last executing test programs: 13.653104778s ago: executing program 4 (id=1168): r0 = socket(0x40000000015, 0x5, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000180)) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) inotify_init() r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) pselect6(0x51, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xc3ac, 0x0, 0x5}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0) 12.632566175s ago: executing program 4 (id=1170): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) r2 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$FUSE_INIT(r2, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0xeeee0000, 0x8, 0x8, 0xb, 0xe4, 0x40, 0x0, 0x0, 0x2e, 0x80}, {0x5000, 0xeeee6001, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x15, 0x3, 0x2, 0x87}, {0x6000, 0xdddd0000, 0x9, 0x5, 0x4, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x1, 0x5}, {0x3000, 0xeeee0000, 0xd, 0x6, 0x4, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0xeeee0000, 0xd000, 0xf, 0x6, 0x15, 0x7, 0xab, 0x8, 0x9, 0x83, 0xf7, 0x1}, {0x1000, 0x3909e40c33606d9c, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0xa0, 0x40, 0x70}, {0xd000, 0x4000, 0xe, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x0, 0x2024, 0x2, 0x0, 0x3000, [0x6800000000000000, 0x4, 0x5e, 0x8]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 12.247473282s ago: executing program 4 (id=1172): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0xe2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r6, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0) 8.885165361s ago: executing program 0 (id=1180): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r2) getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=ANY=[@ANYBLOB="380000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="00000000408000001800128008000100736974000c00028008000100", @ANYRES32=r3], 0x38}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000040)={'sit0\x00', &(0x7f00000001c0)={'sit0\x00', r3, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x67, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}}}) 7.717964379s ago: executing program 4 (id=1182): connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000100)='./file1\x00', 0x13b) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r0 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f) write$FUSE_CREATE_OPEN(r0, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x0, 0x9, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0) sendfile(r0, r0, &(0x7f0000000080), 0x7f03) 7.588568271s ago: executing program 0 (id=1184): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$int_in(r1, 0x40000000af01, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000b80)) r3 = socket$packet(0x11, 0x3, 0x300) r4 = dup(r2) r5 = fcntl$dupfd(r1, 0x406, r3) ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0}) ioctl$VHOST_NET_SET_BACKEND(r5, 0x4008af30, &(0x7f0000000080)={0x0, r4}) close_range(r0, 0xffffffffffffffff, 0x0) 7.34584169s ago: executing program 0 (id=1187): r0 = socket(0x11, 0x3, 0x67) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x52c) syz_mount_image$exfat(&(0x7f0000000100), &(0x7f0000000240)='./file0\x00', 0x800000, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000003680)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==") r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$OBJ_GET_PROG(0x7, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000640)={'syztnl0\x00', &(0x7f00000005c0)={'syztnl1\x00', r4, 0x29, 0x0, 0x90, 0x4, 0x10, @ipv4={'\x00', '\xff\xff', @loopback}, @private0, 0x20, 0x8, 0x752b, 0x7fffffff}}) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\x00'/16], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=@abs={0x0, 0x7, 0xd0000e0}, 0x6e) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r6, &(0x7f0000000000)) mkdirat(0xffffffffffffff9c, &(0x7f0000000cc0)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) 6.06308609s ago: executing program 3 (id=1189): bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000ff000000bfa30000000000000703000000feffff720af0fff8ffffff71"], 0x0}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60303, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) r3 = dup(r2) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x1, 0xa, 0xb, '\x00', 0x7}) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000002c0)=0x10000) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000300)={[0xe6, 0x55f, 0x1a0000, 0x4, 0xffffffffffffffff, 0x1000000000007, 0x9, 0x27ff, 0x4, 0x5, 0x6, 0x793, 0xa, 0x40, 0xc976, 0x6], 0x2, 0x120200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.392031508s ago: executing program 2 (id=1191): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"}) ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x0, 0xaaa, &(0x7f0000000240), 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xd000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x8, 0x6, 0x40}, {0xffff1000, 0x10000, 0xc, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0xff}, {0xeeee0000, 0x1000, 0xc, 0x0, 0x7, 0xc4, 0x0, 0x0, 0x48, 0x3, 0x0, 0xfc}, {0x1, 0x0, 0x9, 0x0, 0x1, 0x0, 0x9, 0x0, 0x8, 0x0, 0x4}, {0x6000, 0xffff1000, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3c}, {0x100000, 0x0, 0x0, 0x78, 0x5, 0x0, 0x2, 0x0, 0x0, 0xff, 0x5}, {0x0, 0xeeee8000, 0xa, 0x4, 0x0, 0x0, 0xa1, 0x20}, {0x0, 0x6000, 0xc, 0x0, 0x0, 0x7, 0x8, 0x40, 0x26, 0x0, 0x0, 0x2}, {0x80a0000, 0x3}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x0, 0x100, 0x0, 0xf801, 0x0, [0x80000001, 0x0, 0x1]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 4.856585142s ago: executing program 0 (id=1192): r0 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x800795c, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=0x0, &(0x7f0000000500)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x11, 0x0, 0x0, 0x7, &(0x7f0000000100), 0x1, 0x40, 0x1}) io_uring_enter(r0, 0x627, 0xc1040000, 0x6b, 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) ioctl$IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, 0x0) r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r3, 0x0, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$UHID_INPUT(r4, &(0x7f0000000240)={0x8, {"7f9654d636ab18b7938a2804505c72e9994ca22404fc203334cc21ed3d6a776fd12d13f9602b2980f983c31a5d1e431db778099ce3af3fb20e1ee1f4fdb77cbb36154982a93c19825d6fd273ab1eb5bcd47adad50de8a6791486e482e29ecc94284921f33b941cfc1000c9781d9a828c5ec7a2c77b4e624a5aa0e9e39782bad733eda81ba47e1c6116e4170e6587dd6210a57abe91f1f80c4e31139d8b73fe35ac1f99ea82dd6aa9c9aa67de88ae3e141020e1a876bbc449d2d843aa7e6d90b948b7e28770e6ac71010c63f17e90fd20806a9f8d9f418ee3af74aac64b04a27c4f5e3626ca2da546c79d24acadd11e8d272a22fc54078fd5e64475993668980a9f95aff964ded28f79c862e674356af492b8377a759d8ccf1accb9a18ef7ad16f438dde69cd020d71552b0810688c882a26a22b23f4b35471b08b379193db1cd7934a4049ff1b00d9795cda6e73951641d5e2365c24facd5afd09ed1d096d758b4fef66fe1aa22395d67b7e1db623d4a60a7dc93893d6c4a91df79535a855868c5dc0033d5c428cd25b85c5deb6e81068553bc84cead4d1eba8aa57e2b354a6899e44acbd3834491219b3e231cd55d82f161774a689efe197cc193ac0124c67738a0a1d5f16a6768c2c2ba7386c8c95ca08c55117f344f5a2bca0d09e79ea3fc49491f2c7adc513c2779c1bf62b1a8643d23e9e8b2ae41d4a59f1b82b82e092b36eb851b8456da871b4057aec325a9d4cccafde61f2abc85e3cabeabb856f6ffbfe23d69219ec8fae6beb54abe7870dbae823d49806a967a1c7f252999804f106745f20490bb3347b59321dc69765567abcbd89de04d89622170005df5871ed0fb72345a11da074060d7d4ee2e437f71a45723fb6b02de56067e54f54c52d10f7874a13cbfb3bd65ce54f9d6719ea210e0cf79e4e2157736ec07ac5915682ab81bced665c1e72fab8d8cfe509de0f21fe374b957b379fd5918061e21c2e96985cc1354b2de859b0f1a463ab04683b1253eda671c2353b5c208aca652f5419ffc4949a7fa909b95653f42d97390c400b4a1c308b11e73e9a06d3b164d3361e75584d70e6bc61d570a7e0c7da330f643194c1893fcd6489fac605eead61b53dff18caf526ecccc9bbd9146bc3c3bb67677695e6fddaab081786e9084014e60f5c03ae5a9087726b05e17402cd2fbb80d773b8a41470b1f901a8c2b2d57450181f4fc5bc53c7cb3dc032b84567492607cb08832eca9f79da9210d197863e5db5a74a9823dc0cc8bd9f3a9b6ff5a7d15d4747a9b26e088f4fad96d81cd1214226b1c4585d418d593220fcbb9ad949266cc48163e3498b46ebcdf7b2b5ecfe67539a61ed9e39b02d5b35ac0d0e7fa830034ca2da8a7ddf04bcf2cee939994369feb77023e0e3de04b21db7a640a92c17748245005cd75a7deba4ff0e4c104a9db2d9a98ec8edb3562050a3bac5f322290e3d8b6fb21770ac436d4cb12b97fc8f76d7bb9eeed85663eb0626f1ad1719ee4b07f7de2c1d1a31c27c6879f4fa3dbdfb2bfc0898beabafbeca9f13050e6b2f6c432e423cd5cb6b8fa56fe32c3e50104e44462c0a5c69de6a7ac5ae3d9f07ceed64dbffa42e4663838bfcde92f0fcb895f3b93c59b0e48c09890dfc36436db56b708f6e7cbbd2a6305f573cee099dbcd263cb96d9fb69cbc3cb06d8f5e3789698a17e71d22b4665ff5447fcc17a31bb136c8bb4b984573bcaf1cb650198c1266e6ddfd42d44f9de02cb9d915c5334c550fac3fcee56790aeb09d81e7690a32d8b0cc477b23f15257820de227be1ffaec2f63f3266b8f5dd78947dcee355fe59bfb100e5244425532bb1d115acd211b8c16b0ec0aae00fca5d4511a05c3ff027a1cac56210a10d81c01b90e156cc7b33de0fac825dc516d398166096013e068db935483c93ba95da39b5ae4087d84479a4c4809f28f93790dc279637bd6f3dc441d315cf6bd7b0e3d92070a45baf4445ce063fd12690eb002f5ca068a256bc54100c99a02a346beca39072163c4b297d117f1ed9fef42e3dbc11d36a0a0db52e84461c6fbb4aad62cd6c8dc9ae6a3390a5e8773ac599e67436220c8d541a9039762bffaa7f490e31dddbc362fb4ff686cda905f3b02a1db76d4d570d970434921ca8a4765af6d5c8b881e1f4ffa7e2d9ef5f5511b94f88474674ec790bb5186c73446a227bf1ffd19b605733abd1bd41e421aeaf2ed4617088c7ceef85451225056435993e89e4bccd2c2e4b39af99feef11fea645eeb5cf9f77b1e19a72d3efb613100969b84302789714bca65bcbc96762b4012a5700c62aed706433b9f142b7302442b6a9958b0e28e8b1cfa9eeb4ac0d71f497b23babf9f0221dcb658d9f4db5d45bee30d2ad7c97d6a562e014a7701c15325ec5d42ab732b37714a77a95c03fb15bbfba6fade32bf50f985a1df362ca7216cc152907dd931acb58a63920f581e82b590c0d6a0033009f8e50c3263d3f58596b63d507cadbc809a6690561f74d0772bf92d04e06c47a350724b106f5e83f7e71c4b2a983bf5ad7d8684e7b8b5dc1273d0fa5879b8e61bde33d602bc8ff0913b6d32dcac366d568dc7cf82bbfc405cbe418a2644c26592b32ca1a632fc95123efb784cfb6953a94ebeccd24fba389a0e56b043df07d9a2dd38a1196e5e55576b25f85cb96f6560802a4a58b7a6857e8454faa2c880bf32d464562b2bdc5f0df22b663f2c01fc944f1cfd1908f617f8295a5440bb79ae178ea46a95baeea48322105146ac3ed2de7d3796ddddcc848a8ecf4a00dd055733b4f59211f5a40deea44e74b3bc57953b26ed61e6fd67889edfe8d0902385e37666aacec072735630ecc441c3cc6b09bb2f63aa4e332c6df728dc74078a83ce20454dfd616d116270666ddc09c5fea2e8442bc43455d0257fac92f3780061178f9420bf8e463f29896c12383dbb9a81bc5c87376e647c8a9786cb514fb9696d9c0a8d303c5c4b5b7c5f601c01fa19323e02f675c371bc44fbc1ac5704d41a89a2a4ccec6ac8440c532f07da25aa2dce6a5d2ebe694eb4017d178b221213bfe2a01d9cfe689bd190776bca6c032f446eb8862587a7826e35f3f691763212eee6af2e49bbeb0a27e07c5714b74e373798c7bebce265f7ebef3a1ea64078cf1e8a9d433af32c53090c972ffedbadafb50b9a6e540abd84f8e938583ea725954be3b236c5d8aca7d486d21902a2902f25a7c02dbe83c39bd0b81513f9ef198c49d560e930ae224ff47f92e4851e1f7ab5bb406abcf6596569261e6b0c67bb3b854e9c6de60bfb60fcf29241ff237151310ecd19f8b2cfe764c1df1a2de9d840eca47aa169ba9a415901204ec31ccdfd76e908029ae34fb12dc286758c64fd6d42bc82b14e07e421f4b42b180cd6ef40cac8062928b4a420a4577f24295f54de9048ac9d34307bf93e463cea4967cf4880166f68ed1eb965db2e4fb9f5f0b1c695d621e427ccb9a3188073ee6fde729c6698346efa1c0ba643c1efd20858965511da750060d551c44c435a5f1603fae7357e0bc78e92aad3d88790ec2aa1a42d6fe7e0ffc57f3599e406db63be7dd32692df32ce33dee0a2becdb02d6e435e09de3d356497543db23f53da25643f9c585e275297800d8beed47f0e622f86fc25d2e87036fdceebfe7257cb6de0c02412d1c0758acfcd0862e99ad17a118f46f635a87477e8b825423d94ada35bf0b5444aa7d3de4bb7eec7ae5129fcc2cba651cc972f5500fc5161149d29f452962afb102a01ae76825cb4477460be0b85d75058595c27e9b7fae3492ec3925c671bee5f4ca534d5a294f783d6cc073c992139b61d21fd98297b04c0578dafd5f7ebcaf8d4d9185aea3d76e813421f4573b38c25093c015a65e44fb297f0f6ac2d02c4237b37a3bfca2406c5c95ae5812816bacad59ba7c6f72d7c644ff25b592ed1e89b276e05866c01a4ced7fc6dd9f190c20d420d7c8a1fe908833a24c5e5bd7a95a2a6fbf147fc4b29a179718166dd0fbae2fc6b8c8aac6194fa6baf0d3edc36b2316c56c441ba53e3e7aaaf0a1405566ff584f73a637b74dde9bcb4d41da2be6c9df5d533fbac54f5fb52a8a793757cfe19aa90048c6d07e3474136ae1be2455b0d0d02eb4b5961ba883209355c0dd2af4aad98e7b971e358a7d9b55fe17cd6095f257355d9b99e5ea52848f17b35a80792d9ed0fef6fe3eef9a324902409969823be20bbe0e8dba9c747cd1a14d3642d877b86271f3f0c322a142c4ff635b37d542c3265b5fe8589a732bb1a55010b930dd0196cd43ac3634c01b4a44c517197d03a3d89c67f5c09aab409e84c0af466bfbd0c96d240101a2542c66b4b4b8ef65b41b0079995c52cc9720d2c1d7c128c6f17a65cc798c1986cfbd8888460c54438edc4f91f3580391c8b57d9aee209a59a116c1c44775437e9c30e6d87e82ce84e28532b19441e32ab9aea22177bac9daad25a6c88395e9348d6780de630cddb266c411011175bdb6255a36535180818447d43ffba3758d311539fe9f6811fa470bf3767b4c2d4cdf37854c7ee28730bb1d39d5c0dfffcdbf353cca3e13079f3ae66b839c7dd36914022a0e75bca5b622f521420b73249ef47f03c1fb03ecf7557882afcaa7cf454a68ad237d4ce860bd6b1531c1cafe2cfb76bc4188271ef6bdfb304ee0e6932463a1909f03d6e8a27b5f137d6b342841d613863dfdf37d5ec3a98d667810fb6f82d67620bdefed8b3ff98420a6c7ee577c3ba68b95a20403608a7ba6526ec9e8662c6e15ab09b1a9019d4958af04cb2e4890ee6b1077fcaa5cc0817f388461b230fe631e75f18ab392a5ca5de4a024ca16dd05fcfdf92114e43a5c4a169d462ff0dba57deeaf5eaafd892f8ccbd72ac56471162e1416bca39859b4184ba0d1b3f7ec05db4ef4cf0142867fa9be328a0be8aa74c716aad9411008607980861f4f72e9bfa60195e2f939d3f6a44a6cec07dd376d1bccaa126686f313d5f7918ecd1215026982c82ed1922ef70e36e8ed59b2d5ceab3b4aad7e53049062dd5ba0e87f7005c3f4d2b788245cdc2f35ef2572bea5ea92dfad406ade6d5ad18be8eeb4c652e5277b244645c68c0c0f5a68d42e00d59b75941917b2cdf31fdf809f2078ca97fd5beba65b34e0621138ea0e94feb87166b2dac2232ebca575e5c0a4d565d9992f733bbfbe68a63d99ee93398604065d5517c33ed0e067bdb643e73102f16137afd7d4bf21e8065ea028c392a6dcefbe642dc3fb03a239d9c8b17023eacc8e19fea11c34a10644af1b786fc0f4504038c2ee59c1b353f3d7b9313df025b4b5874ca63ec164a3fe35bf390d266f53dcda6a8e190e63a56ffdf4f7c5c02aa22d376db06d4d2b96be5b331f897d1ecfd25c13a1c194c265dd95a5724a6435bc8138224d9db28b689b9cea5132cd19601dbc4a43e70c71e27e8fd0689d09484974e8a4605f8553735fffaf5654a087e323ca14e02b681b9bbe592bd6b719ae2e86bdf918b27c79d52dd334d1aa7ebc1bff76e97572faad092010a1022f7d33089049107a89c364ae7dd022d119e8f6ab795fd71d76a90e8202339401ff9e9918ea8c8e12f7b0ba10d9ebde5d1bc5988f2d07b34579d8c282628204f2978d8b0cf95dc41f3775a4053f833267c64b42336d7c850f2918ef0dd6d62e43fcc173254eb34748efd4754609ce25ade162ba3c91bb844aaf6fd648ee5a8fc5c64346603f8258592d67b9613e8f7ac0def0958f13436581d729e0b3e062738eb06b2116abe837529690a614fc5d3f53b4d4602e57060", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x11, r4, 0x0) 4.803348077s ago: executing program 3 (id=1193): syz_open_dev$tty20(0xc, 0x4, 0x1) r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0) ioctl$TUNATTACHFILTER(r0, 0x401054d5, 0x0) connect$can_bcm(0xffffffffffffffff, &(0x7f00000000c0), 0x10) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = syz_io_uring_setup(0x23a, &(0x7f00000004c0)={0x0, 0x1c2a, 0x10100, 0x2, 0x0, 0x0, r2}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r6 = inotify_init1(0x0) read(r6, 0x0, 0x0) 4.77965941s ago: executing program 4 (id=1194): unshare(0x6a040000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/route\x00') r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x2) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x4}]}) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000) r2 = epoll_create(0x6) r3 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000ec0)={0x1}) close_range(r1, 0xffffffffffffffff, 0x0) 4.67037138s ago: executing program 2 (id=1196): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x2}, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="090000000800000004000000fc", @ANYRES32=0x0], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000380), 0xce4, r2}, 0x38) 4.519819169s ago: executing program 0 (id=1197): openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000002140)={[0xfffffffffffffff5]}, 0x8, 0x0) readv(r1, &(0x7f0000002940)=[{&(0x7f00000000c0)=""/121, 0x80}, {0x0, 0xe00}], 0x10000000000000fb) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) socket$can_bcm(0x1d, 0x2, 0x2) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@ipv4={'\x00', '\xff\xff', @loopback}, 0x47ff, 0x2, 0x0, 0x87d1513da606f9f3, 0x1, 0x1}, 0x20) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) syz_usb_connect$uac1(0x3, 0xa4, &(0x7f0000000040)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r2, @ANYBLOB="05"], 0x0) syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) 3.647645098s ago: executing program 2 (id=1198): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0xa0031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071122100000000009500000000000000e4c816f712cbf24bc7fe82d62c63e15100f95d2b20a613e922a06491db24e775a82b37f2e4ca2b92b9d96e1230e486fca8e8600716f8630c86c2ff0396cf701136fcc72dfd6f52fbc744e579c5c5933d028db347db3c2e15b1da8747ec6ab479b7d45bd3e6271dbc20e06f4c13b1243fdce62796f7b84e9aa41ec1bac0bc6736dc6320102494db44b3202cd2bf2edc7454ba0e5f2b15b9d283bdde0f6c48d9ab09aff9c3eecafa59adb8a7701f6b7ec5115bb467ee37e354c12462e5ee902be243a3c198e67e6e396d13d4483694cb19a0c38214486e565f03bbc218d642c72172e9f597fd9a9023567e8066c83672c671cc7bc528b3ae6d885b85e4a2936fefafeb0612"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x12}, 0x80) rseq(&(0x7f0000000040), 0xfffffffffffffdb2, 0x0, 0x0) futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000280)={{0x77359400}}) 3.551439311s ago: executing program 3 (id=1199): rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) setsockopt$sock_timeval(r0, 0x1, 0x42, &(0x7f0000001600)={0x0, 0xea60}, 0x10) readv(r0, &(0x7f0000002c80)=[{&(0x7f0000001ac0)=""/133, 0x85}], 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x17) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r2}, 