last executing test programs: 8.435022535s ago: executing program 4 (id=1818): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x24008000, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_usb_connect$uac1(0x6, 0x0, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x4e22, @empty}], 0x10) listen(r1, 0x3) socket$inet6_sctp(0xa, 0x1, 0x84) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$inet6(r2, &(0x7f0000001dc0)={&(0x7f00000000c0)={0xa, 0x4e22, 0x7, @loopback, 0x2}, 0x1c, &(0x7f0000001d40)=[{&(0x7f0000000000)='&', 0x20000}], 0x1}, 0x85) shutdown(r2, 0x1) accept4(r1, 0x0, 0x0, 0x80000) 7.911409531s ago: executing program 2 (id=1823): r0 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90656}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_TLB_DYNAMIC_LB={0x5, 0x1b, 0x4}]}}}]}, 0x3c}}, 0x40) 7.691642468s ago: executing program 2 (id=1824): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x2808080, &(0x7f00000004c0)={[{@uni_xlate}, {@numtail}, {@uni_xlateno}, {@uni_xlate}, {@fat=@umask={'umask', 0x3d, 0x7}}, {@fat=@tz_utc}, {@uni_xlateno}, {@rodir}, {@shortname_winnt}, {@fat=@nfs_stale_rw}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@shortname_win95}]}, 0x81, 0x2ae, &(0x7f0000001980)="$eJzs3c+KI0UYAPCvJ52ZjArJwZMINujB07CzT7BBRljMSemDXlTcLMgkLEwgsCrGPXkXPPkOvoMP4MU38OBR8OYexJakO3+nM2wkZmX297vM11X1VVdV18xAoCufvD68fPBo9PDJV79Gq5XE0b24F0+T6MRRzH0TAMBt8rQo4o+iFHF8Y9t0Vl+0q6ujw4wQANi39f//AMCL4IMPP3qv2+tdvJ9lrYjht+M8iYhhMs7L+u7D+DwG0Y870Y6/IoqFMn7lfu8i0iybfxgwPo08Yvjxz9V19/eIWf55tKNzPf/d+72L86wUbw0n43x65+nPZryURHSLpOzobrTj1YiiGVUny/y7NfmRH8fbb/5Qjf/vfpxFO375LB7FIB7Muljmf32eZe8U3//5ZTmDPCKZjPOTWbulonGwhwIAAAAAAAAAAAAAAAAAAAAAwK13li10Vs/PmZ8GeHZWXz87H6hRcz5QdcLPZOV8nTtZls2P8RnnzSjz03gtjfS5Th4AAAAAAAAAAAAAAAAAAAD+J0aPv7j8dDDoX60FPxWbJTVB9UZ/VCXpSlW6XnVzPzXB5Y8Ru2c9SxCNamiD5Not5hN65g7T7Y1PdhnYaV0/cbRtDdNBlIP/bvdFeGOnCU6D4l+s83x3TTfJDY0bMXrcqt8kKzvztOrsajR7QKfbNu16UNQsXWNr1vGe9tjxy/vdtNMZNxeLud6mNX2SKyXNPf+mbEj+iz8/AAAAAAAAAAAAAAAAAADAiuVLv/Hbtconz2VIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBwy+//XwTR2SzZDCZVcr8ufSM4uRrV3LZz4GkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwy/0TAAD//0dFVzc=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) semctl$GETALL(0x0, 0x0, 0x13, 0xffffffffffffffff) sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x24000052) 6.696574868s ago: executing program 2 (id=1827): sync() 6.506857274s ago: executing program 2 (id=1830): r0 = syz_ublk_setup_io_uring(0x1d, &(0x7f0000000040)={0x0, 0x30b5, 0x0, 0x2, 0x158}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0, &(0x7f0000000140)=0x0) syz_ublk_add_dev(r0, r1, r2, r3, &(0x7f0000000200)={0x2e, 0x14, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000004c0)=@any_dev={0x3, 0xe26, 0x0, 0x0, 0x1000, 0x10000, 0xffffffffffffffff, 0x0, 0x4d}}}, &(0x7f0000000480)=0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup(r5) syz_ublk_setup_queues(r6, r4, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x3, 0x255}, &(0x7f0000000800)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x7ffffe, 0x8, 0x2000, 0x10000004, 0x0, r6}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xffffed7c, 0x1, 0x0, 0x146}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xf910, 0x0, 0x0, 0x1f0, 0x0, r6}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x0, 0x8200, 0x2, 0x367}}], 0x1, &(0x7f0000000340)={0x2e, 0x44, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x0, {}, 0x1f, 0x0, '\x00', {0xfff9, 0x4, 0x0, 0x0}}, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) 4.797013195s ago: executing program 0 (id=1840): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) fchownat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0) 4.714927018s ago: executing program 2 (id=1842): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'veth1_to_bridge\x00', 0x7101}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000040)='blkio.throttle.write_bps_device\x00', 0x2, 0x0) sendfile(r2, r2, 0x0, 0x4) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000880)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x44, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x5a, 0x2, 0x84d, 0x9, 0x1, 0x800}, {0x8c, 0x1, 0xfffc, 0x7fff, 0x2, 0xb}, 0x5, 0x74, 0x91f}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xc2240edb8ac75ac7}, @TCA_TBF_RATE64={0xc, 0x4, 0xdd31e353c9fd1eb}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x40088c1}, 0x50) syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xb}, {0xe, 0xffea}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x9, 0x1}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2400c061}, 0x4890) openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0) ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000140)={[{0x1, 0xfe01, 0x0, 0x80, 0xfc, 0x2, 0x81, 0x1, 0x7, 0x8, 0xf, 0x1, 0xb}, {0xcf0, 0x5, 0x8, 0xd5, 0x7, 0x0, 0x0, 0x4f, 0x2, 0x3, 0x2, 0xb, 0x1}, {0x839, 0x18, 0x0, 0xc0, 0x1, 0x0, 0xf4, 0x3a, 0xe, 0x5, 0x5, 0xd, 0x81}], 0x6}) r6 = socket$inet_tcp(0x2, 0x1, 0x0) rt_tgsigqueueinfo(0x0, 0x0, 0x4, &(0x7f0000000d00)={0x0, 0x0, 0x6}) r7 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000795d6c08450c3e616dc4010203010902120001000000000904"], 0x0) syz_usb_control_io$cdc_ncm(r7, 0x0, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x1) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) sendmsg$NL80211_CMD_JOIN_MESH(r8, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0) close(r9) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r9, 0x8b37, &(0x7f0000000000)={'wlan1\x00', @random="000300000020"}) sendmmsg$inet6(r0, &(0x7f0000002f00)=[{{&(0x7f0000000140)={0xa, 0x4e23, 0x9, @loopback, 0xcd89}, 0x1c, &(0x7f0000000280)=[{&(0x7f0000000380)=';', 0x1}], 0x1}}, {{&(0x7f00000002c0)={0xa, 0x4e20, 0x2, @remote, 0x8}, 0x1c, &(0x7f0000000800)=[{&(0x7f0000000540)=';', 0x1}], 0x1}}], 0x2, 0x4004851) setsockopt(r0, 0x84, 0x14, &(0x7f0000000040)="020000000980ffff", 0x8) 4.709203928s ago: executing program 4 (id=1843): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x3, 0x8, 0x8001, 0x0, 0xb, 0x8000000000000000, 0x6, 0xfa11, 0xffffffff}, 0x0) r2 = creat(&(0x7f0000000240)='./bus\x00', 0xc2) r3 = syz_open_dev$rtc(&(0x7f0000000000), 0x2c6, 0x800) ioctl$XFS_IOC_ATTRLIST_BY_HANDLE(r3, 0x4058587a, &(0x7f00000001c0)={{r0, 0x0, 0x3, 0x0, 0x3, 0x0, 0x0}, {[0x16, 0x101, 0x81, 0xf8]}, 0xf7e, 0x0, 0x0}) poll(&(0x7f0000000800)=[{r2, 0x2002}, {0xffffffffffffffff, 0x6}, {r0, 0x88}, {r4, 0x1000}, {r1, 0x460}], 0x54, 0x9) io_setup(0x5, 0x0) io_submit(0x0, 0x1, &(0x7f00000002c0)=[0x0]) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket(0x400000000010, 0x3, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) rseq(&(0x7f0000000080), 0x20, 0x0, 0x0) r5 = gettid() timer_settime(0x0, 0x0, 0x0, 0x0) syz_open_procfs(r5, &(0x7f0000000840)='net/nf_conntrack\x00') prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000cb2000/0x4000)=nil, 0x4000, &(0x7f0000000140)=')^8:\x00\x00\x00\x00\x00\x00\x00\x01\x8d\xd9\xeb\xab\x97\xf3T&\x06\x00\xfdq9\xfd\xc6\x9dl\x9eN\x8e\xa9\xd8\x85\xe5wuH\xe8qB\xb1s\xd6r\xd7\x18A\x02\x81}KKK\xf4#\x8f[\xff\xff\xff\xffo\xac\xfe\xb7\x1fc\xb1zQT\xdb\xb9[o\x00\x00: H\x99\x0e\x91\x13\xae\xfb\fu\xfb\r') 4.463476785s ago: executing program 0 (id=1845): r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xffff}, {0xb, 0x8}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0xf, 0x5, 0xfffffff9}}}}]}, 0x44}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, 0x0}, 0x24040084) 4.283005041s ago: executing program 0 (id=1847): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x21041, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCFLSH(r3, 0x400455c8, 0x400000009) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x18, 0x2e, 0x1, 0xf0bd26, 0x25dfdbfc, {0x4}, [@nested={0x4, 0xd}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) r5 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000001040)={'ip_vti0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x2f560, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x67, 0x0, 0x0, 0x4, 0x0, @empty, @empty}}}}) 3.825093465s ago: executing program 0 (id=1849): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x2808080, &(0x7f00000004c0)={[{@uni_xlate}, {@numtail}, {@uni_xlateno}, {@uni_xlate}, {@fat=@umask={'umask', 0x3d, 0x7}}, {@fat=@tz_utc}, {@uni_xlateno}, {@rodir}, {@shortname_winnt}, {@fat=@nfs_stale_rw}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@shortname_win95}]}, 0x81, 0x2ae, &(0x7f0000001980)="$eJzs3c+KI0UYAPCvJ52ZjArJwZMINujB07CzT7BBRljMSemDXlTcLMgkLEwgsCrGPXkXPPkOvoMP4MU38OBR8OYexJakO3+nM2wkZmX297vM11X1VVdV18xAoCufvD68fPBo9PDJV79Gq5XE0b24F0+T6MRRzH0TAMBt8rQo4o+iFHF8Y9t0Vl+0q6ujw4wQANi39f//AMCL4IMPP3qv2+tdvJ9lrYjht+M8iYhhMs7L+u7D+DwG0Y870Y6/IoqFMn7lfu8i0iybfxgwPo08Yvjxz9V19/eIWf55tKNzPf/d+72L86wUbw0n43x65+nPZryURHSLpOzobrTj1YiiGVUny/y7NfmRH8fbb/5Qjf/vfpxFO375LB7FIB7Muljmf32eZe8U3//5ZTmDPCKZjPOTWbulonGwhwIAAAAAAAAAAAAAAAAAAAAAwK13li10Vs/PmZ8GeHZWXz87H6hRcz5QdcLPZOV8nTtZls2P8RnnzSjz03gtjfS5Th4AAAAAAAAAAAAAAAAAAAD+J0aPv7j8dDDoX60FPxWbJTVB9UZ/VCXpSlW6XnVzPzXB5Y8Ru2c9SxCNamiD5Not5hN65g7T7Y1PdhnYaV0/cbRtDdNBlIP/bvdFeGOnCU6D4l+s83x3TTfJDY0bMXrcqt8kKzvztOrsajR7QKfbNu16UNQsXWNr1vGe9tjxy/vdtNMZNxeLud6mNX2SKyXNPf+mbEj+iz8/AAAAAAAAAAAAAAAAAADAiuVLv/Hbtconz2VIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBwy+//XwTR2SzZDCZVcr8ufSM4uRrV3LZz4GkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwy/0TAAD//0dFVzc=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) semctl$GETALL(0x0, 0x0, 0x13, 0xffffffffffffffff) sendmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x24000052) 3.772903846s ago: executing program 3 (id=1850): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe}}, 0xe8) sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x1c) 2.798860096s ago: executing program 0 (id=1851): r0 = socket$kcm(0x2, 0x5, 0x84) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000200)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x4014) openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$userio(0xffffffffffffff9c, 0x0, 0x22242, 0x0) pselect6(0x2000, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x300}, 0x0, &(0x7f0000000100)={0x8}, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x400000000010, 0x3, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) socket$kcm(0xa, 0x1, 0x106) r4 = socket$inet6(0xa, 0x3, 0x1) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) r5 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f00000000c0)={0x84, @multicast2, 0x15, 0x3, 'wrr\x00', 0x30, 0x10001, 0x68}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000000)={{0x84, @remote, 0x4e21, 0x3, 'wlc\x00', 0x11, 0x4}, {@loopback, 0x4e23, 0x10000, 0xc3, 0x12d5c, 0x12d5c}}, 0x44) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x2b0, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x490, 0xffffffff, 0xffffffff, 0x490, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'vxcan1\x00', {0x8}}}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xfd}}, [], [0x0, 0xffffffff], 'pim6reg\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'bridge_slave_0\x00', {0x53}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x310) sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002f00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010001000000000000000000ffffac14141650bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc"], 0x114}, {&(0x7f0000000b40)=ANY=[@ANYRES32=0x0, @ANYBLOB="04004380a0c2a1be90846312e3bed7ee6d8301ec19852ba0d23b5114d536e4d075792b9335d042115d682eacf488620fe3f0d27cbdc802bf9e45937dfee7d846fa91e76e6382ec77332d7130d7da9dd4e7af00b4002bb1e00882522c18661005e392e9bfda22b58d9f38b09e6c31f8653ed5f368bc654f08d443ad0fd1655bd3cfcec0e493c80b7df6ff58928ab934c080fc46ce3728f812dbd4dd266a257635c858aee953d9cecefcc86bffca10623c64bcecf198db4e9efab5274ca4e6e76d2fcc4330a81920c35cc3d55354a323c4e8479d28f6920d0f1b253c728b35cf99ca02531f9762af762c5c5cc4b8422b38186bf9a1b8c700000000"], 0x150}], 0x2, 0x0, 0x0, 0x1}, 0x8040) sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000180)='W', 0x1}], 0x1}, 0x0) r6 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000240)="5c00000014006b03000000d86e6c1d00028400000000564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0xffd0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20008000) 2.735223078s ago: executing program 1 (id=1852): ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000300)={0x0, 0x0, '\x00', @bt={0x8, 0x1, 0x2, 0xde02, 0x4, 0xe108, 0x9, 0x7}}) socket$inet_mptcp(0x2, 0x1, 0x106) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {0xffff, 0xffff}, {0xfff2, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x44}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd1e, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x8, 0x2, [@TCA_FLOWER_ACT={0x4}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8848}, 0x4080) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$sg(&(0x7f00000001c0), 0x508d48d4, 0x40902) r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r4, &(0x7f0000000500)={0x0, {'syz1\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000006c0)=""/101, 0x65, 0x0, 0x0, 0x4, 0x3, 0x10000001}}, 0x120) landlock_restrict_self(0xffffffffffffffff, 0x0) writev(r4, &(0x7f0000000780), 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0xd0, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xa, 0x80000006, 0x400}, 0x0, 0x0) 2.597905572s ago: executing program 3 (id=1853): r0 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2}}) r1 = syz_open_dev$sndpcmp(0x0, 0x1ff, 0x181800) ioctl$SNDRV_PCM_IOCTL_STATUS64(r1, 0x80804120, 0x0) r2 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x4, 0x2, 0x1}}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) r3 = syz_open_dev$radio(0x0, 0x3, 0x2) ioctl$VIDIOC_DQEVENT(r3, 0x80785659, 0x0) 2.447208987s ago: executing program 1 (id=1854): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) close(r1) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000300)=ANY=[@ANYRES16=r0], 0x94}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r4, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000680)={r5, 0x1ff, 0x0, 0x1, 0x3, [0x0, 0x0, 0x0, 0x0], [0x7fdfffff, 0x0, 0x0, 0x4], [0x0, 0x1001000, 0x1], [0x0, 0x0, 0xfffffffffefffffc, 0x9]}) ioctl$DRM_IOCTL_MODE_ADDFB2(r1, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r6, r7, 0x0, r7], [0x2b8], [0x0, 0x1]}) ftruncate(r2, 0x25b) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x4000}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "5660359c3245d1c42317afad7d48ed51000000000000000100", 0xffffffffffffffff}) r9 = syz_open_procfs(0x0, &(0x7f0000000240)='net/igmp\x00') read$FUSE(r9, &(0x7f0000004d00)={0x2020}, 0x2020) r10 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101701) ioctl$USBDEVFS_RELEASE_PORT(r10, 0x80045519, 0x0) r11 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CLEAR_HALT(r11, 0xc0105502, 0x0) preadv(r9, &(0x7f00000005c0)=[{&(0x7f0000000600)=""/193, 0xc1}], 0x1, 0x74, 0x4) r12 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000140)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x8c0}, 0x0) read$FUSE(r9, &(0x7f0000002cc0)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) r14 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r14, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r15 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r15, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}]}, @NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HOOK={0xc, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}]}], {0x14}}, 0xa8}}, 0x0) ioctl$SYNC_IOC_MERGE(r8, 0xc0303e03, &(0x7f0000000000)={"24869102ed928431d4c57cb20000000000000000000200", r9}) get_robust_list(r13, &(0x7f0000000280)=&(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)}}, &(0x7f00000002c0)=0xc) 1.868787933s ago: executing program 0 (id=1855): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x24008000, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_usb_connect$uac1(0x6, 0x0, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x4e22, @empty}], 0x10) listen(r1, 0x3) socket$inet6_sctp(0xa, 0x1, 0x84) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$inet6(r2, &(0x7f0000001dc0)={&(0x7f00000000c0)={0xa, 0x4e22, 0x7, @loopback, 0x2}, 0x1c, &(0x7f0000001d40)=[{&(0x7f0000000000)='&', 0x20000}], 0x1}, 0x85) shutdown(r2, 0x1) accept4(r1, 0x0, 0x0, 0x80000) 1.868703533s ago: executing program 1 (id=1856): sync() 1.868453213s ago: executing program 4 (id=1857): r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xffff}, {0xb, 0x8}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0xf, 0x5, 0xfffffff9}}}}]}, 0x44}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, 0x0}, 0x24040084) 1.771496007s ago: executing program 3 (id=1858): pipe2(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) read$FUSE(r1, &(0x7f0000001000)={0x2020}, 0x2020) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0) sendfile(r0, r1, 0x0, 0x10ffff) 1.6713821s ago: executing program 4 (id=1859): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCFLSH(r3, 0x400455c8, 0x400000009) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x18, 0x2e, 0x1, 0xf0bd26, 0x25dfdbfc, {0x4}, [@nested={0x4, 0xd}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) r5 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000001040)={'ip_vti0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x2f560, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x67, 0x0, 0x0, 0x4, 0x0, @empty, @empty}}}}) 1.67091321s ago: executing program 2 (id=1860): r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0) r3 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f00000001c0)='source', &(0x7f0000000100)='%\xff:2\x82|\x9a\xe0\xadA\xde\xd5\x03\x00\x00\x00\xb7\xe5\xee:\xb5\x0e\xec\xe5\xdc\xe5\x8d?