155.849458][ T5912] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000003c: -71 [ 1155.864005][ T5912] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to write BULK_IN_DLY: -71 [ 1155.875463][ T5912] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 1155.898256][ T5912] smsc75xx 10-1:0.184: probe with driver smsc75xx failed with error -71 [ 1155.917878][ T5912] usb 10-1: USB disconnect, device number 30 [ 1156.653507][ T4062] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12301'. [ 1156.760347][ T4067] netlink: 164 bytes leftover after parsing attributes in process `syz.4.12304'. [ 1156.967637][T28366] usb 10-1: new high-speed USB device number 31 using dummy_hcd [ 1156.989262][ T4074] delete_channel: no stack [ 1156.993846][ T4074] delete_channel: no stack [ 1157.127402][T28366] usb 10-1: Using ep0 maxpacket: 32 [ 1157.134757][T28366] usb 10-1: unable to get BOS descriptor or descriptor too short [ 1157.144399][T28366] usb 10-1: config 16 has an invalid interface number: 119 but max is 0 [ 1157.155120][T28366] usb 10-1: config 16 has no interface number 0 [ 1157.161865][T28366] usb 10-1: config 16 interface 119 has no altsetting 0 [ 1157.171847][T28366] usb 10-1: New USB device found, idVendor=12d1, idProduct=1c23, bcdDevice=2b.c7 [ 1157.185093][T28366] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1157.193916][T28366] usb 10-1: Product: syz [ 1157.198364][T28366] usb 10-1: Manufacturer: syz [ 1157.203131][T28366] usb 10-1: SerialNumber: syz [ 1157.415584][ T4077] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12301'. [ 1157.449015][T28366] rndis_host 10-1:16.119: rndis: master #0/0000000000000000 slave #1/0000000000000000 [ 1157.460155][T28366] option 10-1:16.119: GSM modem (1-port) converter detected [ 1157.475478][T28366] usb 10-1: USB disconnect, device number 31 [ 1157.497678][T28366] option 10-1:16.119: device disconnected [ 1157.581360][ T4083] FAULT_INJECTION: forcing a failure. [ 1157.581360][ T4083] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 1157.596538][ T4083] CPU: 1 UID: 0 PID: 4083 Comm: syz.9.12310 Tainted: G L syzkaller #0 PREEMPT(full) [ 1157.596576][ T4083] Tainted: [L]=SOFTLOCKUP [ 1157.596585][ T4083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1157.596597][ T4083] Call Trace: [ 1157.596606][ T4083] [ 1157.596616][ T4083] dump_stack_lvl+0xe8/0x150 [ 1157.596655][ T4083] should_fail_ex+0x412/0x560 [ 1157.596795][ T4083] _copy_to_user+0x31/0xb0 [ 1157.596893][ T4083] simple_read_from_buffer+0xe1/0x170 [ 1157.596928][ T4083] proc_fail_nth_read+0x1bb/0x230 [ 1157.596960][ T4083] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1157.596991][ T4083] ? rw_verify_area+0x2a6/0x4d0 [ 1157.597021][ T4083] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1157.597048][ T4083] vfs_read+0x20c/0xa70 [ 1157.597077][ T4083] ? fdget_pos+0x246/0x320 [ 1157.597109][ T4083] ? __pfx___mutex_lock+0x10/0x10 [ 1157.597133][ T4083] ? __pfx_vfs_read+0x10/0x10 [ 1157.597165][ T4083] ? __fget_files+0x2a/0x420 [ 1157.597196][ T4083] ? __fget_files+0x3a0/0x420 [ 1157.597223][ T4083] ? __fget_files+0x2a/0x420 [ 1157.597257][ T4083] ksys_read+0x150/0x270 [ 1157.597278][ T4083] ? __pfx_ksys_read+0x10/0x10 [ 1157.597308][ T4083] do_syscall_64+0x14d/0xf80 [ 1157.597329][ T4083] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1157.597350][ T4083] ? clear_bhb_loop+0x40/0x90 [ 1157.597376][ T4083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1157.597403][ T4083] RIP: 0033:0x7fb3c8f5cfce [ 1157.597424][ T4083] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1157.597442][ T4083] RSP: 002b:00007fb3c71f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1157.597502][ T4083] RAX: ffffffffffffffda RBX: 00007fb3c71f66c0 RCX: 00007fb3c8f5cfce [ 1157.597518][ T4083] RDX: 000000000000000f RSI: 00007fb3c71f60a0 RDI: 0000000000000005 [ 1157.597531][ T4083] RBP: 00007fb3c71f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1157.597544][ T4083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1157.597556][ T4083] R13: 00007fb3c9216038 R14: 00007fb3c9215fa0 R15: 00007ffcdca22e98 [ 1157.597589][ T4083] [ 1158.365825][ T4090] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12313'. [ 1158.375285][ T4090] netlink: 16 bytes leftover after parsing attributes in process `syz.8.12313'. [ 1159.076389][ T4112] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12321'. [ 1159.220894][ T4118] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1159.284126][ T5912] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01) [ 1159.288178][ T4118] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1159.306106][ T5912] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 1159.320985][ T13] wlan1: authenticated [ 1159.354277][ T13] wlan1: associate with 08:02:11:00:00:00 (try 1/3) [ 1159.368898][ T13] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0x1 status=43 aid=1) [ 1159.379960][ T4118] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1159.390534][ T13] wlan1: 08:02:11:00:00:00 denied association (code=43) [ 1159.410733][ T4124] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1159.427118][ T4124] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12325'. [ 1159.452955][ T8287] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1159.466360][ T8287] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1160.096390][ T4134] netlink: 128 bytes leftover after parsing attributes in process `syz.3.12329'. [ 1160.112173][ T4134] netlink: 128 bytes leftover after parsing attributes in process `syz.3.12329'. [ 1160.210510][ T4141] netlink: 'syz.4.12330': attribute type 1 has an invalid length. [ 1160.222965][ T4141] overlayfs: failed to clone upperpath [ 1161.157380][ T5918] usb 10-1: new high-speed USB device number 32 using dummy_hcd [ 1161.345541][ T5918] usb 10-1: Using ep0 maxpacket: 32 [ 1161.379076][ T5918] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1161.390112][ T5918] usb 10-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 1161.402204][ T5918] usb 10-1: config 0 interface 0 has no altsetting 0 [ 1161.413603][ T5918] usb 10-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 1161.423680][ T5918] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1161.432442][ T5918] usb 10-1: Product: syz [ 1161.438001][ T5918] usb 10-1: Manufacturer: syz [ 1161.442848][ T5918] usb 10-1: SerialNumber: syz [ 1161.454723][ T5918] usb 10-1: config 0 descriptor?? [ 1161.872567][ T5918] gs_usb 10-1:0.0: Configuring for 142 interfaces [ 1162.355199][ T5918] gs_usb 10-1:0.0: Couldn't get bit timing const for channel 1 (-EPROTO) [ 1162.420470][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1162.428623][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1162.455444][ T4199] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1162.471934][ T5918] gs_usb 10-1:0.0: probe with driver gs_usb failed with error -71 [ 1162.481005][ T4199] netlink: 12 bytes leftover after parsing attributes in process `syz.8.12351'. [ 1162.501350][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1162.512189][ T5918] usb 10-1: USB disconnect, device number 32 [ 1162.527388][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1162.929026][ T4218] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12357'. [ 1163.914378][ T4252] mac80211_hwsim hwsim27 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 1164.020422][ T4247] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1164.826483][ T4289] netlink: 'syz.4.12381': attribute type 10 has an invalid length. [ 1164.846309][ T4289] 9p: Bad value for 'rfdno' [ 1164.954024][ T4292] overlayfs: failed to clone lowerpath [ 1165.310096][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1165.324234][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1165.465190][ T4313] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 1165.656520][ T4327] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1165.943778][ T4343] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1165.968803][ T4347] fuse: fd is not a fuse device [ 1165.978775][ T4347] fuse: fd is not a fuse device [ 1166.067211][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1166.076468][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1166.096832][ T4352] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1166.202060][ T4358] netlink: 24 bytes leftover after parsing attributes in process `syz.8.12410'. [ 1166.211295][ T4358] netlink: 24 bytes leftover after parsing attributes in process `syz.8.12410'. [ 1166.311272][ T4362] bridge0: port 3(syz_tun) entered blocking state [ 1166.320819][ T4362] bridge0: port 3(syz_tun) entered disabled state [ 1166.328276][ T4362] syz_tun: entered allmulticast mode [ 1166.336215][ T4362] syz_tun: entered promiscuous mode [ 1166.349603][ T4362] netlink: 'syz.8.12412': attribute type 10 has an invalid length. [ 1166.365640][ T4362] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 1166.392481][ T4362] 9p: Bad value for 'rfdno' [ 1166.468483][ T4368] afs: Unknown parameter '01777777777777777777777' [ 1166.596657][ T4372] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1166.613825][ T4372] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1166.802143][ T4381] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1166.827806][ T5912] usb 10-1: new high-speed USB device number 33 using dummy_hcd [ 1166.997700][ T5912] usb 10-1: Using ep0 maxpacket: 8 [ 1167.006556][ T5912] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1167.020537][ T5912] usb 10-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8 [ 1167.030282][ T5912] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1167.038789][ T5912] usb 10-1: Product: syz [ 1167.043180][ T5912] usb 10-1: Manufacturer: syz [ 1167.048244][ T5912] usb 10-1: SerialNumber: syz [ 1167.056767][ T5912] usb 10-1: config 0 descriptor?? [ 1167.068789][ T5912] ati_remote 10-1:0.0: ati_remote_probe: Unexpected desc.bNumEndpoints [ 1167.235411][ T4395] netlink: 256 bytes leftover after parsing attributes in process `syz.4.12423'. [ 1167.318309][ T5893] usb 10-1: USB disconnect, device number 33 [ 1167.699225][ T4411] 9p: Bad value for 'rfdno' [ 1167.901601][T27099] wlan1: Trigger new scan to find an IBSS to join [ 1168.185230][ T4433] netlink: 176 bytes leftover after parsing attributes in process `syz.4.12439'. [ 1168.205758][ T4433] netlink: 176 bytes leftover after parsing attributes in process `syz.4.12439'. [ 1168.274166][ T4435] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.12440'. [ 1168.393858][ T4441] netlink: 132 bytes leftover after parsing attributes in process `syz.3.12442'. [ 1168.434595][ T4443] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12441'. [ 1168.859757][ T4457] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1169.069089][ T4468] ptrace attach of "./syz-executor exec"[5845] was attempted by ""[4468] [ 1169.086772][ T4468] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12449'. [ 1169.100145][ T4468] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12449'. [ 1169.148691][ T4470] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1169.297538][ T5918] usb 10-1: new high-speed USB device number 34 using dummy_hcd [ 1169.452747][ T5918] usb 10-1: unable to get BOS descriptor or descriptor too short [ 1169.471871][ T5918] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1169.493398][ T5918] usb 10-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 50, changing to 7 [ 1169.517006][ T5918] usb 10-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1169.532862][ T5918] usb 10-1: New USB device found, idVendor=2b53, idProduct=0024, bcdDevice= 0.40 [ 1169.542593][ T5918] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1169.551102][ T5918] usb 10-1: Product: syz [ 1169.555427][ T5918] usb 10-1: Manufacturer: syz [ 1169.560687][ T5918] usb 10-1: SerialNumber: syz [ 1169.906660][ T4488] fuse: fd is not a fuse device [ 1170.013937][ T4493] netlink: 176 bytes leftover after parsing attributes in process `syz.3.12460'. [ 1170.023933][ T4493] netlink: 176 bytes leftover after parsing attributes in process `syz.3.12460'. [ 1170.093733][ T4495] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12461'. [ 1170.937587][ T8287] wlan1: Trigger new scan to find an IBSS to join [ 1171.408538][ T8287] wlan1: Creating new IBSS network, BSSID 46:f5:82:dc:11:86 [ 1172.120382][ T5918] snd-usb-audio 10-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1172.140111][ T5918] snd-usb-audio 10-1:1.1: probe with driver snd-usb-audio failed with error -22 [ 1172.334123][ T5918] snd-usb-audio 10-1:1.2: probe with driver snd-usb-audio failed with error -22 [ 1172.359441][ T5918] usb 10-1: USB disconnect, device number 34 [ 1172.443662][ T2376] udevd[2376]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1172.590134][ T4548] tipc: Enabling of bearer rejected, already enabled [ 1172.685516][ T4554] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1172.970627][ T4564] Invalid/unusable pipe [ 1173.377114][ T4580] netlink: 'syz.4.12497': attribute type 4 has an invalid length. [ 1173.389124][ T4580] __nla_validate_parse: 5 callbacks suppressed [ 1173.389146][ T4580] netlink: 17 bytes leftover after parsing attributes in process `syz.4.12497'. [ 1173.408207][ T4580] netlink: 14601 bytes leftover after parsing attributes in process `syz.4.12497'. [ 1173.458124][ T4578] tipc: Enabled bearer , priority 0 [ 1173.496321][ T4583] Invalid/unusable pipe [ 1173.766434][ T4602] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1173.779197][ T5912] usb 10-1: new high-speed USB device number 35 using dummy_hcd [ 1173.840708][ T4602] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1173.904202][ T4598] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1173.948321][ T5912] usb 10-1: Using ep0 maxpacket: 32 [ 1173.955919][ T5912] usb 10-1: unable to get BOS descriptor or descriptor too short [ 1173.965937][ T5912] usb 10-1: config 1 has an invalid interface number: 130 but max is 2 [ 1173.974479][ T5912] usb 10-1: config 1 has 4 interfaces, different from the descriptor's value: 3 [ 1173.984224][ T5912] usb 10-1: config 1 has no interface number 3 [ 1173.990639][ T5912] usb 10-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 253, changing to 7 [ 1174.001854][ T5912] usb 10-1: config 1 interface 130 has no altsetting 0 [ 1174.011326][ T5912] usb 10-1: New USB device found, idVendor=0499, idProduct=1043, bcdDevice= 0.40 [ 1174.021746][ T5912] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1174.029999][ T5912] usb 10-1: Product: syz [ 1174.034308][ T5912] usb 10-1: Manufacturer: syz [ 1174.039077][ T5912] usb 10-1: SerialNumber: syz [ 1174.257526][ T5912] usb 10-1: Quirk or no altset; falling back to MIDI 1.0 [ 1174.270809][ T5912] snd-usb-audio 10-1:1.0: probe with driver snd-usb-audio failed with error -2 [ 1174.286129][ T5912] usb 10-1: Quirk or no altset; falling back to MIDI 1.0 [ 1174.294403][ T5912] snd-usb-audio 10-1:1.1: probe with driver snd-usb-audio failed with error -2 [ 1174.307839][ T5912] usb 10-1: Quirk or no altset; falling back to MIDI 1.0 [ 1174.315464][ T5912] snd-usb-audio 10-1:1.2: probe with driver snd-usb-audio failed with error -2 [ 1174.331119][ T5912] usb 10-1: Quirk or no altset; falling back to MIDI 1.0 [ 1174.371610][ T4606] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1174.408298][ T5912] snd-usb-audio 10-1:1.130: probe with driver snd-usb-audio failed with error -2 [ 1174.421394][ T5912] usb 10-1: USB disconnect, device number 35 [ 1174.472325][ T1924] udevd[1924]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.130/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1174.832373][ T4623] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12513'. [ 1175.017097][ T4634] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1175.085071][ T4634] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1175.339964][ T4650] netlink: 16 bytes leftover after parsing attributes in process `syz.8.12524'. [ 1175.407223][ T4652] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1175.464862][ T4656] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12527'. [ 1175.809453][ T8286] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1175.817765][ T8286] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1176.123967][ T4680] 9pnet_fd: Insufficient options for proto=fd [ 1176.132999][ T4680] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12536'. [ 1176.381031][ T4685] netlink: 24 bytes leftover after parsing attributes in process `syz.8.12538'. [ 1176.392389][ T4685] netlink: 24 bytes leftover after parsing attributes in process `syz.8.12538'. [ 1176.487025][ T4691] netlink: 16 bytes leftover after parsing attributes in process `syz.8.12540'. [ 1176.555040][ T4693] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1176.617092][ T4693] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1176.682589][ T4694] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1176.999831][ T4700] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1177.063267][ T4700] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1177.126055][ T4700] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1177.294646][ T4702] netlink: 'syz.8.12545': attribute type 27 has an invalid length. [ 1177.344867][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.748106][ T4715] loop4: detected capacity change from 0 to 7 [ 1177.755110][ T4715] buffer_io_error: 27 callbacks suppressed [ 1177.755127][ T4715] Buffer I/O error on dev loop4, logical block 0, async page read [ 1177.772367][ T4715] Buffer I/O error on dev loop4, logical block 0, async page read [ 1177.781411][ T4715] Buffer I/O error on dev loop4, logical block 0, async page read [ 1177.789600][ T4715] Buffer I/O error on dev loop4, logical block 0, async page read [ 1177.797836][ T4715] Buffer I/O error on dev loop4, logical block 0, async page read [ 1177.806307][ T4715] Buffer I/O error on dev loop4, logical block 0, async page read [ 1177.821452][ T4715] Buffer I/O error on dev loop4, logical block 0, async page read [ 1177.831057][ T4715] ldm_validate_partition_table(): Disk read failed. [ 1177.838055][ T4715] Buffer I/O error on dev loop4, logical block 0, async page read [ 1177.846157][ T4715] Buffer I/O error on dev loop4, logical block 0, async page