last executing test programs: 1.343900864s ago: executing program 2 (id=1580): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) connect$netlink(r0, &(0x7f0000000000)=@unspec, 0xc) sendto$inet(r0, 0x0, 0x0, 0x20044800, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10) 679.557931ms ago: executing program 4 (id=1595): mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10) utimes(&(0x7f0000000040)='./file0\x00', 0x0) 647.842005ms ago: executing program 3 (id=1596): openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) recvmmsg(0xffffffffffffffff, &(0x7f0000005280)=[{{0x0, 0x0, &(0x7f0000005180)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000100)=""/121, 0x79}], 0x6}}], 0x1, 0x0, 0x0) setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000300)=0x1, 0x4) sendmmsg$sock(r0, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0) 607.85836ms ago: executing program 3 (id=1597): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10) r1 = io_uring_setup(0x5bec, &(0x7f0000000040)) io_uring_register$IORING_REGISTER_FILES(r1, 0x12, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 588.346182ms ago: executing program 4 (id=1598): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000400)={0x40001, 0x0, [0x1, 0x7f, 0xde, 0xe68, 0x49bab7fb, 0x1, 0x4, 0x2]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 531.861338ms ago: executing program 3 (id=1599): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) io_uring_setup(0x3c27, &(0x7f0000000280)={0x0, 0x0, 0x40, 0x0, 0x2}) io_uring_register$IORING_REGISTER_RING_FDS(r2, 0x14, &(0x7f0000001180), 0x2) 531.271839ms ago: executing program 0 (id=1600): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) inotify_init1(0x0) 524.210719ms ago: executing program 2 (id=1601): r0 = socket(0x1d, 0x2, 0x6) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file1\x00', 0x810801, &(0x7f0000000140)=ANY=[], 0x4, 0x208, &(0x7f0000000640)="$eJzslb9rFEEUx78zu7e5BAlYaGFzFgEjmL3dPZU0FrEXhETU8jBjiE5y4XJFEhASbGysxX/EIpWFnVbWFioIFqa0EhyZ2dnb2dzuHcv5o/B9IJPvzOybee/tu7cgCOK/5fOn7x+f31xeuwLgDBYwY9e/evkz3Hn+w0uvYeWb7fknx6fPYwCUyuf+hPsDAK9XPOAwPVYp1xpYsGeugRutuQOOy1bfBUOY+apyawGG+3b50Y4aRtObtUIK9qAn1x9uShHpIdZDoocOoAr+nxwxrANo2iuY49/u/sHjrgT6qZAiEw2V3TOyVVeMy5/xb4XjhpMC/b7uPXt6pOehXY+c/MXgiK3ugGHV6mXMIAzDlp2K2In/gp+f76WvLeWwTiTN6RJRV5xdKtnSFT7efFYKHe1vc+On+iMBBoUS/HtZLRPaj/pWvDVqFUw4R0zvMzu9wtySOH9y/HbU6ss/Te90wjQuAO7WC1027+ekvFVqda6wcrHiJ5NVYGVJpP2D+cAlpz/5zlehPdjaae/uHyxtbnU3xIbYTpLO9ehqFF1L2qY3p+OY/tc0/WnOOb9R8WzAAux1B4N+vAcM+vFwnqSj03FXX/W+GRtu+h/H4g+lss+LCTv7ULLiHcz+cfNfq0Wv0nmCIAiCIAiCIAiCIAiCIIhatMDwbn44VeX4yW2z/SsAAP//mv9ajg==") r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fadvise64(r1, 0xfc0f, 0xff39, 0x3) close_range(r0, 0xffffffffffffffff, 0x0) 518.22447ms ago: executing program 0 (id=1602): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000280)) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000e006"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x102) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYRES8]) 473.769165ms ago: executing program 3 (id=1604): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="7400000068000100000000000000000000000000000000000800010001"], 0x74}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f00000002c0)={{0x3, 0x0, 0x466, {0x4000, 0x100000}}, "d07ee5119f24d8e92e747ec3a090b90198617aade50db3a64a7210b252333cd7fb9cf973e7bb133318846996e7ffdbc176dc92e76071bac70d6c8dedbda71b1991ab0b6342d47be5f27d5f5dfb9f25d4c965a7457ae14426dc522365669341a952fbbac24995d81b5592495e4c17af8d6c00b4ae4a1f6e0788665516efe16789eed626588c2f82e8b4477ba41f53a426cf2f5658a972f020ff941b2a107af14a3f299f80106b53ef9141e3dde2e7a3720b18a8034f7c6835a8d0d937993ef940f9d1fbf6b5ee2925b46db03cd37dd0cd777da3451c9a52208d952392309323b7dab29d6ee64cdd26eb1e95146d511efd53c8a623e234cdd82fd8d79bfe2803e7f0a13075f12a3d19b17e5c38866256dd5724a3c8713c4c16c497201f90765ccef6521ce4b5bc7d8e50bc6bf45d3e86f95e8dbc905f61f6f542b9771617eb6d2fbcfc529f598d8f071218d6b69708d1ec465f59a48611252de75b296ef6e1bad3342648dca701631153dfb0a1c226840b17276048036b856ee38dedc1d1bfbc3cb49741a70e5d839f6e135a939c6905b695dc30450f1c12e6a8b65736c06df87d5e141db253978276eda9c2d0a11d430329e92927b392654a262963c9fb47c53ad66a61a7d68bf245b38502952fc4f73f863d9e356e997a3b75ba9409e08e37de9af809524c1308a2981a2db704f783b35354e948c5d49b7538e5f11abdab4d4df1fa2a1ac26a1088d4d6595d9a189208e4c561c564547e5c968201bbb47a45b89eb1f1600bcc2d483c86ed623bca939f669a5b267e7ea9cdf4c4fe2db921cce399bc65dbc27b57d6dd9c2e8f46b3451b38310230e2690f22edfff935298ce8ef941c8cf8c95ffa53a1651fc9feafe35234afd42de95aa8ad84639202d4fefe7fa7119a4703169f9ef24c24d4c0ac803219467fa118c825910cfb01173bb8839662a03f72198a010563071452d5e641c2e20659979497be5ec9110f2864e3c796fee3ab72bd8baebadc6f87b0e0aad5313a8a19abc645937aac099bf177974ee615ac962a65f0812f82f15fb35d85b5070df150b2c43d330737b4453d31f542c3dcf3d5fab418c32db71cc3d401601e586699fd79962aa0b858ad0ef29b94588cd9dfbc17b48d7932ca46bfd4398548bd3541f70dfb5eedbade60181ef65f826e52030841725ba595ec89d86c7fd81e1fab40e0470f8f5386afb4372cb7499b35bd68a7f35b2082c1a04a388097806a3f1438e5fe351575bfebc185b0405b7ddaa450938ae966e9f86af057f0405bf85d0d64a1f9a9fa0ce1576a633bc02edb3d2f6ce6d92fa8cf37a9e2b298200da4c9f6bb45c6833eb7e8618c750a348fb976e82ae20099f7a9113e79b3d24ee9efdfbd5f2cafde42f99148ca31586f9de789c97c3227094ae4018e069d385b7c4ee3c245f1a54778d629e5d92720205502141b2aa4a34a46b321b1f984e65b75f96bac061a888d1963e9561be5be1cc79af5c3c841d4058970543e5a433eb693d3dec978142ab02fc9efec5f4f9f627163e3b63f934320030085d50b171c167912d5c33c4ccd150ed1dd7adea49517cc261019d55aa3b22017275d0812d2444a527ffb1e2e0b48d97c1844a105ecfadd3808f10599f0cb625eb245d924c17ad4fbe474ff7711099334ddbc681e11110d3e91197240637500d0e97e85f9a9ef0549146f329dc8423fcabc36a317dc2508fc39e683b40f257e92594e805674b918e1ed25bd58cb5b41a52e75d07c88d04c6997f058a72fc57de1ecde6c9ff204f0cf00d0481e4bf02edbf0fd8f1ed9f0de13b08402b80a30497d3930fa2cfc066217e51a75c2383b08a57d32c122e9ca230bf74f5879d7133bd34059decbc669f1f8d57fdc73081998041c5eda4cbbd5047ae98b60a3791b315f4be04c12ac25187870d407f15881530b383a1a494812583cefc9983600e6d93b88f93db3a6f636248caa174ff0ce53d970d56cfaad669cd62c5eb735e299c20c475f03753f71429b6e4ae813944eb81d3c125df81a20fc424de77d40ea6dae28216794d59de9302ce9d1fab950f3c887809eb5b2b1f38b3a067d1626f8e8c5016a066f23af5c90471171cb81ea259b3d7d1bd33096d037f2863eb8474231443a0f1eccc1bce3c8a976fc91525029d25f395641a75f20e02dff6cb6224ef3bf6585d3af283ee695a80a6ccac93c48e732dec6a604618cbfd80010fc765b30e51ae3f6e59370d2b903c9577b07581a0dcd1b0a8a363a63507ac252b2037c52fe9a9222fc13a83723e83c2f7c05eaf2f15b4525076c3301272c949b78aa3b9e3575bd32be00a5bd0bc3e9f6e320c41a4ac392a4dffccf6d912be754ebeb54793ea717cb19aab1413a7ba0a473e2e51262b1f9a6aea3d8b0d52551addd2c33984f3ef2482a7a0e9432d20589344b56f93f8ca2ff0b2aec6a0f4046be2c9d6c700bf0e588b088f6fc450a3525ab216ed165de460c0c5b1d8c959938170abc4c4d834d82573f94ab6acb1b6785b6ca50d56621f6783dded3c9215ac3e83cf5c751fabcddbe50eb976469f49c31097f648dbd7c9c28eb8b4e47e3cf8e8d21d9eebadb41805e1c1abd7a6eadfdbd68c7d19dd5148fb4736d64bd3c51f321ffaacdd5fcfaac88a97d3b2a33514a0b71fdf4ab2def972240d504874bd46c3fe78735346f2b8b3f52047295190d46095eb1e64443b2a77e54a8cbc9c903134170bb34ffed8a1d706fa665c06667abc4c8f305ed7d5a06f118d47fb6bb24070047edfd1771ad9245b85bc9f12846fa589f36ad87a387780c91738d66d0229c9dc035322f34c885e0b2b120228e9cea5d0d1d6bbf497bc551835eee93d37269ed5b8ebb30ddac3d4a824ccd5f2803e3212a9e0a056abf60e04f5ab4a8ac1903e5c6a038fefe87898b4ddac703f60a2cbea28ce890d87a5b937002de229f7071b35702682a8e28830b4b9be8de8ff4405a0e0bfe89f7585c548fb2ebf56df4ecb604abf916d7e5335b752f512c67b24d85744fd4a0353550ed2f089d1b5832be012dbff0b310b2c2474b7fbb992f5540360823d01d664df13143b391326e191d427fbae2cc5e27a98d12c57b85cc925a8e49c8d642cd0995a8a6a90ab63b28b95dc844450487107d0205c00ba39ef853840632dfef72b6d39ab1ec5df11dbce27303dbd4e2fc61ba370d3731982aba197fbe854f7cf3c76c65dc821fb14d76f0d5496296a9676147dffb35a0290f7416dcd041a01de2d652eced5bfca38579b0c14d5d3759445c078a5b5deee77ab1a338301c99788ba18795b63a45d7433cc9585b0ffcf380bd030c1b67fe242dd4961dd4c5d4ce09d535906768277d78c80b4a165b5882d77ab09ce93a1cb611d479a38155815f38ce5d703a48f972862b9b8a7a3ba0ce5c12f4a1d9c76d0710f563c880924dae30addaaed399c69e69bee2610ff7ddab5fe7ac0e4c012effe06bd6860a5157b8e0eddb1cfb7683b7d6c0b45a39169ed23c79913f25e2d43e0786342b5abcf073f31f33bed7094857770a383a0b3b664e1afef5259e238276fe64c64024ea1f1894a4df0ee0d801fa9c3dfc893bf3853d061037db0c41438518f93ab9c94f5014046d5360b37beb5c4d16745ecacd5812cb741b0b48b74c25e980d250f7fbe5dbe1bd6999fde8c4bf0a164f636d624cce4010813947d65cd4732d9ad775c6ce466f460e866b0afad19696c2f1ab90f6b17a471fb7dc35c84f805ce935e92160c341375afff69ee2c9cf15b93f43b9547fe7c159ab4b024cf07db3e93d1662cc7948b8a564a3b8ea0c7882a8bbcae9bddcd7b4b92549bb785593a919f06d0e80d504bb3c3bc038f79bf4cd22db3104672f9d1349514c4ca2eb69244528a90db6d3078d67c147c2fd2d70c68861ea4b700125b6677f3e93a377acb840415edc59cc9c0c3039d93056f08f1ba745fb07b67d403e31f2d35b5dcd8cf7cb4552113552469cb8de8516f77eaed25602fe0f53d825826f5820bf1e8954a09a7b90aabdcbc89e0ecdf8a6a869e2ccf3d52bccdde13c9bf476d12e81ee7a23960ee8bcdf3f96ad765ebc6688aa4a6403e33a0c7035a7b6250abc0b330945ad7393324cadd988cd340d12d9d84ec9311d3693207ba42048c2b55ce5865d7b724dea5cdd31df206e5610e590d98f2d460b454d13554c364cc4c1cca2dc17e10ea07d819eb7c6b10c44218e7139f11d9ef3304cc590574fb4582575ddee08706e70a331b2649ffdfb84839a46be291605aebf644adb13e6fb2e4089b5c90e22d48e08f438faa0ae00653a1904310c368e1950383c87b8b4481a7d3a072f365c66a1b19753bf966b1b5a2c685713348e4051055bf0e471cbd8dbdec05a54ff05e2fdb1bfee8247f759404761681696948ddba6b7f7f9d8c9bec4adf17b1ca6cea80c18bf4ae572861caad54fd2291d2c76add2016df9e54fcd89839fffeca1a3851dcd328a2174a3fb16d985a7678120ba0b3e618b5e794ea4d97cc45fffc2ce9b81153178fb5c6289e2c09d21a59074cbd6ba4da8ac72f0a2a89de742644dbdc71d800b1b5ac49345d330cbc77373ada4004b0d7750320dd0c4215657c1ba4d07d4dd51ac89d28faab34fc458a6be1d2aaeb45d85324b6157a7cf85e6373bdc0043c42230c324cb8c60d2f873c14291ca9059f2b114d1546826aff6915ac5b54f7f875fb8128c74f084dbb531a323037f42d3b6fe825daab46da7790b427d58d368fa1212c4ebfe339a23a0be87c5c58d44e8fc2fefa7fe5ed87eda05e0c24ed5ce3a8210c495e4faf79ddd476cacc275ee081f75c825b0b70e7e31ada0b514f8bbffe436c0408208ac0f99977d9a74fa881cdc866246f612533798a431bc22ba359ce81e5727185d71d1226cc9e18ec171ace20f5a37f856ffb3ee1e0f1fb40bd9bf772ce7421f670064046fedafb2c1ab578d7c51027bb94f8f3bffd0b92021373298bb51d9ff42ddd6fb2fa58aeb6b3e67fdcc51a91b515f10344ab522306b140a918e6453bab7678c605f756482e84690d8777df970904d2d74d58aa250314711f7a978c6de9989b4202f837863a97fcb4def106141cd16fab9a4391391742273861a9e80582e3807ed373558820793cc45ee25abe72d7324d86accaa9a54963821f7cf9da86499f1830c111751682506770ac978deff7731a50d7ec9136427855bdf0c33410be477d544e12ef665fd17f0c8a78c195de76c69ee97837d72ab470a5ece59a0375ab5a0ae3ac549fe60ed93e1f621e5dc0a624d3f13978a9bd930f7c781e053a22c4f85173c3b9562ddda2d70123710a9eaa063f0119134cf8edee2aef0f4fd9292d536a380f0742c5f98bef7349f7ed9bea135faf173266d8170e0f829b332fd11fd31dadb2aed072662b23e0154f562554ecfc4ac332ca06951ac323c103f43c019f4e8483846507d548948db8696a2bbdf0be2e9d07f3886d178d6c19f0cf51cda525f62573d3f287ff8b865ffd8fffebeed24731259c5cbb5fd0812f03748ff6c9799ac5e742bad88ea35c82405ce138f83ded1c767d1ef84be89973d6862db2d63493181485537dd84de3cb7e8aeb35d8217c23a025f600f29b5b4a6bfb480882bf1b45d10c25ba876f906cdb878b635ba8171899a1738e3fe5776db1bdd7ae8aab9ecd50c78a3f9a6bfed329862205dfc26cd50345062c111edb19440bcb88338e18b858cbdec6a6444f5e70751ca2a7a6860a2abaac847b6151e4cfcf0abe10efedb8035971a637f3a30210a32b0001c41f99035c6c79d8e9a8121bbf5c759bebd735ef4d7f8", "34b8c98fd3fc18c4a168597e83150fda21dbc87378b70eb16dd53cbd9f849dca7fdcf16b055124088293c2524ab90e5d0b20b7408c5e1d6389f5fa9f56a42c7a02838185757341223cfd8fbc3ca53162fba6be8f8334bf06563570e79c3c74cfead80b7e5c94d19d5cc2f56ac8bdf7225e94e520b5a095b8704441952ca5fd4e609bd333d858f3f89b4fb1a6fb7c9f4697ae31526a3942cb98c3f1c01dafedc7cf55db920e20f52882003933fefed8b3f22e3e7cd9f6a2de54c4b631675289b97acaf127292172cf6409f83704f6c9339e951f62066bd9b52daaa10c975c28ad3603290753f8212195651b0fc8122b011b84c437813618587d8ef213a1f40ea1d191caa5952b49d04fa82e82b5daa5bef2324b5b65099f99b51695b916410c447a9fb48715aeb100249343bd2e807dc77eb1da0369372bff326f9ae8b4fcf80fb100820c8f5c22ca96b59664f102d6698a41c7419e695b8a5b834e0c11c5ed0de892497a6e8f16a9d7d66df7b81513366ff6cd2758aff433f49a021eeac1765d223794e3dfa2c509cac90a0d4a29ad103f97e4d29f6ff2a056107a5e2ee5b2686b9d7c45e1ee1814920094e145dc38840538b7b6c0726927aaca55711083dd146adadcf1da5c0d64185623164191083e5f397e72af5413272c75cb53e07bf0cf00570ed597c1ed4b3ec8c1d9ef95b39f8851e0a4effdb10ef6a2debf086fd11834b3e6e5947d5ce6a9b1df54d4b2e2bf36124e8229ce0cd456db651aed1a1e9aa6fa831686df71003c61c05d00cd572a9176905f6823ad8d81592b5e20adbaade888e38a038679258f68366186439779316df64a654e1996288a8c8e5abfff0b2254d09a3db72efdf3b401d12221a00fe8b006c1317d40837f13940d7b56df92126062d3787db776c6b7ec4cd7f81e827dd9772042fd054ffec56960b176a3b094c11d5946e1922f9de5cdb7036048ae0f2a2c0079a1f46f4903e7311eb9ac235d10b7144b910fc5e9a0351e2f08a53ba950fb91926f147da95aeb50bb3fe068d9336c56caa34daf77dd1bc6cf80c2887d32a9780fda8d850e3088df89dd5d83f463e4efc4e525330e30d5ddbee122c446722fc0db375cb1aa5fe247a75e6b5c8a283a78a49c9d71dd4e136a11b64dbc30c55c898160949faadd6d58b9297a8d2eba7de3578a4443f39c68f3704cafd632adbf65c11cdff6b4827bd75694e4680bfb138c75af1e693f570c4168007ef23d6db035a4dd51e413886e18132e661aaf9d371b70e27e6517c2d1c28df81d5d43ed64cc0aa47deae661a0a049d008d08300e5077d64c79b0494295b6288e02ef25b02bcc3a16bedb3ebf2df7df16e304058a49b8f8f4acc46b7fa9f4631ef1b1a2a370fc440c4035fecbe1fdfa565c8733d34db345878de47b3673579694f1f00be050cc6bd43a3c0f13c4aac81e92d25fa778b6627ee2085a212cebcc26262bbac1aa4612d0ccffe64a1e6609bf58d9e2264091ce89b7407ce7523d8af9ccb96089aeacdb8c3cae6a9a1f3e601854e133e9bf34b6eabd3686cb75dee6dc902df0f5f6de008993be5d15c71634164e389189254e31d0288a893d64f8a39531a7b597e3d5a82837444a472f95b869a24ecc183371516dd8d45d4e56fe56a59f7913ffca03f1d70ffbe4221f27048a606e62777685383c90d521cc226e3e049393e794a4b5597fbf0269023841a62940283c3f64073f19e5ea2b4bd14001d0057e1461ad618cf13c9e0dac576f625c3027c7dfdb08c7bb78abb4c399618fe28e2a1eb5e76d83aa777a4b11419ac1d19e4e01d174bed59ece0898da93fabf430f85852faf02c5b9738236dd3318768e5bf7272c1663571f3f66f3383d1ee06d79fde9ab4f679306644cff31e3163b81876fe025f658d1a673aa802707074a8890280bdb7aacdd8f4b904f04b403a4bf0bd66c4ff2353053ca76cbbaf1a528505aa56b8d86e8b3fcfade88ada7eaef596dd42b5d123daf8f461c2570f83afa943cbea484b0597aab5886bb32c9f995ff788b20f22532b8461639b2736913e201fd8b3a68d3984327a7d8fcdf319bbc84954355206c0fa73003a4732d28b849855d27033f99a1dc4d6b2e610cdd0436738b0f418628bb996352a8cb19d536e138207f0e04a08550a659deb5cec826621ceabe287f2dbdb9fd6ab0ccd0c77a28d4c0c40e3d9dbed58469fcc7b6c263119247051fced89807628ddf01e0c1962778400e9aa8285a6fa7453e32e53627653ce4adc1375e94ff20fadf83629989bb2d81834040e2622d0bd272ce44c1cf25dd6affdf7481ed2bcf87a5c17bf08029dadac6a8069615160d53a0c0da10fb54813a4cdbac2f55727b4d77b5daeb32e4ac12ce6dd9f9fdb9dc2db0b634bf58435f7570a863c9673427e1ef422111a0c6261d798117d025cc4bf4734f79999d3a203a8f146fa705787bb2211661c7d530ee3c4aeb48f60427ee744dfba2c2e121fbd4193f46a0eb1fb521b86cc80b23a9c5ec9f0f0b9a1a92996f46dada30e9c141a682f67489d8c1e17b7b9ae82d063b05b0c242dd24772d78ffc3c2f5227da3790cfcf36234dcc8cb7e854898f6d43327006b76cd30659934008b8b594033f267a007ee75b0f005d8430a01cc46c619e366f353b8a4d23f66ab35e0c50d6b5b597b9364c50fc7f0fb146b5d524f81022562e01f7e8747a6af41be730484771e85c201f2be69fd24557456d8fdf90158ce7f13f81b13c25bd6c83ca998f116b46c1c02f46422cb943d86bdd7bd4bf9e0e377714c2310a6e68fc830f40624c65fd20c89c9734d008996c2b02e412eb1fd94d5a61cab586af2634a3adebe4cb73e9ec267a80d7695936dfa99cee3ddcd755eaa88adef901b96783bdcfb26c1912322510d81244e4250a8c321ba33fe22ebbeccd0ebca1cdcf069ca684adc83e99ac05915e2aedccba7211d72f0fbbd6c02f090002c8d14111a33e9ef92259d2d47be2641e19f78c9d8ebdcdba56090216c22e6ae1c8efb01966fb708c8c9f2a8d2f4a18f6271765edf9a276816b84f36302c1d79c0f283d55c6ae7dc222fc55113593a72bef8168eba347e43af44aabbef5e945cba1b08d9947983a73c1f255e4e3d7c405b46a012e356b64baf4322ac4435ef6c43e6d64fd776b054f2a97c61c75bd346f5ce003c666e2589bce4865e913a98a4805f98631ded37839a4f3c734337d1a1523bf0cae64fdb0015c9f12163516d303191fb3071c11eb0de7e4c211cfadf52ec6756d44378578dfe0cd787b7409bd225515a0a8e551c12ab43d12843263dd14092cf8548a29ad0ca12b1b4d7c71b345ee8b2f4aa2b7f0915b3dcdf67d709df46dd6833c64bec46b79d4946f3345d255d8bba0b533822b7b5e64a517302a5dd229657ccf301eb41f0f5d02dae93c6e46c96f893c7df6dfa6d3925e2af3d1900ebf5cf5c90cae0307518f3f87823b4a13fef6dbfc2cabff9acef789d239f5672d27b1b1eb1e783856372d53f41a530cff8f028ef798e8ca710bcae7df5cfc9443143aed73aebe20db7422a7e972a4bf2c58d15b6ebb82ca88e315b94d4534c8b62fa5cbcb88234108183508541b25bc9cc760e5ca1ae7c849906e0a58d7f5461a4546d9f7e087ef66e1a783d04947c2b75fd1e3d540ba94b8422c33759b3ca65557261e39141154a53ca05decd28cc4a8ca90dc1f892ed699f16c9f0539a2eb341d57e4662a4c53dfcf371523e126fa7bed6f8feac0218e77d792e7c694441de599bce1aa42669eceba40936004fe391974f634826bd7a362e74df6afe07a9a99339529fc4e5425ee61aa528d33f4d458e0016e9807aba825602464bb6ae75a640a8b9469baf96655a3d10e4b00a4d72f1dd7cb18e68f04c5f562bb833f334a3416f5ef889a0f6935f5fe2eeaa03499a46b5290b3222c8042d7c934dd7c1acfafadc1bcfeb5a0bcbed28fd3ae368b006a67bd3f1364c29702fb6e19ec2be02a7107c88e1a367ea2bd7bbb334db7ceb98487aa445062e6d719fda8c4f88e7eb71e98639849b899556200a715471f2685ab4edd57fd0d8d4bf89803d49069eca1e867d63e411c392f32380482d41b0da60554d15f007815593bc49149e5d0d654c1f05bb3c76f38016e45500d5bd0526673fb3a65c6fc0390530ccdc4c5c4e21343466c4bbfac19e3458e029a722093c0882463e0cbb33fe6802c2ea0d0fdd0e8412f633dd356cc1621faf59398003d3c321faa40c8ece574c4ba48e83e765e77009499a7fb369bae1423f73da4bfad7913a3a0316c7e79b53dc8532821bb31435901601c9d622533d1d21751b618c62dcea588bde9aab53a8ab65c620da49db8271c18a85d8b9d18cf304e63333f38dfb97495bf270300efad87639b8f4a4c11cebf751ef20e82c14b3ca591369c4daa0ff0f3d154cc82223977b9f55b7be8dcb4511aa8df204f96642ea158f0b5268968484ca15828e582c0a1435c5aca6128ec4c2dc83f88687b3be24862922c928db492d430f48203f0439b78c5a99776a7bd991a747ad850a9ccf46ab99751898addd4238bd4ee82b2d5b12d07d4150cc8dee009c90a18071fb6b8425281f6f84cd6b1bf4efef5e543eeb4e1bb28dc1e23d5ef0155832e8bb42f044da9ed3db077ebf7c91c13d2dafd956219a71d1f5947aca9cd9d80c1a36717e71ae15c168f89235a70f824480a4b94f536d2bc9d722b385939f277e2100bdd5cc4a762b27bcdd5ffe7318eed90630e32ebd2a3668a6cf6ae641d5a366d36e5abb54d3bc3e3f17d214f28401f8ec5991570820d516cfd58d0adf287f48841f5c94b682be67c524372902e0da2b85191d3478e83d0e0989030d766d7d7caa2fe7cd490142884e6af96907d2b265f8279e4a640f010e3b125172b1ee88dd865f0eab0c0e5cf1c22f69bf1178108244942d0c9fb2384f372f1b41264a80d1eb5ebd9340223e2bb111caf400a421f7142e347012722574bb93d316586bd36f653883ec13c8b7a43911f0f55c75186bedfc0fdc9126ecf50f3be574389c82cb61f8c98fd8cc7b1e0e26c0f899851bfa823934687ebdf2dfed1b98798434ff05f2c458989ced3fadaa54ae39a01df5c57d5c62645031dc0297c616ea6e268299ba486066f909150e09d0f97e0d19bd3ecaaff39d4d7096c063df2dd3dec8b66526097b067279bd47f3ba2e08d969d3d2e13f7512b590cc99ea36f5c1aeeb9aaba8782e0377acebbb0990d26f0ff6ad8c6782a621763db613a52a525b4838baee7aabe1e75dddd3ebaf3a119e97fea6bb012ddaae00c3ccdacd1731144d138d09e8877e328b9b14a0d5cbb3e566b8c8e90de562e368fcd840aa75e4a788092aa9bad252caa9353b5e4004c12625909c02739ee01036bd40222002b3983d0a0a2308ad32bb76064f7592ec7e1e317774bdf8bd1b9a0d1a1d47abec375d993b158de5edcd59809e2d779d58278d5963834344de02645b1abf11eaf954b381d2f6b1087d913d03240cd3814732b8bb9b5422731069fad8db0eb988d46dd3460933f3b0491191a30ed99f62a9762d6613596b1e756ce8323c50effb794dcd30579ae480c70bcf88e0b889674a2568da8db4a0ec9ba6eb2dae15828a74871444a36d70eac23e0b05327bf52b773f54ef4a21a7381bf2fa1832e4a3b12c34e0b717373ada5db28120bf2b820ef43033f5173f0222f5cbe72ac8991e29e8d92a52d4257318f5a2bbf4ab8516bba3eefc7a3a6f12c1491cc6c9aa437670a1877304be7e12618249fc2e93bf124189c1c5005d8c4eb725b9c26dae4586a4b"}) 