\x16BE\x8b\xe8)\xa9H\x99\x10\x02q\xf7\xd3\xc5*\x15\xdf_\xb2_`\x92|\x7f\xff9\xf7o$e&1\xfd\xea\xb0\xb0', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f00000002c0)='s\xefurce', &(0x7f0000000300)='\xb0\xfb\xd9\x9a\xbe\r\xcc:\x9b\xd0}\xe8\xff\xff\xff\xff\xff\xff\xff\x7f\xce\xf5\x1a\x01\xd6\a\xfe\xb8\x92~wS\x87\xd9\x9e0y\xc9\x8cw-zu(ht\xa1~\x9a\x8d^+\x9f\xee\x9a(&W\\\xbb\xd5W\xeb\x06\x9dva\x06\xe3\x97\xa1\x88\x83W{\x00\xff\xff\xff\xff\xff\xff\xff\xe9\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00)o\b~\xe3t`\xc9=;o\xe5\xb4T)\x04\xf9k\xfb%t\xa7\x80c\xbb\xeb\x10\xb8\x01', 0x0) r4 = userfaultfd(0x1) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x44}}, 0x8000000) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x28, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084) readv(0xffffffffffffffff, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) r7 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa4601, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r7, 0xc0045006, &(0x7f0000000180)=0x6f) r8 = dup2(r7, r7) read$FUSE(r8, &(0x7f00000063c0)={0x2020}, 0x2020) 1.6612291s ago: executing program 1 (id=1861): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x2808080, &(0x7f00000004c0)={[{@uni_xlate}, {@numtail}, {@uni_xlateno}, {@uni_xlate}, {@fat=@umask={'umask', 0x3d, 0x7}}, {@fat=@tz_utc}, {@uni_xlateno}, {@rodir}, {@shortname_winnt}, {@fat=@nfs_stale_rw}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@shortname_win95}]}, 0x81, 0x2ae, &(0x7f0000001980)="$eJzs3c+KI0UYAPCvJ52ZjArJwZMINujB07CzT7BBRljMSemDXlTcLMgkLEwgsCrGPXkXPPkOvoMP4MU38OBR8OYexJakO3+nM2wkZmX297vM11X1VVdV18xAoCufvD68fPBo9PDJV79Gq5XE0b24F0+T6MRRzH0TAMBt8rQo4o+iFHF8Y9t0Vl+0q6ujw4wQANi39f//AMCL4IMPP3qv2+tdvJ9lrYjht+M8iYhhMs7L+u7D+DwG0Y870Y6/IoqFMn7lfu8i0iybfxgwPo08Yvjxz9V19/eIWf55tKNzPf/d+72L86wUbw0n43x65+nPZryURHSLpOzobrTj1YiiGVUny/y7NfmRH8fbb/5Qjf/vfpxFO375LB7FIB7Muljmf32eZe8U3//5ZTmDPCKZjPOTWbulonGwhwIAAAAAAAAAAAAAAAAAAAAAwK13li10Vs/PmZ8GeHZWXz87H6hRcz5QdcLPZOV8nTtZls2P8RnnzSjz03gtjfS5Th4AAAAAAAAAAAAAAAAAAAD+J0aPv7j8dDDoX60FPxWbJTVB9UZ/VCXpSlW6XnVzPzXB5Y8Ru2c9SxCNamiD5Not5hN65g7T7Y1PdhnYaV0/cbRtDdNBlIP/bvdFeGOnCU6D4l+s83x3TTfJDY0bMXrcqt8kKzvztOrsajR7QKfbNu16UNQsXWNr1vGe9tjxy/vdtNMZNxeLud6mNX2SKyXNPf+mbEj+iz8/AAAAAAAAAAAAAAAAAADAiuVLv/Hbtconz2VIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBwy+//XwTR2SzZDCZVcr8ufSM4uRrV3LZz4GkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwy/0TAAD//0dFVzc=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) semctl$GETALL(0x0, 0x0, 0x13, 0xffffffffffffffff) sendmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x24000052) 1.606254682s ago: executing program 3 (id=1862): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc}, 0x4000800) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@delchain={0x40, 0x64, 0xf31, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x10, 0x2, [@TCA_FLOWER_KEY_ETH_DST={0xa, 0x4, @broadcast}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x4000004) r5 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x20, &(0x7f00000001c0)={&(0x7f0000000940)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}}, 0x0) 355.139419ms ago: executing program 1 (id=1863): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x28000, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x550, 0x40, 0x17f, 0x2, 0x4, 0x2, {0x0, 0x9}, {0x350, 0x20002, 0xffffffff}, {0xf4ef, 0x303}, {0x8, 0x4000002, 0x7fe}, 0x1, 0x100, 0x0, 0xd614, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, 0x0, 0x4}) 353.658679ms ago: executing program 3 (id=1864): ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(0xffffffffffffffff, 0xc0905664, &(0x7f0000000300)={0x0, 0x0, '\x00', @bt={0x8, 0x1, 0x2, 0xde02, 0x4, 0xe108, 0x9, 0x7}}) socket$inet_mptcp(0x2, 0x1, 0x106) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {0xffff, 0xffff}, {0xfff2, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x44}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd1e, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x8, 0x2, [@TCA_FLOWER_ACT={0x4}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8848}, 0x4080) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$sg(&(0x7f00000001c0), 0x508d48d4, 0x40902) r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r4, &(0x7f0000000500)={0x0, {'syz1\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000006c0)=""/101, 0x65, 0x0, 0x0, 0x4, 0x3, 0x10000001}}, 0x120) landlock_restrict_self(0xffffffffffffffff, 0x0) writev(r4, &(0x7f0000000780)=[{0x0}], 0x1) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0xd0, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xa, 0x80000006, 0x400}, 0x0, 0x0) 231.464323ms ago: executing program 4 (id=1865): prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000cb2000/0x4000)=nil, 0x4000, &(0x7f0000000140)=')^8:\x00\x00\x00\x00\x00\x00\x00\x01\x8d\xd9\xeb\xab\x97\xf3T&\x06\x00\xfdq9\xfd\xc6\x9dl\x9eN\x8e\xa9\xd8\x85\xe5wuH\xe8qB\xb1s\xd6r\xd7\x18A\x02\x81}KKK\xf4#\x8f[\xff\xff\xff\xffo\xac\xfe\xb7\x1fc\xb1zQT\xdb\xb9[o\x00\x00: H\x99\x0e\x91\x13\xae\xfb\fu\xfb\r') 87.176307ms ago: executing program 3 (id=1866): r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8, 0xffffffff}) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0) r2 = epoll_create(0x401) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x80002001}) fcntl$lock(r0, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd}) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x9, 0x0) fcntl$lock(r0, 0x7, &(0x7f0000000280)={0x2, 0x0, 0x2f, 0x520ea3af}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0x6}, {0x11, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$nl_route_sched(r4, 0x0, 0x800) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) r7 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d3750820c80a2103be6f000000010902120001000000000904"], 0x0) syz_usb_control_io$cdc_ecm(r7, 0x0, &(0x7f0000000540)={0x10, &(0x7f0000000380)=ANY=[], 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r7, 0x0, 0x0) syz_usb_control_io$hid(r7, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r7, 0x0, 0x0) syz_usb_control_io$printer(r7, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r7, 0x0, 0x0) r8 = syz_open_dev$vim2m(&(0x7f0000000100), 0x1, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r8, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_STREAMON(r8, 0x40045612, &(0x7f0000000080)=0x2) ioctl$VIDIOC_DECODER_CMD(r8, 0xc0485660, &(0x7f0000000380)={0x1, 0x2, @raw_data=[0x7ff, 0x0, 0x5, 0xf5088d3e, 0x3, 0x100, 0x4, 0x0, 0xffff, 0x4, 0x549, 0x8, 0x5, 0x9, 0x0, 0x6]}) sendmsg$nl_xfrm(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB, @ANYRES8=r6, @ANYRESHEX=r6], 0x68}}, 0x0) 33.90502ms ago: executing program 1 (id=1867): r0 = socket$kcm(0x2, 0x5, 0x84) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000200)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x4014) openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$userio(0xffffffffffffff9c, 0x0, 0x22242, 0x0) pselect6(0x2000, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x300}, 0x0, &(0x7f0000000100)={0x8}, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x400000000010, 0x3, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) socket$kcm(0xa, 0x1, 0x106) r4 = socket$inet6(0xa, 0x3, 0x1) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) r5 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f00000000c0)={0x84, @multicast2, 0x15, 0x3, 'wrr\x00', 0x30, 0x10001, 0x68}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000000)={{0x84, @remote, 0x4e21, 0x3, 'wlc\x00', 0x11, 0x4}, {@loopback, 0x4e23, 0x10000, 0xc3, 0x12d5c, 0x12d5c}}, 0x44) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x2b0, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x490, 0xffffffff, 0xffffffff, 0x490, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'vxcan1\x00', {0x8}}}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xfd}}, [], [0x0, 0xffffffff], 'pim6reg\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'bridge_slave_0\x00', {0x53}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x310) sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002f00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010001000000000000000000ffffac14141650bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e"], 0x114}, {&(0x7f0000000b40)=ANY=[@ANYRES32=0x0, @ANYBLOB="04004380a0c2a1be90846312e3bed7ee6d8301ec19852ba0d23b5114d536e4d075792b9335d042115d682eacf488620fe3f0d27cbdc802bf9e45937dfee7d846fa91e76e6382ec77332d7130d7da9dd4e7af00b4002bb1e00882522c18661005e392e9bfda22b58d9f38b09e6c31f8653ed5f368bc654f08d443ad0fd1655bd3cfcec0e493c80b7df6ff58928ab934c080fc46ce3728f812dbd4dd266a257635c858aee953d9cecefcc86bffca10623c64bcecf198db4e9efab5274ca4e6e76d2fcc4330a81920c35cc3d55354a323c4e8479d28f6920d0f1b253c728b35cf99ca02531f9762af762c5c5cc4b8422b38186bf9a1b8c700000000"], 0x150}], 0x2, 0x0, 0x0, 0x1}, 0x8040) sendmsg$inet(r0, 0x0, 0x0) r6 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000240)="5c00000014006b03000000d86e6c1d00028400000000564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0xffd0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20008000) 0s ago: executing program 4 (id=1868): mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2000007, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000001000/0x4000)=nil) pipe(&(0x7f0000000440)) kernel console output (not intermixed with test programs): 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.631412][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.642594][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.654112][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.667306][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.678023][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.691388][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.701691][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.721763][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.731974][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.743703][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.762036][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.770810][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.778286][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.787096][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.794655][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.802295][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.809888][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.817887][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.826123][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.834128][ T5222] hid-generic 0000:0000:0004.0005: unknown main item tag 0x0 [ 257.871552][ T5776] netlink: 'syz.1.402': attribute type 1 has an invalid length. [ 257.879329][ T5776] netlink: 83992 bytes leftover after parsing attributes in process `syz.1.402'. [ 258.272097][ T5222] hid-generic 0000:0000:0004.0005: hidraw0: HID v0.03 Device [syz1] on syz0 [ 258.464258][ T5762] netlink: 4 bytes leftover after parsing attributes in process `syz.3.397'. [ 258.603771][ T5777] fido_id[5777]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 259.067588][ T5788] netlink: 20 bytes leftover after parsing attributes in process `syz.2.407'. [ 259.095596][ T5787] loop3: detected capacity change from 0 to 4096 [ 259.175017][ T5787] ntfs3: loop3: ntfs_set_state r=3 failed, -22. [ 259.232657][ T5792] process 'syz.1.409' launched './file1' with NULL argv: empty string added [ 259.457119][ T4797] ntfs3: loop3: ntfs3_write_inode r=3 failed, -22. [ 259.481951][ T5794] tipc: Enabling of bearer rejected, already enabled [ 259.488693][ T4273] ntfs3: loop3: ntfs_set_state r=3 failed, -22. [ 259.497006][ T5794] netlink: 'syz.4.404': attribute type 5 has an invalid length. [ 259.506264][ T4273] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 259.524008][ T4273] ntfs3: loop3: ntfs_set_state r=3 failed, -22. [ 259.547847][ T11] ntfs3: loop3: ntfs3_write_inode r=3 failed, -22. [ 259.564761][ T4273] ntfs3: loop3: ntfs_evict_inode r=3 failed, -22. [ 260.102682][ T5808] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input15 [ 260.351984][ T5813] netlink: 'syz.0.413': attribute type 1 has an invalid length. [ 260.359901][ T5813] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.413'. [ 260.990148][ T5809] loop2: detected capacity change from 0 to 64 [ 263.625088][ T5821] netlink: 4 bytes leftover after parsing attributes in process `syz.1.416'. [ 264.465576][ T5826] loop2: detected capacity change from 0 to 1024 [ 264.482938][ T5820] loop0: detected capacity change from 0 to 4096 [ 264.682829][ T5830] netlink: 24 bytes leftover after parsing attributes in process `syz.1.420'. [ 266.000373][ T5847] netlink: 20 bytes leftover after parsing attributes in process `syz.2.425'. [ 266.479695][ T5852] netlink: 'syz.3.427': attribute type 1 has an invalid length. [ 266.487412][ T5852] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.427'. [ 267.240790][ T5859] loop3: detected capacity change from 0 to 128 [ 267.679716][ T5860] tipc: Enabling of bearer rejected, already enabled [ 267.687507][ T5861] netlink: 'syz.4.422': attribute type 5 has an invalid length. [ 269.603662][ T5864] Set syz1 is full, maxelem 65536 reached [ 271.531465][ T5878] loop0: detected capacity change from 0 to 4096 [ 271.553408][ T5880] loop3: detected capacity change from 0 to 1024 [ 271.572986][ T5880] EXT4-fs: Ignoring removed bh option [ 271.621651][ T5880] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 272.014401][ T5887] tipc: Enabling of bearer rejected, already enabled [ 272.028678][ T5887] netlink: 'syz.3.436': attribute type 5 has an invalid length. [ 272.361301][ T5890] netlink: 20 bytes leftover after parsing attributes in process `syz.1.438'. [ 272.529239][ T5894] loop2: detected capacity change from 0 to 512 [ 272.572752][ T4273] EXT4-fs (loop3): unmounting filesystem. [ 272.787666][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 272.787707][ T26] audit: type=1400 audit(1781575989.678:4): apparmor="DENIED" operation="change_hat" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=5900 comm="syz.1.443" [ 272.838033][ T5903] netlink: 'syz.0.440': attribute type 1 has an invalid length. [ 272.845926][ T5903] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.440'. [ 272.861416][ T5894] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 272.886431][ T5894] ext4 filesystem being mounted at /90/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 273.086395][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 273.213533][ T5911] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input16 [ 274.804741][ T5919] netlink: 'syz.3.448': attribute type 13 has an invalid length. [ 275.392397][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.408827][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.416295][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.438573][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.452856][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.468304][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.497957][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.645300][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.724970][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.734332][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.742456][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.755223][ T5933] loop2: detected capacity change from 0 to 64 [ 275.758980][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.799858][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.807365][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.855789][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.865892][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.906346][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.926592][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.957042][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 275.974947][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.004591][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.034598][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.042375][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.058532][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.070796][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.086171][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.250305][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.258303][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.265851][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.273674][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.281781][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.289855][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.297410][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.304923][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.312447][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.319930][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.327371][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.345215][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.352960][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.360446][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.367873][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.381155][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.406032][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.413960][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.427199][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.434906][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.451005][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.463353][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.473693][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.488340][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.504119][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.512156][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.525881][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.533945][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.549774][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.557502][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.571474][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.581777][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.597001][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.611641][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.624341][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.632000][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.639587][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.647082][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.656028][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.663588][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.673142][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.680963][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.688521][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.696071][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.703769][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.711356][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.718955][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.726473][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.769178][ T5945] netlink: 24 bytes leftover after parsing attributes in process `syz.1.453'. [ 276.779401][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.786974][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.794630][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.802245][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.809881][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.817407][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.824973][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.841601][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.875997][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.926335][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 276.979364][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.018071][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.027288][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.040997][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.052855][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.065229][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.080929][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.092369][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.102667][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.114155][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.125129][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.136463][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.146379][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.157606][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.173087][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.186085][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.200180][ T27] hid-generic 0000:0000:0004.0006: unknown main item tag 0x0 [ 277.261664][ T27] hid-generic 0000:0000:0004.0006: hidraw0: HID v0.03 Device [syz1] on syz0 [ 277.421999][ T5950] fido_id[5950]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 277.558325][ T5919] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.567210][ T5919] bridge0: port 1(bridge_slave_0) entered disabled state [ 278.075940][ T5919] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 278.111791][ T5919] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 278.572223][ T5919] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 278.581362][ T5919] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 278.590754][ T5919] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 278.600972][ T5919] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 278.797838][ T5941] tipc: Enabling of bearer rejected, already enabled [ 278.806697][ T5943] netlink: 'syz.4.452': attribute type 5 has an invalid length. [ 278.848283][ T5949] gre0 speed is unknown, defaulting to 1000 [ 279.995583][ T5973] netlink: 'syz.0.459': attribute type 1 has an invalid length. [ 280.003580][ T5973] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.459'. [ 283.033263][ T5997] loop0: detected capacity change from 0 to 164 [ 283.067871][ T5997] netlink: 24 bytes leftover after parsing attributes in process `syz.0.467'. [ 283.811015][ T6002] loop2: detected capacity change from 0 to 512 [ 283.892941][ T6002] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 283.910642][ T6002] ext4 filesystem being mounted at /95/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 284.199248][ T6002] EXT4-fs (loop2): unmounting filesystem. [ 285.674163][ T5995] loop3: detected capacity change from 0 to 32768 [ 287.406619][ T6031] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input17 [ 289.849564][ T6044] loop0: detected capacity change from 0 to 512 [ 289.897233][ T6044] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 289.936985][ T6044] ext4 filesystem being mounted at /88/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 290.135460][ T6043] EXT4-fs (loop0): unmounting filesystem. [ 293.332571][ T6086] loop2: detected capacity change from 0 to 1024 [ 293.376762][ T6086] EXT4-fs: Ignoring removed bh option [ 293.405472][ T6086] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 293.733733][ T6097] netlink: 24 bytes leftover after parsing attributes in process `syz.4.500'. [ 294.037066][ T6102] tipc: Enabling of bearer rejected, already enabled [ 294.047131][ T6102] netlink: 'syz.2.498': attribute type 5 has an invalid length. [ 294.388589][ T4287] Bluetooth: hci5: command 0xfc11 tx timeout [ 294.396770][ T4291] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 294.756913][ T6108] loop3: detected capacity change from 0 to 8192 [ 294.814364][ T6108] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 294.998515][ T6108] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 295.007832][ T6108] REISERFS (device loop3): using ordered data mode [ 295.038635][ T6114] netlink: 224 bytes leftover after parsing attributes in process `syz.0.505'. [ 295.152340][ T6108] reiserfs: using flush barriers [ 295.275944][ T6108] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 295.531336][ T6108] REISERFS (device loop3): checking transaction log (loop3) [ 295.659640][ T6108] REISERFS (device loop3): Using r5 hash to sort names [ 295.708911][ T6108] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 295.887127][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 297.647894][ T6124] loop2: detected capacity change from 0 to 32768 [ 297.690174][ T6124] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop2 scanned by syz.2.507 (6124) [ 297.828318][ T6144] netlink: 224 bytes leftover after parsing attributes in process `syz.0.517'. [ 297.926160][ T6124] BTRFS info (device loop2): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 298.076781][ T6124] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 298.205533][ T6124] BTRFS info (device loop2): using free space tree [ 298.720820][ T6124] BTRFS info (device loop2): enabling ssd optimizations [ 299.472359][ T4286] BTRFS info (device loop2): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 299.976773][ T6173] tipc: Enabling of bearer rejected, already enabled [ 299.985520][ T6173] netlink: 'syz.1.518': attribute type 5 has an invalid length. [ 300.107162][ T6168] loop0: detected capacity change from 0 to 8192 [ 300.158154][ T6141] loop3: detected capacity change from 0 to 32768 [ 300.246148][ T6168] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 300.300084][ T6168] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 300.315587][ T6168] REISERFS (device loop0): using ordered data mode [ 300.322985][ T6168] reiserfs: using flush barriers [ 300.338537][ T6168] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 300.363996][ T6168] REISERFS (device loop0): checking transaction log (loop0) [ 300.387126][ T6168] REISERFS (device loop0): Using r5 hash to sort names [ 300.400931][ T6168] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 300.551177][ T6184] netlink: 224 bytes leftover after parsing attributes in process `syz.2.521'. [ 301.257679][ T6186] overlayfs: upper fs needs to support d_type. [ 301.296490][ T6186] overlayfs: upper fs does not support tmpfile. [ 301.324969][ T6186] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 301.398962][ T6186] overlayfs: failed to set xattr on upper [ 301.574726][ T6186] overlayfs: ...falling back to index=off,metacopy=off. [ 301.602700][ T6193] loop3: detected capacity change from 0 to 1024 [ 302.489608][ T6208] loop5: detected capacity change from 0 to 7 [ 302.554135][ T4443] Dev loop5: unable to read RDB block 7 [ 302.644639][ T6211] program syz.1.530 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 302.923703][ T4443] loop5: unable to read partition table [ 303.123176][ T4443] loop5: partition table beyond EOD, truncated [ 303.314288][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.409788][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.417290][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.424914][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.432393][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.439916][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.448556][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.456018][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.463536][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.472519][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.480133][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.487577][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.495081][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.506347][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.513866][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.521381][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.538483][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.545959][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.560970][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.568938][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.576524][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.585215][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.625225][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.669145][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.688485][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.738588][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.746058][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.818483][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.825963][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.868904][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 303.876386][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.045514][ T6222] netlink: 20 bytes leftover after parsing attributes in process `syz.3.532'. [ 304.725402][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.733079][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.740691][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.748237][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.755808][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.828537][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.838686][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.846334][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.868733][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.884579][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.897803][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.911485][ T6225] loop0: detected capacity change from 0 to 2048 [ 304.921381][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.938228][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.948690][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 304.959219][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 305.110942][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 305.127513][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 305.173468][ T6225] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 305.191774][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 305.233438][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 305.448005][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 305.459519][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 305.467077][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 305.508954][ T6237] tipc: Enabling of bearer rejected, already enabled [ 305.512073][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 305.526066][ T6237] netlink: 'syz.4.533': attribute type 5 has an invalid length. [ 305.620208][ T4288] Bluetooth: hci2: ACL packet for unknown connection handle 1211 [ 306.066664][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.074206][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.081817][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.089292][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.098480][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.105925][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.181168][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.205887][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.229198][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.238818][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.257014][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.276530][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.284491][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.298512][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.318914][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.326386][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.370731][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.390946][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.410672][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.430598][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.438071][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.468209][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.525656][ T6252] netlink: 224 bytes leftover after parsing attributes in process `syz.3.543'. [ 306.569567][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.636357][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.709475][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.781804][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.859272][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.922318][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 306.993012][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 307.066597][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 307.130062][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 307.202470][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 307.281574][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 307.532812][ T6258] loop5: detected capacity change from 0 to 7 [ 307.548354][ T6258] Dev loop5: unable to read RDB block 7 [ 307.554552][ T6258] loop5: unable to read partition table [ 307.561304][ T6258] loop5: partition table beyond EOD, truncated [ 307.567735][ T6258] loop_reread_partitions: partition scan of loop5 (Wý* %4FLQk݊5) failed (rc=-5) [ 307.634898][ T6259] program syz.1.544 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 308.180509][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.188080][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.203196][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.210883][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.218305][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.241471][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.268505][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.278661][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.286105][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.308519][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.315986][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.331590][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.348497][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.428468][ T4325] hid-generic 0000:0000:0004.0007: unknown main item tag 0x0 [ 308.453797][ T4274] EXT4-fs (loop0): unmounting filesystem. [ 308.500297][ T6265] loop3: detected capacity change from 0 to 2048 [ 308.552710][ T4325] hid-generic 0000:0000:0004.0007: hidraw0: HID v0.03 Device [syz1] on syz0 [ 308.602869][ T6265] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 309.719555][ T6267] fido_id[6267]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 309.764363][ T6278] loop0: detected capacity change from 0 to 128 [ 309.817511][ T6278] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 309.845177][ T6278] hpfs: filesystem error: improperly stopped [ 309.888667][ T6278] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 309.896506][ T6278] hpfs: You really don't want any checks? You are crazy... [ 309.975415][ T6278] hpfs: Code page index out of array [ 310.029174][ T6278] hpfs: code page support is disabled [ 310.042850][ T6278] hpfs: hpfs_map_4sectors(): unaligned read [ 310.077917][ T6278] hpfs: hpfs_map_4sectors(): unaligned read [ 310.117788][ T6278] hpfs: filesystem error: unable to find root dir [ 310.307467][ T6278] hpfs: hpfs_map_4sectors(): unaligned read [ 310.665490][ T6293] loop3: detected capacity change from 0 to 1024 [ 311.394792][ T6297] netlink: 224 bytes leftover after parsing attributes in process `syz.0.556'. [ 311.809485][ T6293] hfsplus: extend alloc file! (16384,256,150995124) [ 311.816967][ T6293] hfsplus: failed to extend attributes file [ 312.257650][ T6304] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input18 [ 312.291614][ T6280] loop2: detected capacity change from 0 to 32768 [ 313.445152][ T6317] loop0: detected capacity change from 0 to 1024 [ 313.698841][ T6319] loop2: detected capacity change from 0 to 4096 [ 314.689983][ T33] hfsplus: b-tree write err: -5, ino 8 [ 314.961285][ T4286] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22. [ 314.967808][ T4286] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 