0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x18, &(0x7f0000000580)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xeaa8}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x200}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x17}}]}, &(0x7f0000000080)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) sendto$inet(r1, &(0x7f00000005c0)="1150d223e693c52443647a14fb167c21e2a73e0a400a7bba9e1e432152a9e9e2e8df193ca17a37fffde16224123c76580264f7d425abcee204656b5a7827eaa63a30318a7a1a384b394796575e01361e2bbc9a1a9fa290517e2f3981ab211391db2a53cf7d796dd548482d26317a4aa80b2741c24d5b9ca93ce9daebba0951cde8884ae72c155e01120ea73919d31fa9b9f19dde8c4ebb221c195a92ec850d6e6f93e7ad323fa244f887e10c9d9a77b2da8d6fc5084dce512696733adb233ff41a4d4b70b4b2cc5c4ad6af5cb70c63ff51a83fc59c57f91c0e2f3ece8ccf41", 0xdf, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 3.491591148s ago: executing program 1 (id=1200): close(0xffffffffffffffff) pipe(0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0) r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0) bind$rose(r1, &(0x7f00000000c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x4, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x40) 2.477502678s ago: executing program 1 (id=1201): syz_emit_vhci(0x0, 0xd) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) syz_io_uring_setup(0xbdc, &(0x7f00000004c0)={0x0, 0xec25, 0x8, 0x0, 0x2f7}, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0x0, 0xf00) 2.477149932s ago: executing program 2 (id=1202): r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa, 0x0, 0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}}, 0x0) add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) lstat(&(0x7f0000000100)='./file0\x00', 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @mcast1}]}]}, 0xac}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x1, 0x1, 0x101, 0x0, 0x0, {0xa, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x10000880}, 0x0) 2.296862483s ago: executing program 3 (id=1203): io_uring_enter(0xffffffffffffffff, 0x7a98, 0x0, 0x0, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x20004840) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0) ftruncate(r0, 0xc17a) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x2) creat(&(0x7f00000002c0)='./file0\x00', 0x109) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000000)=[0x6], 0x0, 0x0, 0x1}}, 0x40) r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) 2.088430507s ago: executing program 2 (id=1204): socket$unix(0x1, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r1 = syz_io_uring_setup(0x49f, &(0x7f0000000600)={0x0, 0xe7a9, 0x100, 0xfffa, 0x40024e}, &(0x7f00000001c0)=0x0, &(0x7f0000000440)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0, 0x2161, 0x1, {0x2}}) io_uring_enter(r1, 0x3d0e, 0x4c1, 0x43, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) read(0xffffffffffffffff, 0x0, 0x0) 1.971595732s ago: executing program 3 (id=1205): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) gettid() prlimit64(0x0, 0xe, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) ioctl$SNDCTL_DSP_STEREO(r1, 0xc0045003, &(0x7f0000000140)) r2 = memfd_create(&(0x7f0000000240)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x80\xb80x0}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000640)={'syztnl0\x00', &(0x7f00000005c0)={'syztnl1\x00', r4, 0x29, 0x0, 0x90, 0x4, 0x10, @ipv4={'\x00', '\xff\xff', @loopback}, @private0, 0x20, 0x8, 0x752b, 0x7fffffff}}) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000700)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=@abs={0x0, 0x7, 0xd0000e0}, 0x6e) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r6, &(0x7f0000000000)) mkdirat(0xffffffffffffff9c, &(0x7f0000000cc0)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) 1.544219513s ago: executing program 4 (id=1207): socket$inet6(0xa, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0xe}, {&(0x7f0000000040)="8bf9c333442d145a6a694ddaf5187a95", 0x10}], 0x2) 780.819943ms ago: executing program 0 (id=1208): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x800, 0x1, 0x3}, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0x133d, 0x0, 0x8, 0x0, 0x0) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r2, 0x18, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x1, {0x6, 0x6d4}, 0xf0}, 0x1) 719.56452ms ago: executing program 2 (id=1209): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) mount(0x0, 0x0, &(0x7f0000000240)='erofs\x00', 0x2812, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="3000000010000108000000000000db0000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000080004004400000008001b0000"], 0x30}}, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, 0x0, 0x0) r3 = dup(r0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x13f, 0x1}}, 0xfed7) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x111, 0x4}}, 0x20) 466.217689ms ago: executing program 1 (id=1210): r0 = epoll_create1(0x80000) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@local}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e}) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000240)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e, 0xfffffffffffffff9}) close(r2) r3 = epoll_create1(0x0) dup2(r1, r0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000000)={0xa0000001}) 215.609175ms ago: executing program 1 (id=1211): setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = syz_open_dev$MSR(0x0, 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) r1 = getpid() add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) prlimit64(r1, 0x3, &(0x7f0000000040)={0x6, 0x9}, &(0x7f0000000140)) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040ed5000410"], 0x11) bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr-aes-ce,sha3-384-generic)\x00'}, 0x58) lseek(0xffffffffffffffff, 0x401, 0x0) 79.655931ms ago: executing program 3 (id=1212): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1810754, &(0x7f00000001c0)={[{@jqfmt_vfsold}, {@errors_continue}, {@usrquota}, {@prjquota}, {@usrquota}, {@data_err_ignore}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0xffffffff}}, {@nodiscard}, {@test_dummy_encryption}]}, 0xff, 0x46e, &(0x7f0000000e40)="$eJzs281vFOUfAPDvzG7L249fKyIKgjSisfGlpQWVgxeNJh40MdEDHmtbCLJQQ2sihGg1Bo+GxLvxaOJf4MmTUU8mXvVuSIgSE9CYsGZmZ9ruslsK3bKE/XySaZ9n59mZ57vzPDPPzLMbQN8ayf4kEf+LiF8jYqiRbS4w0vh37cr56b+vnJ9Ool5/84/BvNzVK+eny6Ll+7YVmdE0Iv00KXbSbP7suZNTtdrsmSI/vnDqvfH5s+eeOXFq6vjs8dnTk0eOHD408fxzk892Jc4svqt7Ppzbu/vVty++Pn304js/fpPVd9e+xvqVcXTLSBb4n/Vc67rHu72zHrteX44zqfa6NqxVJSKywzWQ9/+hqMTywRuKVz7paeWADZWdsze1ebn4v1gH7mFJ9LoGQG+UF/zs/rdc7uDwo+cuv9i4AcrivlYsjTXVSIsyAxu4/5GIOLr4z5fZEi3PIZaOz+AGVgAA6DvfZeOfp9uN/9LYtaLc/4u5oeGIuC8idkTE/RGxMyIeiMjLPhgRD93i/lunhm4cf6aXbiuwNcrGfy8Uc1vN479y9BfDlSK3PY9/IDl2ojZ7sPhMRmNgU5afaLfxchMv//J5p/2vHP9lS7b/cixYbORSteUB3czUwlS3BqWXP47YU20Xf7I0E5BExO6I2LPmrS5G8fHkTjz59d5OJW8e/yq6MM9U/yriicbxX4yW+EvJ6vOT45ujNntwvGwVN/rp5wtvdNp/2/ivb19/YGuUHf+tze1/aV0l/zv0V7JyvnY+bvmG5MJvn3W8p6zeZvsfTN7K53TLmnwwtbBwZiJiMHktovX1yeX3lvmyfBb/6IH2/X9H8Z4s/ocjImvE+yLikYjYHxH/FvfQj0bEgVXi/+Glx97ttG5d7T9iyxrLdZTFP9P2/LfU/oebj/+tJyonv//29uPPjv/hPDVavJKf/26ic3U2FyWWWzMAAADc69L8u/FJOraUTtOxscZ3+HfG1rQ2N7/w1LG590/PNL5DPxwDafmka2jF89CJZLHYYiM/WTwrLtcfKp4bf1HZkufHpudqMz2OHfrdtub+v7/s/5nfK72uHbDh/F4L+ldr/097VA/gznP9h/6l/0P/0v+hf7Xr/x+15M0FwL3J9R/6l/4P/Uv/h/6l/0NfWs/v+jcqUV3l1/sSd0si0ruiGhItiUgaF/RN6+zdvT4zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMd/AQAA///gq/is") bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x7fff, 0x0, 0x1}}, 0x40) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xfffffff9) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001180)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94) 0s ago: executing program 1 (id=1213): getresgid(0x0, 0xfffffffffffffffc, 0x0) r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r3 = landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r3, 0x1, &(0x7f0000000000)={0x108, r2}, 0x0) creat(&(0x7f00000006c0)='./file1/file2\x00', 0xf1) landlock_restrict_self(r3, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2) kernel console output (not intermixed with test programs): vsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.713007][ T37] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.723321][ T37] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.740899][ T5871] veth1_vlan: entered promiscuous mode [ 78.754785][ T37] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.779623][ T5862] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.787848][ T37] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.798046][ T37] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.819035][ T37] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.923667][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.947210][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.990691][ T5866] veth0_vlan: entered promiscuous mode [ 79.012494][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.021111][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.024323][ T5871] veth0_macvtap: entered promiscuous mode [ 79.064921][ T5871] veth1_macvtap: entered promiscuous mode [ 79.082586][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.097154][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.105802][ T5866] veth1_vlan: entered promiscuous mode [ 79.146696][ T5862] veth0_vlan: entered promiscuous mode [ 79.156848][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.163600][ T5862] veth1_vlan: entered promiscuous mode [ 79.164682][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.199161][ T5871] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.237310][ T5868] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 79.247608][ T5866] veth0_macvtap: entered promiscuous mode [ 79.258925][ T5883] Bluetooth: hci4: command tx timeout [ 79.264358][ T5878] Bluetooth: hci0: command tx timeout [ 79.264422][ T52] Bluetooth: hci1: command tx timeout [ 79.270567][ T5878] Bluetooth: hci2: command tx timeout [ 79.276294][ T5872] Bluetooth: hci3: command tx timeout [ 79.288544][ T5871] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.309887][ T5866] veth1_macvtap: entered promiscuous mode [ 79.397754][ T35] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.425832][ T35] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.594258][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 79.619818][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.771218][ T1341] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.839773][ T1341] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.297497][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 80.307609][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 80.368227][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.416107][ T5862] veth0_macvtap: entered promiscuous mode [ 80.457788][ T1151] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.482817][ T1151] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.506327][ T5990] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 80.514059][ T5862] veth1_macvtap: entered promiscuous mode [ 80.540794][ T5990] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 80.569415][ T1151] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.595657][ T1151] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.348590][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.371276][ T5872] Bluetooth: hci3: command tx timeout [ 81.376848][ T5872] Bluetooth: hci1: command tx timeout [ 81.382350][ T5872] Bluetooth: hci2: command tx timeout [ 81.390980][ T5872] Bluetooth: hci0: command tx timeout [ 81.396525][ T5872] Bluetooth: hci4: command tx timeout [ 81.423366][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 81.559685][ T1341] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.590573][ T1341] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.635944][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.835809][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 81.851564][ T6003] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8'. [ 82.638869][ T1341] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.662570][ T1341] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.687605][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.697516][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.775397][ T9] usb 4-1: new low-speed USB device number 2 using dummy_hcd [ 82.789082][ T1341] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.842220][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.868741][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.895396][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.935703][ T9] usb 4-1: device descriptor read/64, error -71 [ 83.058558][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.644253][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.765258][ T9] usb 4-1: new low-speed USB device number 3 using dummy_hcd [ 83.793657][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.828739][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.901141][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.915207][ T9] usb 4-1: device descriptor read/64, error -71 [ 83.925324][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.175928][ T6017] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1'. [ 84.575573][ T9] usb usb4-port1: attempt power cycle [ 85.533486][ T6029] loop0: detected capacity change from 0 to 128 [ 85.725469][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 85.825395][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 85.904913][ T6035] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 86.611419][ T6030] IPVS: set_ctl: invalid protocol: 29 0.0.0.0:20000 [ 86.725172][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.725392][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.733718][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.742173][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.086346][ T116] cfg80211: failed to load regulatory.db [ 87.149373][ T6030] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 87.421442][ T6044] loop2: detected capacity change from 0 to 128 [ 87.430811][ T6044] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 87.457645][ T6042] loop1: detected capacity change from 0 to 512 [ 87.481409][ T6044] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 87.560557][ T6042] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 87.590016][ T6042] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 87.606450][ T6042] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 87.649314][ T6042] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 87.672664][ T6042] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 87.681287][ T6042] System zones: 0-2, 18-18, 34-35 [ 87.694069][ T6049] netlink: 'syz.0.14': attribute type 21 has an invalid length. [ 87.702126][ T6049] netlink: 128 bytes leftover after parsing attributes in process `syz.0.14'. [ 87.768887][ T6042] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.165646][ T6055] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2: bg 0: block 353: padding at end of block bitmap is not set [ 88.515667][ T6049] netlink: 3 bytes leftover after parsing attributes in process `syz.0.14'. [ 88.711533][ T30] audit: type=1326 audit(1758669197.115:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.0.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 88.828943][ T30] audit: type=1326 audit(1758669197.115:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.0.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 88.830762][ T5862] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.850801][ C0] vkms_vblank_simulate: vblank timer overrun [ 89.255069][ T30] audit: type=1326 audit(1758669197.515:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.0.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 89.361147][ T30] audit: type=1326 audit(1758669197.515:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.0.