read [ 1177.854268][ T4715] Buffer I/O error on dev loop4, logical block 0, async page read [ 1177.862912][ T4715] Dev loop4: unable to read RDB block 0 [ 1177.869028][ T4715] loop4: unable to read partition table [ 1177.875366][ T4715] loop4: partition table beyond EOD, truncated [ 1177.882029][ T4715] loop_reread_partitions: partition scan of loop4 (Sj %`ր5) failed (rc=-5) [ 1178.067874][T28361] usb 10-1: new high-speed USB device number 36 using dummy_hcd [ 1178.114562][ T4723] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1178.227386][T28361] usb 10-1: Using ep0 maxpacket: 16 [ 1178.239886][T28361] usb 10-1: unable to get BOS descriptor or descriptor too short [ 1178.252939][T28361] usb 10-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 107, changing to 7 [ 1178.270517][T28361] usb 10-1: New USB device found, idVendor=2b73, idProduct=0017, bcdDevice= 0.40 [ 1178.281778][T28361] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1178.297839][T28361] usb 10-1: Product: syz [ 1178.307492][T28361] usb 10-1: Manufacturer: syz [ 1178.314747][T28361] usb 10-1: SerialNumber: syz [ 1178.546516][ T4715] netlink: 256 bytes leftover after parsing attributes in process `syz.9.12549'. [ 1178.583234][T28361] usb 10-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 1178.593568][T28361] usb 10-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1178.759185][T28361] snd-usb-audio 10-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 1178.831022][T28361] usb 10-1: USB disconnect, device number 36 [ 1178.933973][ T1924] udevd[1924]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1179.260229][ T4771] No control pipe specified [ 1179.267020][ T4771] nfs: Unknown parameter 'defcontext' [ 1179.322867][ T4773] netlink: 16 bytes leftover after parsing attributes in process `syz.9.12570'. [ 1179.488894][ T4785] fuse: fd is not a fuse device [ 1179.607988][ T4791] netlink: 224 bytes leftover after parsing attributes in process `syz.9.12577'. [ 1179.831120][ T4803] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12580'. [ 1180.005350][ T4810] kAFS: unable to lookup cell '' [ 1180.146084][ T4818] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1180.210685][ T4818] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1180.272079][ T4818] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1180.538360][ T4825] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12589'. [ 1180.747449][ T10] usb 10-1: new high-speed USB device number 37 using dummy_hcd [ 1180.907926][ T10] usb 10-1: Using ep0 maxpacket: 32 [ 1180.928479][ T10] usb 10-1: config 5 has an invalid interface number: 137 but max is 0 [ 1180.947058][ T10] usb 10-1: config 5 has no interface number 0 [ 1180.959456][ T10] usb 10-1: config 5 interface 137 has no altsetting 0 [ 1180.971710][ T10] usb 10-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.0a [ 1180.991733][ T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1181.004103][ T10] usb 10-1: Product: syz [ 1181.009781][ T10] usb 10-1: Manufacturer: syz [ 1181.014719][ T10] usb 10-1: SerialNumber: syz [ 1181.094702][ T4854] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12598'. [ 1181.125838][ T4856] netlink: 16 bytes leftover after parsing attributes in process `syz.8.12599'. [ 1181.195510][ T4858] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12600'. [ 1181.210081][ T4860] overlayfs: failed to clone upperpath [ 1181.219083][ T4860] overlayfs: failed to clone upperpath [ 1181.254930][ T10] usb 10-1: USB disconnect, device number 37 [ 1181.446398][ T4865] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1181.973784][ T4879] netlink: 16 bytes leftover after parsing attributes in process `syz.9.12608'. [ 1182.327358][T28361] usb 10-1: new high-speed USB device number 38 using dummy_hcd [ 1182.390898][ T4905] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12618'. [ 1182.487574][T28361] usb 10-1: device descriptor read/64, error -71 [ 1182.737482][T28361] usb 10-1: new high-speed USB device number 39 using dummy_hcd [ 1182.867498][T28361] usb 10-1: device descriptor read/64, error -71 [ 1182.978731][T28361] usb usb10-port1: attempt power cycle [ 1183.317496][T28361] usb 10-1: new high-speed USB device number 40 using dummy_hcd [ 1183.338767][T28361] usb 10-1: device descriptor read/8, error -71 [ 1183.591437][ T4942] __nla_validate_parse: 1 callbacks suppressed [ 1183.591457][ T4942] netlink: 32 bytes leftover after parsing attributes in process `syz.4.12632'. [ 1183.606796][T28361] usb 10-1: new high-speed USB device number 41 using dummy_hcd [ 