315.141877][ T6332] loop3: detected capacity change from 0 to 8192 [ 315.255741][ T6340] netlink: 224 bytes leftover after parsing attributes in process `syz.0.570'. [ 315.273664][ T6332] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 315.424583][ T6332] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 315.593398][ T6332] REISERFS (device loop3): using ordered data mode [ 315.701807][ T6332] reiserfs: using flush barriers [ 315.855408][ T6332] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 316.010772][ T6332] REISERFS (device loop3): checking transaction log (loop3) [ 316.019592][ T6332] REISERFS (device loop3): Using r5 hash to sort names [ 316.026803][ T6332] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 316.152501][ T6344] loop2: detected capacity change from 0 to 1024 [ 317.072254][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.079872][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.462466][ T6366] loop2: detected capacity change from 0 to 16 [ 318.502684][ T6366] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 318.562037][ T6366] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 318.585108][ T6363] loop3: detected capacity change from 0 to 4096 [ 318.602343][ T6366] erofs: (device loop2): EXPERIMENTAL compressed fragments feature in use. Use at your own risk! [ 318.625559][ T6366] erofs: (device loop2): EXPERIMENTAL global deduplication feature in use. Use at your own risk! [ 318.677209][ T6366] erofs: DAX unsupported by block device. Turning off DAX. [ 318.711201][ T6366] erofs: (device loop2): erofs_read_inode: unsupported datalayout 7 of nid 36 [ 319.400640][ T4273] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22. [ 319.407217][ T4273] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 319.673868][ T6379] netlink: 224 bytes leftover after parsing attributes in process `syz.3.583'. [ 320.426708][ T6374] loop2: detected capacity change from 0 to 4096 [ 320.527002][ T6374] ntfs3: Invalid value for umask. [ 322.055548][ T6402] loop2: detected capacity change from 0 to 2048 [ 322.133609][ T6402] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 322.495230][ T6407] loop0: detected capacity change from 0 to 4096 [ 323.958297][ T6424] loop3: detected capacity change from 0 to 4096 [ 323.995481][ T6424] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 324.104955][ T6424] ntfs: volume version 3.1. [ 325.030912][ T6424] ntfs: (device loop3): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set iso8859-14. You might want to try to use the mount option nls=utf8. [ 325.051100][ T6424] ntfs: (device loop3): ntfs_filldir(): Skipping unrepresentable inode 0x4. [ 325.164821][ T6437] loop0: detected capacity change from 0 to 16 [ 325.241856][ T6437] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 325.263572][ T6437] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 325.290503][ T6437] erofs: (device loop0): EXPERIMENTAL compressed fragments feature in use. Use at your own risk! [ 325.322223][ T6437] erofs: (device loop0): EXPERIMENTAL global deduplication feature in use. Use at your own risk! [ 325.362686][ T6437] erofs: DAX unsupported by block device. Turning off DAX. [ 325.536949][ T6437] erofs: (device loop0): erofs_read_inode: unsupported datalayout 7 of nid 36 [ 329.073040][ T6457] loop2: detected capacity change from 0 to 4096 [ 330.859271][ T6475] netlink: 224 bytes leftover after parsing attributes in process `syz.2.619'. [ 331.558237][ T6471] loop3: detected capacity change from 0 to 4096 [ 331.614673][ T6471] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 332.000194][ T6471] ntfs: volume version 3.1. [ 332.786642][ T6471] ntfs: (device loop3): ntfs_attr_find(): Inode is corrupt. Run chkdsk. [ 333.130815][ T6471] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xb as bad. Run chkdsk. [ 333.201923][ T6471] ntfs: (device loop3): load_system_files(): Failed to load $Extend. [ 333.239935][ T6471] ntfs: (device loop3): ntfs_fill_super(): Failed to load system files. [ 335.348745][ T6493] loop0: detected capacity change from 0 to 8192 [ 335.931968][ T6493] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 335.988736][ T6493] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 336.825391][ T6493] REISERFS (device loop0): using ordered data mode [ 336.832761][ T6493] reiserfs: using flush barriers [ 336.918809][ T6493] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 337.737615][ T6493] REISERFS warning (device loop0): journal-2004 journal_init: Journal cnode memory allocation failed (73728 bytes). Journal is too large for available memory. Usually this is due to a journal that is too large. [ 339.216661][ T6533] loop3: detected capacity change from 0 to 4096 [ 340.029697][ T6533] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 341.007544][ T4273] EXT4-fs (loop3): unmounting filesystem. [ 342.811757][ T4587] Bluetooth: hci5: Frame reassembly failed (-84) [ 344.748581][ T4291] Bluetooth: hci5: command 0xfc11 tx timeout [ 344.756847][ T4288] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 346.315969][ T6603] device syzkaller0 entered promiscuous mode [ 346.324576][ T6601] loop2: detected capacity change from 0 to 4096 [ 346.528262][ T6606] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 346.811339][ T6612] netlink: 20 bytes leftover after parsing attributes in process `syz.4.661'. [ 347.307456][ T6601] syz.2.658 (6601) used greatest stack depth: 19416 bytes left [ 347.755394][ T6624] loop3: detected capacity change from 0 to 512 [ 349.294621][ T6642] netlink: 'syz.2.671': attribute type 1 has an invalid length. [ 349.302409][ T6642] netlink: 83992 bytes leftover after parsing attributes in process `syz.2.671'. [ 350.076876][ T6647] loop2: detected capacity change from 0 to 4096 [ 350.084828][ T6647] ntfs: (device loop2): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 350.149806][ T6647] ntfs: volume version 3.1. [ 350.524491][ T6660] loop0: detected capacity change from 0 to 512 [ 350.607907][ T6660] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 350.657638][ T6660] ext4 filesystem being mounted at /121/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 350.766552][ T6655] EXT4-fs (loop0): unmounting filesystem. [ 352.860390][ T6689] loop2: detected capacity change from 0 to 1024 [ 352.893570][ T6689] EXT4-fs: Ignoring removed bh option [ 352.963585][ T6689] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 353.024001][ T6697] netlink: 'syz.3.682': attribute type 1 has an invalid length. [ 353.032175][ T6697] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.682'. [ 354.134501][ T6715] tipc: Enabling of bearer rejected, already enabled [ 354.196052][ T6715] netlink: 'syz.2.683': attribute type 5 has an invalid length. [ 356.001348][ T6740] loop3: detected capacity change from 0 to 164 [ 356.028110][ T6740] netlink: 24 bytes leftover after parsing attributes in process `syz.3.699'. [ 356.736049][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 356.831448][ T6753] tipc: Enabling of bearer rejected, failed to enable media [ 357.081542][ T6766] overlayfs: failed to clone upperpath [ 358.024186][ T6756] loop2: detected capacity change from 0 to 8192 [ 358.151035][ T6756] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 358.208557][ T6756] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 358.327170][ T6756] REISERFS (device loop2): using ordered data mode [ 358.349626][ T6756] reiserfs: using flush barriers [ 358.384478][ T6756] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 358.423747][ T6781] loop3: detected capacity change from 0 to 8192 [ 358.469156][ T6781] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 358.480566][ T6756] REISERFS (device loop2): checking transaction log (loop2) [ 358.511116][ T6756] REISERFS (device loop2): Using r5 hash to sort names [ 358.571436][ T6756] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 358.593467][ T6781] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 358.628638][ T6781] REISERFS (device loop3): using ordered data mode [ 358.648532][ T6781] reiserfs: using flush barriers [ 358.949001][ T6781] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 359.302665][ T6781] REISERFS (device loop3): checking transaction log (loop3) [ 359.908607][ T6795] netlink: 20 bytes leftover after parsing attributes in process `syz.0.714'. [ 360.027223][ T6781] REISERFS (device loop3): Using tea hash to sort names [ 360.048714][ T6781] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 360.335997][ T6799] loop2: detected capacity change from 0 to 8192 [ 360.390561][ T6799] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 360.412190][ T6799] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 360.469778][ T6799] REISERFS (device loop2): using ordered data mode [ 360.476373][ T6799] reiserfs: using flush barriers [ 360.573480][ T6799] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 360.711627][ T6799] REISERFS (device loop2): checking transaction log (loop2) [ 360.770370][ T6799] REISERFS (device loop2): Using r5 hash to sort names [ 360.788085][ T6799] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 361.590666][ T6812] overlayfs: failed to clone upperpath [ 363.940317][ T6842] netlink: 20 bytes leftover after parsing attributes in process `syz.1.730'. [ 364.050248][ T6838] loop2: detected capacity change from 0 to 8192 [ 364.091181][ T6845] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 364.100638][ T6845] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 364.109580][ T6845] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 364.114101][ T6838] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 364.118451][ T6845] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 364.156553][ T6845] team0: Port device vxlan0 added [ 364.164375][ T6838] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 364.183623][ T6838] REISERFS (device loop2): using ordered data mode [ 364.202162][ T6838] reiserfs: using flush barriers [ 364.224634][ T6838] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 364.261980][ T6838] REISERFS (device loop2): checking transaction log (loop2) [ 364.487088][ T6838] REISERFS (device loop2): Using tea hash to sort names [ 364.497240][ T6838] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 364.756850][ T6850] overlayfs: failed to clone upperpath [ 365.371412][ T6864] loop2: detected capacity change from 0 to 1024 [ 365.399195][ T6864] EXT4-fs: Ignoring removed bh option [ 365.702896][ T6871] netlink: 'syz.0.739': attribute type 1 has an invalid length. [ 365.710954][ T6871] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.739'. [ 365.815809][ T6864] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 366.562135][ T6877] netlink: 20 bytes leftover after parsing attributes in process `syz.3.744'. [ 366.710499][ T6884] tipc: Enabling of bearer rejected, already enabled [ 366.720150][ T6884] netlink: 'syz.2.741': attribute type 5 has an invalid length. [ 366.920917][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 368.009772][ T6891] loop2: detected capacity change from 0 to 1024 [ 368.021656][ T6891] EXT4-fs: Ignoring removed bh option [ 368.088562][ T6891] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 368.850741][ T6907] tipc: Enabling of bearer rejected, already enabled [ 368.900814][ T6907] netlink: 'syz.2.748': attribute type 5 has an invalid length. [ 370.652858][ T6923] netlink: 24 bytes leftover after parsing attributes in process `syz.4.760'. [ 371.360734][ T6933] netlink: 20 bytes leftover after parsing attributes in process `syz.4.762'. [ 371.437207][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 371.754748][ T6941] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input19 [ 373.431927][ T6961] netlink: 4 bytes leftover after parsing attributes in process `syz.2.772'. [ 375.888488][ T6979] loop2: detected capacity change from 0 to 2048 [ 375.934350][ T6979] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 376.082679][ T6985] netlink: 20 bytes leftover after parsing attributes in process `syz.4.779'. [ 376.404917][ T6995] loop2: detected capacity change from 0 to 1024 [ 377.567729][ T7001] overlayfs: failed to clone upperpath [ 377.638891][ T7003] loop2: detected capacity change from 0 to 4096 [ 378.080618][ T7003] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 378.528902][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.535300][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.616333][ T7003] ntfs3: loop2: failed to convert "0000" to iso8859-2 [ 378.638687][ T7003] ntfs3: loop2: failed to convert name for inode 1e. [ 380.430802][ T7032] netlink: 20 bytes leftover after parsing attributes in process `syz.1.797'. [ 382.337917][ T7048] netlink: 224 bytes leftover after parsing attributes in process `syz.2.805'. [ 383.123424][ T7059] tipc: Enabling of bearer rejected, already enabled [ 383.133844][ T7059] netlink: 'syz.4.808': attribute type 5 has an invalid length. [ 384.329845][ T7066] netlink: 20 bytes leftover after parsing attributes in process `syz.0.812'. [ 385.642824][ T7081] overlayfs: failed to clone upperpath [ 386.936787][ T7093] loop2: detected capacity change from 0 to 1024 [ 386.982880][ T7093] EXT4-fs: Ignoring removed bh option [ 387.074666][ T7093] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 387.707724][ T7114] tipc: Enabling of bearer rejected, already enabled [ 387.738572][ T7114] netlink: 'syz.2.821': attribute type 5 has an invalid length. [ 388.211763][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 388.256389][ T7119] overlayfs: failed to clone upperpath [ 388.450914][ T7123] device syzkaller0 entered promiscuous mode [ 389.593450][ T7131] loop2: detected capacity change from 0 to 4096 [ 389.894356][ T7131] ntfs3: loop2: MFT: r=1, expect seq=1 instead of 0! [ 390.074319][ T7131] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 390.258643][ T7131] ntfs3: loop2: ntfs_set_state r=3 failed, -22. [ 390.308579][ T7131] ntfs3: loop2: Failed to load $MFTMirr. [ 390.347609][ T7131] ntfs3: loop2: ntfs3_write_inode r=3 failed, -22. [ 390.387538][ T7131] ntfs3: loop2: ntfs_evict_inode r=3 failed, -22. [ 391.294003][ T7148] tipc: Enabling of bearer rejected, already enabled [ 391.305476][ T7148] netlink: 'syz.1.839': attribute type 5 has an invalid length. [ 391.343070][ T75] Bluetooth: hci5: Frame reassembly failed (-84) [ 391.402240][ T75] Bluetooth: hci5: Frame reassembly failed (-84) [ 392.000383][ T7156] overlayfs: failed to clone upperpath [ 392.359896][ T7164] tipc: Enabling of bearer rejected, already enabled [ 392.383793][ T7164] netlink: 'syz.3.841': attribute type 5 has an invalid length. [ 393.388611][ T4288] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 393.396732][ T4291] Bluetooth: hci5: command 0xfc11 tx timeout [ 393.857812][ T7188] loop2: detected capacity change from 0 to 8192 [ 393.912111][ T7188] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 393.939107][ T7188] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 394.004864][ T7188] REISERFS (device loop2): using ordered data mode [ 394.054205][ T7188] reiserfs: using flush barriers [ 394.096852][ T7188] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 394.174320][ T7188] REISERFS (device loop2): checking transaction log (loop2) [ 394.749924][ T7188] REISERFS (device loop2): Using tea hash to sort names [ 394.766712][ T7188] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 395.547968][ T7205] overlayfs: failed to clone upperpath [ 395.564396][ T7188] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 395.755653][ T7188] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 5) not found (pos 2) [ 395.860210][ T7188] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 5) not found (pos 2) [ 395.908809][ T7188] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 5) not found (pos 2) [ 396.264079][ T7218] tipc: Enabling of bearer rejected, already enabled [ 396.275175][ T7218] netlink: 'syz.0.859': attribute type 5 has an invalid length. [ 398.768661][ T46] Bluetooth: hci5: Frame reassembly failed (-84) [ 400.207318][ T7246] netlink: 24 bytes leftover after parsing attributes in process `syz.3.870'. [ 400.442484][ T7241] overlayfs: failed to clone upperpath [ 400.828814][ T4287] Bluetooth: hci5: command 0xfc11 tx timeout [ 400.837822][ T7184] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 400.913927][ T7255] tipc: Enabling of bearer rejected, already enabled [ 400.922978][ T7255] netlink: 'syz.0.874': attribute type 5 has an invalid length. [ 403.680932][ T7282] netlink: 'syz.4.877': attribute type 1 has an invalid length. [ 403.688870][ T7282] netlink: 83992 bytes leftover after parsing attributes in process `syz.4.877'. [ 404.198868][ T7284] tipc: Enabling of bearer rejected, already enabled [ 404.216273][ T7284] netlink: 'syz.1.882': attribute type 5 has an invalid length. [ 404.714082][ T7289] loop2: detected capacity change from 0 to 256 [ 405.005262][ T7290] overlayfs: failed to clone upperpath [ 405.745836][ T7302] tipc: Enabling of bearer rejected, already enabled [ 405.762979][ T7302] netlink: 'syz.3.886': attribute type 5 has an invalid length. [ 408.426377][ T7333] netlink: 24 bytes leftover after parsing attributes in process `syz.3.896'. [ 408.783337][ T7338] netlink: 'syz.0.894': attribute type 1 has an invalid length. [ 408.791330][ T7338] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.894'. [ 412.199885][ T7366] siw: device registration error -23 [ 412.299900][ T7366] smc: removing ib device syz2 [ 413.528044][ T7363] tipc: Enabling of bearer rejected, already enabled [ 413.602528][ T7368] netlink: 'syz.0.901': attribute type 5 has an invalid length. [ 414.804765][ T7392] netlink: 'syz.4.911': attribute type 1 has an invalid length. [ 414.812595][ T7392] netlink: 83992 bytes leftover after parsing attributes in process `syz.4.911'. [ 414.961090][ T7390] Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 416.163247][ T7404] netlink: 4 bytes leftover after parsing attributes in process `syz.3.920'. [ 416.747038][ T7419] netlink: 