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 89.383111][ C0] vkms_vblank_simulate: vblank timer overrun [ 90.617723][ T6084] netlink: 'syz.3.17': attribute type 10 has an invalid length. [ 90.626641][ T6084] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.635211][ T6084] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.667657][ T6084] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.675086][ T6084] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.683225][ T6084] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.690675][ T6084] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.765691][ T6084] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 90.954231][ T6084] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17'. [ 90.963440][ T6084] bridge_slave_1: left allmulticast mode [ 90.969182][ T6084] bridge_slave_1: left promiscuous mode [ 90.975931][ T6084] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.283996][ T6084] bridge_slave_0: left allmulticast mode [ 91.289994][ T6084] bridge_slave_0: left promiscuous mode [ 91.296420][ T6084] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.317396][ T6084] bond0: (slave bridge0): Releasing backup interface [ 92.905519][ T6099] overlayfs: conflicting options: nfs_export=on,index=off [ 93.200382][ T6102] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 95.070928][ T6108] Invalid ELF header len 8 [ 95.719813][ T6109] Zero length message leads to an empty skb [ 95.818791][ T6110] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 97.889903][ T6114] netlink: 212 bytes leftover after parsing attributes in process `syz.1.24'. [ 98.093865][ T6124] loop4: detected capacity change from 0 to 4096 [ 98.750009][ T5981] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 98.918515][ T5981] usb 1-1: Using ep0 maxpacket: 16 [ 99.051995][ T5981] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 99.315685][ T5981] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 99.345295][ T5981] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 99.354386][ T5981] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.586327][ T6141] ptrace attach of "./syz-executor exec"[5866] was attempted by ""[6141] [ 100.004508][ T5981] usb 1-1: config 0 descriptor?? [ 100.936800][ T5981] corsair 0003:1B1C:1B02.0001: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.0-1/input0 [ 101.371272][ T6159] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 101.380105][ T6159] netlink: 16 bytes leftover after parsing attributes in process `syz.1.32'. [ 101.405181][ T5981] corsair 0003:1B1C:1B02.0001: Failed to get K90 initial state (error 3). [ 102.802217][ T5998] usb 1-1: USB disconnect, device number 2 [ 102.888667][ T6165] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 102.943630][ T6150] netlink: 96 bytes leftover after parsing attributes in process `syz.3.22'. [ 103.001182][ T6162] fido_id[6162]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory [ 103.381256][ T6168] netlink: 24 bytes leftover after parsing attributes in process `syz.0.34'. [ 104.605244][ T6168] netlink: 4 bytes leftover after parsing attributes in process `syz.0.34'. [ 104.705713][ T6184] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 104.962562][ T6168] bond0: (slave bond_slave_1): Releasing backup interface [ 108.025091][ T6216] netlink: 240 bytes leftover after parsing attributes in process `syz.3.43'. [ 108.269830][ T6221] netlink: 'syz.3.43': attribute type 10 has an invalid length. [ 108.320074][ T6221] team0: Port device dummy0 added [ 108.336352][ T6221] netlink: 'syz.3.43': attribute type 10 has an invalid length. [ 108.426656][ T6221] team0: Port device dummy0 removed [ 108.438610][ T6221] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 110.212921][ T52] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 110.212993][ T52] Bluetooth: hci2: Unknown advertising packet type: 0x5d [ 110.220492][ T52] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 110.228222][ T52] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 110.235424][ T52] Bluetooth: hci2: Malformed LE Event: 0x0d [ 110.303242][ T6233] loop3: detected capacity change from 0 to 64 [ 110.399547][ T6231] sctp: [Deprecated]: syz.2.42 (pid 6231) Use of struct sctp_assoc_value in delayed_ack socket option. [ 110.399547][ T6231] Use struct sctp_sack_info instead [ 110.542918][ T6231] netlink: 4 bytes leftover after parsing attributes in process `syz.2.42'. [ 111.848359][ T6212] syz.0.41 (6212) used greatest stack depth: 17832 bytes left [ 114.611860][ T6272] fuse: Bad value for 'rootmode' [ 115.185542][ T6270] loop0: detected capacity change from 0 to 256 [ 115.656637][ T6286] trusted_key: encrypted_key: master key parameter 'cœYõÙ?(<ÁÐ`Ͼ3QÃ#¡Pèðd' is invalid [ 116.387147][ T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 116.437659][ T6270] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7b82335c, utbl_chksum : 0xe619d30d) [ 116.619475][ T6291] loop3: detected capacity change from 0 to 256 [ 116.716670][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 116.727921][ T10] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 116.744534][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.750052][ T6291] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 116.772599][ T6291] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 116.783416][ T10] usb 3-1: config 0 descriptor?? [ 117.430224][ T6291] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 117.460965][ T6291] exFAT-fs (loop3): failed to load alloc-bitmap [ 117.474413][ T6291] exFAT-fs (loop3): failed to recognize exfat type [ 117.835093][ T5876] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 118.811320][ T6317] i2c i2c-0: Invalid block write size 252 [ 118.831686][ T6317] nfs4: Unknown parameter '/file0' [ 119.146397][ T5876] usb 5-1: Using ep0 maxpacket: 32 [ 119.159960][ T5876] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 119.168351][ T5876] usb 5-1: config 0 has no interface number 0 [ 119.178115][ T5876] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 119.187480][ T5876] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 119.196427][ T5876] usb 5-1: Product: syz [ 119.200776][ T5876] usb 5-1: Manufacturer: syz [ 119.205747][ T5876] usb 5-1: SerialNumber: syz [ 119.236285][ T5876] usb 5-1: config 0 descriptor?? [ 119.269933][ T5876] smsc95xx v2.0.0 [ 119.356979][ T6320] netlink: 'syz.1.61': attribute type 4 has an invalid length. [ 119.527241][ T10] usbhid 3-1:0.0: can't add hid device: -71 [ 119.540608][ T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 119.575349][ T10] usb 3-1: USB disconnect, device number 2 [ 119.653268][ T6320] Illegal XDP return value 4294967274 on prog (id 23) dev syz_tun, expect packet loss! [ 119.931618][ T6332] netlink: 4 bytes leftover after parsing attributes in process `syz.0.62'. [ 121.755316][ T5876] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 121.779722][ T5876] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 121.873328][ T6349] netlink: 'syz.0.65': attribute type 21 has an invalid length. [ 121.881233][ T6349] netlink: 128 bytes leftover after parsing attributes in process `syz.0.65'. [ 121.890708][ T6349] netlink: 'syz.0.65': attribute type 5 has an invalid length. [ 121.898402][ T6349] netlink: 3 bytes leftover after parsing attributes in process `syz.0.65'. [ 123.197881][ T5876] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 123.216921][ T5876] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71 [ 123.540736][ T6362] loop4: detected capacity change from 0 to 64 [ 123.542820][ T5876] usb 5-1: USB disconnect, device number 2 [ 123.896224][ T6364] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 123.919654][ T6364] netlink: 16 bytes leftover after parsing attributes in process `syz.0.68'. [ 124.209840][ T6362] hfs: invalid btree extent records [ 125.348189][ T6362] hfs: unable to open extent tree [ 125.354090][ T6362] hfs: can't find a HFS filesystem on dev loop4 [ 125.530567][ T6370] loop1: detected capacity change from 0 to 256 [ 125.593597][ T6370] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 125.605117][ T6370] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 125.750959][ T6370] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 125.784497][ T6370] exFAT-fs (loop1): failed to load alloc-bitmap [ 125.792660][ T6370] exFAT-fs (loop1): failed to recognize exfat type [ 126.705879][ T116] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 126.895375][ T116] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 127.501537][ T116] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 127.585081][ T116] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 127.615553][ T116] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.799913][ T6398] 9pnet_fd: Insufficient options for proto=fd [ 127.858644][ T116] usb 3-1: usb_control_msg returned -32 [ 127.872111][ T116] usbtmc 3-1:16.0: can't read capabilities [ 128.085511][ T6405] netlink: 24 bytes leftover after parsing attributes in process `syz.4.78'. [ 128.102163][ T116] IPVS: starting estimator thread 0... [ 128.286042][ T6408] IPVS: using max 49 ests per chain, 117600 per kthread [ 129.361441][ T1219] usb 3-1: USB disconnect, device number 3 [ 129.452200][ T6397] loop1: detected capacity change from 0 to 32768 [ 129.501937][ T6397] ======================================================= [ 129.501937][ T6397] WARNING: The mand mount option has been deprecated and [ 129.501937][ T6397] and is ignored by this kernel. Remove the mand [ 129.501937][ T6397] option from the mount to silence this warning. [ 129.501937][ T6397] ======================================================= [ 129.799791][ T6424] tipc: Started in network mode [ 129.805368][ T6424] tipc: Node identity aaaaaaaaaa32, cluster identity 4711 [ 129.813640][ T6424] tipc: Enabled bearer , priority 10 [ 130.445105][ T6397] XFS (loop1): invalid logbufs value: 1 [not 2-8] [ 130.810312][ T6430] loop2: detected capacity change from 0 to 128 [ 130.822904][ T6430] EXT4-fs: Ignoring removed nobh option [ 131.395381][ T5876] tipc: Node number set to 10005162 [ 131.507328][ T6430] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 131.522508][ T6430] ext4 filesystem being mounted at /15/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 132.046130][ T52] Bluetooth: hci1: Malformed HCI Event [ 132.291736][ T5868] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 133.349255][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.365421][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.643340][ T6457] loop2: detected capacity change from 0 to 32768 [ 134.304309][ T6457] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 134.312678][ T6457] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 134.504610][ T6457] gfs2: fsid=syz:syz.0: journal 0 mapped with 9 extents in 0ms [ 134.606213][ T6014] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 134.830000][ T6014] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 134.954484][ T6014] kworker/0:9: attempt to access beyond end of device [ 134.954484][ T6014] loop2: rw=0, sector=137438959448, nr_sectors = 8 limit=32768 [ 135.142887][ T5876] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 135.319588][ T6484] delete_channel: no stack [ 135.402894][ T5876] usb 1-1: unable to get BOS descriptor or descriptor too short [ 135.408714][ T6014] gfs2: fsid=syz:syz.0: jid=0: Failed [ 135.518507][ T5876] usb 1-1: config 16 has an invalid interface number: 195 but max is 0 [ 135.610437][ T5876] usb 1-1: config 16 has no interface number 0 [ 135.720271][ T6457] gfs2: fsid=syz:syz.0: error recovering journal 0: -5 [ 135.725026][ T5876] usb 1-1: config 16 interface 195 altsetting 128 bulk endpoint 0xC has invalid maxpacket 1023 [ 135.832805][ T5876] usb 1-1: config 16 interface 195 altsetting 128 bulk endpoint 0x1 has invalid maxpacket 1024 [ 135.854540][ T5876] usb 1-1: config 16 interface 195 altsetting 128 endpoint 0xB has an invalid bInterval 251, changing to 11 [ 136.197905][ T5876] usb 1-1: config 16 interface 195 has no altsetting 0 [ 136.208159][ T5876] usb 1-1: New USB device found, idVendor=0421, idProduct=044d, bcdDevice=e6.ce [ 136.219220][ T6476] tipc: Started in network mode [ 136.224105][ T6476] tipc: Node identity aaaaaaaaaa32, cluster identity 4711 [ 136.231597][ T6476] tipc: Enabled bearer , priority 10 [ 136.239550][ T5876] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.258602][ T6489] netlink: 256 bytes leftover after parsing attributes in process `syz.2.86'. [ 136.271789][ T5876] usb 1-1: Product: syz [ 136.289391][ T5876] usb 1-1: Manufacturer: syz [ 136.319235][ T5876] usb 1-1: SerialNumber: syz [ 136.369135][ T6471] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 136.380989][ T6471] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 136.472512][ T6493] loop3: detected capacity change from 0 to 512 [ 136.497682][ T6493] EXT4-fs (loop3): can't mount with both data=journal and dax [ 136.620042][ T5876] usb 1-1: bad CDC descriptors [ 136.669064][ T5876] usb 1-1: USB disconnect, device number 3 [ 137.299421][ T10] tipc: Node number set to 10005162 [ 137.609787][ T30] audit: type=1326 audit(1758669246.015:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6515 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 138.101259][ T116] IPVS: starting estimator thread 0... [ 138.122765][ T30] audit: type=1326 audit(1758669246.015:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6515 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 138.425322][ T6524] IPVS: using max 33 ests per chain, 79200 per kthread [ 138.492703][ T30] audit: type=1326 audit(1758669246.015:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6515 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 138.774795][ T30] audit: type=1326 audit(1758669246.015:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6515 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 139.167811][ T30] audit: type=1326 audit(1758669246.015:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6515 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 139.283769][ T30] audit: type=1326 audit(1758669246.045:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6515 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 139.421224][ T30] audit: type=1326 audit(1758669246.465:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6515 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 139.657509][ T30] audit: type=1326 audit(1758669246.465:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6515 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 141.663756][ T6571] loop1: detected capacity change from 0 to 128 [ 141.671104][ T6571] efs: Unknown parameter '].@' [ 142.115470][ T6576] loop2: detected capacity change from 0 to 32768 [ 142.137263][ T6576] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 142.164211][ T6576] XFS (loop2): Ending clean mount [ 143.823268][ T5868] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 144.335885][ T6595] tipc: Started in network mode [ 144.340791][ T6595] tipc: Node identity aaaaaaaaaa32, cluster identity 4711 [ 144.348266][ T6595] tipc: Enabled bearer , priority 10 [ 144.355643][ T6595] lo speed is unknown, defaulting to 1000 [ 144.361779][ T6595] lo speed is unknown, defaulting to 1000 [ 144.373396][ T6595] lo speed is unknown, defaulting to 1000 [ 144.392520][ T6595] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 144.423545][ T6595] lo speed is unknown, defaulting to 1000 [ 144.431549][ T6595] lo speed is unknown, defaulting to 1000 [ 144.439329][ T6595] lo speed is unknown, defaulting to 1000 [ 144.448259][ T6595] lo speed is unknown, defaulting to 1000 [ 144.456016][ T6595] lo speed is unknown, defaulting to 1000 [ 145.057354][ T6614] loop4: detected capacity change from 0 to 64 [ 145.095061][ T6614] hfs: unable to change iocharset [ 145.465099][ T6014] tipc: Node number set to 10005162 [ 147.423919][ T6633] loop2: detected capacity change from 0 to 1 [ 147.455976][ T6608] loop1: detected capacity change from 0 to 32768 [ 147.507391][ T6633] syz.2.124: attempt to access beyond end of device [ 147.507391][ T6633] loop2: rw=2048, sector=0, nr_sectors = 8 limit=1 [ 147.662014][ T6633] SQUASHFS error: Failed to read block 0x0: -5 [ 147.669920][ T6633] unable to read squashfs_super_block [ 147.778923][ T6638] netlink: 'syz.4.125': attribute type 1 has an invalid length. [ 147.786691][ T6638] netlink: 224 bytes leftover after parsing attributes in process `syz.4.125'. [ 147.947571][ T6635] loop0: detected capacity change from 0 to 256 [ 148.212819][ T6635] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7b82335c, utbl_chksum : 0xe619d30d) [ 148.241739][ T6608] workqueue: Failed to create a rescuer kthread for wq "bcachefs": -EINTR [ 148.242319][ T6608] bcachefs (loop1): shutdown complete [ 149.834241][ T6652] vxcan1: tx address claim with different name [ 150.757986][ T6655] netlink: 'syz.4.129': attribute type 1 has an invalid length. [ 150.834771][ T6658] netlink: 'syz.0.131': attribute type 1 has an invalid length. [ 150.942756][ T6662] capability: warning: `syz.4.133' uses 32-bit capabilities (legacy support in use) [ 151.029089][ T6666] netlink: 'syz.3.135': attribute type 1 has an invalid length. [ 151.179587][ T6673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.134'. [ 151.509808][ T6680] siw: device registration error -23 [ 152.071849][ T6673] bridge_slave_1: left allmulticast mode [ 152.077752][ T6673] bridge_slave_1: left promiscuous mode [ 152.087078][ T6673] bridge0: port 2(bridge_slave_1) entered disabled state [ 152.336834][ T6673] bridge_slave_0: left allmulticast mode [ 152.348505][ T6673] bridge_slave_0: left promiscuous mode [ 152.354855][ T6673] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.912623][ T6688] tipc: Enabling of bearer rejected, already enabled [ 152.921381][ T6688] siw: device registration error -23 [ 153.457613][ T6608] bcachefs: bch2_fs_get_tree() error: ENOMEM_fs_other_alloc [ 153.709350][ T6710] netlink: 'syz.4.146': attribute type 1 has an invalid length. [ 153.732671][ T6710] netlink: 14436 bytes leftover after parsing attributes in process `syz.4.146'. [ 155.221451][ T6735] lo speed is unknown, defaulting to 1000 [ 155.493918][ T6738] loop4: detected capacity change from 0 to 128 [ 155.501117][ T6738] efs: Unknown parameter '].@' [ 155.606351][ T6734] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 155.852100][ T6745] netlink: 'syz.1.154': attribute type 1 has an invalid length. [ 155.885418][ T6745] netlink: 14436 bytes leftover after parsing attributes in process `syz.1.154'. [ 156.118380][ T6750] netlink: 'syz.1.156': attribute type 1 has an invalid length. [ 156.562704][ T6747] loop2: detected capacity change from 0 to 32768 [ 156.791313][ T6747] (syz.2.155,6747,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 156.831448][ T6747] (syz.2.155,6747,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 157.043727][ T6771] netlink: 4 bytes leftover after parsing attributes in process `syz.4.163'. [ 157.204037][ T6775] netlink: 'syz.2.165': attribute type 1 has an invalid length. [ 157.241807][ T6773] loop0: detected capacity change from 0 to 128 [ 157.248832][ T6773] efs: Unknown parameter '].