1183.648891][T28361] usb 10-1: device descriptor read/8, error -71 [ 1183.767879][T28361] usb usb10-port1: unable to enumerate USB device [ 1183.841327][ T4953] netlink: 16 bytes leftover after parsing attributes in process `syz.8.12637'. [ 1183.952278][ T4961] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12640'. [ 1184.258378][ T4979] fuse: fd is not a fuse device [ 1184.326163][ T4983] netlink: 180 bytes leftover after parsing attributes in process `syz.8.12649'. [ 1184.753222][ T5009] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1184.908828][ T5018] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1184.972766][ T5018] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1185.036286][ T5018] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1185.306456][ T5027] ADFS-fs (loop9): error: unable to read block 3, try 0 [ 1186.499613][ T5080] fuse: fd is not a fuse device [ 1186.568608][ T30] audit: type=1326 audit(1773861907.300:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5077 comm="syz.9.12688" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb3c8f9c799 code=0x0 [ 1186.791250][ T5090] netlink: 24 bytes leftover after parsing attributes in process `syz.8.12690'. [ 1187.321130][ T5096] netlink: 'syz.4.12695': attribute type 13 has an invalid length. [ 1187.329296][ T5096] netlink: 14581 bytes leftover after parsing attributes in process `syz.4.12695'. [ 1187.579119][ T31] INFO: task syz.5.10827:32745 blocked for more than 143 seconds. [ 1187.602259][ T31] Tainted: G L syzkaller #0 [ 1187.617279][ T31] Blocked by coredump. [ 1187.627544][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1187.647767][ T31] task:syz.5.10827 state:D stack:25760 pid:32745 tgid:32745 ppid:7995 task_flags:0x40004c flags:0x00080000 [ 1187.670993][ T31] Call Trace: [ 1187.677629][ T5109] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1187.687669][ T31] [ 1187.690754][ T31] __schedule+0x1665/0x5590 [ 1187.695449][ T31] ? __pfx___schedule+0x10/0x10 [ 1187.703408][ T31] ? schedule+0x90/0x360 [ 1187.708183][ T31] schedule+0x164/0x360 [ 1187.712612][ T31] schedule_preempt_disabled+0x13/0x30 [ 1187.718626][ T31] rwsem_down_read_slowpath+0x6d9/0x940 [ 1187.724433][ T31] ? rwsem_down_read_slowpath+0x596/0x940 [ 1187.730785][ T31] ? __pfx_rwsem_down_read_slowpath+0x10/0x10 [ 1187.737116][ T31] ? do_futex+0x395/0x420 [ 1187.745234][ T31] down_read+0x99/0x2e0 [ 1187.754688][ T31] ? exit_mm+0x64/0x250 [ 1187.764913][ T31] exit_mm+0x73/0x250 [ 1187.773367][ T31] ? unwind_deferred_task_exit+0x67/0xa0 [ 1187.787390][ T31] do_exit+0x8b9/0x2490 [ 1187.794817][ T31] ? __pfx_do_exit+0x10/0x10 [ 1187.805745][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 1187.816987][ T31] do_group_exit+0x21b/0x2d0 [ 1187.822733][ T31] __x64_sys_exit_group+0x3f/0x40 [ 1187.830248][ T31] x64_sys_call+0x221a/0x2240 [ 1187.840307][ T31] do_syscall_64+0x14d/0xf80 [ 1187.850808][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1187.867437][ T31] ? clear_bhb_loop+0x40/0x90 [ 1187.873448][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1187.886940][ T31] RIP: 0033:0x7f4df3b9c799 [ 1187.896514][ T31] RSP: 002b:00007fff87dd61b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 1187.907733][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4df3b9c799 [ 1187.915874][ T31] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 1187.924166][ T31] RBP: 00007fff87dd621c R08: 0000000000000000 R09: 00000000000927c0 [ 1187.932403][ T31] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000a6e [ 1187.940642][ T31] R13: 00000000000927c0 R14: 00000000000fb26e R15: 00007fff87dd6270 [ 1187.949316][ T31] [ 1187.952613][ T31] INFO: task syz.5.10827:32746 blocked for more than 143 seconds. [ 1187.961212][ T31] Tainted: G L syzkaller #0 [ 1187.973693][ T31] Blocked by coredump. [ 1188.001625][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1188.013605][ T31] task:syz.5.10827 state:D stack:26040 pid:32746 tgid:32745 ppid:7995 task_flags:0x40044c flags:0x00080000 [ 1188.025910][ T31] Call Trace: [ 1188.029487][ T31] [ 1188.032601][ T31] __schedule+0x1665/0x5590 [ 1188.037480][ T31] ? __pfx___schedule+0x10/0x10 [ 1188.042521][ T31] ? schedule+0x90/0x360 [ 1188.046919][ T31] schedule+0x164/0x360 [ 1188.051767][ T31] schedule_preempt_disabled+0x13/0x30 [ 1188.057484][ T31] rwsem_down_read_slowpath+0x6d9/0x940 [ 1188.063247][ T31] ? rwsem_down_read_slowpath+0x596/0x940 [ 1188.069307][ T31] ? __pfx_rwsem_down_read_slowpath+0x10/0x10 [ 1188.075596][ T31] ? do_futex+0x395/0x420 [ 1188.080194][ T31] down_read+0x99/0x2e0 [ 