444.328849ms ago: executing program 1 (id=1605): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10) epoll_create1(0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8) 433.995149ms ago: executing program 4 (id=1606): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000200)=ANY=[@ANYBLOB="e00000027f00"], 0x10) 369.414767ms ago: executing program 0 (id=1607): bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x24, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r1, &(0x7f00000002c0), 0x20000000}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r1, 0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000740)=r0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r2, &(0x7f0000000300), &(0x7f00000005c0)=""/255}, 0x20) 355.664099ms ago: executing program 1 (id=1608): r0 = syz_open_procfs(0x0, &(0x7f0000000380)='map_files\x00') mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB='-'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000000), 0x2, 0x0) 325.101642ms ago: executing program 0 (id=1609): r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000240)=@name={0x1e, 0x2, 0x0, {{0x42, 0xfffffffd}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0xfffffffe}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x83f}, 0x10) sendmsg$tipc(r0, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x83f, 0x2004}}, 0x10, 0x0}, 0x0) 315.715024ms ago: executing program 1 (id=1610): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10) setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, 0x0, 0x5000) 303.662975ms ago: executing program 4 (id=1611): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa) sendmsg$nl_route_sched(r1, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x4, r3}}]}, {0x4, 0xa}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}]}]}, 0x68}}, 0x0) 295.513146ms ago: executing program 0 (id=1612): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = epoll_create1(0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)) r2 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) signalfd(r2, &(0x7f0000000100), 0x8) 293.392886ms ago: executing program 2 (id=1613): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20) creat(&(0x7f0000000280)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x10010, &(0x7f0000000bc0)=ANY=[@ANYBLOB='mode=00000000000000000000004,mode=00000000000000000002536,m']) 283.533337ms ago: executing program 1 (id=1614): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x48600, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x2) readv(r1, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) 242.288042ms ago: executing program 0 (id=1615): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80, &(0x7f0000000900)={[{@oldalloc}, {@noblock_validity}, {@minixdf}, {@errors_remount}, {@jqfmt_vfsv0}, {@data_err_abort}, {@debug}, {@nombcache}, {@nobh}, {@data_writeback}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@discard}, {@min_batch_time={'min_batch_time', 0x3d, 0x8}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xffffffffffff0953}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}], [], 0x2c}, 0x0, 0x4bb, &(0x7f0000000140)="$eJzs3MtvVNUfAPDvnT6gP+DXik8eyigaGx8tLc+FG40mbExMNAaXY1sIUsDQmgBppBqDiQsNf4GPnYl/gSvdGHWlcatxa0yI6QZ0Ya65M3fKlJlpO3TaAebzSQbOmXvuPefcc097HrkNoGsVs3+SiK0R8WtEDFaiSxMUK/9dX5ib+HthbiKJNH31r6Sc7trC3EQ1afW8LXlkuBBR+CCJXQ3ynblw8VRpenrqXB4fnT399ujMhYvPnjxdOjF1YurM+JEjB/YPHD40frAt9czKdG3nu2d37zj6xpWXJ45defOHr7Lypvnx2npUDLWYQ0/dN8UoLr2XNZ5o8eq3u2014aS3gwWhJdlTmzVXX7n/D0ZP3Gi8wXjp/Y4WDlhXaZqmm+q+XfxdNp/WSpLKCcBdItGloUtVf9FfW8hmqnMT9fPgu9vV56M8A8rqfT3/VI70RiGbww9V5kZ965T/fRFxbP6fT7NPNFyHAABor2+y8c8zlXFH9VM5UogHatL9P98bGoqIeyJie0Tcm49f7o8op30wIh6qOScbUdavLS1VvCleP/75eWBNFVxBNv57Lt/bWjr+K1STDPXksW3l+vclx09OT+3L78lw9G3K4mP1l16s+rcv/vJJs/yLNeO/7JPlXx0L5uX4s/emmzhZmi2ttd5VV98rL+ldqq9/srgTkLXjjojYeQvXz+7Zyae+3N3s+Mr1/7j5xduwz5R+HvFkpf3n46b6Z/rzUOP9ybHDh8YPjm6O6al9o9Wnot6PP11+JQ/WTSNWrv/6ytr/fw2f/8Wdy6Gkdr92pvU8Lv/2YdM5za0+//3Ja+Vwf/7d+dLs7LmxiP5kvv778Rvnni8NLEmf1X94b+P+vz3i38/y83ZFRPYQPxwRj0TEnrzsj0bEYxGxd5n6f//C4281m0LeDu0/2VL7tx7oOfXd13UZf1RcZf2z9j9QDg3n30yWZjevVK/VFnDNNxAAAADuAHsiYmskhZF8jXNrFAojIxFbFldQZmafPn72nTOTlXcEhqKvUF3pGqxZDx3L14azeHbWeE08O76/vG6cpmk6UI6PTJyd3tbZqkPX29Kk/2f+qH+lBbjbtLSP1uyNNuCOdOv76GlbywFsPO9rQ/fS/6F7rbr/r9dbcEDHNOr/lyKud6AowAZr1P9f70A5gI1n/g/dS/+H7qX/Q1day3v9ywW2H10mTdK7Ppk2DxRi+b8CMBTR2gV/L0S0p4Q9ba3pwCradHO0I68orJimt4U/xLCxgcLtUYxKYFNErPD0Lj5sl6qBi+tdsPKPhy86/fMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgrf4LAAD//8E921o=") bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4) recvmmsg(r0, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0xb}}], 0xb, 0x0, 0x0) 241.395912ms ago: executing program 4 (id=1616): syz_mount_image$ext4(&(0x7f0000000280)='ext2\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000001c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@discard}]}, 0xfe, 0x24d, &(0x7f0000000840)="$eJzs3T9o3GYYB+BXuru6Z5vitkuh9A+UUlqDcbdCl3ZpwVCKKaXQFlxK6VTsgmOTzZcpS4ZkToKnLCZki5MxZDFZAlmdxIOzZIjJEJMhGS7odBcu9pkkPvsUrOcBnfRJn/RKoN93WnQXQGmNRcR3EVGJiPGIqEVE0t3h03waazeX62szEc3mLw+TVr+8nevsNxIRjYj4JqLa2ba4+sfm4/Ufvzi1UPv8wurv9UFdX7etzY2fts//fPLy1NeLaXvdaHvefR0HKemxrppEvHcYxd4QSbXoM+BVTB+/dDvL/fsR8Vkr/7VI25E9Pf/W9Vp8dW6vfc88uPXhIM8VOHjNZi37Dmw0gdJJW8/ASToREflymk5M5M/wdyrD6X9z88fG/51bmP2n6JEKOCijERs/XB26MrIj//cref6BoyvL/6/TK3ez5e1K0WcDDMRH+SzL//hfS1+G/EPpyD+Ul/xDeck/HAH7zK78Q3nJP5SX/MMRVussNHpuln8oL/mH8pJ/KK/u/AMA5dIcKvoNZKAoRY8/AAAAAAAAAAAAAAAAAADAbsv1tZnONKiaN85GbH0fEdVe9Sut/yOOeLv1Ofwoybo9l+S79eXPT/o8QJ8uFvz29Tv3iq1/8+PDOe6JF5v1vfotzUY0ss6T1eru+y9p33/79+5Lttf+7rPAa0p2tL/9bbD1d3q6Umz9qfWIa9n4M9lr/Enjg9a89/gz2v0Ty/v0/5M+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDAPAsAAP///YVqDQ==") creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) link(&(0x7f0000000a40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') creat(&(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x20) openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x440, 0x0) 240.827602ms ago: executing program 3 (id=1617): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000018"], 0x44}}, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r2, 0x400452c8, &(0x7f0000000100)) ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c9, &(0x7f0000000100)) 182.146839ms ago: executing program 2 (id=1618): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x6, 0x1008, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) pipe(&(0x7f0000005880)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$security_selinux(r2, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0) 181.631039ms ago: executing program 1 (id=1619): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x38, 0x12, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=@newlink={0x34, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}]}, 0x34}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) 181.088129ms ago: executing program 3 (id=1620): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x0, 0x0) r3 = eventfd(0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r3}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x0, 0x0, 0x0, r2, 0x4}) 100.371388ms ago: executing program 2 (id=1621): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000580)={[{@jqfmt_vfsv1}, {@stripe={'stripe', 0x3d, 0x8}}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodiscard}, {@nodelalloc}, {@acl}, {@dioread_lock}]}, 0x1, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=") r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='ext4_ext_remove_space_done\x00', r1}, 0x10) truncate(&(0x7f0000000140)='./file2\x00', 0x0) 44.738285ms ago: executing program 1 (id=1622): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000040)={0x4}) close(0xffffffffffffffff) close_range(r0, 0xffffffffffffffff, 0x0) 36.344996ms ago: executing program 4 (id=1623): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000400000001"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940)) 0s ago: executing program 2 (id=1624): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000fd41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0) kernel console output (not intermixed with test programs): 06][ T1169] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 80.188938][ T1169] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 80.196218][ T1169] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 80.203052][ T1169] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 80.209858][ T1169] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 80.217037][ T1169] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 80.223877][ T1169] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 80.230671][ T1169] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 80.237600][ T1169] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 80.244348][ T1169] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 80.251233][ T1169] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 80.258487][ T1169] lg-g15 0003:046D:C222.0023: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.4-1/input0 [ 80.361005][ T314] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.371787][ T314] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.390936][ T314] usb 4-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 80.400255][ T314] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.408557][ T313] usb 5-1: USB disconnect, device number 13 [ 80.409708][ T314] usb 4-1: config 0 descriptor?? [ 80.420913][ T1169] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 80.481017][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.491784][ T1086] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 80.499140][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.508701][ T6] usb 1-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00 [ 80.517541][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.526631][ T6] usb 1-1: config 0 descriptor?? [ 80.660953][ T1169] usb 2-1: Using ep0 maxpacket: 16 [ 80.781045][ T1169] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 80.790204][ T1169] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 80.799720][ T1169] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 80.809117][ T1169] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 80.818805][ T1169] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 80.828461][ T1169] usb 2-1: config 1 interface 0 has no altsetting 0 [ 80.834882][ T1169] usb 2-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 80.843722][ T1169] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.861031][ T1086] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.871958][ T1086] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.891437][ T1169] ums-sddr09 2-1:1.0: USB Mass Storage device detected [ 80.901858][ T314] holtek 0003:1241:5015.0024: collection stack underflow [ 80.908855][ T314] holtek 0003:1241:5015.0024: item 0 1 0 12 parsing failed [ 80.916132][ T314] holtek 0003:1241:5015.0024: parse failed [ 80.922019][ T314] holtek: probe of 0003:1241:5015.0024 failed with error -22 [ 80.961076][ T1086] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 80.969956][ T1086] usb 3-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 80.977823][ T1086] usb 3-1: Product: syz [ 80.989259][ T1086] usb 3-1: config 0 descriptor?? [ 81.002009][ T6] itetech 0003:258A:6A88.0025: unknown main item tag 0x0 [ 81.009518][ T6] itetech 0003:258A:6A88.0025: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.0-1/input0 [ 81.111788][ T6] usb 4-1: USB disconnect, device number 9 [ 81.114974][ T1169] scsi host1: usb-storage 2-1:1.0 [ 81.140075][ T2911] loop4: detected capacity change from 0 to 1024 [ 81.153563][ T2911] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 81.171767][ T289] EXT4-fs (loop4): unmounting filesystem. [ 81.204350][ T1169] usb 1-1: USB disconnect, device number 15 [ 81.315385][ T313] usb 2-1: USB disconnect, device number 14 [ 81.471875][ T1086] konepure 0003:1E7D:2DB4.0026: item fetching failed at offset 10/11 [ 81.480088][ T1086] konepure 0003:1E7D:2DB4.0026: parse failed [ 81.486097][ T1086] konepure: probe of 0003:1E7D:2DB4.0026 failed with error -22 [ 81.675039][ T1086] usb 3-1: USB disconnect, device number 10 [ 81.828292][ T2940] netlink: 'syz.3.1045': attribute type 4 has an invalid length. [ 81.842061][ T2940] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1045'. [ 81.852053][ T2940] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1045'. [ 82.431132][ T24] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 82.571064][ T313] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 82.580953][ T1169] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 82.791063][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 82.808905][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 82.818661][ T313] usb 5-1: Using ep0 maxpacket: 16 [ 82.828764][ T24] usb 1-1: New USB device found, idVendor=1020, idProduct=0006, bcdDevice= 0.00 [ 82.840921][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.863976][ T24] usb 1-1: config 0 descriptor?? [ 82.941019][ T1169] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 82.951835][ T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 82.954934][ T2997] loop2: detected capacity change from 0 to 40427 [ 82.970907][ T1169] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 82.980624][ T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 82.990543][ T1169] usb 2-1: New USB device found, idVendor=0f30, idProduct=0111, bcdDevice= 0.00 [ 82.999815][ T313] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 83.013021][ T2997] F2FS-fs (loop2): invalid crc value [ 83.013216][ T1169] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.026333][ T313] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 83.035811][ T313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.042137][ T2997] F2FS-fs (loop2): Found nat_bits in checkpoint [ 83.044548][ T1169] usb 2-1: config 0 descriptor?? [ 83.055699][ T313] usb 5-1: config 0 descriptor?? [ 83.104521][ T2997] F2FS-fs (loop2): Start checkpoint disabled! [ 83.111507][ T2997] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 83.142841][ T2997] syz.2.1071: attempt to access beyond end of device [ 83.142841][ T2997] loop2: rw=2049, sector=77824, nr_sectors = 848 limit=40427 [ 83.189362][ T10] kworker/u4:1: attempt to access beyond end of device [ 83.189362][ T10] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 83.321862][ T24] belkin 0003:1020:0006.0027: report_id 0 is invalid [ 83.328387][ T24] belkin 0003:1020:0006.0027: item 0 0 1 8 parsing failed [ 83.335987][ T24] belkin 0003:1020:0006.0027: parse failed [ 83.342057][ T24] belkin: probe of 0003:1020:0006.0027 failed with error -22 [ 83.408334][ T3008] loop2: detected capacity change from 0 to 512 [ 83.422617][ T3008] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.1074: casefold flag without casefold feature [ 83.435438][ T3008] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1074: couldn't read orphan inode 15 (err -117) [ 83.449381][ T3008] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 83.463629][ T3008] EXT4-fs error (device loop2): ext4_check_dx_root:2264: inode #2: comm syz.2.1074: Corrupt dir, invalid name_len for '.', running e2fsck is recommended [ 83.484286][ T294] EXT4-fs (loop2): unmounting filesystem. [ 83.521871][ T1169] pantherlord 0003:0F30:0111.0028: item fetching failed at offset 6/7 [ 83.523019][ T3016] loop3: detected capacity change from 0 to 1024 [ 83.537744][ T3016] EXT4-fs: Ignoring removed oldalloc option [ 83.549936][ T313] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0029/input/input21 [ 83.562970][ T1169] pantherlord 0003:0F30:0111.0028: parse failed [ 83.569178][ T1169] pantherlord: probe of 0003:0F30:0111.0028 failed with error -22 [ 83.579927][ T1169] usb 1-1: USB disconnect, device number 16 [ 83.591891][ T3016] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 83.607547][ T3016] 9pnet: p9_errstr2errno: server reported unknown error J"Oy效VVKrSՓ+t!43;{ٙ{ou}??|z [ 83.626220][ T293] EXT4-fs (loop3): unmounting filesystem. [ 83.643045][ T313] microsoft 0003:045E:07DA.0029: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 83.657057][ T28] kauditd_printk_skb: 19 callbacks suppressed [ 83.657074][ T28] audit: type=1326 audit(1730295452.644:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3023 comm="syz.3.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14eb7e719 code=0x7ffc0000 [ 83.687644][ T28] audit: type=1326 audit(1730295452.644:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3023 comm="syz.3.