last executing test programs: 1m53.892686172s ago: executing program 0 (id=609): socket(0x1e, 0x80004, 0x0) socket(0x1e, 0x4, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x3, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 1m53.30084489s ago: executing program 0 (id=611): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) mount$9p_fd(0x0, 0x0, &(0x7f00000001c0), 0x480, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 1m52.307163479s ago: executing program 0 (id=612): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="05000000010000008e000000c9e7000001000000", @ANYRES32, @ANYBLOB="00e64f173a"], 0x50) 1m51.196401538s ago: executing program 0 (id=613): socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() r1 = socket$inet(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x3f0, 0x0, 0x40000, 0x198, 0x0, 0x198, 0x380, 0x358, 0x358, 0x380, 0x358, 0x3, 0x0, {[{{@ip={@multicast2, @broadcast, 0x0, 0x0, 'vcan0\x00', 'wg1\x00'}, 0x0, 0x158, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0002191400000000000404fff0cf81dfd28c89544e14cd3e01dd24289831866346c88621039b284c3ff45c42995560a99952bed40cf5a8b9fb6133db7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a7dbaae5592e8b15900000100", 0x8}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@ip={@remote, @dev, 0x0, 0x0, 'team_slave_1\x00', 'netdevsim0\x00'}, 0x0, 0x70, 0x198}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:system_cron_spool_t:s0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x450) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) socket$inet6(0xa, 0x80002, 0x0) r5 = getpid() r6 = syz_pidfd_open(r5, 0x0) setns(r6, 0x24020000) r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r7, 0x0, 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 1m49.910568682s ago: executing program 0 (id=616): syz_mount_image$fuse(0x0, &(0x7f0000002280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x4080, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 1m49.632226903s ago: executing program 0 (id=618): syslog(0x4, 0xfffffffffffffffc, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'dvmrp0\x00', 0xe43986f95b0e4309}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r5}, 0x18) request_key(0x0, 0x0, 0x0, 0x0) r6 = socket(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r9, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) sendmsg$can_bcm(r6, &(0x7f0000000400)={&(0x7f00000001c0)={0x1d, r9}, 0x10, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x40040}, 0x4840) sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) 1m33.819647441s ago: executing program 32 (id=618): syslog(0x4, 0xfffffffffffffffc, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'dvmrp0\x00', 0xe43986f95b0e4309}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r5}, 0x18) request_key(0x0, 0x0, 0x0, 0x0) r6 = socket(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r9, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) sendmsg$can_bcm(r6, &(0x7f0000000400)={&(0x7f00000001c0)={0x1d, r9}, 0x10, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x40040}, 0x4840) sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) 18.561971572s ago: executing program 1 (id=753): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r1}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff85000000040000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sched_setaffinity(0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x555, &(0x7f0000000640)="$eJzs3U9oHNUfAPDvzCb59U9+JhURWxQDHipIt9larHpqe7GHggU9iHhoaDc1dNOEJAUTemjBi1BB1KuHXgTP3iV3byKoN48iVJGIJyEyu7PJmuwmIWSdJPP5wOy+N2+T9747vMx7M/NIAKU1lr2kEScj4noSMdJRNhB54Vjrcyt/3LuRbUmsrr71exJJvq/9+SR/P55njkTEd5cjnqxsrnd+cen2RKNRn8vzZxemZ8/OLy6dmZqeuFW/Vb9TO/fq+Qvjr9XO1/Ys1odfffbLlatvPvvxh++/Mvl940wSF2M4L+uMY6+Mxdjad9Ip+14v7HVlBRroOPYcLJX8+A1GxNMxEpW812dGYuphoY0D+mq1ErEKlFSi/0NJtccB7bl9P+bB+9njS60J0Ob4B1rXRuJIc250bCXpmBm15ruje1B/Vsff9059kW3Rp+sQW7n/ICKe6RZ/0mzbaPMqThZ/+q/404gYz9+z/ed2Wf/YhvxBiv9iR/yXd1l/0fEDUE7Ll1on8s3nv3Rt/BNdxj/DXc5du1H0+a/3+G89/kqP8d+1Hdbx80dXPu1V1jn+y7as/vZY8L/w+EHEqa7xJ2vxJ13iz8Y913dYxxs//HalV1nR8a8+ijjddf6zfkcr2fr+5NnJqUZ9vPXatY5vvn3vy171Fx1/dvyP9Yh/q+Of7ZvdYR1fX3s03ats+/jTX4eSt5upoXzPBxMLC3O1iKHk6ub920xE2p9p/44s/hdf2Lr/d4v/aDZ32GH8s+/cXtl9/P2VxX9zl8f/kx3W8de7d5/rVVZ0/AAAAAAAAHCYpM1nOZK0upZO02q1tYb3qTiWNmbmF16anLl752brmY/RGEzbd7pHWvkky9fy52Hb+XMb8i9HxImI+LxytJmv3php3Cw6eAAAAAAAAAAAAAAAAAAAANgnjm9Y//9npbX+HyiJgaIbABRG/4fy0v+hvPR/KC/9H8pL/4fy0v+hvPR/KC/9H8pL/4fy0v8BAAAA4FA68fzyT0lE3H/9aHPLDOVlg4W2DOi3tOgGAIWpFN0AoDBu/UN5meMDyTblR3oVLG/3kwAAAAAAAAAAAADAXjl90vp/KCvr/6G8rP+H8rL+H8rLHB+w/h8AAAAAAAAAAAAA9r/h5pak1Xwt8HCkabUa8f+IGI3BZHKqUR+PiCci4sfK4P+yfK3oRgMAAAAAAAAAAAAAAAAAAMAhM7+4dHui0ajPSUhISKwliv7LBAAAAAAAAAAAAAAAAAAA5bO+6LfolgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAcdb//3//EkXHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcTP8EAAD//wugIGI=") openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) fallocate(r6, 0x0, 0x0, 0xfffb) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_netfilter(0x10, 0x3, 0xc) unlinkat(0xffffffffffffff9c, 0x0, 0x200) syz_emit_ethernet(0x5e, 0x0, 0x0) 15.651825255s ago: executing program 1 (id=757): io_setup(0x8, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc539, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0) 13.85166683s ago: executing program 1 (id=761): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000809, 0x0, 0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x1c0) mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0/file0'}}, {@workdir={'workdir', 0x3d, './file1'}}]}) syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f0000000040)='./bus\x00', 0x322020, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120) 13.144693356s ago: executing program 1 (id=763): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x20100, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x200) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), r3) sendmsg$IEEE802154_ADD_IFACE(r3, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000dffbdbdf25210000000500200041e9ff000b001f0070687931000000000c000500"], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x20048000) ioctl$TUNSETOFFLOAD(r1, 0x4004743d, 0x110e22fff6) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000001700)='\f', 0x1}], 0x2, 0x0, 0x0, 0x10}, 0x0) r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r6}, @generic={0x66}, @initr0, @exit, @alu={0x7, 0x0, 0x5, 0x3}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha512\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000580)="c705e395312d4e1a5df95256a640a7570000000087eeb182", 0xffffffffffffffe6) r8 = accept4(r7, 0x0, 0x0, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$alg(r9, &(0x7f0000000e80)=[{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000080)="be520b39ee0eec58dea2bf1efa027df3646073995c1194dfd8e1640e7aef69e5978d8ca658bc98fe3984e39be1d393650084302062687d35b3373223efbbba58f8e01a1b687a950d358232ba4a17ef5c541991b959794208f29eba4c0a27d0facaa937dfc8bd5813d59397afb9835cdef72582a2fd3d0f3d8d931bf19367f7ffe09f7ecad3944a52236d88e726742bfb28425a03595dd1f02063204d5745d52c4dc039ebca2e74cd4edce0770ba2246d8aaeaefc672d05f7b230e7c29040e2af1c677c9930b87a96ee509824c80a5b461f3a18762ba3fd", 0xd7}, {&(0x7f0000000200)="35d23d54d84d0d3c46509b5f068cc04702aed26ba2d81fc46fff24a43acce8cdee822cee5287f4c72034c5666b7e41237b348bf94d33ff5766e85954b94dd2a9528381ceadd9c080cbc680790cd52cd087318a4fd9911092329736a99031f76b2cb1c704c0e8e79c6a5f9fec5a4258a48401d76547b1788dbdae9577f3138864efd058922d184ac5b1d270de9e881287cfd803ed5c69ebee069d58ac84c11d89", 