@' [ 157.772653][ T6796] netlink: 'syz.1.174': attribute type 1 has an invalid length. [ 157.800833][ T6796] netlink: 6352 bytes leftover after parsing attributes in process `syz.1.174'. [ 158.123787][ T6802] loop3: detected capacity change from 0 to 32768 [ 158.177106][ T6802] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 158.185386][ T6802] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 158.208709][ T6802] gfs2: fsid=syz:syz.0: journal 0 mapped with 9 extents in 0ms [ 158.218934][ T5876] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 158.228600][ T5876] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 158.314666][ T5876] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 86ms [ 158.434008][ T5876] gfs2: fsid=syz:syz.0: jid=0: Done [ 158.454410][ T6802] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 158.504329][ T6802] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 2051 (type: exp=14, found=8), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1430 [ 158.520044][ T6802] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 158.533694][ T6802] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 158.542517][ T6802] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 158.549127][ T6802] gfs2: fsid=syz:syz.0: File system withdrawn [ 158.555252][ T6802] CPU: 1 UID: 0 PID: 6802 Comm: syz.3.177 Not tainted syzkaller #0 PREEMPT(full) [ 158.555276][ T6802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 158.555288][ T6802] Call Trace: [ 158.555294][ T6802] [ 158.555299][ T6802] dump_stack_lvl+0x189/0x250 [ 158.555319][ T6802] ? __pfx_dump_stack_lvl+0x10/0x10 [ 158.555331][ T6802] ? __pfx__printk+0x10/0x10 [ 158.555345][ T6802] ? kobject_uevent_env+0x36b/0x8c0 [ 158.555370][ T6802] gfs2_withdraw+0xb30/0x1430 [ 158.555397][ T6802] ? __pfx_gfs2_withdraw+0x10/0x10 [ 158.555408][ T6802] ? __pfx_wake_bit_function+0x10/0x10 [ 158.555429][ T6802] gfs2_quota_init+0x1109/0x1200 [ 158.555439][ T6802] ? __lock_acquire+0xab9/0xd20 [ 158.555464][ T6802] ? __pfx_gfs2_quota_init+0x10/0x10 [ 158.555473][ T6802] ? __pfx_wake_up_bit+0x10/0x10 [ 158.555491][ T6802] ? inode_go_inval+0x259/0x2c0 [ 158.555512][ T6802] gfs2_make_fs_rw+0x181/0x2b0 [ 158.555537][ T6802] gfs2_fill_super+0x1a7b/0x20d0 [ 158.555570][ T6802] ? __pfx_gfs2_fill_super+0x10/0x10 [ 158.555594][ T6802] ? init_locking+0xb8/0x210 [ 158.555624][ T6802] ? sb_set_blocksize+0x104/0x180 [ 158.555649][ T6802] ? setup_bdev_super+0x4c1/0x5b0 [ 158.555662][ T6802] get_tree_bdev_flags+0x40e/0x4d0 [ 158.555673][ T6802] ? __pfx_gfs2_fill_super+0x10/0x10 [ 158.555685][ T6802] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 158.555694][ T6802] ? __pfx_vfs_parse_comma_sep+0x10/0x10 [ 158.555713][ T6802] gfs2_get_tree+0x51/0x1e0 [ 158.555727][ T6802] vfs_get_tree+0x92/0x2b0 [ 158.555738][ T6802] do_new_mount+0x302/0x9e0 [ 158.555749][ T6802] ? apparmor_capable+0x137/0x1b0 [ 158.555763][ T6802] ? __pfx_do_new_mount+0x10/0x10 [ 158.555774][ T6802] ? ns_capable+0x8a/0xf0 [ 158.555790][ T6802] ? kmem_cache_free+0x19b/0x690 [ 158.555807][ T6802] __se_sys_mount+0x313/0x410 [ 158.555821][ T6802] ? __pfx___se_sys_mount+0x10/0x10 [ 158.555834][ T6802] ? do_syscall_64+0xbe/0xfa0 [ 158.555847][ T6802] ? __x64_sys_mount+0x20/0xc0 [ 158.555859][ T6802] do_syscall_64+0xfa/0xfa0 [ 158.555871][ T6802] ? lockdep_hardirqs_on+0x9c/0x150 [ 158.555884][ T6802] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.555895][ T6802] ? clear_bhb_loop+0x60/0xb0 [ 158.555907][ T6802] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.555918][ T6802] RIP: 0033:0x7f6fc139066a [ 158.555934][ T6802] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.555943][ T6802] RSP: 002b:00007f6fc21f7e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 158.555955][ T6802] RAX: ffffffffffffffda RBX: 00007f6fc21f7ef0 RCX: 00007f6fc139066a [ 158.555963][ T6802] RDX: 0000200000000400 RSI: 0000200000000300 RDI: 00007f6fc21f7eb0 [ 158.555970][ T6802] RBP: 0000200000000400 R08: 00007f6fc21f7ef0 R09: 0000000000000000 [ 158.555977][ T6802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000300 [ 158.555983][ T6802] R13: 00007f6fc21f7eb0 R14: 0000000000012629 R15: 0000200000000440 [ 158.556000][ T6802] [ 158.558971][ T6802] gfs2: fsid=syz:syz.0: can't make FS RW: -5 [ 160.106126][ T6842] netlink: 8 bytes leftover after parsing attributes in process `syz.3.186'. [ 160.123061][ T6842] netlink: 8 bytes leftover after parsing attributes in process `syz.3.186'. [ 160.900086][ T6862] loop2: detected capacity change from 0 to 128 [ 160.907486][ T6862] efs: Unknown parameter '].@' [ 163.026343][ T6903] netlink: 'syz.2.209': attribute type 1 has an invalid length. [ 163.134264][ T6905] netlink: 248 bytes leftover after parsing attributes in process `syz.1.210'. [ 163.449680][ T6912] loop2: detected capacity change from 0 to 128 [ 163.457011][ T6912] efs: Unknown parameter '].@' [ 163.672592][ T6911] loop3: detected capacity change from 0 to 65536 [ 163.835404][ T6911] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 164.226369][ T6911] XFS (loop3): Ending clean mount [ 164.705324][ T6934] tipc: Started in network mode [ 164.710233][ T6934] tipc: Node identity aaaaaaaaaa32, cluster identity 4711 [ 164.717739][ T6934] tipc: Enabled bearer , priority 10 [ 164.725472][ T6934] siw: device registration error -23 [ 165.845070][ T6014] tipc: Node number set to 10005162 [ 166.009384][ T5870] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 166.111699][ T6948] netlink: 'syz.4.222': attribute type 1 has an invalid length. [ 166.132519][ T6948] netlink: 'syz.4.222': attribute type 8 has an invalid length. [ 167.062147][ T6961] siw: device registration error -23 [ 168.284058][ T6974] fuse: Bad value for 'rootmode' [ 168.809059][ T6978] netlink: 'syz.4.228': attribute type 1 has an invalid length. [ 169.429618][ T6991] loop2: detected capacity change from 0 to 65536 [ 169.452400][ T6994] usb usb8: usbfs: process 6994 (syz.3.232) did not claim interface 0 before use [ 169.511611][ T6991] XFS (loop2): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 169.621493][ T6991] XFS (loop2): Ending clean mount [ 170.615529][ T30] audit: type=1800 audit(1758669278.995:14): pid=7011 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.231" name="file1" dev="loop2" ino=38 res=0 errno=0 [ 170.769722][ T30] audit: type=1800 audit(1758669278.995:15): pid=7012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.231" name="file1" dev="loop2" ino=38 res=0 errno=0 [ 170.805278][ T5868] XFS (loop2): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 171.534156][ T7026] loop3: detected capacity change from 0 to 256 [ 171.573779][ T7026] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 171.615105][ T7026] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 171.675860][ T7026] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 171.708752][ T7026] exFAT-fs (loop3): failed to load alloc-bitmap [ 171.754551][ T7026] exFAT-fs (loop3): failed to recognize exfat type [ 172.735202][ T116] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 173.067550][ T116] usb 1-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 173.344328][ T116] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 173.599466][ T116] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64 [ 173.659554][ T116] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 173.679148][ T7070] loop1: detected capacity change from 0 to 128 [ 173.723286][ T7070] efs: Unknown parameter '].@' [ 173.730453][ T116] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.838741][ T7037] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 174.330653][ T116] aiptek 1-1:17.0: Aiptek using 400 ms programming speed [ 174.362672][ T116] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input5 [ 174.566362][ T116] usb 1-1: USB disconnect, device number 4 [ 174.572263][ C0] aiptek 1-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 174.944606][ T7093] siw: device registration error -23 [ 175.557026][ T7105] No memory to map [ 177.621687][ T7132] loop0: detected capacity change from 0 to 32768 [ 177.656082][ T7132] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 177.664250][ T7132] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 177.696205][ T7132] gfs2: fsid=syz:syz.0: journal 0 mapped with 9 extents in 0ms [ 177.706700][ T10] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 177.713652][ T10] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 178.229556][ T10] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 515ms [ 178.246051][ T10] gfs2: fsid=syz:syz.0: jid=0: Done [ 178.253533][ T7132] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 178.382437][ T7132] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 2051 (type: exp=14, found=8), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1430 [ 178.399186][ T7132] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 178.409485][ T7132] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 178.418620][ T7132] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 178.425267][ T7132] gfs2: fsid=syz:syz.0: File system withdrawn [ 178.431344][ T7132] CPU: 0 UID: 0 PID: 7132 Comm: syz.0.267 Not tainted syzkaller #0 PREEMPT(full) [ 178.431359][ T7132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 178.431366][ T7132] Call Trace: [ 178.431371][ T7132] [ 178.431376][ T7132] dump_stack_lvl+0x189/0x250 [ 178.431399][ T7132] ? __pfx_dump_stack_lvl+0x10/0x10 [ 178.431416][ T7132] ? __pfx__printk+0x10/0x10 [ 178.431429][ T7132] ? kobject_uevent_env+0x36b/0x8c0 [ 178.431452][ T7132] gfs2_withdraw+0xb30/0x1430 [ 178.431474][ T7132] ? __pfx_gfs2_withdraw+0x10/0x10 [ 178.431484][ T7132] ? __pfx_wake_bit_function+0x10/0x10 [ 178.431510][ T7132] gfs2_quota_init+0x1109/0x1200 [ 178.431521][ T7132] ? __lock_acquire+0xab9/0xd20 [ 178.431546][ T7132] ? __pfx_gfs2_quota_init+0x10/0x10 [ 178.431556][ T7132] ? __pfx_wake_up_bit+0x10/0x10 [ 178.431570][ T7132] ? inode_go_inval+0x259/0x2c0 [ 178.431583][ T7132] gfs2_make_fs_rw+0x181/0x2b0 [ 178.431598][ T7132] gfs2_fill_super+0x1a7b/0x20d0 [ 178.431618][ T7132] ? __pfx_gfs2_fill_super+0x10/0x10 [ 178.431632][ T7132] ? init_locking+0xb8/0x210 [ 178.431642][ T7132] ? sb_set_blocksize+0x104/0x180 [ 178.431658][ T7132] ? setup_bdev_super+0x4c1/0x5b0 [ 178.431670][ T7132] get_tree_bdev_flags+0x40e/0x4d0 [ 178.431680][ T7132] ? __pfx_gfs2_fill_super+0x10/0x10 [ 178.431692][ T7132] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 178.431700][ T7132] ? __pfx_vfs_parse_comma_sep+0x10/0x10 [ 178.431718][ T7132] gfs2_get_tree+0x51/0x1e0 [ 178.431732][ T7132] vfs_get_tree+0x92/0x2b0 [ 178.431743][ T7132] do_new_mount+0x302/0x9e0 [ 178.431753][ T7132] ? apparmor_capable+0x137/0x1b0 [ 178.431767][ T7132] ? __pfx_do_new_mount+0x10/0x10 [ 178.431778][ T7132] ? ns_capable+0x8a/0xf0 [ 178.431794][ T7132] ? kmem_cache_free+0x19b/0x690 [ 178.431810][ T7132] __se_sys_mount+0x313/0x410 [ 178.431829][ T7132] ? __pfx___se_sys_mount+0x10/0x10 [ 178.431842][ T7132] ? do_syscall_64+0xbe/0xfa0 [ 178.431854][ T7132] ? __x64_sys_mount+0x20/0xc0 [ 178.431866][ T7132] do_syscall_64+0xfa/0xfa0 [ 178.431878][ T7132] ? lockdep_hardirqs_on+0x9c/0x150 [ 178.431892][ T7132] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.431902][ T7132] ? clear_bhb_loop+0x60/0xb0 [ 178.431914][ T7132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.431924][ T7132] RIP: 0033:0x7f4f4c59066a [ 178.431936][ T7132] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.431944][ T7132] RSP: 002b:00007f4f4d4a7e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 178.431956][ T7132] RAX: ffffffffffffffda RBX: 00007f4f4d4a7ef0 RCX: 00007f4f4c59066a [ 178.431963][ T7132] RDX: 0000200000000400 RSI: 0000200000000300 RDI: 00007f4f4d4a7eb0 [ 178.431970][ T7132] RBP: 0000200000000400 R08: 00007f4f4d4a7ef0 R09: 0000000000000000 [ 178.431978][ T7132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000300 [ 178.431985][ T7132] R13: 00007f4f4d4a7eb0 R14: 0000000000012629 R15: 0000200000000440 [ 178.432002][ T7132] [ 178.844260][ T7161] netlink: 1172 bytes leftover after parsing attributes in process `syz.3.278'. [ 178.853744][ T7161] openvswitch: netlink: Message has 5 unknown bytes. [ 178.934920][ T7132] gfs2: fsid=syz:syz.0: can't make FS RW: -5 [ 179.130925][ T7169] netlink: 256 bytes leftover after parsing attributes in process `syz.0.267'. [ 179.213742][ T7170] loop4: detected capacity change from 0 to 128 [ 179.273251][ T7170] efs: Unknown parameter '].@' [ 179.350632][ T7167] loop3: detected capacity change from 0 to 32768 [ 179.428297][ T7167] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 179.581031][ T7167] XFS (loop3): Ending clean mount [ 180.166434][ T5870] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 180.241423][ T7198] tipc: Enabling of bearer rejected, already enabled [ 180.250394][ T7198] siw: device registration error -23 [ 180.760335][ T10] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 180.925903][ T6014] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 181.005350][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 181.056171][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 181.145217][ T10] usb 1-1: New USB device found, idVendor=1345, idProduct=3008, bcdDevice= 0.00 [ 181.208751][ T6014] usb 3-1: Using ep0 maxpacket: 32 [ 181.315216][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.421031][ T10] usb 1-1: config 0 descriptor?? [ 181.435825][ T6014] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.460996][ T6014] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 181.533158][ T6014] usb 3-1: New USB device found, idVendor=0c70, idProduct=f00a, bcdDevice= 0.00 [ 181.773817][ T6014] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.862714][ T6014] usb 3-1: config 0 descriptor?? [ 181.960944][ T10] sony 0003:1345:3008.0002: unknown main item tag 0x0 [ 181.975439][ T10] sony 0003:1345:3008.0002: unknown main item tag 0x0 [ 181.998639][ T10] sony 0003:1345:3008.0002: unknown main item tag 0x0 [ 182.010701][ T7232] warning: `syz.1.295' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 182.035072][ T10] sony 0003:1345:3008.0002: unknown main item tag 0x0 [ 182.058039][ T10] sony 0003:1345:3008.0002: unknown main item tag 0x0 [ 182.076592][ T10] sony 0003:1345:3008.0002: unknown main item tag 0x0 [ 182.344218][ T7234] loop4: detected capacity change from 0 to 32768 [ 182.362037][ T10] sony 0003:1345:3008.0002: unknown main item tag 0x0 [ 182.373410][ T6014] aquacomputer_d5next 0003:0C70:F00A.0003: unknown main item tag 0x7 [ 182.385848][ T10] sony 0003:1345:3008.0002: unknown main item tag 0x0 [ 182.398916][ T7234] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 182.545663][ T6014] aquacomputer_d5next 0003:0C70:F00A.0003: hidraw0: USB HID v0.00 Device [HID 0c70:f00a] on usb-dummy_hcd.2-1/input0 [ 182.561571][ T7234] XFS (loop4): Ending clean mount [ 182.569763][ T10] sony 0003:1345:3008.0002: unknown main item tag 0x0 [ 182.920343][ T6014] usb 3-1: USB disconnect, device number 4 [ 182.980906][ T10] sony 0003:1345:3008.0002: hiddev0,hidraw1: USB HID v80.00 Device [HID 1345:3008] on usb-dummy_hcd.0-1/input0 [ 183.016274][ T10] sony 0003:1345:3008.0002: failed to claim input [ 183.029951][ T5866] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 183.094332][ T10] usb 1-1: USB disconnect, device number 5 [ 183.251181][ T7251] fido_id[7251]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 183.272297][ T7254] fido_id[7254]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 184.415163][ T7279] loop0: detected capacity change from 0 to 32768 [ 184.467892][ T7279] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 184.502846][ T7290] capability: warning: `syz.1.309' uses deprecated v2 capabilities in a way that may be insecure [ 184.594217][ T7279] XFS (loop0): Ending clean mount [ 184.908227][ T5871] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 185.753896][ T7334] netlink: 28 bytes leftover after parsing attributes in process `syz.1.323'. [ 186.281332][ T7349] loop0: detected capacity change from 0 to 32768 [ 186.391320][ T7349] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 186.654249][ T7349] XFS (loop0): Ending clean mount [ 187.535717][ T5871] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 187.889458][ T7396] syz.0.338 uses old SIOCAX25GETINFO [ 188.263974][ T7400] loop3: detected capacity change from 0 to 32768 [ 188.441379][ T7404] program syz.0.346 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 188.442831][ T7400] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 188.596717][ T7400] XFS (loop3): Ending clean mount [ 189.540405][ T5870] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 189.978599][ T7448] loop4: detected capacity change from 0 to 128 [ 189.985887][ T7448] efs: Unknown parameter '].