24 bytes leftover after parsing attributes in process `syz.1.926'. [ 417.101291][ T7424] netlink: 224 bytes leftover after parsing attributes in process `syz.2.929'. [ 417.376868][ T7428] tipc: Enabling of bearer rejected, already enabled [ 417.401407][ T7428] netlink: 'syz.3.924': attribute type 5 has an invalid length. [ 417.642227][ T7430] tipc: Enabling of bearer rejected, already enabled [ 417.652806][ T7430] netlink: 'syz.4.930': attribute type 5 has an invalid length. [ 421.310890][ T7474] tipc: Enabling of bearer rejected, already enabled [ 421.323186][ T7474] netlink: 'syz.3.941': attribute type 5 has an invalid length. [ 422.150606][ T7481] netlink: 'syz.4.940': attribute type 1 has an invalid length. [ 422.277551][ T7481] netlink: 83992 bytes leftover after parsing attributes in process `syz.4.940'. [ 422.364253][ T7483] netlink: 52 bytes leftover after parsing attributes in process `syz.1.947'. [ 422.724176][ T7492] program syz.2.951 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 422.989576][ T7494] tipc: Enabling of bearer rejected, already enabled [ 423.019415][ T7494] netlink: 'syz.3.945': attribute type 5 has an invalid length. [ 423.039174][ T7497] netlink: 24 bytes leftover after parsing attributes in process `syz.1.950'. [ 423.114440][ T7499] netlink: 4 bytes leftover after parsing attributes in process `syz.2.953'. [ 424.157438][ T7504] loop2: detected capacity change from 0 to 4096 [ 424.232900][ T7504] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 424.680297][ T7515] tipc: Enabling of bearer rejected, already enabled [ 424.712367][ T7515] ntfs3: loop2: ino=1e, "file1" fallocate(0x10) is not supported [ 424.721993][ T7515] netlink: 'syz.2.955': attribute type 5 has an invalid length. [ 425.502053][ T7528] loop2: detected capacity change from 0 to 8192 [ 425.540853][ T7528] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 425.570904][ T7528] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 425.608013][ T7528] REISERFS (device loop2): using ordered data mode [ 425.622837][ T7528] reiserfs: using flush barriers [ 425.642691][ T7528] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 425.668971][ T7528] REISERFS (device loop2): checking transaction log (loop2) [ 425.698134][ T7528] REISERFS (device loop2): Using r5 hash to sort names [ 425.717619][ T7528] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 426.343483][ T7545] overlayfs: failed to clone upperpath [ 426.805547][ T7562] loop2: detected capacity change from 0 to 256 [ 428.040112][ T7585] netlink: 24 bytes leftover after parsing attributes in process `syz.3.978'. [ 428.441752][ T7589] netlink: 20 bytes leftover after parsing attributes in process `syz.4.983'. [ 428.502621][ T7591] netlink: 224 bytes leftover after parsing attributes in process `syz.2.984'. [ 430.900596][ T7611] bridge0: port 2(bridge_slave_1) entered disabled state [ 430.908109][ T7611] bridge0: port 1(bridge_slave_0) entered disabled state [ 431.966325][ T7611] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 432.019014][ T7611] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 432.556082][ T7611] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.565825][ T7611] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.574815][ T7611] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.583784][ T7611] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.729467][ T7612] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 39952 - 0 [ 432.748488][ T7612] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 39952 - 0 [ 432.762940][ T7612] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 39952 - 0 [ 432.772552][ T7612] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 39952 - 0 [ 432.782251][ T7612] device geneve2 entered promiscuous mode [ 433.387039][ T26] audit: type=1326 audit(1781576150.278:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7668 comm="syz.3.1004" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001299ce59 code=0x7ffc0000 [ 433.429911][ T7676] loop2: detected capacity change from 0 to 1024 [ 433.457152][ T7676] EXT4-fs: Ignoring removed bh option [ 433.559393][ T7676] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 433.582915][ T26] audit: type=1326 audit(1781576150.358:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7668 comm="syz.3.1004" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f001299ce59 code=0x7ffc0000 [ 433.759414][ T26] audit: type=1326 audit(1781576150.358:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7668 comm="syz.3.1004" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001299ce59 code=0x7ffc0000 [ 433.919639][ T26] audit: type=1326 audit(1781576150.368:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7668 comm="syz.3.1004" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f001299ce59 code=0x7ffc0000 [ 433.944102][ T26] audit: type=1326 audit(1781576150.428:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7668 comm="syz.3.1004" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001299ce59 code=0x7ffc0000 [ 434.120029][ T26] audit: type=1326 audit(1781576150.428:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7668 comm="syz.3.1004" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001299ce59 code=0x7ffc0000 [ 434.244910][ T7689] tipc: Enabling of bearer rejected, already enabled [ 434.642512][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 434.792488][ T7693] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1012'. [ 434.833656][ T7693] netlink: 'syz.1.1012': attribute type 7 has an invalid length. [ 434.857449][ T7693] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1012'. [ 434.899899][ T7693] device bridge0 entered promiscuous mode [ 434.915185][ T7693] device ip6gretap0 entered promiscuous mode [ 434.941773][ T7693] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network [ 434.984631][ T7693] hsr1: Slave B (ip6gretap0) is not up; please bring it up to get a fully working HSR network [ 435.903790][ T7708] loop2: detected capacity change from 0 to 256 [ 436.217464][ T7707] tipc: Enabling of bearer rejected, already enabled [ 436.594187][ T7728] netlink: 'syz.4.1020': attribute type 4 has an invalid length. [ 437.690711][ T7739] overlayfs: failed to clone upperpath [ 439.742025][ T7767] overlayfs: failed to clone upperpath [ 440.032086][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.038500][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.937939][ T7799] loop2: detected capacity change from 0 to 164 [ 442.129106][ T7805] overlayfs: failed to clone upperpath [ 442.294328][ T7799] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1040'. [ 442.705855][ T7819] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1052'. [ 445.062105][ T7844] overlayfs: failed to clone upperpath [ 445.298080][ T7851] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1062'. [ 445.855414][ T7861] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1067'. [ 448.586403][ T7914] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1082'. [ 450.840539][ T7940] lo speed is unknown, defaulting to 1000 [ 450.846463][ T7940] lo speed is unknown, defaulting to 1000 [ 450.853615][ T7940] lo speed is unknown, defaulting to 1000 [ 450.863672][ T7940] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 450.877744][ T7940] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 450.931102][ T7940] lo speed is unknown, defaulting to 1000 [ 450.944460][ T7940] lo speed is unknown, defaulting to 1000 [ 450.957304][ T7940] lo speed is unknown, defaulting to 1000 [ 450.971351][ T7940] lo speed is unknown, defaulting to 1000 [ 450.982201][ T7940] lo speed is unknown, defaulting to 1000 [ 453.175522][ T7966] tipc: Enabling of bearer rejected, already enabled [ 453.187306][ T7966] netlink: 'syz.0.1093': attribute type 5 has an invalid length. [ 454.146290][ T7976] overlayfs: failed to clone upperpath [ 457.372415][ T7995] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 39952 - 0 [ 457.401440][ T7995] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 39952 - 0 [ 457.459172][ T7995] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 39952 - 0 [ 457.468198][ T7995] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 39952 - 0 [ 458.483840][ T8018] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1114'. [ 458.861241][ T8026] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1110'. [ 459.002127][ T8027] netlink: 'syz.4.1111': attribute type 1 has an invalid length. [ 459.038581][ T8027] netlink: 83992 bytes leftover after parsing attributes in process `syz.4.1111'. [ 459.454486][ T8030] loop2: detected capacity change from 0 to 8192 [ 459.497143][ T8030] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 459.519056][ T8030] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 459.528968][ T8030] REISERFS (device loop2): using ordered data mode [ 459.535702][ T8030] reiserfs: using flush barriers [ 459.615309][ T8030] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 459.632142][ T8030] REISERFS (device loop2): checking transaction log (loop2) [ 459.679439][ T8030] REISERFS (device loop2): Using r5 hash to sort names [ 459.696942][ T8030] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 460.591694][ T8040] device bridge_slave_1 left promiscuous mode [ 460.635324][ T8040] bridge0: port 2(bridge_slave_1) entered disabled state [ 460.670241][ T8040] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 461.237265][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 462.349693][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 462.436560][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 462.513923][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 463.149628][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 463.978501][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.004734][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.035859][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.194244][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.202365][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.210055][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.217478][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.228639][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.243232][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.258514][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.265949][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.275917][ T7184] Bluetooth: hci1: ACL packet for unknown connection handle 1211 [ 464.288540][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.295986][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.303741][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.311375][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.319008][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.326445][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.334087][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.341657][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.362029][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.386239][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.461718][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.469302][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.478555][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.486098][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.493618][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.503314][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.522241][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.557148][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.567372][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.579368][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.587577][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.607916][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.702172][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.728616][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.736072][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.754189][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.772791][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.790893][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.804485][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.815821][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.832329][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.844176][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.853105][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.894228][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.930367][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.937866][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.964463][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.974219][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.983941][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 464.993149][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.004034][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.025613][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.045901][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.055632][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.067489][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.087012][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.094588][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.106018][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.113684][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.124897][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.135734][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.147554][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.155875][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.171036][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.181051][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.191348][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.201388][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.210594][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.218200][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.254960][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.286148][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.317625][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.342767][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.370464][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.390273][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.415302][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.440729][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.469532][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.497999][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.524688][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.553750][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.581916][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.613660][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.646566][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.673695][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.703423][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.731461][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.757499][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.785462][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.811862][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.839661][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.865100][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.928498][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.935986][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 465.976766][ T4322] hid-generic 0000:0000:0004.0008: unknown main item tag 0x0 [ 466.041220][ T4322] hid-generic 0000:0000:0004.0008: hidraw0: HID v0.03 Device [syz1] on syz0 [ 466.302874][ T8083] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1134'. [ 467.290568][ T8082] fido_id[8082]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 467.434142][ T7184] Bluetooth: hci0: ACL packet for unknown connection handle 1211 [ 467.467573][ T8099] netlink: 'syz.3.1133': attribute type 1 has an invalid length. [ 467.475629][ T8099] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.1133'. [ 467.600025][ T8103] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 468.093728][ T8118] tipc: Enabling of bearer rejected, failed to enable media [ 468.388473][ T8126] fuse: Bad value for 'fd' [ 469.141738][ T8140] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1147'. [ 470.298426][ T7184] Bluetooth: hci0: ACL packet for unknown connection handle 1211 [ 470.712251][ T8163] loop4: detected capacity change from 0 to 7 [ 470.725139][ T8163] loop4: [ 470.740363][ T8163] loop4: partition table partially beyond EOD, truncated [ 471.061235][ T8168] tipc: Enabling of bearer rejected, failed to enable media [ 472.336207][ T8190] netlink: 'syz.2.1159': attribute type 1 has an invalid length. [ 472.344052][ T8190] netlink: 83992 bytes leftover after parsing attributes in process `syz.2.1159'. [ 473.868804][ T7184] Bluetooth: hci1: ACL packet for unknown connection handle 1211 [ 474.050861][ T8211] siw: device registration error -23 [ 475.697446][ T8217] overlayfs: failed to clone upperpath [ 475.777662][ T8223] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1172'. [ 475.907138][ T8228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1172'. [ 476.214249][ T8235] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1175'. [ 477.248081][ T8246] loop2: detected capacity change from 0 to 2048 [ 477.287904][ T8250] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1182'. [ 477.463282][ T8246] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 477.531411][ T8255] siw: device registration error -23 [ 479.286305][ T7184] Bluetooth: hci4: ACL packet for unknown connection handle 1211 [ 479.572628][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 481.259396][ T8286] loop2: detected capacity change