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14eb7e719 code=0x7ffc0000 [ 83.735302][ T313] usb 5-1: USB disconnect, device number 14 [ 83.741510][ T789] usb 2-1: USB disconnect, device number 15 [ 83.881077][ T1086] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 84.100080][ T3027] loop0: detected capacity change from 0 to 16 [ 84.106705][ T3027] erofs: (device loop0): mounted with root inode @ nid 36. [ 84.118523][ T3027] syz.0.1069: attempt to access beyond end of device [ 84.118523][ T3027] loop0: rw=0, sector=14552337256, nr_sectors = 8 limit=16 [ 84.132331][ T3027] syz.0.1069: attempt to access beyond end of device [ 84.132331][ T3027] loop0: rw=0, sector=14546590680, nr_sectors = 8 limit=16 [ 84.173076][ T313] hid-generic 0000:0000:0000.002A: unknown main item tag 0x0 [ 84.188391][ T313] hid-generic 0000:0000:0000.002A: unknown main item tag 0x0 [ 84.196537][ T313] hid-generic 0000:0000:0000.002A: hidraw0: HID v0.00 Device [syz0] on syz0 [ 84.252852][ T1086] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.278898][ T1086] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.296426][ T1086] usb 3-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 4.00 [ 84.306758][ T1086] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.315430][ T1086] usb 3-1: config 0 descriptor?? [ 84.349328][ T3058] syz.1.1084[3058] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.349387][ T3058] syz.1.1084[3058] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.377634][ T3061] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1087'. [ 84.490416][ T3082] loop4: detected capacity change from 0 to 2048 [ 84.502595][ T3082] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 84.521846][ T289] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 84.540230][ T289] EXT4-fs (loop4): unmounting filesystem. [ 84.711008][ T789] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 84.711069][ T313] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 84.792565][ T1086] wacom 0003:056A:00F8.002B: unknown main item tag 0x0 [ 84.797979][ T3110] binder: 3109:3110 ioctl c0306201 20000180 returned -22 [ 84.806229][ T1086] wacom 0003:056A:00F8.002B: unknown main item tag 0x0 [ 84.806262][ T1086] wacom 0003:056A:00F8.002B: unknown main item tag 0x0 [ 84.825002][ T1086] wacom 0003:056A:00F8.002B: unknown main item tag 0x0 [ 84.832159][ T1086] wacom 0003:056A:00F8.002B: unknown main item tag 0x0 [ 84.839848][ T1086] wacom 0003:056A:00F8.002B: hidraw0: USB HID v0.00 Device [HID 056a:00f8] on usb-dummy_hcd.2-1/input0 [ 84.937870][ T3115] loop4: detected capacity change from 0 to 128 [ 84.946455][ T3115] syz.4.1112: attempt to access beyond end of device [ 84.946455][ T3115] loop4: rw=2051, sector=96, nr_sectors = 287 limit=128 [ 84.967237][ T3117] device veth2 entered promiscuous mode [ 84.990986][ T313] usb 4-1: Using ep0 maxpacket: 32 [ 84.997026][ T3119] loop4: detected capacity change from 0 to 2048 [ 85.004454][ T1086] usb 3-1: USB disconnect, device number 11 [ 85.014521][ T3121] 9pnet: p9_errstr2errno: server reported unknown error 00000000000000000005 [ 85.033114][ T3119] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 85.050472][ T289] EXT4-fs (loop4): unmounting filesystem. [ 85.101724][ T789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 85.110996][ T313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 85.115836][ T789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 85.129771][ T313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 85.135282][ T789] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 85.144652][ T313] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 85.167854][ T313] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.179922][ T313] usb 4-1: config 0 descriptor?? [ 85.182258][ T3133] loop4: detected capacity change from 0 to 2048 [ 85.191096][ T789] usb 1-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.00 [ 85.200214][ T789] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.200990][ T3074] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 85.208828][ T789] usb 1-1: config 0 descriptor?? [ 85.221465][ T313] hub 4-1:0.0: USB hub found [ 85.231651][ T3133] Alternate GPT is invalid, using primary GPT. [ 85.237657][ T3133] loop4: p1 p2 p3 [ 85.441032][ T313] hub 4-1:0.0: 2 ports detected [ 85.445796][ T39] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 85.656237][ T3152] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 85.677198][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.686966][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.696153][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.708666][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.717033][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.725846][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.734266][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x1 [ 85.741746][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.749064][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.756248][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.763297][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.770112][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.777154][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.784230][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.792547][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.799376][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.806570][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.811025][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 85.813637][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.830928][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 85.831212][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.848307][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.850685][ T39] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 85.855504][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.871078][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.871080][ T313] hub 4-1:0.0: set hub depth failed [ 85.871105][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.878955][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.890920][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.904916][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.911953][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.914281][ T313] usb 4-1: USB disconnect, device number 10 [ 85.918802][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.928009][ T39] usb 2-1: config 0 descriptor?? [ 85.950920][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.957779][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.964759][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.971750][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.978534][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.985603][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 85.992570][ T789] elecom 0003:056E:010C.002C: unknown main item tag 0x0 [ 86.003139][ T789] elecom 0003:056E:010C.002C: hidraw0: USB HID v0.00 Device [HID 056e:010c] on usb-dummy_hcd.0-1/input0 [ 86.021957][ T789] usb 1-1: USB disconnect, device number 17 [ 86.412705][ T39] hid-led 0003:1D34:000A.002D: unknown main item tag 0x0 [ 86.420016][ T39] hid-led 0003:1D34:000A.002D: item fetching failed at offset 3/5 [ 86.430283][ T39] hid-led: probe of 0003:1D34:000A.002D failed with error -22 [ 86.462897][ T28] audit: type=1326 audit(1730295455.444:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3178 comm="syz.2.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd8b7e719 code=0x7ffc0000 [ 86.508415][ T28] audit: type=1326 audit(1730295455.444:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3178 comm="syz.2.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd8b7e719 code=0x7ffc0000 [ 86.535415][ T28] audit: type=1326 audit(1730295455.444:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3178 comm="syz.2.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bd8b7e719 code=0x7ffc0000 [ 86.558874][ T28] audit: type=1326 audit(1730295455.444:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3178 comm="syz.2.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd8b7e719 code=0x7ffc0000 [ 86.583440][ T28] audit: type=1326 audit(1730295455.444:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3178 comm="syz.2.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd8b7e719 code=0x7ffc0000 [ 86.612388][ T28] audit: type=1326 audit(1730295455.444:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3178 comm="syz.2.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bd8b7e719 code=0x7ffc0000 [ 86.654567][ T313] usb 2-1: USB disconnect, device number 16 [ 86.656470][ T28] audit: type=1326 audit(1730295455.444:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3178 comm="syz.2.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd8b7e719 code=0x7ffc0000 [ 86.710979][ T39] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 86.716548][ T28] audit: type=1326 audit(1730295455.444:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3178 comm="syz.2.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd8b7e719 code=0x7ffc0000 [ 86.846329][ T3181] loop0: detected capacity change from 0 to 40427 [ 86.861189][ T3181] F2FS-fs (loop0): fault_injection options not supported [ 86.868217][ T3181] F2FS-fs (loop0): Image doesn't support compression [ 86.870118][ T3183] loop2: detected capacity change from 0 to 40427 [ 86.875082][ T3181] F2FS-fs (loop0): Image doesn't support compression [ 86.889343][ T3181] F2FS-fs (loop0): fault_type options not supported [ 86.896981][ T3183] F2FS-fs (loop2): heap/no_heap options were deprecated [ 86.898125][ T3181] F2FS-fs (loop0): invalid crc value [ 86.905045][ T3183] F2FS-fs (loop2): invalid crc value [ 86.910128][ T3181] F2FS-fs (loop0): Found nat_bits in checkpoint [ 86.915844][ T3183] F2FS-fs (loop2): Found nat_bits in checkpoint [ 86.962022][ T3181] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 86.969209][ T3183] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 86.994100][ T290] syz-executor: attempt to access beyond end of device [ 86.994100][ T290] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 87.015396][ T294] syz-executor: attempt to access beyond end of device [ 87.015396][ T294] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 87.041611][ T789] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 87.081079][ T39] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 87.100920][ T39] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 87.113760][ T39] usb 5-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 87.280979][ T789] usb 4-1: Using ep0 maxpacket: 8 [ 88.091670][ T3203] devpts: called with bogus options [ 88.150955][ T789] usb 4-1: device descriptor read/all, error -71 [ 88.241038][ T39] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 88.249972][ T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 88.281134][ T39] usb 5-1: can't set config #1, error -71 [ 88.288001][ T39] usb 5-1: USB disconnect, device number 15 [ 88.351338][ T313] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 88.590944][ T313] usb 2-1: Using ep0 maxpacket: 16 [ 88.666425][ T3237] loop3: detected capacity change from 0 to 2048 [ 88.692240][ T3237] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 88.700650][ T3237] ext4 filesystem being mounted at /242/file0 supports timestamps until 2038 (0x7fffffff) [ 88.711005][ T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 88.722107][ T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 88.732432][ T293] EXT4-fs (loop3): unmounting filesystem. [ 88.851077][ T313] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 88.861538][ T313] usb 2-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 88.869744][ T313] usb 2-1: Product: syz [ 88.873916][ T313] usb 2-1: Manufacturer: syz [ 88.891277][ T313] usb 2-1: config 0 descriptor?? [ 88.901088][ T24] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 89.145600][ T3248] loop0: detected capacity change from 0 to 256 [ 89.240771][ T3264] loop0: detected capacity change from 0 to 256 [ 89.252145][ T3264] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 89.261011][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 89.280015][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 89.290267][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 89.312320][ T24] usb 5-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10 [ 89.321654][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.335711][ T24] usb 5-1: config 0 descriptor?? [ 89.362018][ T313] kovaplus 0003:1E7D:2D50.002E: unknown main item tag 0x0 [ 89.369381][ T313] kovaplus 0003:1E7D:2D50.002E: unknown main item tag 0x0 [ 89.388699][ T3270] xt_TCPMSS: Only works on TCP SYN packets [ 89.394866][ T313] kovaplus 0003:1E7D:2D50.002E: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.1-1/input0 [ 89.560111][ T3301] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 89.584731][ T3303] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1191'. [ 89.677952][ T3312] loop0: detected capacity change from 0 to 16 [ 89.688663][ T3312] erofs: (device loop0): mounted with root inode @ nid 36. [ 89.811804][ T24] prodikeys 0003:041E:2801.002F: unexpected long global item [ 89.819269][ T24] prodikeys 0003:041E:2801.002F: hid parse failed [ 89.825634][ T24] prodikeys: probe of 0003:041E:2801.002F failed with error -22 [ 89.880943][ T789] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 89.980976][ T1086] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 90.019577][ T24] usb 5-1: USB disconnect, device number 16 [ 90.190932][ T1491] Bluetooth: hci0: command 0x1003 tx timeout [ 90.190974][ T2293] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 90.203618][ T313] kovaplus 0003:1E7D:2D50.002E: couldn't init struct kovaplus_device [ 90.218019][ T313] kovaplus 0003:1E7D:2D50.002E: couldn't install mouse [ 90.225902][ T313] kovaplus: probe of 0003:1E7D:2D50.002E failed with error -71 [ 90.234345][ T313] usb 2-1: USB disconnect, device number 17 [ 90.271383][ T789] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 90.281379][ T789] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 90.371040][ T789] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 90.379984][ T1086] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 90.391476][ T789] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 90.399301][ T789] usb 4-1: SerialNumber: syz [ 90.403844][ T1086] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 90.417964][ T1086] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 90.447387][ T3329] loop2: detected capacity change from 0 to 2048 [ 90.462692][ T3329] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 90.481006][ T294] EXT4-fs (loop2): unmounting filesystem. [ 90.601008][ T1086] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 90.609906][ T1086] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 90.617734][ T1086] usb 1-1: Product: syz [ 90.621708][ T1086] usb 1-1: Manufacturer: syz [ 90.626167][ T1086] usb 1-1: SerialNumber: syz [ 90.682540][ T789] usb 4-1: 0:2 : does not exist [ 90.687632][ T1086] cdc_ncm 1-1:1.0: skipping garbage [ 90.727056][ T789] usb 4-1: USB disconnect, device number 13 [ 90.737731][ T318] udevd[318]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 90.761016][ T313] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 90.875492][ T3343] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1208'. [ 90.951627][ T3357] loop1: detected capacity change from 0 to 256 [ 91.010936][ T313] usb 3-1: Using ep0 maxpacket: 16 [ 91.130968][ T313] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 91.215167][ T24] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 91.290999][ T313] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 91.300155][ T313] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 91.308672][ T313] usb 3-1: Product: syz [ 91.312928][ T313] usb 3-1: Manufacturer: syz [ 91.317358][ T313] usb 3-1: SerialNumber: syz [ 91.322807][ T313] usb 3-1: config 0 descriptor?? [ 91.361913][ T313] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 91.369811][ T313] usb 3-1: Detected FT232R [ 91.531086][ T789] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 91.570977][ T313] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 91.581136][ T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 91.591193][ T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 91.670994][ T24] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 91.679900][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 91.687725][ T24] usb 5-1: SerialNumber: syz [ 91.751006][ T1086] cdc_ncm 1-1:1.0: bind() failure [ 91.780998][ T1086] cdc_ncm: probe of 1-1:1.1 failed with error -71 [ 91.801009][ T1086] cdc_mbim: probe of 1-1:1.1 failed with error -71 [ 91.808291][ T1086] usb 1-1: USB disconnect, device number 18 [ 91.831057][ T313] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71 [ 91.838184][ T313] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 91.846950][ T313] usb 3-1: USB disconnect, device number 12 [ 91.854368][ T313] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 91.863808][ T313] ftdi_sio 3-1:0.0: device disconnected [ 91.911029][ T789] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 91.921865][ T789] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 91.931548][ T789] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 91.944140][ T789] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10 [ 91.952970][ T789] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.961526][ T789] usb 2-1: config 0 descriptor?? [ 91.971819][ T24] usb 5-1: 0:2 : does not exist [ 92.014946][ T24] usb 5-1: USB disconnect, device number 17 [ 92.336911][ T28] kauditd_printk_skb: 9 callbacks suppressed [ 92.336927][ T28] audit: type=1400 audit(1730295461.314:467): avc: denied { unlink } for pid=3391 comm="syz.2.1229" name="#3" dev="tmpfs" ino=1286 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 92.394556][ T28] audit: type=1400 audit(1730295461.374:468): avc: denied { unlink } for pid=84 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 92.421954][ T789] prodikeys 0003:041E:2801.0030: unexpected long global item [ 92.431729][ T789] prodikeys 0003:041E:2801.0030: hid parse failed [ 92.438018][ T789] prodikeys: probe of 0003:041E:2801.0030 failed with error -22 [ 92.524983][ T3408] loop3: detected capacity change from 0 to 1024 [ 92.543001][ T3408] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 92.562695][ T28] audit: type=1326 audit(1730295461.544:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3407 comm="syz.3.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14eb7e719 code=0x7ffc0000 [ 92.587042][ T28] audit: type=1326 audit(1730295461.544:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3407 comm="syz.3.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7fc14eb7e719 code=0x7ffc0000 [ 92.587897][ T293] EXT4-fs (loop3): unmounting filesystem. [ 92.610294][ T28] audit: type=1326 audit(1730295461.544:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3407 comm="syz.3.