@' [ 190.475171][ T7451] netlink: 'syz.2.362': attribute type 5 has an invalid length. [ 190.595859][ T7456] usb usb8: usbfs: process 7456 (syz.3.360) did not claim interface 0 before use [ 190.972024][ T7474] netlink: 1156 bytes leftover after parsing attributes in process `syz.4.366'. [ 191.017296][ T7474] openvswitch: netlink: Message has 12 unknown bytes. [ 191.471840][ T7484] loop4: detected capacity change from 0 to 32768 [ 191.535064][ T7484] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 191.546331][ T7490] loop2: detected capacity change from 0 to 256 [ 191.555677][ T7490] exfat: Deprecated parameter 'utf8' [ 191.563300][ T7490] exfat: Deprecated parameter 'namecase' [ 191.571339][ T7490] exfat: Deprecated parameter 'utf8' [ 191.620622][ T7484] XFS (loop4): Ending clean mount [ 191.735291][ T7490] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 192.444226][ T5866] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 192.735664][ T10] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 192.839076][ T7513] program syz.4.379 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 192.849513][ T6014] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 192.958882][ T10] usb 1-1: Using ep0 maxpacket: 8 [ 192.977853][ T10] usb 1-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 193.077674][ T6014] usb 3-1: Using ep0 maxpacket: 8 [ 193.113138][ T10] usb 1-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 193.123564][ T10] usb 1-1: config 0 interface 0 has no altsetting 0 [ 193.130783][ T10] usb 1-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00 [ 193.144278][ T6014] usb 3-1: config index 0 descriptor too short (expected 30, got 18) [ 193.152635][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 193.163043][ T6014] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 193.172609][ T6014] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 193.184080][ T10] usb 1-1: config 0 descriptor?? [ 193.191131][ T6014] usb 3-1: Product: syz [ 193.196291][ T6014] usb 3-1: Manufacturer: syz [ 193.201764][ T6014] usb 3-1: SerialNumber: syz [ 193.364831][ T6014] usb 3-1: config 0 descriptor?? [ 193.620446][ T6014] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 193.675349][ T6014] usb 3-1: setting power ON [ 193.686788][ T6014] dvb-usb: bulk message failed: -22 (2/0) [ 193.814928][ T6014] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 193.826001][ T6014] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 193.837805][ T6014] usb 3-1: media controller created [ 193.879852][ T6014] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 193.952525][ T10] steelseries 0003:1038:1410.0004: item fetching failed at offset 2/5 [ 193.963397][ T10] steelseries 0003:1038:1410.0004: parse failed [ 193.970271][ T10] steelseries 0003:1038:1410.0004: probe with driver steelseries failed with error -22 [ 193.981644][ T6014] usb 3-1: selecting invalid altsetting 6 [ 193.988899][ T6014] usb 3-1: digital interface selection failed (-22) [ 193.999007][ T6014] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 194.010493][ T6014] usb 3-1: setting power OFF [ 194.018819][ T6014] dvb-usb: bulk message failed: -22 (2/0) [ 194.025465][ T6014] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 194.047094][ T6014] (NULL device *): no alternate interface [ 194.137727][ T1219] usb 1-1: USB disconnect, device number 6 [ 194.294981][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.315942][ T6014] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 194.375953][ T6014] usb 3-1: USB disconnect, device number 5 [ 194.879659][ T7543] loop1: detected capacity change from 0 to 65536 [ 194.964824][ T7543] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 195.017743][ T7543] XFS (loop1): Ending clean mount [ 196.015896][ T5862] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 196.365186][ T5881] Bluetooth: hci3: command 0x0406 tx timeout [ 196.372628][ T5881] Bluetooth: hci2: command 0x0406 tx timeout [ 196.378812][ T5872] Bluetooth: hci1: command 0x0406 tx timeout [ 196.456506][ T7581] program syz.2.396 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 197.214127][ T7595] sch_tbf: burst 0 is lower than device lo mtu (18) ! [ 197.384801][ T7600] netlink: 92 bytes leftover after parsing attributes in process `syz.1.402'. [ 197.801503][ T7604] loop0: detected capacity change from 0 to 65536 [ 197.844341][ T7604] XFS (loop0): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 197.880634][ T7604] XFS (loop0): Ending clean mount [ 198.778497][ T5871] XFS (loop0): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 198.932244][ T7636] 9pnet_virtio: no channels available for device syz [ 198.945940][ T7634] netlink: 128 bytes leftover after parsing attributes in process `syz.1.413'. [ 198.995051][ T7634] netlink: 40 bytes leftover after parsing attributes in process `syz.1.413'. [ 199.276018][ T5876] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 199.537270][ T5876] usb 1-1: Using ep0 maxpacket: 32 [ 199.653622][ T5876] usb 1-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15 [ 199.685476][ T7652] program syz.3.419 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 199.690487][ T5876] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 199.723015][ T5876] usb 1-1: Product: syz [ 199.773598][ T5876] usb 1-1: Manufacturer: syz [ 199.821323][ T5876] usb 1-1: SerialNumber: syz [ 199.873510][ T5876] usb 1-1: config 0 descriptor?? [ 200.278869][ T5876] RobotFuzz Open Source InterFace, OSIF 1-1:0.0: version d4.15 found at bus 001 address 007 [ 200.523346][ T7639] i2c i2c-1: adapter quirk: no zero length (addr 0x0001, size 0, read) [ 200.549998][ T5876] usb 1-1: USB disconnect, device number 7 [ 200.658540][ T6014] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 200.789177][ T7681] netlink: 76 bytes leftover after parsing attributes in process `syz.2.429'. [ 200.872197][ T7683] tipc: Enabling of bearer rejected, already enabled [ 200.881070][ T7683] siw: device registration error -23 [ 200.935943][ T7685] program syz.2.434 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 200.997381][ T7687] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0) [ 201.086940][ T7680] loop3: detected capacity change from 0 to 32768 [ 201.105049][ T6014] usb 5-1: Using ep0 maxpacket: 32 [ 201.125843][ T6014] usb 5-1: config 4 has an invalid interface number: 128 but max is 0 [ 201.137964][ T7680] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 201.152156][ T6014] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 201.163249][ T6014] usb 5-1: config 4 has no interface number 0 [ 201.170509][ T6014] usb 5-1: config 4 interface 128 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 201.200706][ T6014] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 201.211717][ T7680] XFS (loop3): Ending clean mount [ 201.218953][ T6014] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.446533][ T6014] hub 5-1:4.128: bad descriptor, ignoring hub [ 201.452662][ T6014] hub 5-1:4.128: probe with driver hub failed with error -5 [ 201.474689][ T6014] usbhid 5-1:4.128: couldn't find an input interrupt endpoint [ 201.517515][ T7666] netlink: 16 bytes leftover after parsing attributes in process `syz.4.425'. [ 201.559987][ T7666] openvswitch: netlink: Message has 8 unknown bytes. [ 201.706418][ T5948] usb 5-1: USB disconnect, device number 3 [ 203.123964][ T7735] netlink: 36 bytes leftover after parsing attributes in process `syz.2.450'. [ 203.626365][ T5948] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 203.735971][ T7754] netlink: 4 bytes leftover after parsing attributes in process `syz.4.456'. [ 203.963758][ T7754] bridge_slave_1: left allmulticast mode [ 203.992151][ T7754] bridge_slave_1: left promiscuous mode [ 204.003811][ T5870] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 204.027362][ T7754] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.175144][ T5948] usb 1-1: Using ep0 maxpacket: 8 [ 204.184170][ T5948] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 204.813745][ T5948] usb 1-1: config 0 has no interface number 0 [ 204.853710][ T7754] bridge_slave_0: left allmulticast mode [ 204.876342][ T5948] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 204.887378][ T7754] bridge_slave_0: left promiscuous mode [ 204.898817][ T7754] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.914823][ T5948] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 204.945061][ T5948] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 204.998022][ T5948] usb 1-1: config 0 descriptor?? [ 205.032221][ T5948] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 205.253225][ T5948] usb 1-1: USB disconnect, device number 8 [ 206.080080][ T7789] netlink: 8 bytes leftover after parsing attributes in process `syz.0.470'. [ 206.115045][ T7789] netlink: 20 bytes leftover after parsing attributes in process `syz.0.470'. [ 206.253916][ T7788] loop4: detected capacity change from 0 to 32768 [ 206.356791][ T7788] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 206.398361][ T7788] XFS (loop4): Ending clean mount [ 207.060414][ T7820] 9pnet_fd: Insufficient options for proto=fd [ 207.831877][ T7822] netlink: 16 bytes leftover after parsing attributes in process `syz.0.479'. [ 208.016706][ T7826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.477'. [ 208.949128][ T7842] vxcan1: tx address claim with dest, not broadcast [ 209.118985][ T7849] netlink: 12 bytes leftover after parsing attributes in process `syz.2.487'. [ 209.475160][ T7860] vlan2: entered promiscuous mode [ 209.480478][ T7860] hsr0: entered promiscuous mode [ 209.639747][ T7861] 9pnet_fd: Insufficient options for proto=fd [ 210.200646][ T5866] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 210.230052][ T5876] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 210.386988][ T7863] loop1: detected capacity change from 0 to 128 [ 210.401783][ T5876] usb 1-1: Using ep0 maxpacket: 8 [ 210.417312][ T5876] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 210.425713][ T7863] efs: Unknown parameter '].@' [ 210.467071][ T5876] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 210.513064][ T5876] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 210.553901][ T5876] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 210.605224][ T5876] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 210.634475][ T5876] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.885107][ T5876] usb 1-1: GET_CAPABILITIES returned 0 [ 211.073710][ T5876] usbtmc 1-1:16.0: can't read capabilities [ 211.078928][ T7883] mmap: syz.2.501 (7883) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 211.148337][ T10] usb 1-1: USB disconnect, device number 9 [ 211.318046][ T7885] loop3: detected capacity change from 0 to 128 [ 211.330012][ T7885] efs: Unknown parameter '].@' [ 211.718735][ T7887] netlink: 'syz.4.502': attribute type 13 has an invalid length. [ 211.862148][ T7887] netlink: 24859 bytes leftover after parsing attributes in process `syz.4.502'. [ 212.208614][ T7902] netlink: 'syz.1.509': attribute type 1 has an invalid length. [ 212.230199][ T7903] loop4: detected capacity change from 0 to 256 [ 212.269353][ T7903] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 212.301876][ T7903] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 212.338097][ T7903] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 212.366265][ T7903] exFAT-fs (loop4): failed to load alloc-bitmap [ 212.394127][ T7903] exFAT-fs (loop4): failed to recognize exfat type [ 212.405404][ T6014] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 212.615323][ T6014] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 212.624415][ T6014] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.669225][ T6014] usb 1-1: config 0 descriptor?? [ 212.677971][ T6014] cp210x 1-1:0.0: cp210x converter detected [ 213.092468][ T6014] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 213.388963][ T6014] cp210x 1-1:0.0: failed to get vendor val 0x370c size 15: -71 [ 213.406682][ T6014] cp210x 1-1:0.0: GPIO initialisation failed: -71 [ 213.487351][ T6014] usb 1-1: cp210x converter now attached to ttyUSB0 [ 214.045111][ T6014] usb 1-1: USB disconnect, device number 10 [ 214.066717][ T6014] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 214.094269][ T6014] cp210x 1-1:0.0: device disconnected [ 214.266575][ T7951] netlink: 12 bytes leftover after parsing attributes in process `syz.1.529'. [ 214.341975][ T7951] macvtap1: entered promiscuous mode [ 214.353341][ T7951] vlan0: entered promiscuous mode [ 214.369345][ T7951] macvtap1: entered allmulticast mode [ 214.382295][ T7951] vlan0: entered allmulticast mode [ 214.389160][ T7951] veth0_vlan: entered allmulticast mode [ 214.825621][ T1219] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 215.139811][ T1219] usb 3-1: Using ep0 maxpacket: 8 [ 215.150795][ T1219] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 215.295034][ T1219] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 215.315163][ T1219] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 215.336575][ T1219] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 215.351611][ T1219] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 215.361430][ T1219] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.514686][ T7979] netlink: 128 bytes leftover after parsing attributes in process `syz.1.540'. [ 215.555291][ T7979] netlink: 72 bytes leftover after parsing attributes in process `syz.1.540'. [ 215.646260][ T1219] usb 3-1: GET_CAPABILITIES returned 0 [ 215.661958][ T1219] usbtmc 3-1:16.0: can't read capabilities [ 215.977163][ T1219] usb 3-1: USB disconnect, device number 6 [ 216.340462][ T30] audit: type=1326 audit(1758669324.745:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7994 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f4c52af79 code=0x7ffc0000 [ 216.556974][ T30] audit: type=1326 audit(1758669324.775:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7994 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f4c52af79 code=0x7ffc0000 [ 216.737488][ T30] audit: type=1326 audit(1758669324.775:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7994 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 216.955157][ T30] audit: type=1326 audit(1758669324.775:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7994 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 217.079127][ T30] audit: type=1326 audit(1758669324.775:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7994 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f4c52af79 code=0x7ffc0000 [ 217.201754][ T30] audit: type=1326 audit(1758669324.775:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7994 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 217.229578][ T30] audit: type=1326 audit(1758669324.775:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7994 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f4c52af79 code=0x7ffc0000 [ 217.262611][ T30] audit: type=1326 audit(1758669324.775:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7994 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f4c52af79 code=0x7ffc0000 [ 217.302077][ T30] audit: type=1326 audit(1758669324.775:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7994 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7ffc0000 [ 217.339874][ T30] audit: type=1326 audit(1758669324.775:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7994 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f4c52af79 code=0x7ffc0000 [ 217.656732][ T8036] syz.1.561 uses obsolete (PF_INET,SOCK_PACKET) [ 217.953503][ T8048] /dev/nullb0: Can't open blockdev [ 220.862720][ T8122] vxcan1: tx address claim with different name [ 220.903614][ T8121] loop0: detected capacity change from 0 to 32768 [ 220.959022][ T8121] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 221.008177][ T8121] XFS (loop0): Ending clean mount [ 221.119885][ T8134] loop2: detected capacity change from 0 to 128 [ 221.127155][ T8134] efs: Unknown parameter '].@' [ 221.594632][ T1219] kernel write not supported for file /input/mouse0 (pid: 1219 comm: kworker/1:2) [ 222.306968][ T8158] netlink: 'syz.2.605': attribute type 8 has an invalid length. [ 222.314863][ T8158] netlink: 4 bytes leftover after parsing attributes in process `syz.2.605'. [ 222.335850][ T8158] bond0: entered promiscuous mode [ 222.341047][ T8158] bond_slave_0: entered promiscuous mode [ 222.351514][ T8158] bond_slave_1: entered promiscuous mode [ 222.375703][ T5871] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 222.557031][ T8158] bond0: left promiscuous mode [ 222.574298][ T8158] bond_slave_0: left promiscuous mode [ 222.616841][ T8158] bond_slave_1: left promiscuous mode [ 222.963551][ T8174] vxcan1: tx address claim with different name [ 223.526259][ T8190] loop0: detected capacity change from 0 to 128 [ 223.533583][ T8190] efs: Unknown parameter '].