from 0 to 164 [ 481.325696][ T8286] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1188'. [ 482.161958][ T8293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1192'. [ 482.172835][ T8293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1192'. [ 482.711469][ T8303] siw: device registration error -23 [ 484.477658][ T8315] netlink: 'syz.0.1191': attribute type 1 has an invalid length. [ 484.485659][ T8315] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.1191'. [ 485.669828][ T8326] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1201'. [ 487.366729][ T8348] netlink: 27 bytes leftover after parsing attributes in process `syz.0.1210'. [ 489.456947][ T8368] netlink: 'syz.1.1215': attribute type 1 has an invalid length. [ 489.464867][ T8368] netlink: 83992 bytes leftover after parsing attributes in process `syz.1.1215'. [ 492.102650][ T8408] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1220'. [ 492.129351][ T8408] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 492.137366][ T8408] IPv6: NLM_F_CREATE should be set when creating new route [ 493.030201][ T8418] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1223'. [ 493.096091][ T8418] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1223'. [ 493.526279][ T8424] siw: device registration error -23 [ 495.238562][ T4322] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 495.458520][ T4322] usb 3-1: Using ep0 maxpacket: 8 [ 495.495177][ T4322] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 495.516227][ T8435] netlink: 'syz.0.1230': attribute type 1 has an invalid length. [ 495.524448][ T4322] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 495.571466][ T4322] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 24608, setting to 1024 [ 495.617248][ T4322] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 495.652977][ T8435] 8021q: adding VLAN 0 to HW filter on device bond1 [ 495.669432][ T8438] bond1: option tlb_dynamic_lb: unable to set because the bond device is up [ 495.723620][ T4322] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 495.795229][ T4322] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 495.814841][ T4322] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.929305][ T8449] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1236'. [ 495.961923][ T8449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1236'. [ 496.162290][ T4322] usb 3-1: GET_CAPABILITIES returned 0 [ 496.174632][ T4322] usbtmc 3-1:16.0: can't read capabilities [ 496.263349][ T8454] siw: device registration error -23 [ 497.437834][ C1] usbtmc 3-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 497.480946][ T8422] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 497.527226][ T8422] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 497.634409][ T7643] usb 3-1: USB disconnect, device number 2 [ 498.358708][ T4288] Bluetooth: hci4: command 0x0406 tx timeout [ 499.401603][ T8487] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1248'. [ 499.546879][ T8487] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1248'. [ 499.674727][ T8491] tipc: Enabling of bearer rejected, failed to enable media [ 501.429197][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.435586][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.776869][ T8510] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1253'. [ 502.936769][ T8530] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1258'. [ 503.667542][ T8534] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1263'. [ 503.829435][ T8546] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1264'. [ 503.903920][ T8534] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1263'. [ 504.312937][ T8550] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1267'. [ 505.180452][ T4288] Bluetooth: hci0: ACL packet for unknown connection handle 1211 [ 505.495044][ T8573] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1275'. [ 506.418224][ T8591] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1280'. [ 506.876612][ T8596] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1282'. [ 506.971262][ T8601] netlink: 'syz.2.1282': attribute type 1 has an invalid length. [ 506.991578][ T8601] netlink: 'syz.2.1282': attribute type 2 has an invalid length. [ 507.142711][ T8601] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1282'. [ 507.363598][ T4288] Bluetooth: hci3: ACL packet for unknown connection handle 1211 [ 507.388784][ T8607] netlink: 'syz.3.1286': attribute type 1 has an invalid length. [ 507.396619][ T8607] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.1286'. [ 509.065716][ T8633] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1295'. [ 509.427844][ T8642] netlink: 'syz.0.1297': attribute type 1 has an invalid length. [ 509.435691][ T8642] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.1297'. [ 510.731470][ T8674] netlink: 'syz.0.1310': attribute type 1 has an invalid length. [ 510.739509][ T8674] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.1310'. [ 511.172591][ T8685] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1314'. [ 515.148251][ T8748] fuse: Bad value for 'fd' [ 516.034201][ T8759] siw: device registration error -23 [ 518.943992][ T5222] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 519.140318][ T5222] usb 3-1: unable to get BOS descriptor or descriptor too short [ 519.214289][ T5222] usb 3-1: not running at top speed; connect to a high speed hub [ 519.258934][ T5222] usb 3-1: config 10 has an invalid interface number: 3 but max is 0 [ 519.309115][ T5222] usb 3-1: config 10 has no interface number 0 [ 519.315368][ T5222] usb 3-1: config 10 interface 3 has no altsetting 0 [ 519.416400][ T5222] usb 3-1: New USB device found, idVendor=11ba, idProduct=1003, bcdDevice=14.c2 [ 519.551685][ T5222] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 519.587727][ T5222] usb 3-1: Product: syz [ 519.603862][ T5222] usb 3-1: Manufacturer: syz [ 519.622664][ T5222] usb 3-1: SerialNumber: syz [ 520.719551][ T8816] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1351'. [ 521.352215][ T5222] pvrusb2: Hardware description: OnAir Creator Hybrid USB tuner [ 521.362711][ T5222] usb 3-1: selecting invalid altsetting 0 [ 521.371220][ T2311] pvrusb2: Invalid write control endpoint [ 521.388178][ T5222] usb 3-1: USB disconnect, device number 3 [ 521.764171][ T2311] pvrusb2: Invalid write control endpoint [ 521.803410][ T2311] pvrusb2: Invalid write control endpoint [ 521.859728][ T2311] pvrusb2: Invalid write control endpoint [ 521.878804][ T2311] pvrusb2: Invalid write control endpoint [ 521.893069][ T2311] pvrusb2: Invalid write control endpoint [ 521.908539][ T2311] pvrusb2: Invalid write control endpoint [ 521.916538][ T2311] pvrusb2: Invalid write control endpoint [ 521.922551][ T2311] pvrusb2: Invalid write control endpoint [ 521.945465][ T8831] tipc: Enabling of bearer rejected, already enabled [ 521.954308][ T8831] netlink: 'syz.0.1347': attribute type 5 has an invalid length. [ 522.195473][ T2311] pvrusb2: Invalid write control endpoint [ 522.223999][ T2311] pvrusb2: Invalid write control endpoint [ 522.350074][ T2311] pvrusb2: Invalid write control endpoint [ 522.356058][ T2311] pvrusb2: Invalid write control endpoint [ 522.385302][ T2311] pvrusb2: Invalid write control endpoint [ 522.414208][ T2311] pvrusb2: Invalid write control endpoint [ 522.440968][ T2311] pvrusb2: Invalid write control endpoint [ 522.447248][ T8835] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1358'. [ 522.464751][ T2311] pvrusb2: Invalid write control endpoint [ 522.476015][ T2311] pvrusb2: Invalid write control endpoint [ 522.482096][ T2311] pvrusb2: Invalid write control endpoint [ 522.487966][ T2311] pvrusb2: Invalid write control endpoint [ 522.494136][ T2311] pvrusb2: Invalid write control endpoint [ 522.502131][ T2311] pvrusb2: Invalid write control endpoint [ 522.507970][ T2311] pvrusb2: Invalid write control endpoint [ 522.514530][ T2311] pvrusb2: Invalid write control endpoint [ 522.520617][ T2311] pvrusb2: Invalid write control endpoint [ 522.526508][ T2311] pvrusb2: Invalid write control endpoint [ 522.532513][ T2311] pvrusb2: Invalid write control endpoint [ 522.538522][ T2311] pvrusb2: Invalid write control endpoint [ 522.544327][ T2311] pvrusb2: Invalid write control endpoint [ 522.550460][ T2311] pvrusb2: Invalid write control endpoint [ 522.557917][ T2311] pvrusb2: Invalid write control endpoint [ 522.563947][ T2311] pvrusb2: Invalid write control endpoint [ 522.570661][ T2311] pvrusb2: Invalid write control endpoint [ 522.582039][ T2311] pvrusb2: Module ID 3 (saa7115) for device OnAir Creator Hybrid USB tuner failed to load. Possible missing sub-device kernel module or initialization failure within module. [ 522.617698][ T8837] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1358'. [ 522.705353][ T2311] cs53l32a 1-0011: chip found @ 0x22 (pvrusb2_a) [ 522.713996][ T2311] pvrusb2: Invalid write control endpoint [ 522.785525][ T2311] pvrusb2: Invalid write control endpoint [ 522.791546][ T2311] pvrusb2: Invalid write control endpoint [ 522.797342][ T2311] pvrusb2: Invalid write control endpoint [ 522.803712][ T2311] pvrusb2: Invalid write control endpoint [ 522.810953][ T2311] pvrusb2: Invalid write control endpoint [ 522.816751][ T2311] pvrusb2: Invalid write control endpoint [ 522.823366][ T2311] pvrusb2: Invalid write control endpoint [ 522.829464][ T2311] pvrusb2: Invalid write control endpoint [ 522.835245][ T2311] pvrusb2: Invalid write control endpoint [ 522.858422][ T2311] pvrusb2: Invalid write control endpoint [ 522.864238][ T2311] pvrusb2: Invalid write control endpoint [ 522.900753][ T2311] pvrusb2: Invalid write control endpoint [ 522.906570][ T2311] pvrusb2: Invalid write control endpoint [ 522.938489][ T2311] pvrusb2: Invalid write control endpoint [ 522.944578][ T2311] pvrusb2: Invalid write control endpoint [ 522.973655][ T2311] pvrusb2: Invalid write control endpoint [ 523.015518][ T2311] pvrusb2: Invalid write control endpoint [ 523.027222][ T2311] pvrusb2: Invalid write control endpoint [ 523.068390][ T2311] pvrusb2: Invalid write control endpoint [ 523.074208][ T2311] pvrusb2: Invalid write control endpoint [ 523.150182][ T2311] pvrusb2: Attached sub-driver cs53l32a [ 523.281501][ T8850] overlayfs: failed to clone upperpath [ 523.437788][ T2311] pvrusb2: Invalid write control endpoint [ 523.452622][ T2311] pvrusb2: Invalid write control endpoint [ 523.560225][ T2311] pvrusb2: Invalid write control endpoint [ 523.566978][ T2311] pvrusb2: Invalid write control endpoint [ 523.590718][ T2311] pvrusb2: Module ID 4 (tuner) for device OnAir Creator Hybrid USB tuner failed to load. Possible missing sub-device kernel module or initialization failure within module. [ 523.669912][ T2311] pvrusb2: Device being rendered inoperable [ 523.726350][ T2311] pvrusb2: ***WARNING*** pvrusb2 driver initialization failed due to the failure of one or more sub-device kernel modules. [ 523.740683][ T2311] pvrusb2: You need to resolve the failing condition before this driver can function. There should be some earlier messages giving more information about the problem. [ 523.835525][ T8864] loop2: detected capacity change from 0 to 164 [ 523.863338][ T8864] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1363'. [ 525.208558][ T8891] overlayfs: failed to resolve './file1/file0': -2 [ 526.566890][ T8907] tipc: Enabling of bearer rejected, already enabled [ 526.575849][ T8907] netlink: 'syz.3.1371': attribute type 5 has an invalid length. [ 527.370825][ T8917] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1380'. [ 529.791374][ T8945] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1387'. [ 530.883261][ T8956] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1393'. [ 532.205593][ T4288] Bluetooth: hci1: ACL packet for unknown connection handle 1211 [ 534.093819][ T4288] Bluetooth: hci0: ACL packet for unknown connection handle 1211 [ 534.348518][ T4322] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 534.548556][ T4322] usb 3-1: Using ep0 maxpacket: 32 [ 534.569305][ T4322] usb 3-1: config 0 has no interfaces? [ 534.607661][ T4322] usb 3-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 534.672450][ T4322] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 534.733912][ T4322] usb 3-1: Product: syz [ 534.774445][ T4322] usb 3-1: Manufacturer: syz [ 534.821367][ T4322] usb 3-1: SerialNumber: syz [ 534.916269][ T4322] usb 3-1: config 0 descriptor?? [ 536.083688][ T5222] usb 3-1: USB disconnect, device number 4 [ 536.305646][ T9020] loop2: detected capacity change from 0 to 2048 [ 536.363540][ T9020] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 537.178525][ T4288] Bluetooth: hci4: ACL packet for unknown connection handle 1211 [ 537.267004][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 537.734662][ T9040] tipc: Enabling of bearer rejected, failed to enable media [ 538.408418][ T4288] Bluetooth: hci3: ACL packet for unknown connection handle 1211 [ 538.571575][ T9058] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1423'. [ 539.385691][ T9065] loop2: detected capacity change from 0 to 2048 [ 539.470946][ T9065] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 539.889451][ T4288] Bluetooth: hci4: ACL packet for unknown connection handle 1211 [ 540.432415][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 541.033975][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.047671][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.063354][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.082024][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.124719][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.171847][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.226483][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.292165][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.366793][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.427393][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.478096][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.514058][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.547397][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.600429][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.634686][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.650243][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.681815][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.703466][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.723434][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.733985][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.751765][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.764961][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.786783][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.807770][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.836381][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.865472][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.893113][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.913533][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.926567][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.938068][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.951930][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.961839][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.973456][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 541.983330][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.005586][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.014819][ T9097] tipc: Enabling of bearer rejected, failed to enable media [ 542.027968][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.037323][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.050540][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.058066][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.074082][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.093963][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.112635][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.129663][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.145360][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.162142][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.182037][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.204368][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.233837][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.255179][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.280746][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.303306][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.325169][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.346798][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.364016][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.374535][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.386601][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.411837][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.427159][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.454158][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.475192][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.492047][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.507539][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.524776][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.540481][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.681695][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.689707][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.697234][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.704775][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.722630][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.739359][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.754865][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 542.837576][ T9110] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1437'. [ 