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14eb7e719 code=0x7ffc0000 [ 92.649510][ T789] usb 2-1: USB disconnect, device number 18 [ 92.780989][ T24] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 92.980944][ T39] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 93.020971][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 93.214887][ T3442] loop2: detected capacity change from 0 to 512 [ 93.221798][ T3442] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 93.231328][ T3442] EXT4-fs (loop2): orphan cleanup on readonly fs [ 93.238107][ T3442] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1251: bg 0: block 248: padding at end of block bitmap is not set [ 93.255875][ T3442] Quota error (device loop2): write_blk: dquota write failed [ 93.263860][ T3442] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 93.274443][ T3442] EXT4-fs error (device loop2): ext4_acquire_dquot:6787: comm syz.2.1251: Failed to acquire dquot type 1 [ 93.286171][ T3442] EXT4-fs (loop2): 1 truncate cleaned up [ 93.292976][ T3442] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 93.304075][ T3442] EXT4-fs (loop2): unmounting filesystem. [ 93.313749][ T24] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 93.325265][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.333343][ T24] usb 5-1: Product: syz [ 93.337370][ T24] usb 5-1: Manufacturer: syz [ 93.341857][ T24] usb 5-1: SerialNumber: syz [ 93.348253][ T24] usb 5-1: config 0 descriptor?? [ 93.353235][ T39] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 93.366064][ T39] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 93.379184][ T39] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 93.397197][ T3459] loop0: detected capacity change from 0 to 256 [ 93.403263][ T3442] syz.2.1251 (3442) used greatest stack depth: 19432 bytes left [ 93.429353][ T3459] FAT-fs (loop0): Directory bread(block 64) failed [ 93.451025][ T3459] FAT-fs (loop0): Directory bread(block 65) failed [ 93.457624][ T3459] FAT-fs (loop0): Directory bread(block 66) failed [ 93.464408][ T3459] FAT-fs (loop0): Directory bread(block 67) failed [ 93.470781][ T3459] FAT-fs (loop0): Directory bread(block 68) failed [ 93.490473][ T3459] FAT-fs (loop0): Directory bread(block 69) failed [ 93.497067][ T3459] FAT-fs (loop0): Directory bread(block 70) failed [ 93.503546][ T3459] FAT-fs (loop0): Directory bread(block 71) failed [ 93.510019][ T3459] FAT-fs (loop0): Directory bread(block 72) failed [ 93.516684][ T3459] FAT-fs (loop0): Directory bread(block 73) failed [ 93.571068][ T39] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 93.580084][ T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.586243][ T3457] loop1: detected capacity change from 0 to 40427 [ 93.588286][ T39] usb 4-1: Product: syz [ 93.594937][ T3457] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 93.602829][ T39] usb 4-1: Manufacturer: syz [ 93.606265][ T3457] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 93.610225][ T39] usb 4-1: SerialNumber: syz [ 93.625924][ T3457] F2FS-fs (loop1): Found nat_bits in checkpoint [ 93.660774][ T3457] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 93.661882][ T39] cdc_ncm 4-1:1.0: skipping garbage [ 93.667762][ T3457] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 93.691429][ T3457] syz.1.1256: attempt to access beyond end of device [ 93.691429][ T3457] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 93.707217][ T3457] syz.1.1256: attempt to access beyond end of device [ 93.707217][ T3457] loop1: rw=0, sector=45096, nr_sectors = 8 limit=40427 [ 93.750979][ T6] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 93.810924][ T1169] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 94.050959][ T1169] usb 1-1: Using ep0 maxpacket: 16 [ 94.092898][ T24] rtl8150 5-1:0.0: eth1: rtl8150 is detected [ 94.111019][ T313] usb 2-1: new full-speed USB device number 19 using dummy_hcd [ 94.131019][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 94.142099][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 94.152519][ T6] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 94.165757][ T6] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10 [ 94.171071][ T1169] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 94.174990][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.194308][ T1169] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 94.204946][ T1169] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 94.208222][ T6] usb 3-1: config 0 descriptor?? [ 94.217865][ T1169] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 94.231770][ T1169] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.240774][ T1169] usb 1-1: config 0 descriptor?? [ 94.292124][ T1086] usb 5-1: USB disconnect, device number 18 [ 94.510950][ T313] usb 2-1: unable to get BOS descriptor or descriptor too short [ 94.551078][ T313] usb 2-1: not running at top speed; connect to a high speed hub [ 94.631005][ T313] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 94.639512][ T313] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 94.648353][ T313] usb 2-1: config 1 has no interface number 1 [ 94.654204][ T313] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 1023 [ 94.691801][ T6] prodikeys 0003:041E:2801.0031: unexpected long global item [ 94.699319][ T6] prodikeys 0003:041E:2801.0031: hid parse failed [ 94.705692][ T6] prodikeys: probe of 0003:041E:2801.0031 failed with error -22 [ 94.722194][ T1169] microsoft 0003:045E:07DA.0032: unknown main item tag 0x0 [ 94.729370][ T1169] microsoft 0003:045E:07DA.0032: unknown main item tag 0x0 [ 94.736579][ T39] cdc_ncm 4-1:1.0: bind() failure [ 94.742319][ T1169] microsoft 0003:045E:07DA.0032: unknown main item tag 0x0 [ 94.749465][ T1169] microsoft 0003:045E:07DA.0032: unknown main item tag 0x0 [ 94.756828][ T1169] microsoft 0003:045E:07DA.0032: unknown main item tag 0x0 [ 94.763953][ T39] cdc_ncm: probe of 4-1:1.1 failed with error -71 [ 94.770208][ T1169] microsoft 0003:045E:07DA.0032: unknown main item tag 0x0 [ 94.777365][ T1169] microsoft 0003:045E:07DA.0032: unknown main item tag 0x0 [ 94.784584][ T39] cdc_mbim: probe of 4-1:1.1 failed with error -71 [ 94.790975][ T1169] microsoft 0003:045E:07DA.0032: unknown main item tag 0x0 [ 94.798101][ T1169] microsoft 0003:045E:07DA.0032: unknown main item tag 0x0 [ 94.806622][ T39] usb 4-1: USB disconnect, device number 14 [ 94.813819][ T1169] microsoft 0003:045E:07DA.0032: unknown main item tag 0x0 [ 94.826398][ T1169] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0032/input/input25 [ 94.839961][ T313] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 94.868941][ T313] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.877021][ T313] usb 2-1: Product: syz [ 94.881079][ T313] usb 2-1: Manufacturer: syz [ 94.885431][ T313] usb 2-1: SerialNumber: syz [ 94.887229][ T3502] tmpfs: Unknown parameter 'mp' [ 94.891728][ T1169] microsoft 0003:045E:07DA.0032: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 94.921860][ T24] usb 3-1: USB disconnect, device number 13 [ 94.928515][ T6] usb 1-1: USB disconnect, device number 19 [ 95.200975][ T1169] usb 5-1: new full-speed USB device number 19 using dummy_hcd [ 95.261060][ T313] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 95.267316][ T313] usb 2-1: 2:1 : invalid channels 0 [ 95.295412][ T313] usb 2-1: USB disconnect, device number 19 [ 95.466003][ T3517] loop3: detected capacity change from 0 to 512 [ 95.475137][ T3517] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 95.488263][ T3517] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec018, mo2=0002] [ 95.496688][ T3517] System zones: 1-12 [ 95.507226][ T3517] EXT4-fs (loop3): 1 truncate cleaned up [ 95.514971][ T3517] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 95.531295][ T3525] binder: 3524:3525 ioctl c0306201 20000180 returned -22 [ 95.561012][ T1169] usb 5-1: config 0 has an invalid interface number: 20 but max is 0 [ 95.569650][ T1169] usb 5-1: config 0 has no interface number 0 [ 95.575969][ T1169] usb 5-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 95.607840][ T293] EXT4-fs (loop3): unmounting filesystem. [ 95.682577][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.696482][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.704313][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.711752][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.719012][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.726918][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.734352][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.741831][ T1169] usb 5-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 95.750827][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.758290][ T1169] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 95.762345][ T3527] loop2: detected capacity change from 0 to 40427 [ 95.766603][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.773294][ T3527] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 95.784489][ T1169] usb 5-1: Product: syz [ 95.787775][ T3527] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 95.791544][ T1169] usb 5-1: Manufacturer: syz [ 95.803842][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.808786][ T3527] F2FS-fs (loop2): Found nat_bits in checkpoint [ 95.811075][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.824464][ T1169] usb 5-1: SerialNumber: syz [ 95.829598][ T1169] usb 5-1: config 0 descriptor?? [ 95.834637][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.841901][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.849097][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.856344][ T3504] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 95.863384][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.866634][ T3527] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 95.870788][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.870813][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.879610][ T3527] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 95.885429][ T1169] usb-storage 5-1:0.20: USB Mass Storage device detected [ 95.906292][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.913864][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.914659][ T3527] syz.2.1272: attempt to access beyond end of device [ 95.914659][ T3527] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 95.921261][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.942127][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.942490][ T3527] syz.2.1272: attempt to access beyond end of device [ 95.942490][ T3527] loop2: rw=0, sector=45096, nr_sectors = 8 limit=40427 [ 95.949351][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.949378][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 95.962969][ T6] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 95.970475][ T1169] usb-storage 5-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 95.992545][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 96.000979][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 96.008196][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 96.024521][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 96.040937][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 96.048453][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 96.056116][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 96.063396][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 96.070567][ T313] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 96.078861][ T313] hid-generic 0000:0000:0000.0033: hidraw0: HID v0.00 Device [syz0] on syz0 [ 96.090249][ T1169] scsi host1: usb-storage 5-1:0.20 [ 96.220945][ T6] usb 1-1: Using ep0 maxpacket: 32 [ 96.293235][ T39] usb 5-1: USB disconnect, device number 19 [ 96.360932][ T313] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 96.361029][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 96.379550][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 96.390938][ T6] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 96.399788][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.408629][ T6] usb 1-1: config 0 descriptor?? [ 96.410995][ T1169] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 96.431176][ T3534] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 96.451587][ T6] hub 1-1:0.0: USB hub found [ 96.671044][ T6] hub 1-1:0.0: 2 ports detected [ 96.721021][ T313] usb 4-1: config 0 has no interfaces? [ 96.726381][ T313] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 96.735249][ T313] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.743639][ T313] usb 4-1: config 0 descriptor?? [ 96.781043][ T1169] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 96.792663][ T1169] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 96.803973][ T1169] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 96.813167][ T1169] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.840984][ T3546] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22 [ 96.983572][ T24] usb 4-1: USB disconnect, device number 15 [ 97.101030][ T313] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 97.101044][ T6] hub 1-1:0.0: set hub depth failed [ 97.121038][ T39] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 97.142180][ T6] usb 1-1: USB disconnect, device number 20 [ 97.361089][ T39] usb 5-1: Using ep0 maxpacket: 16 [ 97.471005][ T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 97.481855][ T39] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 97.491152][ T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 97.503779][ T313] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 97.518886][ T3560] binder: 3559:3560 ioctl c0306201 20000180 returned -22 [ 97.522226][ T313] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10 [ 97.535587][ T313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.544061][ T313] usb 2-1: config 0 descriptor?? [ 97.641288][ T39] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 97.651125][ T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 97.658925][ T39] usb 5-1: Product: syz [ 97.664328][ T39] usb 5-1: Manufacturer: syz [ 97.668770][ T39] usb 5-1: SerialNumber: syz [ 97.673948][ T39] usb 5-1: config 0 descriptor?? [ 97.711692][ T39] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 97.719354][ T39] usb 5-1: Detected FT232R [ 97.760994][ T1169] aiptek 3-1:17.0: Aiptek using 400 ms programming speed [ 97.768499][ T1169] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input26 [ 97.921001][ T39] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 97.965737][ T1169] usb 3-1: USB disconnect, device number 14 [ 97.971790][ C1] aiptek 3-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 98.022074][ T313] prodikeys 0003:041E:2801.0034: unexpected long global item [ 98.029429][ T313] prodikeys 0003:041E:2801.0034: hid parse failed [ 98.036072][ T313] prodikeys: probe of 0003:041E:2801.0034 failed with error -22 [ 98.181055][ T39] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71 [ 98.188172][ T39] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 98.197868][ T39] usb 5-1: USB disconnect, device number 20 [ 98.204689][ T39] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 98.214079][ T39] ftdi_sio 5-1:0.0: device disconnected [ 98.227693][ T314] usb 2-1: USB disconnect, device number 20 [ 98.750754][ T8] Bluetooth: hci0: Frame reassembly failed (-84) [ 98.761030][ T314] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 98.820970][ T39] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 99.060956][ T39] usb 3-1: Using ep0 maxpacket: 8 [ 99.181007][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 99.181007][ T314] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 99.181045][ T314] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 99.192259][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 99.220930][ T314] usb 1-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 99.223603][ T39] usb 3-1: New USB device found, idVendor=04b4, idProduct=ed81, bcdDevice= 0.00 [ 99.241348][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.249288][ T314] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.257878][ T39] usb 3-1: config 0 descriptor?? [ 99.265695][ T314] usb 1-1: config 0 descriptor?? [ 99.563423][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x1 [ 99.570650][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.577985][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.587158][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.597296][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.605093][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.614394][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.622716][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x2 [ 99.630017][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.637236][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.644507][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.651859][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.659163][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.666396][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.675004][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.682257][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.689432][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.696675][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.703849][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.711070][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.718244][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.725542][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.733030][ T314] hid (null): global environment stack underflow [ 99.740231][ T314] uclogic 0003:5543:0522.0036: global environment stack underflow [ 99.742711][ T39] cypress 0003:04B4:ED81.0037: unknown main item tag 0xd [ 99.748203][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.757810][ T39] cypress 0003:04B4:ED81.0037: item fetching failed at offset 6/7 [ 99.763425][ T314] uclogic 0003:5543:0522.0036: item 0 1 1 11 parsing failed [ 99.772282][ T39] cypress 0003:04B4:ED81.0037: parse failed [ 99.784267][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.784297][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.784319][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.784340][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.784361][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.784382][ T6] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 99.792226][ T39] cypress: probe of 0003:04B4:ED81.0037 failed with error -22 [ 99.799221][ T314] uclogic 0003:5543:0522.0036: parse failed [ 99.806453][ T1169] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 99.828023][ T6] hid-generic 0000:0000:0000.0035: hidraw0: HID v0.00 Device [syz0] on syz0 [ 99.857654][ T314] uclogic: probe of 0003:5543:0522.0036 failed with error -22 [ 99.944031][ T314] usb 1-1: USB disconnect, device number 21 [ 99.981308][ T313] usb 3-1: USB disconnect, device number 15 [ 100.160982][ T6] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 100.201056][ T1169] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.211852][ T1169] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 