@' [ 223.993737][ T30] kauditd_printk_skb: 41 callbacks suppressed [ 223.993754][ T30] audit: type=1326 audit(1758669332.395:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8201 comm="syz.3.620" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6fc138eec9 code=0x0 [ 224.045302][ T8199] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 224.052118][ T8199] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 224.091234][ T8199] vhci_hcd vhci_hcd.0: Device attached [ 224.124212][ T8200] vhci_hcd: connection closed [ 224.134771][ T6037] vhci_hcd: stop threads [ 224.154495][ T6037] vhci_hcd: release socket [ 224.729348][ T6037] vhci_hcd: disconnect device [ 224.775106][ T6014] vhci_hcd: vhci_device speed not set [ 224.976913][ T8219] netlink: 12 bytes leftover after parsing attributes in process `syz.1.624'. [ 225.030857][ T8221] tipc: New replicast peer: 0.0.0.0 [ 225.055445][ T8221] tipc: Enabled bearer , priority 10 [ 225.093526][ T8221] tipc: New replicast peer: fc02:0000:0000:0000:0000:0000:0000:0000 [ 225.503093][ T8231] loop4: detected capacity change from 0 to 32768 [ 225.565798][ T8231] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 225.707017][ T8231] XFS (loop4): Ending clean mount [ 226.065596][ T5865] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 226.202203][ T8263] netlink: 104 bytes leftover after parsing attributes in process `syz.0.642'. [ 226.247552][ T5865] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 226.300474][ T5865] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 226.345630][ T5865] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 226.354799][ T5865] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.388028][ T5865] usb 3-1: config 0 descriptor?? [ 226.470553][ T8270] netlink: 28 bytes leftover after parsing attributes in process `syz.0.645'. [ 226.604502][ T5865] usb 3-1: USB disconnect, device number 7 [ 227.223306][ T8275] netlink: 4 bytes leftover after parsing attributes in process `syz.0.646'. [ 227.355232][ T5948] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 227.409075][ T8285] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 227.426239][ T6014] IPVS: starting estimator thread 0... [ 227.535864][ T8289] IPVS: using max 32 ests per chain, 76800 per kthread [ 227.578492][ T5948] usb 4-1: Using ep0 maxpacket: 8 [ 227.587053][ T8293] Bluetooth: MGMT ver 1.23 [ 227.644784][ T5948] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 227.665126][ T5948] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 227.673189][ T5948] usb 4-1: Product: syz [ 227.698806][ T5866] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 227.736292][ T5948] usb 4-1: Manufacturer: syz [ 227.743273][ T5948] usb 4-1: SerialNumber: syz [ 227.913134][ T5948] usb 4-1: config 0 descriptor?? [ 228.041488][ T5948] gspca_main: sq930x-2.14.0 probing 2770:930c [ 229.226492][ T5948] gspca_sq930x: reg_w 0105 0f00 failed -71 [ 229.242842][ T5948] sq930x 4-1:0.0: probe with driver sq930x failed with error -71 [ 229.287799][ T5948] usb 4-1: USB disconnect, device number 5 [ 229.671711][ T5948] hid_parser_main: 1236 callbacks suppressed [ 229.671734][ T5948] hid-generic 0005:0007:0008.0005: unknown main item tag 0x0 [ 229.852305][ T5948] hid-generic 0005:0007:0008.0005: hidraw0: BLUETOOTH HID v0.08 Device [syz0] on aa:aa:aa:aa:aa:aa [ 230.122640][ T8347] fido_id[8347]: Failed to open report descriptor at '/sys/devices/virtual/bluetooth/hci4/hci4:200/report_descriptor': No such file or directory [ 230.156128][ T8350] loop3: detected capacity change from 0 to 256 [ 230.163661][ T8350] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 230.234139][ T8350] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 230.330123][ T8350] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 230.415710][ T8350] exFAT-fs (loop3): failed to load alloc-bitmap [ 230.447909][ T8350] exFAT-fs (loop3): failed to recognize exfat type [ 230.935334][ T6014] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 231.109795][ T6014] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 231.149549][ T6014] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.191771][ T6014] usb 4-1: Product: syz [ 231.209247][ T6014] usb 4-1: Manufacturer: syz [ 231.213922][ T6014] usb 4-1: SerialNumber: syz [ 231.584890][ T8388] vxcan1: tx address claim with different name [ 232.290185][ T6014] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO [ 232.315053][ T6014] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 232.382408][ T6014] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 232.431494][ T6014] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71 [ 232.508255][ T6014] usb 4-1: USB disconnect, device number 6 [ 233.499308][ T8418] loop1: detected capacity change from 0 to 256 [ 233.552153][ T5876] kernel write not supported for file bpf-prog (pid: 5876 comm: kworker/1:3) [ 233.623883][ T8418] FAT-fs (loop1): Directory bread(block 64) failed [ 233.710694][ T8418] FAT-fs (loop1): Directory bread(block 65) failed [ 233.740077][ T8418] FAT-fs (loop1): Directory bread(block 66) failed [ 233.775813][ T8418] FAT-fs (loop1): Directory bread(block 67) failed [ 233.802864][ T8418] FAT-fs (loop1): Directory bread(block 68) failed [ 233.819822][ T8418] FAT-fs (loop1): Directory bread(block 69) failed [ 233.874224][ T8418] FAT-fs (loop1): Directory bread(block 70) failed [ 233.898869][ T8418] FAT-fs (loop1): Directory bread(block 71) failed [ 234.041756][ T8418] FAT-fs (loop1): Directory bread(block 72) failed [ 234.067754][ T8418] FAT-fs (loop1): Directory bread(block 73) failed [ 234.846335][ T8418] tipc: Enabling of bearer rejected, failed to enable media [ 235.474663][ T8464] netlink: 'syz.1.710': attribute type 3 has an invalid length. [ 235.508572][ T8464] netlink: 8 bytes leftover after parsing attributes in process `syz.1.710'. [ 235.529953][ T8462] loop2: detected capacity change from 0 to 4096 [ 235.557221][ T8462] EXT4-fs: Ignoring removed oldalloc option [ 235.563243][ T8462] ext4: Unknown parameter 'nouser_xattr' [ 236.696359][ T8482] netlink: 20 bytes leftover after parsing attributes in process `syz.0.717'. [ 237.302657][ T8503] /dev/nullb0: Can't open blockdev [ 237.889382][ T67] wlan1: Trigger new scan to find an IBSS to join [ 237.897645][ T6358] udevd[6358]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 238.437388][ T6007] udevd[6007]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 238.514486][ T8518] netlink: 4 bytes leftover after parsing attributes in process `syz.0.726'. [ 238.965898][ T8527] team0: Device veth1_vlan failed to register rx_handler [ 240.647234][ T8570] loop4: detected capacity change from 0 to 32768 [ 240.759333][ T8570] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 240.796135][ T8570] XFS (loop4): Ending clean mount [ 241.544903][ T5866] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 241.703550][ T8585] input: syz1 as /devices/virtual/input/input7 [ 241.791995][ T8586] loop2: detected capacity change from 0 to 128 [ 241.837534][ T8586] efs: Unknown parameter '].@' [ 242.335151][ T10] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 242.495610][ T10] usb 1-1: Using ep0 maxpacket: 8 [ 242.518935][ T10] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 242.553666][ T10] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 242.583375][ T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 242.607526][ T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 242.618059][ T10] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 242.632053][ T10] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 242.644451][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 242.846767][ T6020] wlan1: Trigger new scan to find an IBSS to join [ 242.879815][ T10] usb 1-1: usb_control_msg returned -32 [ 242.896668][ T10] usbtmc 1-1:16.0: can't read capabilities [ 243.352936][ T8627] serio: Serial port ttyS3 [ 243.585480][ T8631] netlink: 4 bytes leftover after parsing attributes in process `syz.3.760'. [ 243.919087][ T8637] vxcan1: tx address claim with different name [ 244.049235][ T1341] wlan1: Trigger new scan to find an IBSS to join [ 244.182431][ T12] wlan1: Creating new IBSS network, BSSID ca:f3:74:5e:92:8a [ 245.105204][ T6014] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 245.139492][ T8657] loop4: detected capacity change from 0 to 128 [ 245.176066][ T8657] efs: Unknown parameter '].@' [ 245.274679][ T10] usb 1-1: USB disconnect, device number 11 [ 245.311179][ T6014] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 245.378171][ T6014] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 245.416994][ T6014] usb 2-1: Product: syz [ 245.430782][ T6014] usb 2-1: Manufacturer: syz [ 245.436622][ T6014] usb 2-1: SerialNumber: syz [ 245.451688][ T6014] usb 2-1: config 0 descriptor?? [ 245.472395][ T6014] ch341 2-1:0.0: ch341-uart converter detected [ 246.263134][ T8671] loop3: detected capacity change from 0 to 65536 [ 246.358232][ T8671] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 246.436541][ T8671] XFS (loop3): Ending clean mount [ 246.665575][ T8684] loop0: detected capacity change from 0 to 1764 [ 246.681374][ T8684] nullb0: [POWERTEC] [ 247.273458][ T8687] lo speed is unknown, defaulting to 1000 [ 247.349770][ T6014] ch341-uart ttyUSB0: failed to read break control: -71 [ 247.369420][ T5870] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 247.381330][ T6014] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 247.450486][ T6014] usb 2-1: USB disconnect, device number 2 [ 247.501115][ T6014] ch341 2-1:0.0: device disconnected [ 247.885822][ T1167] wlan1: Trigger new scan to find an IBSS to join [ 248.001393][ T8694] pim6reg1: entered promiscuous mode [ 248.015047][ T8694] pim6reg1: entered allmulticast mode [ 248.924637][ T35] wlan1: Creating new IBSS network, BSSID be:4d:7e:26:b5:30 [ 249.345762][ T8728] vxcan1: tx address claim with different name [ 250.107148][ T5948] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 250.201490][ T8742] netlink: 4 bytes leftover after parsing attributes in process `syz.1.791'. [ 250.347261][ T5948] usb 1-1: Using ep0 maxpacket: 32 [ 250.358622][ T8743] netlink: 4 bytes leftover after parsing attributes in process `syz.4.792'. [ 250.431679][ T5948] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 250.520748][ T5948] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.563541][ T5948] usb 1-1: config 0 descriptor?? [ 250.593679][ T8742] bridge_slave_1: left allmulticast mode [ 250.600120][ T8742] bridge_slave_1: left promiscuous mode [ 250.621582][ T8742] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.632304][ T8742] bridge_slave_0: left allmulticast mode [ 250.639666][ T8742] bridge_slave_0: left promiscuous mode [ 250.647955][ T8742] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.784054][ T5948] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 250.920300][ T5948] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 250.931903][ T5948] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 250.973429][ T5948] usb 1-1: media controller created [ 251.123922][ T8756] loop3: detected capacity change from 0 to 128 [ 251.136850][ T8756] efs: Unknown parameter '].@' [ 251.589660][ T5948] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 251.709862][ T5948] az6027: usb out operation failed. (-71) [ 251.777281][ T5948] az6027: usb out operation failed. (-71) [ 251.783051][ T5948] stb0899_attach: Driver disabled by Kconfig [ 251.827391][ T5948] az6027: no front-end attached [ 251.827391][ T5948] [ 251.846559][ T5948] az6027: usb out operation failed. (-71) [ 251.861871][ T5948] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 251.888772][ T5948] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input8 [ 251.928221][ T5948] dvb-usb: schedule remote query interval to 400 msecs. [ 252.098998][ T8771] gretap0: entered promiscuous mode [ 252.115343][ T5948] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 252.127117][ T5948] usb 1-1: USB disconnect, device number 12 [ 252.179754][ T8771] gretap0: left promiscuous mode [ 252.360274][ T8776] vxcan1: tx address claim with different name [ 252.784562][ T8782] loop0: detected capacity change from 0 to 256 [ 252.786617][ T5948] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 252.910326][ T8782] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 252.931365][ T8782] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 253.005245][ T8782] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 253.031422][ T8788] only policy match revision 0 supported [ 253.031444][ T8788] unable to load match [ 253.033194][ T8782] exFAT-fs (loop0): failed to load alloc-bitmap [ 253.049210][ T8782] exFAT-fs (loop0): failed to recognize exfat type [ 253.347844][ T5948] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 253.648786][ T5948] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 253.662952][ T8796] syz_tun: entered promiscuous mode [ 253.681720][ T8796] macsec1: entered allmulticast mode [ 253.685203][ T5948] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 253.687635][ T8796] syz_tun: entered allmulticast mode [ 253.712909][ T5948] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 253.743271][ T5948] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 253.766368][ T5948] usb 3-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 253.795115][ T5948] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 253.817521][ T5948] usb 3-1: Product: syz [ 253.837362][ T5948] usb 3-1: Manufacturer: syz [ 253.854582][ T5948] usb 3-1: SerialNumber: syz [ 253.884042][ T5948] usb 3-1: config 0 descriptor?? [ 254.152010][ T8812] loop4: detected capacity change from 0 to 128 [ 254.161927][ T8811] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3303861288 (422894244864 ns) > initial count (241705619456 ns). Using initial count to start timer. [ 254.165493][ T5948] adutux 3-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0 [ 254.198154][ T8812] efs: Unknown parameter '].@' [ 254.380160][ T10] usb 3-1: USB disconnect, device number 8 [ 254.847143][ T8824] vxcan1: tx address claim with different name [ 255.767678][ T5865] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 255.777537][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.938953][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 255.950440][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 255.970236][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 256.019901][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 256.063193][ T5865] usb 1-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 256.082663][ T5865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.104784][ T5865] usb 1-1: Product: syz [ 256.123327][ T5865] usb 1-1: Manufacturer: syz [ 256.138776][ T5865] usb 1-1: SerialNumber: syz [ 256.190655][ T5865] usb 1-1: config 0 descriptor?? [ 256.255052][ T10] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 256.425342][ T10] usb 2-1: Using ep0 maxpacket: 32 [ 256.432416][ T10] usb 2-1: config 0 has an invalid interface number: 132 but max is 0 [ 256.588030][ T10] usb 2-1: config 0 has no interface number 0 [ 256.601494][ T8850] netlink: 40 bytes leftover after parsing attributes in process `syz.4.827'. [ 256.605580][ T5865] adutux 1-1:0.0: ADU208 now attached to /dev/usb/adutux0 [ 256.691805][ T10] usb 2-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 256.809351][ T5865] usb 1-1: USB disconnect, device number 13 [ 256.941954][ T10] usb 2-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 256.956131][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.964166][ T10] usb 2-1: Product: syz [ 256.990815][ T10] usb 2-1: Manufacturer: syz [ 257.006690][ T10] usb 2-1: SerialNumber: syz [ 257.057023][ T10] usb 2-1: config 0 descriptor?? [ 257.267855][ T10] em28xx 2-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 257.316151][ T8859] netlink: 4 bytes leftover after parsing attributes in process `syz.4.829'. [ 257.440918][ T10] em28xx 2-1:0.132: Video interface 132 found: [ 257.459853][ T8861] trusted_key: syz.3.830 sent an empty control message without MSG_MORE. [ 257.658466][ T10] em28xx 2-1:0.132: unknown em28xx chip ID (0) [ 257.905131][ T5865] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 257.914508][ T8876] veth0: entered promiscuous mode [ 257.933220][ T8876] netlink: 4 bytes leftover after parsing attributes in process `syz.2.837'. [ 258.055774][ T5865] usb 1-1: Using ep0 maxpacket: 16 [ 258.086395][ T5865] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 258.105446][ T5865] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 258.121201][ T5865] usb 1-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 258.145971][ T5865] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 258.189701][ T5865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.230078][ T5865] usb 1-1: Product: syz [ 258.234327][ T5865] usb 1-1: Manufacturer: syz [ 258.263302][ T5865] usb 1-1: SerialNumber: syz [ 258.295323][ T10] em28xx 2-1:0.132: failed to read eeprom (err=-110) [ 258.303734][ T10] em28xx 2-1:0.132: em28xx_i2c_register: em28xx_i2_eeprom failed! retval [-110] [ 258.410831][ T8884] loop4: detected capacity change from 0 to 128 [ 258.450927][ T8884] efs: Unknown parameter '].