543.460013][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.467500][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.475165][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.482661][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.490144][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.497622][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.505273][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.512809][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.520390][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.527840][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.535388][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.543837][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.551344][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.558833][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.566299][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.573821][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.581352][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.588886][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.596352][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.603883][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.611480][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.618987][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.626433][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.634007][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.647643][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.660776][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.684973][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.703944][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.727631][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.746085][ T4380] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 543.771099][ T4380] hid-generic 0000:0000:0004.0009: hidraw0: HID v0.03 Device [syz1] on syz0 [ 544.054404][ T4288] Bluetooth: hci3: ACL packet for unknown connection handle 1211 [ 546.215363][ T9126] loop2: detected capacity change from 0 to 2048 [ 546.247666][ T9114] fido_id[9114]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 546.340489][ T9126] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 546.661806][ T9143] tipc: Enabling of bearer rejected, failed to enable media [ 546.830749][ T4288] Bluetooth: hci4: ACL packet for unknown connection handle 1211 [ 547.261393][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 547.503983][ T4288] Bluetooth: hci1: ACL packet for unknown connection handle 1211 [ 550.391774][ T9187] loop2: detected capacity change from 0 to 4096 [ 550.714036][ T4286] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22. [ 550.726031][ T4286] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 551.174833][ T9200] tipc: Enabling of bearer rejected, failed to enable media [ 551.650043][ T4288] Bluetooth: hci3: ACL packet for unknown connection handle 1211 [ 552.488056][ T4288] Bluetooth: hci2: ACL packet for unknown connection handle 1211 [ 553.934107][ T9240] tipc: Enabling of bearer rejected, already enabled [ 553.942998][ T9240] netlink: 'syz.3.1483': attribute type 5 has an invalid length. [ 554.490463][ T9244] device syzkaller0 entered promiscuous mode [ 554.546432][ T9246] tipc: Enabled bearer , priority 0 [ 554.566249][ T9243] tipc: Resetting bearer [ 554.657587][ T9243] tipc: Disabling bearer [ 554.983491][ T9262] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1478'. [ 555.972148][ T4288] Bluetooth: hci3: ACL packet for unknown connection handle 1211 [ 556.344341][ T9272] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 3, id = 0 [ 557.628929][ T4322] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 557.870204][ T4322] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 557.898385][ T4322] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 557.929013][ T4322] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 557.973461][ T4322] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 558.013967][ T4322] usb 3-1: SerialNumber: syz [ 558.281780][ T4322] usb 3-1: 0:2 : does not exist [ 558.483276][ T4322] usb 3-1: USB disconnect, device number 5 [ 558.888818][ T8885] udevd[8885]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 558.957540][ T9288] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1487'. [ 559.555837][ T4288] Bluetooth: hci1: ACL packet for unknown connection handle 1211 [ 559.642972][ T9297] tipc: Enabling of bearer rejected, already enabled [ 559.651767][ T9297] netlink: 'syz.1.1488': attribute type 5 has an invalid length. [ 559.856692][ T9300] device syzkaller0 entered promiscuous mode [ 559.909552][ T9300] tipc: Enabled bearer , priority 0 [ 559.954580][ T9298] tipc: Resetting bearer [ 560.093077][ T9298] tipc: Disabling bearer [ 561.786641][ T9326] loop2: detected capacity change from 0 to 164 [ 561.890674][ T9326] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1498'. [ 562.830490][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.836850][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.871320][ T9337] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1502'. [ 563.183145][ T4288] Bluetooth: hci3: ACL packet for unknown connection handle 1211 [ 563.550130][ T9352] tipc: Enabling of bearer rejected, already enabled [ 563.559424][ T9352] netlink: 'syz.3.1505': attribute type 5 has an invalid length. [ 564.447126][ T9375] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1512'. [ 566.137154][ T9371] bridge0: port 2(bridge_slave_1) entered disabled state [ 566.144556][ T9371] bridge0: port 1(bridge_slave_0) entered disabled state [ 566.424404][ T4288] Bluetooth: hci0: ACL packet for unknown connection handle 1211 [ 566.833459][ T9371] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 566.910807][ T9371] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 567.497168][ T9371] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 567.506645][ T9371] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 567.515972][ T9371] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 567.525136][ T9371] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 568.317286][ T9402] loop2: detected capacity change from 0 to 2048 [ 568.448112][ T9402] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 568.683277][ T4288] Bluetooth: hci4: ACL packet for unknown connection handle 1211 [ 568.985241][ T9417] tipc: Enabling of bearer rejected, already enabled [ 568.994317][ T9417] netlink: 'syz.0.1522': attribute type 5 has an invalid length. [ 569.105581][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 569.639388][ T9400] lo speed is unknown, defaulting to 1000 [ 569.684766][ T9436] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1527'. [ 570.038868][ T9443] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1530'. [ 571.126141][ T9446] bridge0: port 2(bridge_slave_1) entered disabled state [ 571.133478][ T9446] bridge0: port 1(bridge_slave_0) entered disabled state [ 571.594210][ T9446] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 571.642671][ T9446] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 571.853093][ T9446] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 571.862405][ T9446] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 571.871781][ T9446] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 571.881037][ T9446] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 572.068555][ T9455] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1532'. [ 572.088308][ T22] lo speed is unknown, defaulting to 1000 [ 572.343902][ T9466] syz_tun: Device is already in use. [ 572.816927][ T9477] tipc: Enabling of bearer rejected, already enabled [ 572.825636][ T9477] netlink: 'syz.4.1539': attribute type 5 has an invalid length. [ 573.171780][ T9485] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1542'. [ 574.245044][ T9499] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1548'. [ 576.901006][ T9527] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1558'. [ 577.168057][ T9529] tipc: Enabling of bearer rejected, already enabled [ 577.177247][ T9529] netlink: 'syz.3.1555': attribute type 5 has an invalid length. [ 577.579489][ T9536] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1560'. [ 578.766327][ T9547] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1565'. [ 579.316677][ T9557] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1569'. [ 580.139905][ T9574] loop2: detected capacity change from 0 to 164 [ 580.437471][ T9576] tipc: Enabling of bearer rejected, already enabled [ 580.446441][ T9576] netlink: 'syz.4.1571': attribute type 5 has an invalid length. [ 580.583481][ T9570] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1573'. [ 581.012587][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 581.170563][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 581.318837][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 581.452765][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 581.583701][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 581.701936][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 581.800754][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 581.846047][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 581.893577][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 581.938703][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 581.956612][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 581.993928][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.001878][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.016283][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.024084][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.037600][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.045430][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.058874][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.066560][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.078582][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.086020][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.097930][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.114662][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.125222][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.139437][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.147110][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.160702][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.168563][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.176053][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.189089][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.197558][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.213900][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.234803][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.244757][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.257292][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.282794][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.294237][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.304645][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.315350][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.327262][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.338257][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.352206][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.361559][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.373692][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.382531][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.394244][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.403224][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.414977][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.423722][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.451727][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.470832][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.490579][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.498001][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.536871][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.553050][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.563373][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.575268][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.584263][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.596694][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.605746][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.620490][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.628082][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.637986][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.652008][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.662021][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.674320][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.684386][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.695512][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.706027][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.717086][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.892778][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.900840][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.908329][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.915761][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.923784][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.931271][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.938834][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.946281][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.953784][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.968144][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 582.977745][ T9600] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1581'. [ 583.008564][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.016042][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.048457][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.067496][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.075495][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.088445][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.099104][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.116033][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.226436][ T9604] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1583'. [ 583.301517][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.319958][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.327576][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.340634][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.348317][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.355761][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.373479][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.383537][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.394666][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.416124][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.450587][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.502303][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.541975][ T7646] hid-generic 0000:0000:0004.000A: unknown main item tag 0x0 [ 583.583451][ T7646] hid-generic 0000:0000:0004.000A: hidraw0: HID v0.03 Device [syz1] on syz0 [ 583.798740][ T9623] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1585'. [ 583.815861][ T9623] netlink: 184 bytes leftover after parsing attributes in process `syz.1.1585'. [ 584.270781][ T9619] fido_id[9619]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 584.369987][ T9629] tipc: Enabling of bearer rejected, already enabled [ 584.378946][ T9629] netlink: 'syz.0.1586': attribute type 5 has an invalid length. [ 585.680433][ T9648] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1594'. [ 586.192798][ T9657] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1597'. [ 586.719660][ T9670] tipc: Enabling of bearer rejected, already enabled [ 586.728674][ T9670] netlink: 'syz.4.1599': attribute type 5 has an invalid length. [ 587.679353][ T26] audit: type=1326 audit(1781576304.578:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.4.1605" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36fc39ce59 code=0x7ffc0000 [ 587.713950][ T26] audit: type=1326 audit(1781576304.578:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.4.1605" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f36fc39ce59 code=0x7ffc0000 [ 587.847795][ T26] audit: type=1326 audit(1781576304.578:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.4.1605" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36fc39ce59 code=0x7ffc0000 [ 587.962930][ T26] audit: type=1326 audit(1781576304.598:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.4.1605" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f36fc39ce59 code=0x7ffc0000 [ 588.095105][ T26] audit: type=1326 audit(1781576304.598:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.4.1605" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36fc39ce59 code=0x7ffc0000 [ 588.158458][ T26] audit: type=1326 audit(1781576304.598:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.4.1605" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f36fc39ce59 code=0x7ffc0000 [ 588.211905][ T26] audit: type=1326 audit(1781576304.598:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.4.1605" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36fc39ce59 code=0x7ffc0000 [ 588.237088][ T26] audit: type=1326 audit(1781576304.598:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.4.1605" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f36fc39ce59 code=0x7ffc0000 [ 588.447665][ T9689] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1608'. [ 588.521798][ T9689] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1608'. [ 589.624844][ T9713] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1615'. [ 589.709742][ T9716] tipc: Enabling of bearer rejected, already enabled [ 589.721068][ T9716] netlink: 'syz.4.1613': attribute type 5 has an invalid length. [ 591.209563][ T9725] loop2: detected capacity change from 0 to 2048 [ 591.362959][ T9725] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 