100.222289][ T1169] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 100.235024][ T1169] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10 [ 100.243852][ T1169] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.252714][ T1169] usb 4-1: config 0 descriptor?? [ 100.571011][ T6] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 100.583625][ T6] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 100.594810][ T6] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 100.603862][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.631012][ T3589] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22 [ 100.731934][ T1169] prodikeys 0003:041E:2801.0038: unexpected long global item [ 100.739450][ T1169] prodikeys 0003:041E:2801.0038: hid parse failed [ 100.745796][ T1169] prodikeys: probe of 0003:041E:2801.0038 failed with error -22 [ 100.760976][ T1492] Bluetooth: hci0: command 0x1003 tx timeout [ 100.761013][ T2293] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 100.770970][ T39] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 100.850966][ T313] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 100.935841][ T1169] usb 4-1: USB disconnect, device number 16 [ 101.020960][ T39] usb 3-1: Using ep0 maxpacket: 32 [ 101.090965][ T313] usb 1-1: Using ep0 maxpacket: 16 [ 101.091114][ T6] aiptek 5-1:17.0: Aiptek using 400 ms programming speed [ 101.104173][ T6] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input27 [ 101.115030][ T6] usb 5-1: USB disconnect, device number 21 [ 101.151140][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 101.162619][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 101.177892][ T39] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 101.186771][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.195510][ T39] usb 3-1: config 0 descriptor?? [ 101.211024][ T3594] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 101.211026][ T313] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 101.211057][ T313] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 101.238801][ T39] hub 3-1:0.0: USB hub found [ 101.243406][ T313] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 101.256189][ T313] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 101.265111][ T313] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.273578][ T313] usb 1-1: config 0 descriptor?? [ 101.441002][ T39] hub 3-1:0.0: 2 ports detected [ 101.720991][ T1169] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 101.741981][ T313] koneplus 0003:1E7D:2E22.0039: unknown main item tag 0x0 [ 101.749577][ T313] koneplus 0003:1E7D:2E22.0039: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.0-1/input0 [ 101.861009][ T39] hub 3-1:0.0: set hub depth failed [ 101.911850][ T39] usb 3-1: USB disconnect, device number 16 [ 102.091039][ T1169] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 102.102518][ T1169] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 102.113531][ T1169] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 102.122361][ T1169] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.151043][ T3601] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 102.159837][ T6] usb 1-1: USB disconnect, device number 22 [ 102.951054][ T6] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 103.020909][ T314] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 103.060952][ T39] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 103.071063][ T1169] aiptek 4-1:17.0: Aiptek using 400 ms programming speed [ 103.085449][ T1169] input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.0/input/input28 [ 103.157299][ T3624] loop4: detected capacity change from 0 to 131072 [ 103.164377][ T3624] F2FS-fs (loop4): Wrong CP boundary, start(512) end(198144) blocks(1024) [ 103.175128][ T3624] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 103.184002][ T3624] F2FS-fs (loop4): invalid crc value [ 103.190630][ T3624] F2FS-fs (loop4): Found nat_bits in checkpoint [ 103.196770][ T6] usb 1-1: Using ep0 maxpacket: 16 [ 103.228968][ T3624] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 103.235872][ T3624] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 103.255230][ T3624] F2FS-fs (loop4): sanity_check_inode: corrupted inode i_blocks i_ino=8 iblocks=0, run fsck to fix. [ 103.292657][ T1086] usb 4-1: USB disconnect, device number 17 [ 103.321226][ T6] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 103.381092][ T314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 103.391953][ T314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.402034][ T314] usb 3-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 103.411209][ T314] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.423945][ T314] usb 3-1: config 0 descriptor?? [ 103.461034][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 103.472691][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.481071][ T6] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 103.482816][ T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 103.491287][ T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 103.504124][ T39] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10 [ 103.511704][ T6] usb 1-1: Product: syz [ 103.521097][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.524782][ T6] usb 1-1: Manufacturer: syz [ 103.533712][ T39] usb 2-1: config 0 descriptor?? [ 103.540315][ T6] usb 1-1: SerialNumber: syz [ 103.549258][ T6] usb 1-1: config 0 descriptor?? [ 103.576266][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 103.592097][ T6] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 103.599994][ T6] usb 1-1: Detected FT232R [ 103.801051][ T6] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 103.901195][ T314] hid (null): global environment stack underflow [ 103.909111][ T314] uclogic 0003:5543:0522.003A: global environment stack underflow [ 103.916832][ T314] uclogic 0003:5543:0522.003A: item 0 1 1 11 parsing failed [ 103.924273][ T314] uclogic 0003:5543:0522.003A: parse failed [ 103.929994][ T314] uclogic: probe of 0003:5543:0522.003A failed with error -22 [ 104.011877][ T39] prodikeys 0003:041E:2801.003B: unexpected long global item [ 104.019389][ T39] prodikeys 0003:041E:2801.003B: hid parse failed [ 104.025718][ T39] prodikeys: probe of 0003:041E:2801.003B failed with error -22 [ 104.061046][ T6] ftdi_sio 1-1:0.0: GPIO initialisation failed: -71 [ 104.068201][ T6] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 104.077987][ T6] usb 1-1: USB disconnect, device number 23 [ 104.085119][ T6] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 104.097688][ T6] ftdi_sio 1-1:0.0: device disconnected [ 104.106207][ T314] usb 3-1: USB disconnect, device number 17 [ 104.220608][ T299] usb 2-1: USB disconnect, device number 21 [ 104.631040][ T3648] loop2: detected capacity change from 0 to 512 [ 104.640579][ T3648] EXT4-fs: Ignoring removed bh option [ 104.646874][ T3648] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 104.783902][ T28] audit: type=1326 audit(1730295473.764:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3661 comm="syz.1.1335" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8f7357e719 code=0x0 [ 104.990991][ T1169] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 105.270901][ T1169] usb 3-1: Using ep0 maxpacket: 16 [ 105.280833][ T3664] loop0: detected capacity change from 0 to 131072 [ 105.287883][ T3664] F2FS-fs (loop0): Wrong CP boundary, start(512) end(198144) blocks(1024) [ 105.296860][ T3664] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 105.306015][ T3664] F2FS-fs (loop0): invalid crc value [ 105.313073][ T3664] F2FS-fs (loop0): Found nat_bits in checkpoint [ 105.349671][ T3664] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 105.356777][ T3664] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 105.376264][ T3664] F2FS-fs (loop0): sanity_check_inode: corrupted inode i_blocks i_ino=8 iblocks=0, run fsck to fix. [ 105.391093][ T1169] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 105.402788][ T1169] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 105.412891][ T1169] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 105.425810][ T1169] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 105.436280][ T1169] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.451256][ T1169] usb 3-1: config 0 descriptor?? [ 105.630907][ T1491] Bluetooth: hci0: command 0x1003 tx timeout [ 105.634517][ T2293] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 105.686136][ T3701] netlink: 'syz.4.1337': attribute type 4 has an invalid length. [ 105.695085][ T3701] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1337'. [ 105.735397][ T3701] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1337'. [ 105.783386][ T3719] syz.0.1348[3719] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 105.783470][ T3719] syz.0.1348[3719] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 105.921924][ T1169] koneplus 0003:1E7D:2E22.003C: unknown main item tag 0x0 [ 105.950546][ T1169] koneplus 0003:1E7D:2E22.003C: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.2-1/input0 [ 105.999706][ T3733] loop4: detected capacity change from 0 to 512 [ 106.036974][ T3733] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.1354: casefold flag without casefold feature [ 106.067749][ T3733] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.1354: couldn't read orphan inode 15 (err -117) [ 106.089303][ T3733] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 106.126392][ T3733] EXT4-fs error (device loop4): ext4_check_dx_root:2264: inode #2: comm syz.4.1354: Corrupt dir, invalid name_len for '.', running e2fsck is recommended [ 106.182430][ T3720] loop1: detected capacity change from 0 to 40427 [ 106.194727][ T289] EXT4-fs (loop4): unmounting filesystem. [ 106.201185][ T3720] F2FS-fs (loop1): invalid crc value [ 106.217968][ T3720] F2FS-fs (loop1): Found nat_bits in checkpoint [ 106.275753][ T3720] F2FS-fs (loop1): Start checkpoint disabled! [ 106.282512][ T3720] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 106.303895][ T3720] syz.1.1345: attempt to access beyond end of device [ 106.303895][ T3720] loop1: rw=2049, sector=77824, nr_sectors = 848 limit=40427 [ 106.336073][ T3760] device sit0 entered promiscuous mode [ 106.346699][ T299] usb 3-1: USB disconnect, device number 18 [ 106.379151][ T360] kworker/u4:4: attempt to access beyond end of device [ 106.379151][ T360] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 106.519248][ T3777] device vlan1 entered promiscuous mode [ 106.525190][ T3776] device vlan1 left promiscuous mode [ 106.591075][ T314] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 106.711376][ T3792] loop1: detected capacity change from 0 to 2048 [ 106.724230][ T3792] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 106.732714][ T3792] ext4 filesystem being mounted at /225/bus supports timestamps until 2038 (0x7fffffff) [ 106.752515][ T292] EXT4-fs (loop1): unmounting filesystem. [ 106.830945][ T314] usb 4-1: Using ep0 maxpacket: 16 [ 106.841211][ T299] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 106.950965][ T314] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 107.055764][ T3812] input: syz0 as /devices/virtual/input/input29 [ 107.081349][ T322] Bluetooth: hci0: Frame reassembly failed (-84) [ 107.111071][ T314] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 107.120066][ T314] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.128291][ T314] usb 4-1: Product: syz [ 107.132538][ T314] usb 4-1: Manufacturer: syz [ 107.136943][ T314] usb 4-1: SerialNumber: syz [ 107.142520][ T314] usb 4-1: config 0 descriptor?? [ 107.183306][ T314] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 107.191394][ T314] usb 4-1: Detected FT232R [ 107.201139][ T299] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 107.212547][ T299] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 107.224280][ T299] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 107.232884][ T3818] loop1: detected capacity change from 0 to 40427 [ 107.233490][ T299] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.250594][ T3818] F2FS-fs (loop1): fault_injection options not supported [ 107.258461][ T3818] F2FS-fs (loop1): invalid crc value [ 107.266560][ T3818] F2FS-fs (loop1): Found nat_bits in checkpoint [ 107.272911][ T3783] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 107.305648][ T3818] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 107.321025][ T6] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 107.332116][ T292] syz-executor: attempt to access beyond end of device [ 107.332116][ T292] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 107.391122][ T314] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 107.651016][ T314] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71 [ 107.657906][ T314] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 107.667475][ T314] usb 4-1: USB disconnect, device number 18 [ 107.674723][ T314] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 107.683980][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 107.695332][ T314] ftdi_sio 4-1:0.0: device disconnected [ 107.701401][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 107.711854][ T6] usb 3-1: New USB device found, idVendor=28bd, idProduct=0074, bcdDevice= 0.00 [ 107.720722][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.729295][ T6] usb 3-1: config 0 descriptor?? [ 108.212171][ T6] uclogic 0003:28BD:0074.003D: interface is invalid, ignoring [ 108.346561][ T3829] loop3: detected capacity change from 0 to 40427 [ 108.353504][ T3829] F2FS-fs (loop3): Invalid segment/section count (24 != 24 * 3) [ 108.362610][ T3829] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 108.370692][ T3829] F2FS-fs (loop3): heap/no_heap options were deprecated [ 108.377571][ T3829] F2FS-fs (loop3): Image doesn't support compression [ 108.385066][ T3829] F2FS-fs (loop3): invalid crc value [ 108.391546][ T3829] F2FS-fs (loop3): Found nat_bits in checkpoint [ 108.415065][ T24] usb 3-1: USB disconnect, device number 19 [ 108.444894][ T3829] F2FS-fs (loop3): Start checkpoint disabled! [ 108.452087][ T3829] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 108.459029][ T3829] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 108.483451][ T3829] syz.3.1390: attempt to access beyond end of device [ 108.483451][ T3829] loop3: rw=2049, sector=77824, nr_sectors = 848 limit=40427 [ 108.517943][ T10] kworker/u4:1: attempt to access beyond end of device [ 108.517943][ T10] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 108.971003][ T299] aiptek 5-1:17.0: Aiptek using 400 ms programming speed [ 108.986088][ T299] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input30 [ 109.006725][ T299] usb 5-1: USB disconnect, device number 22 [ 109.012587][ C0] aiptek 5-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 109.093035][ T3857] loop2: detected capacity change from 0 to 512 [ 109.104947][ T3857] EXT4-fs (loop2): Test dummy encryption mode enabled [ 109.123245][ T3857] EXT4-fs error (device loop2): __ext4_iget:5057: inode #11: block 1: comm syz.2.1403: invalid block [ 109.134798][ T3857] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1403: couldn't read orphan inode 11 (err -117) [ 109.146918][ T3857] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 109.151731][ T1491] Bluetooth: hci0: command 0x1003 tx timeout [ 109.156334][ T2293] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 109.212855][ T3857] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.1403: Directory hole found for htree leaf block 0 [ 109.250731][ T294] EXT4-fs (loop2): unmounting filesystem. [ 109.435888][ T3863] loop0: detected capacity change from 0 to 40427 [ 109.442954][ T3863] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 109.450610][ T3863] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 109.459709][ T3863] F2FS-fs (loop0): invalid crc value [ 109.466363][ T3863] F2FS-fs (loop0): Found nat_bits in checkpoint [ 109.510967][ T6] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 109.533588][ T3863] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 109.540577][ T3863] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 109.548597][ T3884] loop2: detected capacity change from 0 to 512 [ 109.603527][ T3892] loop2: detected capacity change from 0 to 256 [ 109.651312][ T360] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 109.674629][ T360] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 109.692693][ T3900] xt_TCPMSS: Only works on TCP SYN packets [ 109.739821][ T3907] loop4: detected capacity change from 0 to 2048 [ 109.764972][ T3907] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 109.794869][ T289] EXT4-fs (loop4): unmounting filesystem. [ 109.891018][ T6] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 110.049544][ T3921] loop0: detected capacity change from 0 to 40427 [ 110.056603][ T3921] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 110.070980][ T6] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 110.079842][ T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 110.088805][ T3921] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 110.097011][ T6] usb 2-1: Product: syz [ 110.101155][ T299] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 110.108770][ T3921] F2FS-fs (loop0): fault_injection options not supported [ 110.115991][ T6] usb 2-1: Manufacturer: syz [ 110.120402][ T6] usb 2-1: SerialNumber: syz [ 110.125111][ T3921] F2FS-fs (loop0): fault_type options not supported [ 110.133413][ T3921] F2FS-fs (loop0): invalid crc value [ 110.139868][ T3921] F2FS-fs (loop0): Found nat_bits in checkpoint [ 110.189069][ T3921] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 110.196118][ T3921] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 110.229103][ T3921] syz.0.1437: attempt to access beyond end of device [ 110.229103][ T3921] loop0: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 110.252753][ T290] syz-executor: attempt to access beyond end of device [ 110.252753][ T290] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 110.340911][ T299] usb 5-1: Using ep0 maxpacket: 16 [ 110.456756][ T3937] loop0: detected capacity change from 0 to 256 [ 110.465983][ T299] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 110.478074][ T299] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 110.493701][ T3937] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 110.506221][ T3937] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 110.528187][ T3919] loop2: detected capacity change from 0 to 131072 [ 110.538083][ T3919] F2FS-fs (loop2): Wrong CP boundary, start(512) end(198144) blocks(1024) [ 