@' [ 258.535073][ T10] em28xx 2-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 258.567263][ T10] em28xx 2-1:0.132: analog set to bulk mode. [ 258.584769][ T6014] em28xx 2-1:0.132: Registering V4L2 extension [ 258.598981][ T8888] lo speed is unknown, defaulting to 1000 [ 258.650136][ T10] usb 2-1: USB disconnect, device number 3 [ 258.686973][ T10] em28xx 2-1:0.132: Disconnecting em28xx [ 258.815830][ T5876] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 259.085502][ T5876] usb 4-1: config 0 has no interfaces? [ 259.094335][ T5876] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 259.119431][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 259.142017][ T5876] usb 4-1: Product: syz [ 259.158931][ T5876] usb 4-1: Manufacturer: syz [ 259.163568][ T5876] usb 4-1: SerialNumber: syz [ 259.173617][ T5948] usb 1-1: USB disconnect, device number 14 [ 259.220939][ T5876] usb 4-1: config 0 descriptor?? [ 259.257467][ T6014] em28xx 2-1:0.132: Config register raw data: 0xffffffed [ 259.299516][ T6014] em28xx 2-1:0.132: AC97 chip type couldn't be determined [ 259.327838][ T6014] em28xx 2-1:0.132: No AC97 audio processor [ 259.366981][ T6014] usb 2-1: Decoder not found [ 259.380192][ T6014] em28xx 2-1:0.132: failed to create media graph [ 259.395325][ T6014] em28xx 2-1:0.132: V4L2 device video103 deregistered [ 259.427085][ T6014] em28xx 2-1:0.132: Remote control support is not available for this card. [ 259.436601][ T10] em28xx 2-1:0.132: Closing input extension [ 259.472949][ T10] em28xx 2-1:0.132: Freeing device [ 259.501433][ T6014] usb 4-1: USB disconnect, device number 7 [ 259.732991][ T8912] netlink: 60 bytes leftover after parsing attributes in process `syz.4.849'. [ 259.948224][ T8910] loop2: detected capacity change from 0 to 32768 [ 259.988924][ T8910] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 260.026907][ T8910] XFS (loop2): Ending clean mount [ 260.048742][ T44] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 260.272700][ T44] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 260.902186][ T5948] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 260.909900][ T44] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 260.939006][ T5868] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 260.955262][ T44] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 260.964339][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.985943][ T30] audit: type=1326 audit(1758669369.385:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8940 comm="syz.1.857" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa7f238eec9 code=0x0 [ 260.992298][ T8914] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 261.027128][ T44] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 261.101121][ T5948] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 261.155108][ T5948] usb 5-1: config 0 has no interface number 0 [ 261.167419][ T5948] usb 5-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 261.210637][ T5948] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.289483][ T5948] usb 5-1: config 0 descriptor?? [ 261.331282][ T5948] usb 5-1: selecting invalid altsetting 1 [ 261.376468][ T5948] dvb_ttusb_budget: ttusb_init_controller: error [ 261.382845][ T5948] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 261.507557][ T44] usb 1-1: USB disconnect, device number 15 [ 261.644229][ T5948] DVB: Unable to find symbol cx22700_attach() [ 261.756859][ T5948] DVB: Unable to find symbol tda10046_attach() [ 261.771971][ T5948] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 261.792497][ T5948] usb 5-1: USB disconnect, device number 4 [ 262.227528][ T10] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 262.515167][ T8961] netlink: 'syz.0.864': attribute type 10 has an invalid length. [ 262.740384][ T8961] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 263.235824][ T8981] 9pnet_fd: Insufficient options for proto=fd [ 264.018880][ T44] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 264.307518][ T44] usb 1-1: Using ep0 maxpacket: 32 [ 264.336401][ T44] usb 1-1: config 0 has an invalid interface number: 184 but max is 0 [ 264.344608][ T44] usb 1-1: config 0 has no interface number 0 [ 264.369806][ T44] usb 1-1: config 0 interface 184 has no altsetting 0 [ 264.400018][ T44] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 264.408670][ T8994] netlink: 12 bytes leftover after parsing attributes in process `syz.3.875'. [ 264.417664][ T8993] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 264.433029][ T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 264.445646][ T44] usb 1-1: Product: syz [ 264.450430][ T44] usb 1-1: Manufacturer: syz [ 264.465228][ T44] usb 1-1: SerialNumber: syz [ 264.485535][ T44] usb 1-1: config 0 descriptor?? [ 264.494005][ T44] smsc75xx v1.0.0 [ 264.645021][ T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 264.827227][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 264.874041][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 264.892715][ T10] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 264.903047][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 264.919919][ T10] usb 2-1: config 0 descriptor?? [ 265.166714][ T5948] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 265.327057][ T9022] overlayfs: failed to decode file handle (len=4, type=251, flags=0, err=-22) [ 265.342533][ T5948] usb 3-1: Using ep0 maxpacket: 16 [ 265.358417][ T5948] usb 3-1: too many configurations: 97, using maximum allowed: 8 [ 265.360848][ T10] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 265.376949][ T5948] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 265.387344][ T10] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 265.387381][ T10] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 265.387409][ T10] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 265.387435][ T10] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 265.387462][ T10] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 265.387488][ T10] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 265.397712][ T10] cp2112 0003:10C4:EA90.0006: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0 [ 265.415933][ T5948] usb 3-1: config 0 has no interfaces? [ 265.424089][ T5948] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 265.518639][ T5948] usb 3-1: config 0 has no interfaces? [ 265.524546][ T44] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -61 [ 265.537489][ T44] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 265.550717][ T5948] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 265.570354][ T10] cp2112 0003:10C4:EA90.0006: Part Number: 0x00 Device Version: 0x00 [ 265.571404][ T5948] usb 3-1: config 0 has no interfaces? [ 265.596818][ T5948] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 265.611142][ T5948] usb 3-1: config 0 has no interfaces? [ 265.622549][ T5948] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 265.643119][ T5948] usb 3-1: config 0 has no interfaces? [ 265.650557][ T5948] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 265.661523][ T5948] usb 3-1: config 0 has no interfaces? [ 265.669480][ T5948] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 265.680171][ T5948] usb 3-1: config 0 has no interfaces? [ 265.687626][ T5948] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 265.698363][ T5948] usb 3-1: config 0 has no interfaces? [ 265.708301][ T6014] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 265.874107][ T5948] usb 3-1: string descriptor 0 read error: -71 [ 265.881630][ T5948] usb 3-1: New USB device found, idVendor=2304, idProduct=023b, bcdDevice=7b.5c [ 265.894552][ T5948] usb 3-1: New USB device strings: Mfr=249, Product=204, SerialNumber=224 [ 265.910654][ T6014] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 265.915968][ T5948] usb 3-1: config 0 descriptor?? [ 265.927045][ T44] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71 [ 265.928698][ T6014] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 265.948305][ T44] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71 [ 265.961469][ T44] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 265.965287][ T6014] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 265.971243][ T5948] usb 3-1: can't set config #0, error -71 [ 265.993268][ T6014] usb 5-1: config 0 descriptor?? [ 266.002759][ T6014] pwc: Askey VC010 type 2 USB webcam detected. [ 266.010744][ T44] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71 [ 266.025714][ T5948] usb 3-1: USB disconnect, device number 9 [ 266.065723][ T44] usb 1-1: USB disconnect, device number 16 [ 266.215787][ T8995] cp2112 0003:10C4:EA90.0006: Unsupported transaction 0 [ 266.236504][ T10] cp2112 0003:10C4:EA90.0006: error reading lock byte: -71 [ 266.265665][ T10] usb 2-1: USB disconnect, device number 4 [ 266.405305][ T6014] pwc: recv_control_msg error -32 req 02 val 2b00 [ 266.413482][ T6014] pwc: recv_control_msg error -32 req 02 val 2700 [ 266.424033][ T6014] pwc: recv_control_msg error -32 req 02 val 2c00 [ 266.473882][ T6014] pwc: recv_control_msg error -32 req 04 val 1000 [ 266.566164][ T9043] netlink: 8 bytes leftover after parsing attributes in process `syz.2.894'. [ 266.595682][ T6014] pwc: recv_control_msg error -32 req 04 val 1300 [ 266.846303][ T6014] pwc: recv_control_msg error -71 req 02 val 2000 [ 266.867823][ T6014] pwc: recv_control_msg error -71 req 02 val 2100 [ 266.901018][ T6014] pwc: recv_control_msg error -71 req 04 val 1500 [ 266.935506][ T6014] pwc: recv_control_msg error -71 req 02 val 2500 [ 266.969507][ T6014] pwc: recv_control_msg error -71 req 02 val 2400 [ 267.017409][ T6014] pwc: recv_control_msg error -71 req 02 val 2600 [ 267.057809][ T6014] pwc: recv_control_msg error -71 req 02 val 2900 [ 267.156981][ T6014] pwc: recv_control_msg error -71 req 02 val 2800 [ 267.189521][ T6014] pwc: recv_control_msg error -71 req 04 val 1100 [ 267.225477][ T6014] pwc: recv_control_msg error -71 req 04 val 1200 [ 267.260718][ T6014] pwc: Registered as video103. [ 267.274109][ T6014] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input9 [ 267.338528][ T6014] usb 5-1: USB disconnect, device number 5 [ 267.869377][ T9076] overlayfs: invalid redirect ((null)) [ 268.009830][ T9080] sd 0:0:1:0: PR command failed: 1026 [ 268.035379][ T9080] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 268.081446][ T9080] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 268.455922][ T10] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 268.465177][ T5876] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 268.625046][ T5876] usb 1-1: Using ep0 maxpacket: 16 [ 268.634599][ T5876] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 268.681808][ T5876] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 268.760063][ T5876] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.826268][ T5876] usb 1-1: Product: syz [ 268.837421][ T5876] usb 1-1: Manufacturer: syz [ 268.854026][ T5876] usb 1-1: SerialNumber: syz [ 268.947342][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 268.955252][ T5876] usb 1-1: config 0 descriptor?? [ 268.970215][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 268.981826][ T5876] hub 1-1:0.0: bad descriptor, ignoring hub [ 268.997964][ T5876] hub 1-1:0.0: probe with driver hub failed with error -5 [ 269.003567][ T10] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 269.037299][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.063508][ T10] usb 3-1: config 0 descriptor?? [ 269.163712][ T5876] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input10 [ 269.284780][ T5876] input: failed to attach handler mousedev to device input10, error: -5 [ 269.327780][ T9108] fuse: root generation should be zero [ 269.363788][ T5876] usb 1-1: USB disconnect, device number 17 [ 269.484434][ T10] cp2112 0003:10C4:EA90.0007: unknown main item tag 0x0 [ 269.501573][ T10] cp2112 0003:10C4:EA90.0007: unknown main item tag 0x0 [ 269.525134][ T10] cp2112 0003:10C4:EA90.0007: unknown main item tag 0x0 [ 269.565740][ T10] cp2112 0003:10C4:EA90.0007: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0 [ 269.665919][ T30] audit: type=1326 audit(1758669378.065:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9115 comm="syz.1.920" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa7f238eec9 code=0x0 [ 269.688590][ T10] cp2112 0003:10C4:EA90.0007: Part Number: 0x00 Device Version: 0x00 [ 269.707968][ T9118] netlink: 76 bytes leftover after parsing attributes in process `syz.4.919'. [ 270.292251][ T9087] cp2112 0003:10C4:EA90.0007: Error starting transaction: -38 [ 270.303299][ T10] cp2112 0003:10C4:EA90.0007: error reading lock byte: -71 [ 270.327501][ T10] usb 3-1: USB disconnect, device number 10 [ 270.372551][ T6014] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 270.545212][ T6014] usb 5-1: Using ep0 maxpacket: 8 [ 270.553890][ T6014] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 270.573901][ T6014] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 270.595094][ T6014] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 270.623775][ T6014] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 270.646207][ T6014] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 270.659837][ T6014] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.709906][ T6014] hub 5-1:1.0: bad descriptor, ignoring hub [ 270.735025][ T6014] hub 5-1:1.0: probe with driver hub failed with error -5 [ 270.756921][ T6014] cdc_wdm 5-1:1.0: skipping garbage [ 270.771250][ T6014] cdc_wdm 5-1:1.0: skipping garbage [ 270.792411][ T6014] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 270.800062][ T6014] cdc_wdm 5-1:1.0: Unknown control protocol [ 270.956369][ T5876] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 271.157110][ T5876] usb 2-1: Using ep0 maxpacket: 32 [ 271.177436][ T5876] usb 2-1: config 0 interface 0 has no altsetting 0 [ 271.204831][ T5876] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 271.217585][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.226162][ T5876] usb 2-1: Product: syz [ 271.230341][ T5876] usb 2-1: Manufacturer: syz [ 271.234938][ T5876] usb 2-1: SerialNumber: syz [ 271.258275][ T5876] usb 2-1: config 0 descriptor?? 0ÿü`§ € @#~[ 271.312508][ T9169] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input11 [ 271.343840][ T9131] usb 5-1: reset high-speed USB device number 6 using dummy_hcd [ 271.513811][ T9144] loop1: detected capacity change from 0 to 256 [ 271.591125][ T9144] FAT-fs (loop1): Directory bread(block 64) failed [ 271.613335][ T9144] FAT-fs (loop1): Directory bread(block 65) failed [ 271.629594][ T9144] FAT-fs (loop1): Directory bread(block 66) failed [ 271.656229][ T9144] FAT-fs (loop1): Directory bread(block 67) failed [ 271.694142][ T9144] FAT-fs (loop1): Directory bread(block 68) failed [ 271.721350][ T9144] FAT-fs (loop1): Directory bread(block 69) failed [ 271.729446][ T9144] FAT-fs (loop1): Directory bread(block 70) failed [ 271.746415][ T9144] FAT-fs (loop1): Directory bread(block 71) failed [ 271.747015][ T9178] netlink: 'syz.0.940': attribute type 1 has an invalid length. [ 271.753210][ T9144] FAT-fs (loop1): Directory bread(block 72) failed [ 271.781223][ T9178] netlink: 'syz.0.940': attribute type 2 has an invalid length. [ 271.782904][ T9144] FAT-fs (loop1): Directory bread(block 73) failed [ 271.913955][ T5876] gs_usb 2-1:0.0: Couldn't send data format (err=-71) [ 271.943756][ T5876] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -71 [ 271.969913][ T5876] usb 2-1: USB disconnect, device number 5 [ 272.757496][ T9131] usb 5-1: reset high-speed USB device number 6 using dummy_hcd [ 273.265566][ T6014] usb 5-1: USB disconnect, device number 6 [ 273.437690][ T9220] evm: overlay not supported [ 273.471760][ T9223] Bluetooth: hci0: unsupported parameter 32 [ 273.488978][ T9223] Bluetooth: hci0: invalid len left 4, exp >= 67 [ 273.727454][ T44] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 273.899580][ T44] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 273.909677][ T6014] kernel read not supported for file /dsp (pid: 6014 comm: kworker/0:9) [ 273.918436][ T44] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 273.950784][ T44] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 273.972901][ T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.197643][ T44] usb 3-1: usb_control_msg returned -32 [ 274.211362][ T44] usbtmc 3-1:16.0: can't read capabilities [ 274.259924][ T9250] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 274.611095][ T9257] usb 3-1: usbtmc_ioctl_clear_out_halt returned -32 [ 275.535358][ T9279] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 275.734906][ T9278] loop0: detected capacity change from 0 to 32768 [ 275.791281][ T9278] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 276.471853][ T9278] XFS (loop0): Ending clean mount [ 276.867998][ T6020] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 277.176179][ T6014] usb 3-1: USB disconnect, device number 11 [ 277.214670][ T5871] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 277.791075][ T9316] overlayfs: upper fs does not support file handles, falling back to index=off. [ 278.567411][ T9333] netlink: 'syz.2.989': attribute type 14 has an invalid length. [ 278.715066][ T44] usb 5-1: new low-speed USB device number 7 using dummy_hcd [ 278.886718][ T44] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 278.905124][ T44] usb 5-1: config 0 has no interface number 0 [ 278.911454][ T44] usb 5-1: config 0 interface 1 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 278.934156][ T44] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 278.953414][ T1151] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 278.969228][ T44] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 278.995777][ T44] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 279.019092][ T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.046043][ T44] usb 5-1: config 0 descriptor?? [ 279.063220][ T9330] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 279.099159][ T44] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 279.289455][ T9352] netlink: 'syz.1.996': attribute type 10 has an invalid length. [ 279.305632][ T9352] netlink: 40 bytes leftover after parsing attributes in process `syz.1.996'. [ 279.305773][ T6014] usb 5-1: USB disconnect, device number 7 [ 279.336067][ T9352] dummy0: entered promiscuous mode [ 279.345803][ T9352] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 279.465210][ T9356] af_packet: tpacket_rcv: packet too big, clamped from 64993 to 3952. macoff=96 [ 279.475130][ T9356] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0000:0000:7d01 with DS=0xe [ 280.115303][ T44] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 280.318056][ T44] usb 2-1: New USB device found, idVendor=2001, idProduct=b301, bcdDevice=45.a9 [ 280.345674][ T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.362601][ T44] usb 2-1: Product: syz [ 280.370692][ T44] usb 2-1: Manufacturer: syz [ 280.395038][ T44] usb 2-1: SerialNumber: syz [ 280.437612][ T44] r8152-cfgselector 2-1: Unknown version 0x0000 [ 280.464884][ T44] r8152-cfgselector 2-1: config 0 descriptor?? [ 280.508774][ T44] r8152 2-1:0.0: Expected endpoints are not found [ 282.873853][ T6014] r8152-cfgselector 2-1: USB disconnect, device number 6 [ 284.040941][ T9478] raw_sendmsg: syz.1.1025 forgot to set AF_INET. Fix it! [ 284.338172][ T30] audit: type=1326 audit(1758669392.745:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.3.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fc138eec9 code=0x7ffc0000 [ 284.490664][ T30] audit: type=1326 audit(1758669392.765:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.3.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fc138eec9 code=0x7ffc0000 [ 284.614709][ T30] audit: type=1326 audit(1758669392.775:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.3.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6fc138eec9 code=0x7ffc0000 [ 284.725449][ T30] audit: type=1326 audit(1758669392.775:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.3.