591.659552][ T4288] Bluetooth: hci4: ACL packet for unknown connection handle 1211 [ 591.928904][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 592.004520][ T9752] netlink: 'syz.0.1627': attribute type 6 has an invalid length. [ 592.015110][ T9752] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1627'. [ 593.020272][ T9771] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1631'. [ 593.437762][ T9775] tipc: Enabling of bearer rejected, already enabled [ 593.448965][ T9775] netlink: 'syz.1.1632': attribute type 5 has an invalid length. [ 594.530096][ T4288] Bluetooth: hci2: ACL packet for unknown connection handle 1211 [ 595.667563][ T4288] Bluetooth: hci3: ACL packet for unknown connection handle 1211 [ 596.580923][ T9812] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1644'. [ 596.614677][ T9812] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1644'. [ 597.578654][ T4288] Bluetooth: hci1: ACL packet for unknown connection handle 1211 [ 598.624387][ T9859] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1660'. [ 600.401242][ T4288] Bluetooth: hci1: ACL packet for unknown connection handle 1211 [ 600.763074][ T9887] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1671'. [ 600.879892][ T9891] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1672'. [ 603.339065][ T9928] netlink: 'syz.2.1678': attribute type 4 has an invalid length. [ 604.376674][ T4288] Bluetooth: hci1: ACL packet for unknown connection handle 1211 [ 604.680413][ T9943] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1684'. [ 604.819578][ T9948] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1686'. [ 605.417889][ T9962] netlink: 232 bytes leftover after parsing attributes in process `syz.1.1690'. [ 605.493692][ T9964] fuse: Bad value for 'fd' [ 606.251625][ T4288] Bluetooth: hci0: ACL packet for unknown connection handle 1211 [ 607.063876][ T9983] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1698'. [ 607.241924][ T9983] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1698'. [ 607.871963][ T9994] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1700'. [ 608.943123][ T4288] Bluetooth: hci0: ACL packet for unknown connection handle 1211 [ 609.396611][T10019] loop2: detected capacity change from 0 to 2048 [ 609.477783][T10019] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 609.938600][ T4288] Bluetooth: hci4: ACL packet for unknown connection handle 1211 [ 610.141900][T10034] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1713'. [ 610.513682][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 610.924539][ T4288] Bluetooth: hci1: ACL packet for unknown connection handle 1211 [ 611.818749][T10068] tipc: Enabling of bearer rejected, already enabled [ 611.833685][T10068] netlink: 'syz.1.1722': attribute type 5 has an invalid length. [ 612.195327][T10072] loop2: detected capacity change from 0 to 2048 [ 612.435273][T10072] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 612.464732][T10081] netlink: 'syz.4.1728': attribute type 1 has an invalid length. [ 612.595994][T10081] 8021q: adding VLAN 0 to HW filter on device bond2 [ 612.612375][T10083] bond2: option tlb_dynamic_lb: unable to set because the bond device is up [ 612.982249][ T4288] Bluetooth: hci4: ACL packet for unknown connection handle 1211 [ 613.103846][T10094] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1729'. [ 613.922915][T10105] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1735'. [ 614.003294][T10105] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1735'. [ 614.724107][T10123] tipc: Enabling of bearer rejected, already enabled [ 614.735222][T10123] netlink: 'syz.0.1737': attribute type 5 has an invalid length. [ 615.063476][T10125] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1741'. [ 615.291145][ T4288] Bluetooth: hci1: ACL packet for unknown connection handle 1211 [ 616.096585][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 616.309939][T10142] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1743'. [ 617.056647][T10157] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1750'. [ 617.123526][T10157] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1750'. [ 618.440219][T10171] tipc: Enabling of bearer rejected, already enabled [ 618.451538][T10171] netlink: 'syz.3.1753': attribute type 5 has an invalid length. [ 618.844694][T10172] loop2: detected capacity change from 0 to 256 [ 619.561114][T10189] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 619.570771][T10189] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 619.579736][T10189] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 619.588823][T10189] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 619.645294][T10195] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1763'. [ 619.710513][T10195] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1763'. [ 619.790341][ T4288] Bluetooth: hci3: ACL packet for unknown connection handle 1211 [ 620.246134][T10209] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1767'. [ 621.384500][T10217] tipc: Enabling of bearer rejected, already enabled [ 621.397003][T10217] netlink: 'syz.3.1766': attribute type 5 has an invalid length. [ 622.520488][T10232] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1772'. [ 622.595392][T10234] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1776'. [ 622.635287][T10234] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1776'. [ 622.673864][T10238] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0) [ 623.582719][T10256] fuse: Bad value for 'fd' [ 623.777871][T10263] loop2: detected capacity change from 0 to 256 [ 624.093902][T10270] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1788'. [ 624.270425][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.276830][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.104831][T10274] bridge0: port 2(bridge_slave_1) entered disabled state [ 625.112943][T10274] bridge0: port 1(bridge_slave_0) entered disabled state [ 626.568754][T10274] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 626.664522][T10274] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 628.303565][T10274] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 628.331704][T10274] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 628.347240][T10274] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 628.361882][T10274] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 628.679651][T10309] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1800'. [ 629.132872][T10334] fuse: Bad value for 'fd' [ 629.734183][ T4288] Bluetooth: hci0: ACL packet for unknown connection handle 1211 [ 632.738678][T10371] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1819'. [ 633.304838][T10382] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0) [ 633.423868][T10384] loop2: detected capacity change from 0 to 256 [ 634.751027][T10405] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1832'. [ 636.379161][ T26] audit: type=1326 audit(1781576353.278:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10424 comm="syz.0.1840" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54c679ce59 code=0x7ffc0000 [ 636.420333][ T26] audit: type=1326 audit(1781576353.308:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10424 comm="syz.0.1840" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54c679ce59 code=0x7ffc0000 [ 636.459981][ T26] audit: type=1326 audit(1781576353.308:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10424 comm="syz.0.1840" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f54c679ce59 code=0x7ffc0000 [ 636.494499][ T26] audit: type=1326 audit(1781576353.308:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10424 comm="syz.0.1840" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54c679ce59 code=0x7ffc0000 [ 636.565128][ T26] audit: type=1326 audit(1781576353.308:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10424 comm="syz.0.1840" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54c679ce59 code=0x7ffc0000 [ 636.647260][T10436] fuse: Unknown parameter 'root000000020000040000.se_id' [ 636.698762][ T26] audit: type=1326 audit(1781576353.308:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10424 comm="syz.0.1840" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f54c679ce59 code=0x7ffc0000 [ 636.777822][ T26] audit: type=1326 audit(1781576353.308:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10424 comm="syz.0.1840" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54c679ce59 code=0x7ffc0000 [ 636.869193][ T26] audit: type=1326 audit(1781576353.308:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10424 comm="syz.0.1840" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54c679ce59 code=0x7ffc0000 [ 636.918383][ T5226] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 637.240849][T10447] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1848'. [ 638.212900][ T5226] usb 3-1: Using ep0 maxpacket: 8 [ 638.231863][ T5226] usb 3-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d [ 638.243868][ T5226] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 638.253150][ T5226] usb 3-1: Product: syz [ 638.257370][ T5226] usb 3-1: Manufacturer: syz [ 638.262223][ T5226] usb 3-1: SerialNumber: syz [ 638.275078][ T5226] usb 3-1: config 0 descriptor?? [ 638.307267][ T5226] gspca_main: sonixj-2.14.0 probing 0c45:613e [ 638.714222][ T5226] gspca_sonixj: reg_r err -71 [ 638.728576][ T5226] sonixj: probe of 3-1:0.0 failed with error -71 [ 638.762994][ T5226] usb 3-1: USB disconnect, device number 6 [ 639.589164][T10483] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1862'. [ 641.053850][T10498] mmap: syz.3.1866 (10498) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 641.091977][T10498] ------------[ cut here ]------------ [ 641.098575][T10498] WARNING: CPU: 0 PID: 10498 at include/linux/fs.h:503 hugetlb_split+0x234/0x2a0 [ 641.107891][T10498] Modules linked in: [ 641.111944][T10498] CPU: 0 PID: 10498 Comm: syz.3.1866 Not tainted syzkaller #0 [ 641.119529][T10498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 641.129691][T10498] RIP: 0010:hugetlb_split+0x234/0x2a0 [ 641.135122][T10498] Code: b4 ff 4c 89 f7 48 89 de 4c 89 fa 31 c9 5b 41 5c 41 5d 41 5e 41 5f 5d eb 7d e8 88 9c b4 ff 0f 0b e9 65 fe ff ff e8 7c 9c b4 ff <0f> 0b e9 2d ff ff ff 48 c7 c1 a4 5e 20 8e 80 e1 07 80 c1 03 38 c1 [ 641.154957][T10498] RSP: 0018:ffffc90003de7568 EFLAGS: 00010287 [ 641.161088][T10498] RAX: ffffffff81cddf24 RBX: 0000200000400000 RCX: 0000000000080000 [ 641.169117][T10498] RDX: ffffc9000e33b000 RSI: 0000000000004195 RDI: 0000000000004196 [ 641.177094][T10498] RBP: 0000000000000000 R08: ffff88807ce080ef R09: 1ffff1100f9c101d [ 641.185094][T10498] R10: dffffc0000000000 R11: ffffed100f9c101e R12: ffff8880571f58e0 [ 641.193177][T10498] R13: dffffc0000000000 R14: ffff8880571f5870 R15: ffff88807e8146b8 [ 641.201209][T10498] FS: 00007f00137ea6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 641.210258][T10498] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 641.216878][T10498] CR2: 000000110c2ce2fa CR3: 0000000055959000 CR4: 00000000003506f0 [ 641.224969][T10498] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 641.233050][T10498] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 641.241118][T10498] Call Trace: [ 641.244412][T10498] [ 641.247350][T10498] __vma_adjust+0x4a3/0x1cd0 [ 641.252204][T10498] ? lockdep_init_map_type+0x98/0x8d0 [ 641.257649][T10498] ? lockdep_softirqs_off+0x430/0x430 [ 641.263051][T10498] ? free_zapped_rcu+0x1f0/0x1f0 [ 641.268003][T10498] ? validate_mm+0x2e0/0x2e0 [ 641.272666][T10498] ? hugetlb_vm_op_open+0x334/0x540 [ 641.277881][T10498] __split_vma+0x3a7/0x500 [ 641.282352][T10498] do_mas_align_munmap+0x397/0x12b0 [ 641.287583][T10498] ? do_mas_munmap+0x2b0/0x2b0 [ 641.292388][T10498] ? mtree_range_walk+0x672/0x7b0 [ 641.297573][T10498] ? mas_walk+0x15f/0x180 [ 641.301984][T10498] ? mas_find+0x1e8/0x230 [ 641.306323][T10498] do_mas_munmap+0x240/0x2b0 [ 641.310981][T10498] mmap_region+0x6e0/0x1ca0 [ 641.315499][T10498] ? pud_huge+0x40/0x40 [ 641.319716][T10498] ? file_mmap_ok+0x170/0x170 [ 641.324403][T10498] ? validate_mm+0x23f/0x2e0 [ 641.329072][T10498] ? cap_mmap_addr+0x165/0x2e0 [ 641.333919][T10498] ? file_mmap_ok+0x11c/0x170 [ 641.338671][T10498] do_mmap+0x964/0xfd0 [ 641.342759][T10498] ? aa_path_link+0x880/0x880 [ 641.347513][T10498] ? mlock_future_check+0x100/0x100 [ 641.352771][T10498] ? ima_file_free+0x3e0/0x3e0 [ 641.357568][T10498] ? common_file_perm+0x171/0x1c0 [ 641.362621][T10498] ? bpf_lsm_mmap_file+0x5/0x10 [ 641.367533][T10498] __se_sys_remap_file_pages+0x5b9/0x7b0 [ 641.373226][T10498] ? __x64_sys_remap_file_pages+0xc0/0xc0 [ 641.378967][T10498] ? lock_chain_count+0x20/0x20 [ 641.383828][T10498] ? lockdep_hardirqs_on+0x94/0x140 [ 641.389082][T10498] ? __x64_sys_remap_file_pages+0x1c/0xc0 [ 641.394817][T10498] do_syscall_64+0x4c/0xa0 [ 641.399258][T10498] ? clear_bhb_loop+0x60/0xb0 [ 641.403997][T10498] ? clear_bhb_loop+0x60/0xb0 [ 641.408771][T10498] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 641.414724][T10498] RIP: 0033:0x7f001299ce59 [ 641.419183][T10498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 641.438856][T10498] RSP: 002b:00007f00137ea028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8 [ 641.447279][T10498] RAX: ffffffffffffffda RBX: 00007f0012c15fa0 RCX: 00007f001299ce59 [ 641.455290][T10498] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000800000 [ 641.463351][T10498] RBP: 00007f0012a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 641.471403][T10498] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000 [ 641.479588][T10498] R13: 00007f0012c16038 R14: 00007f0012c15fa0 R15: 00007fff91951348 [ 641.487579][T10498] [ 641.490644][T10498] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 641.497930][T10498] CPU: 0 PID: 10498 Comm: syz.3.1866 Not tainted syzkaller #0 [ 641.505396][T10498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 641.515486][T10498] Call Trace: [ 641.518771][T10498] [ 641.521702][T10498] dump_stack_lvl+0x188/0x24e [ 641.526383][T10498] ? memcpy+0x3c/0x60 [ 641.530480][T10498] ? show_regs_print_info+0x12/0x12 [ 641.535703][T10498] ? load_image+0x400/0x400 [ 641.540253][T10498] panic+0x2e5/0x730 [ 641.544164][T10498] ? bpf_jit_dump+0xd0/0xd0 [ 641.548703][T10498] __warn+0x2f8/0x4f0 [ 641.552686][T10498] ? hugetlb_split+0x234/0x2a0 [ 641.557460][T10498] ? hugetlb_split+0x234/0x2a0 [ 641.562229][T10498] report_bug+0x2ba/0x4f0 [ 641.566561][T10498] ? hugetlb_split+0x234/0x2a0 [ 641.571350][T10498] handle_bug+0x3a/0x70 [ 641.575510][T10498] exc_invalid_op+0x16/0x40 [ 641.580014][T10498] asm_exc_invalid_op+0x16/0x20 [ 641.584867][T10498] RIP: 0010:hugetlb_split+0x234/0x2a0 [ 641.590238][T10498] Code: b4 ff 4c 89 f7 48 89 de 4c 89 fa 31 c9 5b 41 5c 41 5d 41 5e 41 5f 5d eb 7d e8 88 9c b4 ff 0f 0b e9 65 fe ff ff e8 7c 9c b4 ff <0f> 0b e9 2d ff ff ff 48 c7 c1 a4 5e 20 8e 80 e1 07 80 c1 03 38 c1 [ 641.609841][T10498] RSP: 0018:ffffc90003de7568 EFLAGS: 00010287 [ 641.615918][T10498] RAX: ffffffff81cddf24 RBX: 0000200000400000 RCX: 0000000000080000 [ 641.623908][T10498] RDX: ffffc9000e33b000 RSI: 0000000000004195 RDI: 0000000000004196 [ 641.631884][T10498] RBP: 0000000000000000 R08: ffff88807ce080ef R09: 1ffff1100f9c101d [ 641.639858][T10498] R10: dffffc0000000000 R11: ffffed100f9c101e R12: ffff8880571f58e0 [ 641.647829][T10498] R13: dffffc0000000000 R14: ffff8880571f5870 R15: ffff88807e8146b8 [ 641.655810][T10498] ? hugetlb_split+0x234/0x2a0 [ 641.660586][T10498] ? hugetlb_split+0x234/0x2a0 [ 641.665356][T10498] __vma_adjust+0x4a3/0x1cd0 [ 641.669961][T10498] ? lockdep_init_map_type+0x98/0x8d0 [ 641.675345][T10498] ? lockdep_softirqs_off+0x430/0x430 [ 641.680732][T10498] ? free_zapped_rcu+0x1f0/0x1f0 [ 641.685676][T10498] ? validate_mm+0x2e0/0x2e0 [ 641.690284][T10498] ? hugetlb_vm_op_open+0x334/0x540 [ 641.695499][T10498] __split_vma+0x3a7/0x500 [ 641.699927][T10498] do_mas_align_munmap+0x397/0x12b0 [ 641.705136][T10498] ? do_mas_munmap+0x2b0/0x2b0 [ 641.709915][T10498] ? mtree_range_walk+0x672/0x7b0 [ 641.714969][T10498] ? mas_walk+0x15f/0x180 [ 641.719316][T10498] ? mas_find+0x1e8/0x230 [ 641.723684][T10498] do_mas_munmap+0x240/0x2b0 [ 641.728297][T10498] mmap_region+0x6e0/0x1ca0 [ 641.732829][T10498] ? pud_huge+0x40/0x40 [ 641.736995][T10498] ? file_mmap_ok+0x170/0x170 [ 641.741687][T10498] ? validate_mm+0x23f/0x2e0 [ 641.746283][T10498] ? cap_mmap_addr+0x165/0x2e0 [ 641.751160][T10498] ? file_mmap_ok+0x11c/0x170 [ 641.755870][T10498] do_mmap+0x964/0xfd0 [ 641.759962][T10498] ? aa_path_link+0x880/0x880 [ 641.764659][T10498] ? mlock_future_check+0x100/0x100 [ 641.769873][T10498] ? ima_file_free+0x3e0/0x3e0 [ 641.774659][T10498] ? common_file_perm+0x171/0x1c0 [ 641.779693][T10498] ? bpf_lsm_mmap_file+0x5/0x10 [ 641.784574][T10498] __se_sys_remap_file_pages+0x5b9/0x7b0 [ 641.790246][T10498] ? __x64_sys_remap_file_pages+0xc0/0xc0 [ 641.796009][T10498] ? lock_chain_count+0x20/0x20 [ 641.800892][T10498] ? lockdep_hardirqs_on+0x94/0x140 [ 641.806089][T10498] ? __x64_sys_remap_file_pages+0x1c/0xc0 [ 641.811815][T10498] do_syscall_64+0x4c/0xa0 [ 641.816250][T10498] ? clear_bhb_loop+0x60/0xb0 [ 641.820941][T10498] ? clear_bhb_loop+0x60/0xb0 [ 641.825625][T10498] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 641.831566][T10498] RIP: 0033:0x7f001299ce59 [ 641.835990][T10498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 641.855604][T10498] RSP: 002b:00007f00137ea028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8 [ 641.864022][T10498] RAX: ffffffffffffffda RBX: 00007f0012c15fa0 RCX: 00007f001299ce59 [ 641.871997][T10498] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000800000 [ 641.879967][T10498] RBP: 00007f0012a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 641.887937][T10498] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000 [ 641.895908][T10498] R13: 00007f0012c16038 R14: 00007f0012c15fa0 R15: 00007fff91951348 [ 641.903891][T10498] [ 641.907508][T10498] Kernel Offset: disabled [ 641.912022][T10498] Rebooting in 86400 seconds..