110.549213][ T3919] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 110.558532][ T3919] F2FS-fs (loop2): invalid crc value [ 110.576950][ T3919] F2FS-fs (loop2): Found nat_bits in checkpoint [ 110.620986][ T299] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 110.631232][ T299] usb 5-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 110.638735][ T3919] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 110.639412][ T299] usb 5-1: Product: syz [ 110.646446][ T3919] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 110.651766][ T299] usb 5-1: Manufacturer: syz [ 110.671812][ T299] usb 5-1: config 0 descriptor?? [ 110.672827][ T3919] F2FS-fs (loop2): sanity_check_inode: corrupted inode i_blocks i_ino=8 iblocks=0, run fsck to fix. [ 110.747062][ T3959] loop3: detected capacity change from 0 to 128 [ 110.761669][ T3959] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 110.770296][ T3959] ext4 filesystem being mounted at /316/mnt supports timestamps until 2038 (0x7fffffff) [ 110.793427][ T293] EXT4-fs (loop3): unmounting filesystem. [ 111.151816][ T299] kovaplus 0003:1E7D:2D50.003E: unknown main item tag 0x0 [ 111.158909][ T299] kovaplus 0003:1E7D:2D50.003E: unknown main item tag 0x0 [ 111.166554][ T299] kovaplus 0003:1E7D:2D50.003E: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.4-1/input0 [ 111.270994][ T6] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 111.277324][ T6] cdc_ncm 2-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 111.284578][ T6] cdc_ncm 2-1:1.0: setting rx_max = 2048 [ 111.481325][ T6] cdc_ncm 2-1:1.0: setting tx_max = 184 [ 111.493369][ T6] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 111.506523][ T6] usb 2-1: USB disconnect, device number 22 [ 111.526672][ T6] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP) [ 111.816290][ T3990] loop2: detected capacity change from 0 to 1024 [ 111.822900][ T3990] EXT4-fs: Ignoring removed nomblk_io_submit option [ 111.833447][ T3990] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 111.870636][ T294] EXT4-fs (loop2): unmounting filesystem. [ 112.000282][ T4001] loop1: detected capacity change from 0 to 1024 [ 112.001810][ T3996] loop0: detected capacity change from 0 to 40427 [ 112.013958][ T299] kovaplus 0003:1E7D:2D50.003E: couldn't init struct kovaplus_device [ 112.016831][ T3996] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 112.022118][ T299] kovaplus 0003:1E7D:2D50.003E: couldn't install mouse [ 112.032136][ T299] kovaplus: probe of 0003:1E7D:2D50.003E failed with error -71 [ 112.038228][ T3996] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 112.045904][ T299] usb 5-1: USB disconnect, device number 23 [ 112.053632][ T3996] F2FS-fs (loop0): fault_injection options not supported [ 112.064154][ T3996] F2FS-fs (loop0): fault_type options not supported [ 112.072181][ T3996] F2FS-fs (loop0): invalid crc value [ 112.072517][ T4001] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 112.078957][ T3996] F2FS-fs (loop0): Found nat_bits in checkpoint [ 112.121781][ T292] EXT4-fs (loop1): unmounting filesystem. [ 112.135251][ T3996] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 112.142204][ T3996] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 112.159426][ T3996] syz.0.1453: attempt to access beyond end of device [ 112.159426][ T3996] loop0: rw=2049, sector=53248, nr_sectors = 16 limit=40427 [ 112.173862][ T3996] syz.0.1453: attempt to access beyond end of device [ 112.173862][ T3996] loop0: rw=2049, sector=53264, nr_sectors = 8 limit=40427 [ 112.192194][ T3996] syz.0.1453: attempt to access beyond end of device [ 112.192194][ T3996] loop0: rw=2049, sector=53272, nr_sectors = 16 limit=40427 [ 112.260965][ T6] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 112.306550][ T4015] loop1: detected capacity change from 0 to 512 [ 112.323642][ T4015] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 112.332691][ T4015] ext4 filesystem being mounted at /243/file1 supports timestamps until 2038 (0x7fffffff) [ 112.367125][ T292] EXT4-fs (loop1): unmounting filesystem. [ 112.425379][ T4026] loop1: detected capacity change from 0 to 8192 [ 112.631025][ T6] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 112.642172][ T6] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 112.653281][ T6] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 112.662083][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.681104][ T3999] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 112.707516][ T4038] syz.3.1468[4038] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 112.707594][ T4038] syz.3.1468[4038] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 112.925647][ T4050] loop3: detected capacity change from 0 to 128 [ 112.937240][ T4052] loop0: detected capacity change from 0 to 256 [ 112.950010][ T4050] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 112.963399][ T4052] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 112.973428][ T4050] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 531) [ 112.997928][ T4050] FAT-fs (loop3): Filesystem has been set read-only [ 113.007373][ T4054] syz.4.1477[4054] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 113.007456][ T4054] syz.4.1477[4054] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 113.013366][ T4057] loop0: detected capacity change from 0 to 512 [ 113.036828][ T293] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 113.065440][ T4057] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 113.074369][ T4057] ext4 filesystem being mounted at /318/file1 supports timestamps until 2038 (0x7fffffff) [ 113.113233][ T290] EXT4-fs (loop0): unmounting filesystem. [ 113.932721][ T4068] bridge0: port 3(syz_tun) entered disabled state [ 113.933726][ T4066] loop4: detected capacity change from 0 to 512 [ 113.943194][ T4068] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.946753][ T4069] loop3: detected capacity change from 0 to 1024 [ 113.954478][ T4068] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.973285][ T4066] EXT4-fs: Ignoring removed nomblk_io_submit option [ 113.980975][ T4066] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 113.996160][ T4066] EXT4-fs: test_dummy_encryption requires encrypt feature [ 114.016834][ T4069] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 114.034076][ T28] audit: type=1400 audit(1730295483.014:473): avc: denied { remount } for pid=4064 comm="syz.3.1480" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 114.035152][ T4069] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 114.078489][ T293] EXT4-fs (loop3): unmounting filesystem. [ 114.330984][ T39] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 114.391025][ T6] aiptek 3-1:17.0: Aiptek using 400 ms programming speed [ 114.398446][ T6] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input31 [ 114.409119][ T6] usb 3-1: USB disconnect, device number 20 [ 114.690999][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 114.701677][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 114.711118][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 114.721767][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 114.819209][ T4085] loop0: detected capacity change from 0 to 4096 [ 114.845549][ T4085] EXT4-fs: Ignoring removed nomblk_io_submit option [ 114.854301][ T4085] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 114.874212][ T4085] EXT4-fs (loop0): shut down requested (1) [ 114.900969][ T39] usb 5-1: New USB device found, idVendor=1949, idProduct=85a5, bcdDevice=a3.3a [ 114.910350][ T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.912148][ T290] EXT4-fs (loop0): unmounting filesystem. [ 114.918772][ T39] usb 5-1: Product: syz [ 114.927904][ T39] usb 5-1: Manufacturer: syz [ 114.932379][ T39] usb 5-1: SerialNumber: syz [ 114.957570][ T39] usb 5-1: config 0 descriptor?? [ 115.001931][ T39] xpad 5-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90 [ 115.022590][ T39] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input32 [ 115.161924][ T4110] loop1: detected capacity change from 0 to 1024 [ 115.169248][ T4106] loop2: detected capacity change from 0 to 2048 [ 115.176143][ T4110] EXT4-fs: Ignoring removed nomblk_io_submit option [ 115.194119][ T4110] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 115.204033][ T4106] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 115.219570][ T39] usb 5-1: USB disconnect, device number 24 [ 115.225943][ T39] xpad 5-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 115.233797][ T4106] ext4 filesystem being mounted at /291/bus supports timestamps until 2038 (0x7fffffff) [ 115.381372][ T292] EXT4-fs (loop1): unmounting filesystem. [ 115.410188][ T294] EXT4-fs (loop2): unmounting filesystem. [ 115.417189][ T4123] netlink: 'syz.1.1498': attribute type 4 has an invalid length. [ 115.425163][ T4123] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1498'. [ 115.437287][ T4123] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1498'. [ 115.514995][ T4125] loop2: detected capacity change from 0 to 8192 [ 115.553915][ T4134] device veth2 entered promiscuous mode [ 115.835832][ T4145] loop0: detected capacity change from 0 to 512 [ 115.842142][ T314] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 115.861415][ T4145] EXT4-fs: Ignoring removed nomblk_io_submit option [ 115.868364][ T4145] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 115.874765][ T4148] loop2: detected capacity change from 0 to 2048 [ 115.888660][ T4145] EXT4-fs: test_dummy_encryption requires encrypt feature [ 115.901679][ T4148] Alternate GPT is invalid, using primary GPT. [ 115.907775][ T4148] loop2: p1 p2 p3 [ 115.955953][ T316] udevd[316]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 115.956113][ T2114] udevd[2114]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 115.967755][ T318] udevd[318]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 116.057903][ T4153] loop4: detected capacity change from 0 to 1024 [ 116.065529][ T4153] EXT4-fs: Ignoring removed nomblk_io_submit option [ 116.083657][ T4153] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 116.092277][ T4155] device pim6reg1 entered promiscuous mode [ 116.101104][ T314] usb 4-1: Using ep0 maxpacket: 16 [ 116.120957][ T289] EXT4-fs (loop4): unmounting filesystem. [ 116.180892][ T6] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 116.231003][ T314] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 116.246093][ T314] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 116.269319][ T314] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 116.304055][ T314] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 116.313344][ T314] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.334940][ T314] usb 4-1: config 0 descriptor?? [ 116.360350][ T4167] loop1: detected capacity change from 0 to 512 [ 116.400264][ T4167] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.1512: casefold flag without casefold feature [ 116.413152][ T4167] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1512: couldn't read orphan inode 15 (err -117) [ 116.425523][ T4167] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 116.455762][ T4167] EXT4-fs error (device loop1): ext4_check_dx_root:2264: inode #2: comm syz.1.1512: Corrupt dir, invalid name_len for '.', running e2fsck is recommended [ 116.490490][ T292] EXT4-fs (loop1): unmounting filesystem. [ 116.492154][ T4172] device sit0 entered promiscuous mode [ 116.506238][ T4174] loop4: detected capacity change from 0 to 2048 [ 116.527045][ T4174] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 116.545756][ T289] EXT4-fs (loop4): unmounting filesystem. [ 116.561157][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 116.574709][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 116.587421][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 116.598384][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 116.645940][ T4186] loop4: detected capacity change from 0 to 4096 [ 116.660553][ T4186] EXT4-fs: Ignoring removed nomblk_io_submit option [ 116.669060][ T4186] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 116.692764][ T4186] EXT4-fs (loop4): shut down requested (1) [ 116.703309][ T289] EXT4-fs (loop4): unmounting filesystem. [ 116.711793][ T4190] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1522'. [ 116.768362][ T4198] loop2: detected capacity change from 0 to 1024 [ 116.781247][ T4198] EXT4-fs: Ignoring removed nomblk_io_submit option [ 116.791134][ T6] usb 1-1: New USB device found, idVendor=1949, idProduct=85a5, bcdDevice=a3.3a [ 116.797236][ T4196] loop4: detected capacity change from 0 to 8192 [ 116.801258][ T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.814902][ T6] usb 1-1: Product: syz [ 116.818998][ T6] usb 1-1: Manufacturer: syz [ 116.823712][ T6] usb 1-1: SerialNumber: syz [ 116.829658][ T4198] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 116.829943][ T6] usb 1-1: config 0 descriptor?? [ 116.847863][ T314] koneplus 0003:1E7D:2E22.003F: unknown main item tag 0x0 [ 116.855798][ T314] koneplus 0003:1E7D:2E22.003F: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.3-1/input0 [ 116.881977][ T6] xpad 1-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90 [ 116.893357][ T6] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input33 [ 116.895925][ T294] EXT4-fs (loop2): unmounting filesystem. [ 116.945393][ T4204] netlink: 'syz.2.1528': attribute type 4 has an invalid length. [ 117.107428][ T24] usb 1-1: USB disconnect, device number 24 [ 117.114595][ T24] xpad 1-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 117.138602][ T4213] devpts: called with bogus options [ 117.287516][ T314] usb 4-1: USB disconnect, device number 19 [ 117.671585][ T4230] loop1: detected capacity change from 0 to 512 [ 117.681400][ T4230] EXT4-fs: Ignoring removed nomblk_io_submit option [ 117.688221][ T4230] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 117.691566][ T4231] loop2: detected capacity change from 0 to 4096 [ 117.700416][ T4230] EXT4-fs: test_dummy_encryption requires encrypt feature [ 117.706268][ T4231] EXT4-fs: Ignoring removed nomblk_io_submit option [ 117.729438][ T4231] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 117.746393][ T4231] EXT4-fs (loop2): shut down requested (1) [ 117.773901][ T294] EXT4-fs (loop2): unmounting filesystem. [ 117.800927][ T24] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 117.866218][ T4249] loop3: detected capacity change from 0 to 512 [ 117.895694][ T4249] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.1545: casefold flag without casefold feature [ 117.911138][ T4249] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.1545: couldn't read orphan inode 15 (err -117) [ 117.937760][ T4249] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 117.957599][ T4249] EXT4-fs error (device loop3): ext4_check_dx_root:2264: inode #2: comm syz.3.1545: Corrupt dir, invalid name_len for '.', running e2fsck is recommended [ 117.979693][ T293] EXT4-fs (loop3): unmounting filesystem. [ 118.040968][ T39] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 118.083318][ T4258] loop2: detected capacity change from 0 to 2048 [ 118.092632][ T4258] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 118.115726][ T4258] incfs: iterate_incfs_dir / -22 [ 118.137767][ T294] EXT4-fs (loop2): unmounting filesystem. [ 118.181022][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 118.192069][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 118.201659][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 118.214394][ T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 118.223368][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.232152][ T24] usb 5-1: config 0 descriptor?? [ 118.411007][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 118.421913][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 118.431666][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 118.443276][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 118.621149][ T39] usb 2-1: New USB device found, idVendor=1949, idProduct=85a5, bcdDevice=a3.3a [ 118.630221][ T39] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.638107][ T39] usb 2-1: Product: syz [ 118.642256][ T39] usb 2-1: Manufacturer: syz [ 118.646675][ T39] usb 2-1: SerialNumber: syz [ 118.652098][ T39] usb 2-1: config 0 descriptor?? [ 118.692045][ T39] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90 [ 118.702425][ T39] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input34 [ 118.731938][ T24] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0 [ 118.739240][ T24] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x0 [ 118.746699][ T24] plantronics 0003:047F:FFFF.0040: No inputs registered, leaving [ 118.755722][ T24] plantronics 0003:047F:FFFF.0040: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 118.894913][ T24] usb 2-1: USB disconnect, device number 23 [ 118.901279][ T24] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 119.001948][ T6] usb 5-1: USB disconnect, device number 25 [ 119.250982][ T39] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 119.631082][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 119.642762][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 119.652324][ T39] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 119.664928][ T39] usb 4-1: New USB device found, idVendor=056a, idProduct=0314, bcdDevice= 0.00 [ 119.673811][ T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 119.682425][ T39] usb 4-1: config 0 descriptor?? [ 120.152971][ T39] wacom 0003:056A:0314.0041: unknown main item tag 0x0 [ 120.159857][ T39] wacom 0003:056A:0314.0041: Unknown device_type for 'HID 056a:0314'. Assuming pen. [ 120.169815][ T39] wacom 0003:056A:0314.0041: hidraw0: USB HID v0.00 Device [HID 056a:0314] on usb-dummy_hcd.3-1/input0 [ 120.181463][ T39] input: Wacom Intuos Pro S Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0314.0041/input/input35 [ 120.355017][ T39] usb 4-1: USB disconnect, device number 20 [ 120.911939][ T4282] loop3: detected capacity change from 0 to 4096 [ 120.918457][ T4282] EXT4-fs: Ignoring removed nomblk_io_submit option [ 120.929714][ T4282] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 120.953956][ T4282] EXT4-fs (loop3): shut down requested (1) [ 120.964573][ T293] EXT4-fs (loop3): unmounting filesystem. [ 121.140979][ T39] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 121.160957][ T6] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 121.430944][ T6] usb 5-1: Using ep0 maxpacket: 16 [ 121.500990][ T39] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 121.520947][ T39] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 