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fc138eec9 code=0x7ffc0000 [ 284.814781][ T30] audit: type=1326 audit(1758669392.775:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.3.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fc138eec9 code=0x7ffc0000 [ 284.926148][ T30] audit: type=1326 audit(1758669392.775:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.3.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fc138eec9 code=0x7ffc0000 [ 285.025850][ T30] audit: type=1326 audit(1758669392.775:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.3.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fc138eec9 code=0x7ffc0000 [ 285.052566][ T9506] loop4: detected capacity change from 0 to 256 [ 285.075255][ T9506] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 285.086409][ T9506] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 285.142547][ T9506] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 285.155070][ T30] audit: type=1326 audit(1758669392.775:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.3.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f6fc138eec9 code=0x7ffc0000 [ 285.181515][ T9506] exFAT-fs (loop4): failed to load alloc-bitmap [ 285.193016][ T9506] exFAT-fs (loop4): failed to recognize exfat type [ 285.213293][ T30] audit: type=1326 audit(1758669392.775:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.3.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6fc138ef03 code=0x7ffc0000 [ 285.381932][ T30] audit: type=1326 audit(1758669392.775:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.3.1027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6fc138ef03 code=0x7ffc0000 [ 285.781390][ T9490] loop1: detected capacity change from 0 to 32768 [ 285.799336][ T9516] overlayfs: upper fs does not support file handles, falling back to index=off. [ 285.929533][ T9490] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 286.209011][ T5862] ocfs2: Unmounting device (7,1) on (node local) [ 286.615064][ T5865] usb 1-1: new full-speed USB device number 18 using dummy_hcd [ 286.814296][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 286.846877][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 286.865824][ T5865] usb 1-1: New USB device found, idVendor=046d, idProduct=c090, bcdDevice= 0.00 [ 286.874915][ T5865] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.916079][ T5865] usb 1-1: config 0 descriptor?? [ 287.351662][ T5865] logitech-hidpp-device 0003:046D:C090.0008: item fetching failed at offset 3/7 [ 287.385289][ T5865] logitech-hidpp-device 0003:046D:C090.0008: hidpp_probe:parse failed [ 287.414132][ T5865] logitech-hidpp-device 0003:046D:C090.0008: probe with driver logitech-hidpp-device failed with error -22 [ 287.533548][ T9560] loop1: detected capacity change from 0 to 128 [ 287.540829][ T9560] efs: Unknown parameter '].@' [ 287.600471][ T5865] usb 1-1: USB disconnect, device number 18 [ 288.564023][ T9571] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1053'. [ 291.725190][ T9607] loop1: detected capacity change from 0 to 32768 [ 291.835755][ T9607] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 291.866303][ T9607] XFS (loop1): Ending clean mount [ 291.997452][ T9619] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1066'. [ 292.016571][ T9619] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 292.747166][ T5862] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 292.776160][ T9619] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 292.831725][ T9631] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1067'. [ 293.300019][ T9630] bridge0: entered allmulticast mode [ 293.444187][ T9631] bridge_slave_1: left allmulticast mode [ 293.536373][ T9631] bridge_slave_1: left promiscuous mode [ 293.611413][ T9631] bridge0: port 2(bridge_slave_1) entered disabled state [ 294.167943][ T9631] bridge_slave_0: left allmulticast mode [ 294.173682][ T9631] bridge_slave_0: left promiscuous mode [ 294.185364][ T9631] bridge0: port 1(bridge_slave_0) entered disabled state [ 294.422124][ T9656] netlink: 'syz.3.1074': attribute type 10 has an invalid length. [ 294.484742][ T9631] bridge0 (unregistering): left allmulticast mode [ 294.574139][ T9640] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.721604][ T9656] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 294.841917][ T9640] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.869387][ T9664] fuse: Bad value for 'user_id' [ 294.874296][ T9662] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 294.919023][ T9664] fuse: Bad value for 'user_id' [ 294.991868][ T9640] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.159764][ T9640] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.364421][ T1341] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.390888][ T6037] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.449904][ T6020] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.498777][ T1341] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.507488][ T9683] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1084'. [ 295.633321][ T9685] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 295.654261][ T9683] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1084'. [ 295.683062][ T1341] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 295.716269][ T1341] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 295.761128][ T9683] 8021q: adding VLAN 0 to HW filter on device bond1 [ 295.791580][ T1341] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 295.821856][ T1341] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 296.317955][ T9701] loop2: detected capacity change from 0 to 128 [ 296.348159][ T9701] efs: Unknown parameter '].@' [ 296.476547][ T10] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 296.665393][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 296.733132][ T10] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 296.778441][ T10] usb 5-1: config 0 has no interface number 0 [ 296.865235][ T10] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 296.925203][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 296.978216][ T10] usb 5-1: Product: syz [ 297.001866][ T10] usb 5-1: Manufacturer: syz [ 297.038306][ T10] usb 5-1: SerialNumber: syz [ 297.110571][ T10] usb 5-1: config 0 descriptor?? [ 297.181215][ T10] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 298.621559][ T10] gspca_spca1528: reg_w err -71 [ 298.651705][ T10] spca1528 5-1:0.1: probe with driver spca1528 failed with error -71 [ 299.259901][ T10] usb 5-1: USB disconnect, device number 8 [ 299.313471][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 299.313490][ T30] audit: type=1326 audit(1758669407.715:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9730 comm="syz.0.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4c58eec9 code=0x7fc00000 [ 299.342136][ C1] vkms_vblank_simulate: vblank timer overrun [ 299.707371][ T9753] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1109'. [ 299.725345][ T9753] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1109'. [ 300.124628][ T9750] loop2: detected capacity change from 0 to 65536 [ 300.209596][ T9750] XFS (loop2): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 300.241000][ T9750] XFS (loop2): Ending clean mount [ 300.433159][ T30] audit: type=1800 audit(1758669408.825:88): pid=9768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1105" name="file1" dev="loop2" ino=38 res=0 errno=0 [ 300.624508][ T5868] XFS (loop2): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 301.482586][ T9790] netlink: 'syz.1.1116': attribute type 27 has an invalid length. [ 301.496095][ T9792] kvm: pic: non byte write [ 301.518510][ T9790] netlink: 'syz.1.1116': attribute type 4 has an invalid length. [ 301.527765][ T9790] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1116'. [ 301.538190][ T9791] process 'syz.4.1117' launched './file0' with NULL argv: empty string added [ 302.302544][ T9803] loop3: detected capacity change from 0 to 256 [ 302.328430][ T9803] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 302.341130][ T9803] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 302.416663][ T9803] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 302.429063][ T9806] loop2: detected capacity change from 0 to 16 [ 302.505345][ T9803] exFAT-fs (loop3): failed to load alloc-bitmap [ 302.511644][ T9803] exFAT-fs (loop3): failed to recognize exfat type [ 302.957136][ T9813] binder_alloc: 9811: binder_alloc_buf size 16480 failed, no address space [ 303.142845][ T9813] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 12288 (num: 1 largest: 12288) [ 303.712473][ T9831] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1130'. [ 304.579923][ T9854] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1136'. [ 304.849293][ T9856] loop2: detected capacity change from 0 to 64 [ 306.373984][ T9871] loop0: detected capacity change from 0 to 65536 [ 306.422843][ T9871] XFS (loop0): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 306.520374][ T9871] XFS (loop0): Ending clean mount [ 306.746705][ T30] audit: type=1800 audit(1758669415.145:89): pid=9881 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1142" name="file1" dev="loop0" ino=38 res=0 errno=0 [ 306.948318][ T9883] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1143'. [ 307.057744][ T5871] XFS (loop0): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 307.176171][ T9886] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1143'. [ 309.369026][ T5865] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 309.545053][ T5865] usb 1-1: Using ep0 maxpacket: 32 [ 309.553152][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 309.564353][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 309.575733][ T5865] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 309.584824][ T5865] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.596465][ T5865] usb 1-1: config 0 descriptor?? [ 309.980630][ T1167] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 310.028181][ T5865] hid_parser_main: 4 callbacks suppressed [ 310.028205][ T5865] ft260 0003:0403:6030.0009: unknown main item tag 0x7 [ 310.221751][ T5865] ft260 0003:0403:6030.0009: chip code: 6424 8183 [ 310.431022][ T5865] ft260 0003:0403:6030.0009: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.0-1/input0 [ 310.643151][ T5865] ft260 0003:0403:6030.0009: failed to retrieve status: -32, no wakeup [ 310.703036][ T5865] ft260 0003:0403:6030.0009: failed to retrieve status: -32 [ 311.050213][ T9904] i2c i2c-1: adapter quirk: too many messages (addr 0x0003, size 0, read) [ 311.934865][ T9941] 9pnet_fd: Insufficient options for proto=fd [ 312.687158][ T5876] usb 1-1: USB disconnect, device number 19 [ 317.095645][ T9985] syzkaller0: entered promiscuous mode [ 317.114104][ T9985] syzkaller0: entered allmulticast mode [ 317.171261][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 321.926617][T10054] CUSE: unknown device info "€" [ 321.931560][T10054] CUSE: zero length info key specified [ 321.942945][T10056] input: syz1 as /devices/virtual/input/input12 [ 322.058334][T10060] loop0: detected capacity change from 0 to 256 [ 322.104823][T10060] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 322.119918][T10060] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 322.167167][T10060] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 322.250925][T10060] exFAT-fs (loop0): failed to load alloc-bitmap [ 322.259360][T10060] exFAT-fs (loop0): failed to recognize exfat type [ 323.794398][T10072] loop1: detected capacity change from 0 to 256 [ 323.805872][T10069] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 323.828463][T10072] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 323.867992][T10072] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 323.892013][T10072] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 323.916242][T10072] exFAT-fs (loop1): failed to load alloc-bitmap [ 323.922734][T10072] exFAT-fs (loop1): failed to recognize exfat type [ 324.470203][T10076] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 324.840333][T10087] lo speed is unknown, defaulting to 1000 [ 325.865985][ T1219] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 326.328113][ T1219] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 326.905277][ T1219] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 326.929497][ T30] audit: type=1326 audit(1758669435.325:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10085 comm="syz.4.1194" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f184798eec9 code=0x0 [ 326.994532][ T1219] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 327.053800][ T1219] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 327.180856][ T1219] usb 1-1: SerialNumber: syz [ 327.430686][ T1219] usb 1-1: 0:2 : does not exist [ 327.516653][ T1219] usb 1-1: USB disconnect, device number 20 [ 327.609628][ T6007] udevd[6007]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 327.896952][T10126] loop1: detected capacity change from 0 to 256 [ 327.933050][T10126] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 327.973972][T10126] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 328.000920][T10129] tipc: Enabled bearer , priority 0 [ 328.016425][T10126] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 328.048100][T10126] exFAT-fs (loop1): failed to load alloc-bitmap [ 328.063787][T10126] exFAT-fs (loop1): failed to recognize exfat type [ 328.654941][T10128] syzkaller0: entered promiscuous mode [ 328.715298][T10128] syzkaller0: entered allmulticast mode [ 328.792566][T10128] tipc: Resetting bearer [ 328.975767][T10127] tipc: Resetting bearer [ 329.252040][T10146] loop3: detected capacity change from 0 to 512 [ 329.290857][T10146] EXT4-fs (loop3): Test dummy encryption mode enabled [ 329.309754][T10146] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 329.368716][T10146] EXT4-fs (loop3): Errors on filesystem, clearing orphan list. [ 329.519913][T10146] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 329.598256][T10150] BUG: sleeping function called from invalid context at fs/inode.c:1928 [ 329.608781][T10150] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 10150, name: syz.1.1213 [ 329.617994][T10150] preempt_count: 1, expected: 0 [ 329.622868][T10150] RCU nest depth: 0, expected: 0 [ 329.627927][T10150] 2 locks held by syz.1.1213/10150: [ 329.633152][T10150] #0: ffff88805a2b60e0 (&type->s_umount_key#94){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0 [ 329.643963][T10150] #1: ffff88805a2b6998 (&s->s_inode_list_lock){+.+.}-{3:3}, at: hook_sb_delete+0xae/0xbd0 [ 329.654484][T10150] Preemption disabled at: [ 329.654500][T10150] [<0000000000000000>] 0x0 [ 329.663344][T10150] CPU: 1 UID: 0 PID: 10150 Comm: syz.1.1213 Not tainted syzkaller #0 PREEMPT(full) [ 329.663372][T10150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 329.663394][T10150] Call Trace: [ 329.663402][T10150] [ 329.663412][T10150] dump_stack_lvl+0x189/0x250 [ 329.663448][T10150] ? __pfx_dump_stack_lvl+0x10/0x10 [ 329.663472][T10150] ? __pfx__printk+0x10/0x10 [ 329.663503][T10150] ? print_lock_name+0xde/0x100 [ 329.663535][T10150] __might_resched+0x495/0x610 [ 329.663571][T10150] ? __pfx___might_resched+0x10/0x10 [ 329.663599][T10150] ? __lock_acquire+0xab9/0xd20 [ 329.663645][T10150] iput+0x2b/0xc50 [ 329.663671][T10150] ? hook_sb_delete+0x1a8/0xbd0 [ 329.663702][T10150] hook_sb_delete+0x6b5/0xbd0 [ 329.663724][T10150] ? hook_sb_delete+0x1a8/0xbd0 [ 329.663748][T10150] ? __pfx_hook_sb_delete+0x10/0x10 [ 329.663780][T10150] ? __pfx_fsnotify_sb_delete+0x10/0x10 [ 329.663798][T10150] ? evict_inodes+0x684/0x6d0 [ 329.663818][T10150] ? __pfx_evict_inodes+0x10/0x10 [ 329.663845][T10150] security_sb_delete+0x80/0x150 [ 329.663872][T10150] generic_shutdown_super+0xaa/0x2c0 [ 329.663905][T10150] kill_litter_super+0x76/0xb0 [ 329.663925][T10150] deactivate_locked_super+0xbc/0x130 [ 329.663955][T10150] cleanup_mnt+0x425/0x4c0 [ 329.663980][T10150] ? lockdep_hardirqs_on+0x9c/0x150 [ 329.664010][T10150] task_work_run+0x1d4/0x260 [ 329.664036][T10150] ? __pfx_task_work_run+0x10/0x10 [ 329.664071][T10150] do_exit+0x6b5/0x2300 [ 329.664100][T10150] ? do_raw_spin_lock+0x121/0x290 [ 329.664125][T10150] ? __pfx_do_exit+0x10/0x10 [ 329.664163][T10150] do_group_exit+0x21c/0x2d0 [ 329.664186][T10150] ? lockdep_hardirqs_on+0x9c/0x150 [ 329.664214][T10150] get_signal+0x1285/0x1340 [ 329.664263][T10150] arch_do_signal_or_restart+0xa0/0x790 [ 329.664289][T10150] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 329.664314][T10150] ? __se_sys_futex+0x36f/0x400 [ 329.664351][T10150] ? exit_to_user_mode_loop+0x40/0x130 [ 329.664381][T10150] exit_to_user_mode_loop+0x72/0x130 [ 329.664408][T10150] do_syscall_64+0x2bd/0xfa0 [ 329.664433][T10150] ? lockdep_hardirqs_on+0x9c/0x150 [ 329.664458][T10150] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.664478][T10150] ? clear_bhb_loop+0x60/0xb0 [ 329.664501][T10150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.664520][T10150] RIP: 0033:0x7fa7f238eec9 [ 329.664537][T10150] Code: Unable to access opcode bytes at 0x7fa7f238ee9f. [ 329.664548][T10150] RSP: 002b:00007fa7f31eb0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 329.664569][T10150] RAX: fffffffffffffe00 RBX: 00007fa7f25e5fa8 RCX: 00007fa7f238eec9 [ 329.664584][T10150] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa7f25e5fa8 [ 329.664596][T10150] RBP: 00007fa7f25e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 329.664608][T10150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 329.664620][T10150] R13: 00007fa7f25e6038 R14: 00007fff0979b340 R15: 00007fff0979b428 [ 329.664653][T10150] [ 330.275572][ T5870] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.597930][T10127] tipc: Disabling bearer