1188.084505][ T31] ? exit_mm+0x64/0x250 [ 1188.107647][ T31] exit_mm+0x73/0x250 [ 1188.121381][ T31] ? unwind_deferred_task_exit+0x67/0xa0 [ 1188.133639][ T31] do_exit+0x8b9/0x2490 [ 1188.143249][ T31] ? __pfx_do_exit+0x10/0x10 [ 1188.160980][ T31] do_group_exit+0x21b/0x2d0 [ 1188.177349][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1188.182648][ T31] get_signal+0x1284/0x1330 [ 1188.197367][ T31] arch_do_signal_or_restart+0xbc/0x830 [ 1188.203444][ T31] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1188.214698][ T31] exit_to_user_mode_loop+0x86/0x480 [ 1188.222527][ T31] ? rcu_is_watching+0x15/0xb0 [ 1188.227922][ T31] do_syscall_64+0x32d/0xf80 [ 1188.232744][ T31] ? trace_irq_disable+0x3b/0x150 [ 1188.238642][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1188.244943][ T31] ? clear_bhb_loop+0x40/0x90 [ 1188.250311][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1188.257635][ T31] RIP: 0033:0x7f4df3b9c799 [ 1188.262384][ T31] RSP: 002b:00007f4df4abf028 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 1188.271431][ T31] RAX: 0000000000792dc0 RBX: 00007f4df3e15fa0 RCX: 00007f4df3b9c799 [ 1188.280150][ T31] RDX: 0000000000000000 RSI: 00000000ffffff9a RDI: 0000200000000240 [ 1188.292571][ T31] RBP: 00007f4df3c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 1188.307329][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1188.316257][ T31] R13: 00007f4df3e16038 R14: 00007f4df3e15fa0 R15: 00007fff87dd5e78 [ 1188.329335][ T31] [ 1188.332620][ T31] INFO: task syz.5.10827:32747 blocked for more than 144 seconds. [ 1188.347896][ T31] Tainted: G L syzkaller #0 [ 1188.354691][ T31] Blocked by coredump. [ 1188.360511][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1188.384544][ T31] task:syz.5.10827 state:D stack:21240 pid:32747 tgid:32745 ppid:7995 task_flags:0x40044c flags:0x00080000 [ 1188.397112][ T31] Call Trace: [ 1188.400922][ T31] [ 1188.404304][ T31] __schedule+0x1665/0x5590 [ 1188.409512][ T31] ? __pfx___schedule+0x10/0x10 [ 1188.414589][ T31] ? schedule+0x90/0x360 [ 1188.419841][ T31] schedule+0x164/0x360 [ 1188.424227][ T31] schedule_preempt_disabled+0x13/0x30 [ 1188.430757][ T31] rwsem_down_read_slowpath+0x6d9/0x940 [ 1188.436554][ T31] ? rwsem_down_read_slowpath+0x596/0x940 [ 1188.443108][ T31] ? __pfx_rwsem_down_read_slowpath+0x10/0x10 [ 1188.450623][ T31] ? do_futex+0x395/0x420 [ 1188.455230][ T31] down_read+0x99/0x2e0 [ 1188.460804][ T31] ? exit_mm+0x64/0x250 [ 1188.465197][ T31] exit_mm+0x73/0x250 [ 1188.469923][ T31] ? unwind_deferred_task_exit+0x67/0xa0 [ 1188.475845][ T31] do_exit+0x8b9/0x2490 [ 1188.480618][ T31] ? futex_hash+0x40/0x2d0 [ 1188.485233][ T31] ? __pfx_do_exit+0x10/0x10 [ 1188.490603][ T31] do_group_exit+0x21b/0x2d0 [ 1188.495409][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1188.501314][ T31] get_signal+0x1284/0x1330 [ 1188.506047][ T31] arch_do_signal_or_restart+0xbc/0x830 [ 1188.512316][ T31] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1188.519026][ T31] exit_to_user_mode_loop+0x86/0x480 [ 1188.524892][ T31] ? rcu_is_watching+0x15/0xb0 [ 1188.530519][ T31] do_syscall_64+0x32d/0xf80 [ 1188.535356][ T31] ? trace_irq_disable+0x3b/0x150 [ 1188.541281][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1188.547882][ T31] ? clear_bhb_loop+0x40/0x90 [ 1188.552761][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1188.559327][ T31] RIP: 0033:0x7f4df3b9c799 [ 1188.564500][ T31] RSP: 002b:00007f4df4a9e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1188.573875][ T31] RAX: fffffffffffffe00 RBX: 00007f4df3e16098 RCX: 00007f4df3b9c799 [ 1188.582436][ T31] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4df3e16098 [ 1188.590959][ T31] RBP: 00007f4df3e16090 R08: 0000000000000000 R09: 0000000000000000 [ 1188.599461][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1188.608087][ T31] R13: 00007f4df3e16128 R14: 00007fff87dd5d90 R15: 00007fff87dd5e78 [ 1188.616263][ T31] [ 1188.620603][ T31] [ 1188.620603][ T31] Showing all locks held in the system: [ 1188.629609][ T31] 2 locks held by ksoftirqd/1/23: [ 1188.635166][ T31] 1 lock held by khungtaskd/31: [ 1188.640572][ T31] #0: ffffffff8eb5d6e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 1188.652616][ T31] 2 locks held by getty/5603: [ 1188.657782][ T31] #0: ffff888037b480a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1188.669919][ T31] #1: ffffc9000322b2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0 [ 1188.681686][ T31] 1 lock held by syz.5.10827/32745: [ 1188.687075][ T31] #0: ffff88805473c1b8 (&mm->mmap_lock){++++}-{4:4}, at: exit_mm+0x73/0x250 [ 1188.696709][ T31] 1 lock held by syz.5.10827/32746: [ 1188.702596][ T31] #0: ffff88805473c1b8 (&mm->mmap_lock){++++}-{4:4}, at: exit_mm+0x73/0x250 [ 1188.711969][ T31] 1 lock held by syz.5.10827/32747: [ 1188.717664][ T31] #0: ffff88805473c1b8 (&mm->mmap_lock){++++}-{4:4}, at: exit_mm+0x73/0x250 [ 1188.727042][ T31] 1 lock held by syz.9.12688/5084: [ 1188.732915][ T31] [ 1188.735512][ T31] ============================================= [ 1188.735512][ T31] [ 1188.745009][ T31] NMI backtrace for cpu 0 [ 1188.745032][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 1188.745059][ T31] Tainted: [L]=SOFTLOCKUP [ 1188.745067][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1188.745080][ T31] Call Trace: [ 1188.745088][ T31] [ 1188.745097][ T31] dump_stack_lvl+0xe8/0x150 [ 1188.745135][ T31] nmi_cpu_backtrace+0x274/0x2d0 [ 1188.745296][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1188.745328][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 1188.745360][ T31] sys_info+0x135/0x170 [ 1188.745410][ T31] watchdog+0x1002/0x1060 [ 1188.745443][ T31] ? watchdog+0x1da/0x1060 [ 1188.745474][ T31] kthread+0x388/0x470 [ 1188.745499][ T31] ? __pfx_watchdog+0x10/0x10 [ 1188.745521][ T31] ? __pfx_kthread+0x10/0x10 [ 1188.745550][ T31] ret_from_fork+0x51e/0xb90 [ 1188.745582][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1188.745610][ T31] ? __switch_to+0xc7d/0x1450 [ 1188.745640][ T31] ? __pfx_kthread+0x10/0x10 [ 1188.745665][ T31] ret_from_fork_asm+0x1a/0x30 [ 1188.745701][ T31] [ 1188.745723][ T31] Sending NMI from CPU 0 to CPUs 1: [ 1188.864614][ C1] NMI backtrace for cpu 1 [ 1188.864637][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G L syzkaller #0 PREEMPT(full) [ 1188.864661][ C1] Tainted: [L]=SOFTLOCKUP [ 1188.864668][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1188.864680][ C1] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 1188.864704][ C1] Code: ed 91 02 e9 d3 f1 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 13 a2 29 00 fb f4 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 [ 1188.864720][ C1] RSP: 0018:ffffc90000197e20 EFLAGS: 00000246 [ 1188.864737][ C1] RAX: 000000000070de93 RBX: ffffffff819bd46a RCX: 0000000080000001 [ 1188.864756][ C1] RDX: 0000000000000001 RSI: ffffffff8e25d240 RDI: ffffffff8c4a8700 [ 1188.864769][ C1] RBP: ffffc90000197f10 R08: ffff8880b85339db R09: 1ffff110170a673b [ 1188.864782][ C1] R10: dffffc0000000000 R11: ffffed10170a673c R12: 0000000000000001 [ 1188.864795][ C1] R13: 1ffff11003bd8000 R14: 0000000000000001 R15: 1ffff11003bd8000 [ 1188.864808][ C1] FS: 0000000000000000(0000) GS:ffff888124ee1000(0000) knlGS:0000000000000000 [ 1188.864822][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1188.864834][ C1] CR2: 00007f088c59f5a0 CR3: 00000000a94e2000 CR4: 00000000003526f0 [ 1188.864850][ C1] Call Trace: [ 1188.864858][ C1] [ 1188.864865][ C1] default_idle+0x9/0x20 [ 1188.864885][ C1] default_idle_call+0x72/0xb0 [ 1188.864905][ C1] do_idle+0x36a/0x5f0 [ 1188.864926][ C1] ? __pfx_do_idle+0x10/0x10 [ 1188.864944][ C1] ? do_idle+0x5c7/0x5f0 [ 1188.864962][ C1] cpu_startup_entry+0x43/0x60 [ 1188.864978][ C1] start_secondary+0x101/0x110 [ 1188.865001][ C1] common_startup_64+0x13e/0x147 [ 1188.865035][ C1] [ 1189.040175][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 1189.047085][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 1189.057806][ T31] Tainted: [L]=SOFTLOCKUP [ 1189.062167][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1189.072261][ T31] Call Trace: [ 1189.075671][ T31] [ 1189.078640][ T31] vpanic+0x56c/0xa60 [ 1189.082670][ T31] ? __pfx___schedule+0x10/0x10 [ 1189.087574][ T31] ? __pfx_vpanic+0x10/0x10 [ 1189.092117][ T31] ? nmi_trigger_cpumask_backtrace+0x1f4/0x300 [ 1189.098348][ T31] panic+0xc5/0xd0 [ 1189.102104][ T31] ? __pfx_panic+0x10/0x10 [ 1189.106547][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 1189.111949][ T31] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 1189.118134][ T31] watchdog+0x105b/0x1060 [ 1189.122500][ T31] ? watchdog+0x1da/0x1060 [ 1189.126941][ T31] kthread+0x388/0x470 [ 1189.131030][ T31] ? __pfx_watchdog+0x10/0x10 [ 1189.135734][ T31] ? __pfx_kthread+0x10/0x10 [ 1189.140353][ T31] ret_from_fork+0x51e/0xb90 [ 1189.144976][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1189.150114][ T31] ? __switch_to+0xc7d/0x1450 [ 1189.154817][ T31] ? __pfx_kthread+0x10/0x10 [ 1189.159462][ T31] ret_from_fork_asm+0x1a/0x30 [ 1189.164257][ T31] [ 1189.168319][ T31] Kernel Offset: disabled [ 1189.172691][ T31] Rebooting in 86400 seconds..