121.570994][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 121.581757][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 121.591570][ T6] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 121.601046][ T39] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 121.604332][ T6] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 121.621131][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 121.622523][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.639273][ T6] usb 5-1: config 0 descriptor?? [ 121.641981][ T39] usb 1-1: SerialNumber: syz [ 121.932476][ T39] usb 1-1: 0:2 : does not exist [ 121.942393][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 121.973786][ T39] usb 1-1: USB disconnect, device number 25 [ 122.120923][ T313] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 122.142639][ T6] koneplus 0003:1E7D:2E22.0042: unknown main item tag 0x0 [ 122.155948][ T6] koneplus 0003:1E7D:2E22.0042: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.4-1/input0 [ 122.360929][ T313] usb 2-1: Using ep0 maxpacket: 16 [ 122.481031][ T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 122.493499][ T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 122.503076][ T313] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 122.516452][ T313] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 122.525855][ T313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.534213][ T313] usb 2-1: config 0 descriptor?? [ 122.581325][ T39] usb 5-1: USB disconnect, device number 26 [ 122.616072][ T28] audit: type=1326 audit(1730295491.594:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4303 comm="syz.2.1578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd8b7e719 code=0x7fc00000 [ 122.710951][ T6] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 122.970962][ T6] usb 1-1: Using ep0 maxpacket: 16 [ 123.016507][ T313] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0043/input/input38 [ 123.092188][ T313] microsoft 0003:045E:07DA.0043: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 123.111045][ T6] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 123.119992][ T6] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 123.129915][ T6] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 123.139598][ T6] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 123.149878][ T6] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 123.159498][ T6] usb 1-1: config 1 interface 0 has no altsetting 0 [ 123.166037][ T6] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 123.174936][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.227423][ T314] usb 2-1: USB disconnect, device number 24 [ 123.234323][ T6] ums-sddr09 1-1:1.0: USB Mass Storage device detected [ 123.246861][ T28] audit: type=1326 audit(1730295492.224:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4303 comm="syz.2.1578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0bd8b7e719 code=0x7fc00000 [ 123.451584][ T6] scsi host1: usb-storage 1-1:1.0 [ 123.500981][ T1086] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 123.654050][ T6] usb 1-1: USB disconnect, device number 26 [ 123.900995][ T1086] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 123.911750][ T1086] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 123.921459][ T1086] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 123.934101][ T1086] usb 5-1: New USB device found, idVendor=056a, idProduct=0314, bcdDevice= 0.00 [ 123.942929][ T1086] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.950891][ T1491] Bluetooth: hci0: command 0x1003 tx timeout [ 123.951022][ T2293] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 123.961346][ T1086] usb 5-1: config 0 descriptor?? [ 124.198028][ T4341] loop3: detected capacity change from 0 to 512 [ 124.247248][ T4341] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 124.256350][ T4341] ext4 filesystem being mounted at /344/file0 supports timestamps until 2038 (0x7fffffff) [ 124.283891][ T293] EXT4-fs (loop3): unmounting filesystem. [ 124.357640][ T4334] loop2: detected capacity change from 0 to 40427 [ 124.364673][ T4334] F2FS-fs (loop2): Invalid segment/section count (24 != 24 * 3) [ 124.372551][ T4334] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 124.380714][ T4334] F2FS-fs (loop2): heap/no_heap options were deprecated [ 124.387766][ T4334] F2FS-fs (loop2): Image doesn't support compression [ 124.395458][ T4334] F2FS-fs (loop2): invalid crc value [ 124.402355][ T4334] F2FS-fs (loop2): Found nat_bits in checkpoint [ 124.438649][ T4334] F2FS-fs (loop2): Start checkpoint disabled! [ 124.445662][ T4334] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 124.452837][ T4334] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 124.454326][ T1086] wacom 0003:056A:0314.0044: unknown main item tag 0x0 [ 124.485062][ T4334] syz.2.1573: attempt to access beyond end of device [ 124.485062][ T4334] loop2: rw=2049, sector=77824, nr_sectors = 848 limit=40427 [ 124.487379][ T1086] wacom 0003:056A:0314.0044: Unknown device_type for 'HID 056a:0314'. Assuming pen. [ 124.523636][ T1086] wacom 0003:056A:0314.0044: hidraw0: USB HID v0.00 Device [HID 056a:0314] on usb-dummy_hcd.4-1/input0 [ 124.541025][ T1086] input: Wacom Intuos Pro S Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:0314.0044/input/input39 [ 124.567336][ T360] kworker/u4:4: attempt to access beyond end of device [ 124.567336][ T360] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 124.677371][ T39] usb 5-1: USB disconnect, device number 27 [ 125.042204][ T4361] loop1: detected capacity change from 0 to 256 [ 125.051443][ T4361] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 125.068805][ T28] audit: type=1400 audit(1730295494.044:476): avc: denied { mounton } for pid=4360 comm="syz.1.1583" path="/270/file2/bus" dev="loop1" ino=1048642 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 125.120953][ T4361] loop1: detected capacity change from 256 to 0 [ 125.127849][ T322] loop: Write error at byte offset 9223372036854845439, length 512. [ 125.138228][ C1] I/O error, dev loop1, sector 136 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 125.147650][ C1] Buffer I/O error on dev loop1, logical block 136, lost sync page write [ 125.156078][ T322] loop: Write error at byte offset 9223372036854845439, length 512. [ 125.164146][ C1] I/O error, dev loop1, sector 136 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 125.173740][ C1] Buffer I/O error on dev loop1, logical block 136, lost sync page write [ 125.182234][ T322] loop: Write error at byte offset 9223372036854882303, length 4096. [ 125.210360][ C1] I/O error, dev loop1, sector 208 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 125.234261][ C0] I/O error, dev loop1, sector 128 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.241287][ T4365] syz.4.1587[4365] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 125.243579][ T4365] syz.4.1587[4365] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 125.243616][ T292] exFAT-fs (loop1): error, failed to access to FAT (entry 0x00000005, err:-5) [ 125.277945][ T292] exFAT-fs (loop1): Filesystem has been set read-only [ 125.292327][ C1] I/O error, dev loop1, sector 128 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.301719][ T292] exFAT-fs (loop1): error, failed to access to FAT (entry 0x00000005, err:-5) [ 125.364393][ T4373] loop1: detected capacity change from 0 to 256 [ 125.393700][ T4375] block device autoloading is deprecated and will be removed. [ 125.407460][ T4377] netem: change failed [ 125.412222][ T4373] FAT-fs (loop1): Directory bread(block 1285) failed [ 125.432187][ T4373] FAT-fs (loop1): Directory bread(block 1285) failed [ 125.445646][ T4373] FAT-fs (loop1): Directory bread(block 1285) failed [ 125.463537][ T4373] FAT-fs (loop1): Directory bread(block 1285) failed [ 125.480276][ T4373] FAT-fs (loop1): Directory bread(block 1285) failed [ 125.487998][ T28] audit: type=1400 audit(1730295494.474:477): avc: denied { connect } for pid=4382 comm="syz.3.1596" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 125.494116][ T4373] FAT-fs (loop1): Directory bread(block 1285) failed [ 125.543859][ T4373] FAT-fs (loop1): Directory bread(block 1285) failed [ 125.551460][ T4373] FAT-fs (loop1): Directory bread(block 1285) failed [ 125.558116][ T4390] FAT-fs (loop1): Directory bread(block 1285) failed [ 125.579494][ T4373] FAT-fs (loop1): Directory bread(block 1285) failed [ 125.622527][ T4396] loop2: detected capacity change from 0 to 16 [ 125.636010][ T4396] erofs: (device loop2): mounted with root inode @ nid 36. [ 125.667862][ T4396] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 125.678817][ T4396] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 125.692998][ T4396] erofs: (device loop2): z_erofs_readahead: readahead error at page 31 @ nid 36 [ 125.703618][ T4396] erofs: (device loop2): z_erofs_readahead: readahead error at page 25 @ nid 36 [ 125.712907][ T4407] netlink: 'syz.4.1606': attribute type 4 has an invalid length. [ 125.713462][ T4396] erofs: (device loop2): z_erofs_readahead: readahead error at page 24 @ nid 36 [ 125.730036][ T4396] erofs: (device loop2): z_erofs_readahead: readahead error at page 19 @ nid 36 [ 125.744228][ T4407] netlink: 'syz.4.1606': attribute type 4 has an invalid length. [ 125.751128][ T4396] syz.2.1601: attempt to access beyond end of device [ 125.751128][ T4396] loop2: rw=524288, sector=784, nr_sectors = 64 limit=16 [ 125.769531][ T4396] syz.2.1601: attempt to access beyond end of device [ 125.769531][ T4396] loop2: rw=524288, sector=13478624032, nr_sectors = 72 limit=16 [ 125.847133][ T4421] serio: Serial port ptm0 [ 125.873902][ T4427] loop0: detected capacity change from 0 to 512 [ 125.881518][ T4425] tmpfs: Unknown parameter 'm' [ 125.882287][ T4429] loop4: detected capacity change from 0 to 128 [ 125.898899][ T4427] EXT4-fs: Ignoring removed oldalloc option [ 125.910390][ T4427] EXT4-fs: Ignoring removed nobh option [ 125.913295][ T4429] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 125.921224][ T4427] ext4: Bad value for 'auto_da_alloc' [ 125.942008][ T28] audit: type=1400 audit(1730295494.924:478): avc: denied { relabelfrom } for pid=4433 comm="syz.2.1618" name="" dev="pipefs" ino=34966 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 125.975816][ T4429] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 125.984457][ T4429] ext2 filesystem being mounted at /317/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 125.988715][ T4441] loop2: detected capacity change from 0 to 1024 [ 126.035429][ T28] audit: type=1400 audit(1730295495.014:479): avc: denied { link } for pid=4428 comm="syz.4.1616" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 126.067927][ T4441] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 126.093160][ T289] EXT4-fs (loop4): unmounting filesystem. [ 126.123381][ T294] EXT4-fs (loop2): unmounting filesystem. [ 226.190827][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 226.197603][ C1] rcu: 0-...!: (0 ticks this GP) idle=975c/1/0x4000000000000000 softirq=23256/23259 fqs=0 [ 226.207412][ C1] (detected by 1, t=10006 jiffies, g=19789, q=319 ncpus=2) [ 226.214521][ C1] Sending NMI from CPU 1 to CPUs 0: [ 226.219599][ C0] NMI backtrace for cpu 0 [ 226.219618][ C0] CPU: 0 PID: 4451 Comm: syz.4.1623 Not tainted 6.1.112-syzkaller-00108-g19b68814b1cd #0 [ 226.219645][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 226.219656][ C0] RIP: 0010:kvm_wait+0x117/0x180 [ 226.219685][ C0] Code: 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 53 41 0f b6 45 00 44 38 f0 0f 85 63 ff ff ff 66 90 0f 00 2d 8a f9 50 04 f4 54 ff ff ff fa 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b [ 226.219700][ C0] RSP: 0018:ffffc9000fe0f2e0 EFLAGS: 00000046 [ 226.219716][ C0] RAX: 0000000000000003 RBX: 1ffff92001fc1e60 RCX: ffffffff85213c9c [ 226.219728][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff8881f6e27b80 [ 226.219741][ C0] RBP: ffffc9000fe0f390 R08: dffffc0000000000 R09: ffffed103edc4f71 [ 226.219754][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 226.219766][ C0] R13: ffff8881f6e27b80 R14: 0000000000000003 R15: 1ffff92001fc1e64 [ 226.219779][ C0] FS: 00007fe5ed66d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 226.219795][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.219808][ C0] CR2: 000000110c326353 CR3: 0000000110943000 CR4: 00000000003526b0 [ 226.219823][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 226.219834][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 226.219845][ C0] Call Trace: [ 226.219853][ C0] [ 226.219861][ C0] ? show_regs+0x58/0x60 [ 226.219889][ C0] ? nmi_cpu_backtrace+0x285/0x2f0 [ 226.219926][ C0] ? nmi_trigger_cpumask_backtrace+0x3b0/0x3b0 [ 226.219965][ C0] ? kvm_wait+0x117/0x180 [ 226.219988][ C0] ? kvm_wait+0x117/0x180 [ 226.220013][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 226.220045][ C0] ? nmi_handle+0xa7/0x280 [ 226.220075][ C0] ? kvm_wait+0x117/0x180 [ 226.220100][ C0] ? default_do_nmi+0x69/0x160 [ 226.220132][ C0] ? exc_nmi+0xad/0x100 [ 226.220161][ C0] ? end_repeat_nmi+0x16/0x31 [ 226.220197][ C0] ? __pv_queued_spin_lock_slowpath+0x67c/0xda0 [ 226.220230][ C0] ? kvm_wait+0x117/0x180 [ 226.220246][ C0] ? kvm_wait+0x117/0x180 [ 226.220262][ C0] ? kvm_wait+0x117/0x180 [ 226.220278][ C0] [ 226.220283][ C0] [ 226.220289][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 226.220307][ C0] ? pv_hash+0x86/0x150 [ 226.220330][ C0] __pv_queued_spin_lock_slowpath+0x6de/0xda0 [ 226.220351][ C0] ? 0xffffffffa000200c [ 226.220366][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 226.220387][ C0] ? __kernel_text_address+0xd/0x40 [ 226.220403][ C0] ? unwind_get_return_address+0x4d/0x90 [ 226.220428][ C0] _raw_spin_lock_irqsave+0x1a0/0x210 [ 226.220448][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 226.220465][ C0] ? stack_trace_save+0x113/0x1c0 [ 226.220485][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 226.220505][ C0] lock_timer_base+0x12f/0x270 [ 226.220529][ C0] __mod_timer+0x1c9/0xcf0 [ 226.220551][ C0] ? kasan_save_stack+0x4d/0x60 [ 226.220575][ C0] ? kasan_save_stack+0x3b/0x60 [ 226.220597][ C0] ? __kasan_record_aux_stack+0xb4/0xc0 [ 226.220613][ C0] ? kasan_record_aux_stack_noalloc+0xb/0x10 [ 226.220631][ C0] ? bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 226.220653][ C0] ? bpf_trace_run3+0x177/0x2e0 [ 226.220669][ C0] ? __bpf_trace_timer_start+0x2b/0x40 [ 226.220692][ C0] ? __mod_timer+0x8d3/0xcf0 [ 226.220713][ C0] ? mod_timer+0x1f/0x30 [ 226.220736][ C0] ? mod_timer_pending+0x30/0x30 [ 226.220758][ C0] ? do_syscall_64+0x3b/0xb0 [ 226.220775][ C0] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 226.220801][ C0] add_timer+0x68/0x80 [ 226.220823][ C0] __queue_delayed_work+0x16d/0x1f0 [ 226.220846][ C0] queue_delayed_work_on+0x10f/0x180 [ 226.220868][ C0] ? delayed_work_timer_fn+0x80/0x80 [ 226.220893][ C0] kvfree_call_rcu+0x490/0x800 [ 226.220914][ C0] ? __kasan_check_write+0x14/0x20 [ 226.220932][ C0] ? call_rcu+0x10f0/0x10f0 [ 226.220953][ C0] ? longest_prefix_match+0x331/0x650 [ 226.220982][ C0] trie_delete_elem+0x5a6/0x760 [ 226.221010][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 226.221026][ C0] bpf_trace_run3+0x177/0x2e0 [ 226.221044][ C0] ? bpf_trace_run2+0x290/0x290 [ 226.221059][ C0] ? calc_wheel_index+0x40c/0xa50 [ 226.221085][ C0] ? timer_update_keys+0xb0/0xb0 [ 226.221108][ C0] ? debug_smp_processor_id+0x17/0x20 [ 226.221130][ C0] ? get_nohz_timer_target+0x79/0x740 [ 226.221154][ C0] __bpf_trace_timer_start+0x2b/0x40 [ 226.221177][ C0] enqueue_timer+0x303/0x480 [ 226.221203][ C0] __mod_timer+0x8d3/0xcf0 [ 226.221228][ C0] ? mod_timer_pending+0x30/0x30 [ 226.221252][ C0] ? selinux_socket_post_create+0x2fe/0x500 [ 226.221275][ C0] ? selinux_socket_create+0x330/0x330 [ 226.221296][ C0] mod_timer+0x1f/0x30 [ 226.221317][ C0] sk_reset_timer+0x22/0xb0 [ 226.221339][ C0] tipc_sk_finish_conn+0x164/0x860 [ 226.221363][ C0] tipc_socketpair+0x2a8/0x4f0 [ 226.221387][ C0] __sys_socketpair+0x3e0/0x6e0 [ 226.221412][ C0] ? __ia32_sys_socket+0x90/0x90 [ 226.221436][ C0] ? fpregs_restore_userregs+0x130/0x290 [ 226.221459][ C0] __x64_sys_socketpair+0x9b/0xb0 [ 226.221482][ C0] x64_sys_call+0x19b/0x9a0 [ 226.221502][ C0] do_syscall_64+0x3b/0xb0 [ 226.221519][ C0] ? clear_bhb_loop+0x55/0xb0 [ 226.221541][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 226.221561][ C0] RIP: 0033:0x7fe5ec77e719 [ 226.221575][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.221589][ C0] RSP: 002b:00007fe5ed66d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 226.221607][ C0] RAX: ffffffffffffffda RBX: 00007fe5ec935f80 RCX: 00007fe5ec77e719 [ 226.221621][ C0] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e [ 226.221631][ C0] RBP: 00007fe5ec7f132e R08: 0000000000000000 R09: 0000000000000000 [ 226.221650][ C0] R10: 0000000020000940 R11: 0000000000000246 R12: 0000000000000000 [ 226.221661][ C0] R13: 0000000000000000 R14: 00007fe5ec935f80 R15: 00007ffc11234d78 [ 226.221678][ C0] [ 226.222565][ C1] rcu: rcu_preempt kthread starved for 10006 jiffies! g19789 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 226.817508][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 226.827309][ C1] rcu: RCU grace-period kthread stack dump: [ 226.833039][ C1] task:rcu_preempt state:R running task stack:28008 pid:14 ppid:2 flags:0x00004000 [ 226.843630][ C1] Call Trace: [ 226.846752][ C1] [ 226.849535][ C1] __schedule+0xcb5/0x1560 [ 226.853785][ C1] ? __sched_text_start+0x8/0x8 [ 226.858494][ C1] ? __kasan_check_write+0x14/0x20 [ 226.863417][ C1] schedule+0xc3/0x180 [ 226.868887][ C1] schedule_timeout+0x18c/0x380 [ 226.873556][ C1] ? _raw_spin_unlock_irq+0x4d/0x70 [ 226.878594][ C1] ? console_conditional_schedule+0x10/0x10 [ 226.885132][ C1] ? update_process_times+0x1b0/0x1b0 [ 226.890331][ C1] ? prepare_to_swait_event+0x308/0x320 [ 226.895802][ C1] rcu_gp_fqs_loop+0x2ed/0x10a0 [ 226.900507][ C1] ? _raw_spin_unlock_irq+0x4d/0x70 [ 226.905516][ C1] ? rcu_gp_init+0xc7f/0xfa0 [ 226.910122][ C1] ? rcu_gp_init+0xfa0/0xfa0 [ 226.915749][ C1] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 226.922264][ C1] ? finish_swait+0x17d/0x1b0 [ 226.926748][ C1] rcu_gp_kthread+0xa3/0x3a0 [ 226.931164][ C1] ? queued_spin_lock_slowpath+0x50/0x50 [ 226.936631][ C1] ? set_cpus_allowed_ptr+0xa4/0xe0 [ 226.941663][ C1] ? __kasan_check_read+0x11/0x20 [ 226.946525][ C1] ? __kthread_parkme+0x12d/0x180 [ 226.951384][ C1] kthread+0x26d/0x300 [ 226.955289][ C1] ? queued_spin_lock_slowpath+0x50/0x50 [ 226.960756][ C1] ? kthread_blkcg+0xd0/0xd0 [ 226.965185][ C1] ret_from_fork+0x1f/0x30 [ 226.971505][ C1] [ 226.974498][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 226.980742][ C1] CPU: 1 PID: 4453 Comm: syz.2.1624 Not tainted 6.1.112-syzkaller-00108-g19b68814b1cd #0 [ 226.990915][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 227.000805][ C1] RIP: 0010:smp_call_function_many_cond+0x854/0x930 [ 227.007312][ C1] Code: e6 01 31 ff e8 8d 9b 09 00 41 83 e7 01 49 bf 00 00 00 00 00 fc ff df 75 0a e8 c8 97 09 00 e9 2f ff ff ff f3 90 42 0f b6 04 3b <84> c0 75 14 41 f7 06 01 00 00 00 0f 84 12 ff ff ff e8 a6 97 09 00 [ 227.027016][ C1] RSP: 0018:ffffc9000f0af420 EFLAGS: 00000246 [ 227.032912][ C1] RAX: 0000000000000000 RBX: 1ffff1103edc7a99 RCX: 0000000000040000 [ 227.040725][ C1] RDX: ffffc90001cef000 RSI: 000000000003ffff RDI: 0000000000040000 [ 227.048534][ C1] RBP: ffffc9000f0af538 R08: ffffffff816c0c33 R09: ffffed103ede71fb [ 227.056347][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 227.064159][ C1] R13: 0000000800000000 R14: ffff8881f6e3d4c8 R15: dffffc0000000000 [ 227.071970][ C1] FS: 00007f0bd9a6c6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 227.080736][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.087158][ C1] CR2: 000000110c28b2e8 CR3: 0000000119683000 CR4: 00000000003526a0 [ 227.095174][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 227.102978][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 227.110787][ C1] Call Trace: [ 227.113909][ C1] [ 227.116602][ C1] ? show_regs+0x58/0x60 [ 227.120801][ C1] ? dump_cpu_task+0x3c/0x70 [ 227.125235][ C1] ? rcu_check_gp_kthread_starvation+0x1d1/0x240 [ 227.131439][ C1] ? print_other_cpu_stall+0x1140/0x1300 [ 227.138512][ C1] ? print_cpu_stall+0x590/0x590 [ 227.143280][ C1] ? acct_account_cputime+0xf7/0x2c0 [ 227.148390][ C1] ? rcu_sched_clock_irq+0xb19/0x1350 [ 227.153598][ C1] ? rcu_boost_kthread_setaffinity+0x590/0x590 [ 227.159604][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 227.164623][ C1] ? update_wall_time+0x25/0x30 [ 227.169307][ C1] ? update_process_times+0x149/0x1b0 [ 227.174727][ C1] ? tick_sched_timer+0x188/0x240 [ 227.179577][ C1] ? tick_setup_sched_timer+0x490/0x490 [ 227.185124][ C1] ? __hrtimer_run_queues+0x41a/0xad0 [ 227.190337][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 227.195626][ C1] ? clockevents_program_event+0x22f/0x300 [ 227.201260][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 227.207169][ C1] ? hrtimer_interrupt+0x40c/0xaa0 [ 227.212112][ C1] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 227.218318][ C1] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 227.223953][ C1] [ 227.226728][ C1] [ 227.229505][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 227.235490][ C1] ? smp_call_function_many_cond+0x833/0x930 [ 227.241323][ C1] ? smp_call_function_many_cond+0x854/0x930 [ 227.247120][ C1] ? text_poke_sync+0x30/0x30 [ 227.251631][ C1] ? smp_call_function_many+0x40/0x40 [ 227.256839][ C1] ? insn_get_immediate+0xbb6/0x1400 [ 227.261960][ C1] ? kernel_text_address+0xa9/0xe0 [ 227.266906][ C1] ? text_poke_sync+0x30/0x30 [ 227.271420][ C1] on_each_cpu_cond_mask+0x40/0x80 [ 227.276377][ C1] ? __SCT__tp_func_tcp_cong_state_set+0x8/0x8 [ 227.282374][ C1] text_poke_bp_batch+0x1e9/0x730 [ 227.287242][ C1] ? text_poke_finish+0x30/0x30 [ 227.291903][ C1] ? text_poke_loc_init+0x680/0x680 [ 227.297034][ C1] ? __stack_depot_save+0x36/0x480 [ 227.301976][ C1] ? __SCT__tp_func_tcp_cong_state_set+0x8/0x8 [ 227.308051][ C1] text_poke_bp+0xc8/0x140 [ 227.312423][ C1] ? kasan_set_track+0x4b/0x70 [ 227.317131][ C1] ? kasan_save_alloc_info+0x1f/0x30 [ 227.322251][ C1] ? text_poke_queue+0x1a0/0x1a0 [ 227.327028][ C1] ? bpf_raw_tp_link_attach+0x456/0x6b0 [ 227.332845][ C1] ? __x64_sys_bpf+0x7c/0x90 [ 227.337259][ C1] ? x64_sys_call+0x87f/0x9a0 [ 227.341774][ C1] __static_call_transform+0x333/0x560 [ 227.347240][ C1] ? __SCT__tp_func_tcp_cong_state_set+0x8/0x8 [ 227.353401][ C1] ? perf_trace_fib_table_lookup+0xba0/0xba0 [ 227.359219][ C1] ? text_poke_bp+0x140/0x140 [ 227.363729][ C1] ? mutex_lock+0xb1/0x1e0 [ 227.367983][ C1] ? __SCT__tp_func_tcp_cong_state_set+0x8/0x8 [ 227.373972][ C1] ? __static_call_validate+0x54/0x1a0 [ 227.379265][ C1] ? __SCT__tp_func_tcp_cong_state_set+0x8/0x8 [ 227.385262][ C1] ? perf_trace_fib_table_lookup+0xba0/0xba0 [ 227.391156][ C1] arch_static_call_transform+0x51/0xa0 [ 227.396538][ C1] ? __SCT__tp_func_tcp_cong_state_set+0x8/0x8 [ 227.402527][ C1] __static_call_update+0xd2/0x5c0 [ 227.407476][ C1] ? perf_trace_fib_table_lookup+0xba0/0xba0 [ 227.413289][ C1] ? __static_call_return0+0x10/0x10 [ 227.418411][ C1] ? __kasan_kmalloc+0x9c/0xb0 [ 227.423011][ C1] ? tracepoint_add_func+0x438/0x940 [ 227.428146][ C1] ? memcpy+0x56/0x70 [ 227.431948][ C1] ? perf_trace_fib_table_lookup+0xba0/0xba0 [ 227.437764][ C1] tracepoint_add_func+0x873/0x940 [ 227.442719][ C1] ? alloc_file_pseudo+0x280/0x2f0 [ 227.447661][ C1] ? perf_trace_fib_table_lookup+0xba0/0xba0 [ 227.453473][ C1] tracepoint_probe_register_prio_may_exist+0x11c/0x180 [ 227.460260][ C1] ? acct_clear_integrals+0x30/0x30 [ 227.465368][ C1] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 227.470311][ C1] ? perf_trace_fib_table_lookup+0xba0/0xba0 [ 227.476307][ C1] bpf_probe_register+0x152/0x1e0 [ 227.481361][ C1] bpf_raw_tp_link_attach+0x456/0x6b0 [ 227.486541][ C1] ? bpf_insn_prepare_dump+0x950/0x950 [ 227.491842][ C1] ? __kasan_check_write+0x14/0x20 [ 227.496782][ C1] ? fput+0x15b/0x1b0 [ 227.500688][ C1] bpf_raw_tracepoint_open+0x22d/0x4a0 [ 227.505983][ C1] ? bpf_obj_get_info_by_fd+0x3e60/0x3e60 [ 227.511548][ C1] ? selinux_bpf+0xd2/0x100 [ 227.515878][ C1] ? security_bpf+0x82/0xb0 [ 227.520218][ C1] __sys_bpf+0x4f5/0x7f0 [ 227.524304][ C1] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 227.529510][ C1] ? fpregs_restore_userregs+0x130/0x290 [ 227.535059][ C1] __x64_sys_bpf+0x7c/0x90 [ 227.539311][ C1] x64_sys_call+0x87f/0x9a0 [ 227.543650][ C1] do_syscall_64+0x3b/0xb0 [ 227.547902][ C1] ? clear_bhb_loop+0x55/0xb0 [ 227.552418][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 227.558154][ C1] RIP: 0033:0x7f0bd8b7e719 [ 227.562406][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.583373][ C1] RSP: 002b:00007f0bd9a6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 227.591954][ C1] RAX: ffffffffffffffda RBX: 00007f0bd8d35f80 RCX: 00007f0bd8b7e719 [ 227.601256][ C1] RDX: 0000000000000010 RSI: 0000000020000f40 RDI: 0000000000000011 [ 227.609056][ C1] RBP: 00007f0bd8bf132e R08: 0000000000000000 R09: 0000000000000000 [ 227.617400][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 227.625316][ C1] R13: 0000000000000000 R14: 00007f0bd8d35f80 R15: 00007ffcff318768 [ 227.633127][ C1] [ 375.129661][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 246s! [syz.2.1624:4453] [ 375.137863][ C1] Modules linked in: [ 375.141598][ C1] CPU: 1 PID: 4453 Comm: syz.2.1624 Not tainted 6.1.112-syzkaller-00108-g19b68814b1cd #0 [ 375.151226][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 375.161148][ C1] RIP: 0010:smp_call_function_many_cond+0x84f/0x930 [ 375.167547][ C1] Code: 3e 44 89 fe 83 e6 01 31 ff e8 8d 9b 09 00 41 83 e7 01 49 bf 00 00 00 00 00 fc ff df 75 0a e8 c8 97 09 00 e9 2f ff ff ff f3 90 <42> 0f b6 04 3b 84 c0 75 14 41 f7 06 01 00 00 00 0f 84 12 ff ff ff [ 375.188312][ C1] RSP: 0018:ffffc9000f0af420 EFLAGS: 00000246 [ 375.194184][ C1] RAX: ffffffff816c0c6a RBX: 1ffff1103edc7a99 RCX: 0000000000040000 [ 375.201996][ C1] RDX: ffffc90001cef000 RSI: 000000000003ffff RDI: 0000000000040000 [ 375.209828][ C1] RBP: ffffc9000f0af538 R08: ffffffff816c0c33 R09: ffffed103ede71fb [ 375.217940][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 375.225743][ C1] R13: 0000000800000000 R14: ffff8881f6e3d4c8 R15: dffffc0000000000 [ 375.233552][ C1] FS: 00007f0bd9a6c6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 375.242320][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 375.248768][ C1] CR2: 000000110c28b2e8 CR3: 0000000119683000 CR4: 00000000003526a0 [ 375.261379][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 375.269180][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 375.276992][ C1] Call Trace: [ 375.282396][ C1] [ 375.285508][ C1] ? show_regs+0x58/0x60 [ 375.289664][ C1] ? watchdog_timer_fn+0x4b1/0x5f0 [ 375.294608][ C1] ? proc_watchdog_cpumask+0xf0/0xf0 [ 375.299735][ C1] ? __hrtimer_run_queues+0x41a/0xad0 [ 375.304941][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 375.309880][ C1] ? clockevents_program_event+0x22f/0x300 [ 375.315522][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 375.321425][ C1] ? hrtimer_interrupt+0x40c/0xaa0 [ 375.326378][ C1] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 375.332273][ C1] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 375.337924][ C1] [ 375.340691][ C1] [ 375.343472][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 375.349461][ C1] ? smp_call_function_many_cond+0x833/0x930 [ 375.355450][ C1] ? smp_call_function_many_cond+0x86a/0x930 [ 375.361265][ C1] ? smp_call_function_many_cond+0x84f/0x930 [ 375.367079][ C1] ? text_poke_sync+0x30/0x30 [ 375.371590][ C1] ? smp_call_function_many+0x40/0x40 [ 375.376799][ C1] ? insn_get_immediate+0xbb6/0x1400 [ 375.381918][ C1] ? kernel_text_address+0xa9/0xe0 [ 375.389222][ C1] ? text_poke_sync+0x30/0x30 [ 375.393739][ C1] on_each_cpu_cond_mask+0x40/0x80 [ 375.398680][ C1] ? __SCT__tp_func_tcp_cong_state_set+0x8/0x8 [ 375.404665][ C1] text_poke_bp_batch+0x1e9/0x730 [ 375.409610][ C1] ? text_poke_finish+0x30/0x30 [ 375.414756][ C1] ? text_poke_loc_init+0x680/0x680 [ 375.419773][ C1] ? __stack_depot_save+0x36/0x480 [ 375.425233][ C1] ? __SCT__tp_func_tcp_cong_state_set+0x8/0x8 [ 375.431223][ C1] text_poke_bp+0xc8/0x140 [ 375.435480][ C1] ? kasan_set_track+0x4b/0x70 [ 375.440259][ C1] ? kasan_save_alloc_info+0x1f/0x30 [ 375.445379][ C1] ? text_poke_queue+0x1a0/0x1a0 [ 375.450151][ C1] ? bpf_raw_tp_link_attach+0x456/0x6b0 [ 375.455532][ C1] ? __x64_sys_bpf+0x7c/0x90 [ 375.459956][ C1] ? x64_sys_call+0x87f/0x9a0 [ 375.464487][ C1] __static_call_transform+0x333/0x560 [ 375.472097][ C1] ? __SCT__tp_func_tcp_cong_state_set+0x8/0x8 [ 375.478158][ C1] ? perf_trace_fib_table_lookup+0xba0/0xba0 [ 375.483972][ C1] ? text_poke_bp+0x140/0x140 [ 375.488488][ C1] ? mutex_lock+0xb1/0x1e0 [ 375.492742][ C1] ? __SCT__tp_func_tcp_cong_state_set+0x8/0x8 [ 375.498728][ C1] ? __static_call_validate+0x54/0x1a0 [ 375.504022][ C1] ? __SCT__tp_func_tcp_cong_state_set+0x8/0x8 [ 375.510008][ C1] ? perf_trace_fib_table_lookup+0xba0/0xba0 [ 375.515823][ C1] arch_static_call_transform+0x51/0xa0 [ 375.521207][ C1] ? __SCT__tp_func_tcp_cong_state_set+0x8/0x8 [ 375.527197][ C1] __static_call_update+0xd2/0x5c0 [ 375.535112][ C1] ? perf_trace_fib_table_lookup+0xba0/0xba0 [ 375.540916][ C1] ? __static_call_return0+0x10/0x10 [ 375.548407][ C1] ? __kasan_kmalloc+0x9c/0xb0 [ 375.553126][ C1] ? tracepoint_add_func+0x438/0x940 [ 375.558211][ C1] ? memcpy+0x56/0x70 [ 375.562027][ C1] ? perf_trace_fib_table_lookup+0xba0/0xba0 [ 375.567846][ C1] tracepoint_add_func+0x873/0x940 [ 375.572878][ C1] ? alloc_file_pseudo+0x280/0x2f0 [ 375.577824][ C1] ? perf_trace_fib_table_lookup+0xba0/0xba0 [ 375.583825][ C1] tracepoint_probe_register_prio_may_exist+0x11c/0x180 [ 375.590756][ C1] ? acct_clear_integrals+0x30/0x30 [ 375.596055][ C1] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 375.600907][ C1] ? perf_trace_fib_table_lookup+0xba0/0xba0 [ 375.606728][ C1] bpf_probe_register+0x152/0x1e0 [ 375.611848][ C1] bpf_raw_tp_link_attach+0x456/0x6b0 [ 375.617148][ C1] ? bpf_insn_prepare_dump+0x950/0x950 [ 375.628113][ C1] ? __kasan_check_write+0x14/0x20 [ 375.633130][ C1] ? fput+0x15b/0x1b0 [ 375.636949][ C1] bpf_raw_tracepoint_open+0x22d/0x4a0 [ 375.643078][ C1] ? bpf_obj_get_info_by_fd+0x3e60/0x3e60 [ 375.648670][ C1] ? selinux_bpf+0xd2/0x100 [ 375.653011][ C1] ? security_bpf+0x82/0xb0 [ 375.657350][ C1] __sys_bpf+0x4f5/0x7f0 [ 375.661512][ C1] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 375.666725][ C1] ? fpregs_restore_userregs+0x130/0x290 [ 375.672273][ C1] __x64_sys_bpf+0x7c/0x90 [ 375.676525][ C1] x64_sys_call+0x87f/0x9a0 [ 375.680952][ C1] do_syscall_64+0x3b/0xb0 [ 375.685201][ C1] ? clear_bhb_loop+0x55/0xb0 [ 375.689714][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 375.695447][ C1] RIP: 0033:0x7f0bd8b7e719 [ 375.699756][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 375.719148][ C1] RSP: 002b:00007f0bd9a6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 375.727384][ C1] RAX: ffffffffffffffda RBX: 00007f0bd8d35f80 RCX: 00007f0bd8b7e719 [ 375.735195][ C1] RDX: 0000000000000010 RSI: 0000000020000f40 RDI: 0000000000000011 [ 375.743005][ C1] RBP: 00007f0bd8bf132e R08: 0000000000000000 R09: 0000000000000000 [ 375.750817][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 375.758640][ C1] R13: 0000000000000000 R14: 00007f0bd8d35f80 R15: 00007ffcff318768 [ 375.767360][ C1] [ 375.770630][ C1] Sending NMI from CPU 1 to CPUs 0: [ 375.775759][ C0] NMI backtrace for cpu 0 [ 375.775770][ C0] CPU: 0 PID: 4451 Comm: syz.4.1623 Not tainted 6.1.112-syzkaller-00108-g19b68814b1cd #0 [ 375.775790][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 375.775802][ C0] RIP: 0010:kvm_wait+0x117/0x180 [ 375.775829][ C0] Code: 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 53 41 0f b6 45 00 44 38 f0 0f 85 63 ff ff ff 66 90 0f 00 2d 8a f9 50 04 f4 54 ff ff ff fa 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b [ 375.775844][ C0] RSP: 0018:ffffc9000fe0f2e0 EFLAGS: 00000046 [ 375.775861][ C0] RAX: 0000000000000003 RBX: 1ffff92001fc1e60 RCX: ffffffff85213c9c [ 375.775874][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff8881f6e27b80 [ 375.775887][ C0] RBP: ffffc9000fe0f390 R08: dffffc0000000000 R09: ffffed103edc4f71 [ 375.775901][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 375.775915][ C0] R13: ffff8881f6e27b80 R14: 0000000000000003 R15: 1ffff92001fc1e64 [ 375.775928][ C0] FS: 00007fe5ed66d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 375.775946][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 375.775960][ C0] CR2: 000000110c326353 CR3: 0000000110943000 CR4: 00000000003526b0 [ 375.775976][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 375.775987][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 375.776000][ C0] Call Trace: [ 375.776006][ C0] [ 375.776014][ C0] ? show_regs+0x58/0x60 [ 375.776042][ C0] ? nmi_cpu_backtrace+0x285/0x2f0 [ 375.776078][ C0] ? nmi_trigger_cpumask_backtrace+0x3b0/0x3b0 [ 375.776104][ C0] ? kvm_wait+0x117/0x180 [ 375.776120][ C0] ? kvm_wait+0x117/0x180 [ 375.776136][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 375.776158][ C0] ? nmi_handle+0xa7/0x280 [ 375.776177][ C0] ? kvm_wait+0x117/0x180 [ 375.776204][ C0] ? kvm_wait+0x117/0x180 [ 375.776221][ C0] ? default_do_nmi+0x69/0x160 [ 375.776243][ C0] ? exc_nmi+0xad/0x100 [ 375.776262][ C0] ? end_repeat_nmi+0x16/0x31 [ 375.776287][ C0] ? __pv_queued_spin_lock_slowpath+0x67c/0xda0 [ 375.776309][ C0] ? kvm_wait+0x117/0x180 [ 375.776326][ C0] ? kvm_wait+0x117/0x180 [ 375.776342][ C0] ? kvm_wait+0x117/0x180 [ 375.776359][ C0] [ 375.776365][ C0] [ 375.776371][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 375.776390][ C0] ? pv_hash+0x86/0x150 [ 375.776413][ C0] __pv_queued_spin_lock_slowpath+0x6de/0xda0 [ 375.776435][ C0] ? 0xffffffffa000200c [ 375.776451][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 375.776472][ C0] ? __kernel_text_address+0xd/0x40 [ 375.776489][ C0] ? unwind_get_return_address+0x4d/0x90 [ 375.776513][ C0] _raw_spin_lock_irqsave+0x1a0/0x210 [ 375.776534][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 375.776551][ C0] ? stack_trace_save+0x113/0x1c0 [ 375.776571][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 375.776590][ C0] lock_timer_base+0x12f/0x270 [ 375.776616][ C0] __mod_timer+0x1c9/0xcf0 [ 375.776638][ C0] ? kasan_save_stack+0x4d/0x60 [ 375.776662][ C0] ? kasan_save_stack+0x3b/0x60 [ 375.776684][ C0] ? __kasan_record_aux_stack+0xb4/0xc0 [ 375.776700][ C0] ? kasan_record_aux_stack_noalloc+0xb/0x10 [ 375.776718][ C0] ? bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 375.776734][ C0] ? bpf_trace_run3+0x177/0x2e0 [ 375.776751][ C0] ? __bpf_trace_timer_start+0x2b/0x40 [ 375.776774][ C0] ? __mod_timer+0x8d3/0xcf0 [ 375.776795][ C0] ? mod_timer+0x1f/0x30 [ 375.776818][ C0] ? mod_timer_pending+0x30/0x30 [ 375.776841][ C0] ? do_syscall_64+0x3b/0xb0 [ 375.776858][ C0] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 375.776884][ C0] add_timer+0x68/0x80 [ 375.776906][ C0] __queue_delayed_work+0x16d/0x1f0 [ 375.776929][ C0] queue_delayed_work_on+0x10f/0x180 [ 375.776953][ C0] ? delayed_work_timer_fn+0x80/0x80 [ 375.776978][ C0] kvfree_call_rcu+0x490/0x800 [ 375.776999][ C0] ? __kasan_check_write+0x14/0x20 [ 375.777018][ C0] ? call_rcu+0x10f0/0x10f0 [ 375.777039][ C0] ? longest_prefix_match+0x331/0x650 [ 375.777069][ C0] trie_delete_elem+0x5a6/0x760 [ 375.777098][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 375.777114][ C0] bpf_trace_run3+0x177/0x2e0 [ 375.777132][ C0] ? bpf_trace_run2+0x290/0x290 [ 375.777149][ C0] ? calc_wheel_index+0x40c/0xa50 [ 375.777174][ C0] ? timer_update_keys+0xb0/0xb0 [ 375.777205][ C0] ? debug_smp_processor_id+0x17/0x20 [ 375.777228][ C0] ? get_nohz_timer_target+0x79/0x740 [ 375.777252][ C0] __bpf_trace_timer_start+0x2b/0x40 [ 375.777276][ C0] enqueue_timer+0x303/0x480 [ 375.777302][ C0] __mod_timer+0x8d3/0xcf0 [ 375.777329][ C0] ? mod_timer_pending+0x30/0x30 [ 375.777353][ C0] ? selinux_socket_post_create+0x2fe/0x500 [ 375.777376][ C0] ? selinux_socket_create+0x330/0x330 [ 375.777398][ C0] mod_timer+0x1f/0x30 [ 375.777420][ C0] sk_reset_timer+0x22/0xb0 [ 375.777471][ C0] tipc_sk_finish_conn+0x164/0x860 [ 375.777520][ C0] tipc_socketpair+0x2a8/0x4f0 [ 375.777543][ C0] __sys_socketpair+0x3e0/0x6e0 [ 375.777582][ C0] ? __ia32_sys_socket+0x90/0x90 [ 375.777607][ C0] ? fpregs_restore_userregs+0x130/0x290 [ 375.777630][ C0] __x64_sys_socketpair+0x9b/0xb0 [ 375.777654][ C0] x64_sys_call+0x19b/0x9a0 [ 375.777674][ C0] do_syscall_64+0x3b/0xb0 [ 375.777692][ C0] ? clear_bhb_loop+0x55/0xb0 [ 375.777714][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 375.777735][ C0] RIP: 0033:0x7fe5ec77e719 [ 375.777749][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 375.777763][ C0] RSP: 002b:00007fe5ed66d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 375.777781][ C0] RAX: ffffffffffffffda RBX: 00007fe5ec935f80 RCX: 00007fe5ec77e719 [ 375.777795][ C0] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e [ 375.777806][ C0] RBP: 00007fe5ec7f132e R08: 0000000000000000 R09: 0000000000000000 [ 375.777818][ C0] R10: 0000000020000940 R11: 0000000000000246 R12: 0000000000000000 [ 375.777830][ C0] R13: 0000000000000000 R14: 00007fe5ec935f80 R15: 00007ffc11234d78 [ 375.777848][ C0]