0xa0}, {&(0x7f0000000400)="c079b09883300562afbf1441dbd9e2cb3b2d929be5e00e7937ab448971a7dbfbad61ba07cdde07016f83f55456781949444f1eabd5d8f4cdc37a5dd070b25657a585906c3c53ccee5bf5a5152e1b4acdb6a446a4978a4e689272e8dcf8ba762082ab129c855a23fb", 0x68}, {&(0x7f0000000480)="b7d645662f88dd7f3a188182d4deb411b6427b3ace83a0f01176f533b148e925fa3389246f9748be5c6f69fe8c20966997c4bba3eabfc3656911d17b6898d33648eb56721e3c5e6a6d200176cfa37b08ca04b880b046124483df87efdaea48f1a82099a1fee2862910cb08eb23a22972b2ecd05f61eca925cb385e8ee62bf952a41a3f1b458f8c7f652c6b24a67f2156e5", 0x91}, {&(0x7f00000005c0)="393d8c923b54352e545748e732e8dac9d2f37ca999e0a3e06c3038202be0caaa61d2c27cb2a65308cbfb167befac4f66f85dfa9964e38374d0285cadb61aaa5ef5b8ae241a8434d7349789e1b507d7f366778d195d10fdefd1c0e2f95f584cf5c76c0c7c90ef3e2986e37fa3b341c1d7ee578456c4c9bf7817aeccd2c0382f6010053b1a3eaec998f8f647aa885c1f3bb4524e4fd7c3cca2", 0x98}, {&(0x7f0000000540)="e02dd6102ed38e2199c9752ce07053d4bf1585004b48f1d9214eab877f302c852fe45a06eddab0040f92fc36a80e2ab711254d3fd1edd48b40b39eb7c23f0350", 0x40}, {&(0x7f0000000680)="21f590dc23b63ea13f5aafc8047c214914532b22ae3cf65cc7a540b8c20dd10bc89d6f4ef8cc1b5539dc2ee24c99332c9fb1f7942f375082555afaf3d04df4ed54743b06984ffd6783e5ba40c5501fec97609e9265b93919bbe6fddd75d6f49f44d397fdc0a95979255f4eb2f497db48b58f3e", 0x73}], 0x7, &(0x7f00000007c0)=[@op={0x18}, @iv={0x20, 0x117, 0x2, 0x6, "dcc6eb5e6dce"}, @op={0x18}, @op={0x18}], 0x68, 0x4001}, {0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f0000000840)}, {&(0x7f00000008c0)="4b7cb955af7d007f53da7af50846ca52323a9d121fad99947e7af7ba2700fa5c0ae0ab6bfd8d0ab70b395b6fa1d3851c07e03301afc7a6a1ac6b9f5e3f3e15f229bff7e1efcdcb976e39058d62fcc7f8c51f1d39e2984e1712dd4033d285a10b3508132765f49038ed764af68baaf2582ad078aaa55b2555aac3cfdfaf16ef0f329c21", 0x83}, {&(0x7f0000000980)="99838852c0febf58dc4fcdd22d8e5f1c23f1aa36e6d1b4fb2236d3c46e140666d575beb88e8fa1c7365a6d440ac9f391e8213977bf7bd4ed8e7e278de1e55b1ca0ea226420141a272342d782c8a9c0ee8fa6aadb2cecbae3c7dad3116b4de01929fb21017bf248dc1ac550a8b9cbfd734c4ee62966f195bf2f281d", 0x7b}, {&(0x7f0000000a00)="05d0d0ed0b560db3d9a998bc8a4284084033f1913c340b9666aeda5b93a2fbd14fd31fba5269f005777e54f4fe971f3b46ad680000b05a9592ee13a9d071fec073", 0x41}, {&(0x7f0000000ac0)="2e2e610a87eb7a52b1a2d6b17e54e760667dcfec12923de1d260ce96208ffd9c3a3aa0054a7f51c790e2c2a1a66cac773d6b7e035b83b1f208f4afd7c96ca456ad0f366910f62e6aa7d0ba8a6e774aefe167893fed99727b6d3f983bb48f8cbe672cf65734fcf1506416d847f24a871c5ea9fe951e0d42adf330c8e7fa4fe9e6a5b3412684dba2187135fbe0375d4cf21de7ee5cd98116a458ca995720a07df9e0c32eb2d1c1cde7e69a04535d9ee4f743986f2b2830fe097572c4b7b9251ecd92aaaa9307e6d162f54d67", 0xcb}, {&(0x7f0000000bc0)="af180d348826e86f54d1d68d9d01d0ae6683cd76d304798427a97fccc513e844c83a4e82286d43543446e25b427e6d6d1fb85a75c26245c7b132b076c46aaee5a8fdd0316ebfdbab3a5292782d8573fb8e1cb7a202e75ed62e2cfb5c98641905818d3c8405c3ff469bad17923c26693e13c03749ae3a", 0x76}, {&(0x7f0000000c40)="e6eb755e73624e2c2bf86a0657caec4e06aad817bd25e0580363170ca18519e920720e65ba9241c04d11bc87738ed5e5039c7d610c450b31345c4abf64465a4002fccd6ab3c48b0885e32d1ac7ffc4ff745f1ad73f1fb3347cd0eaca06e8be139ee28c0f6251d9d3b1d440a38df1cf6d0d63172b9f942b2d4e6ee769ed932e1836416e9e19a43db956da", 0x8a}, {&(0x7f0000000d00)="8e105f50cfd25f9d792b5feda9c5d524bd3d165bce84cd272d9a0c723a52503dc3d35c00cadfca0e4af8f17989a58b34c57b70550f48bafd182f59b464a642ebad9a4cfb225ef61f810acdd65cf3073f24dfbe6c954fe8966b072722f841489e3b", 0x61}], 0x8, &(0x7f0000000e00)=[@op={0x18, 0x117, 0x3, 0x1}, @op={0x18}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18}], 0x60, 0x800}], 0x2, 0x20048080) sendfile(r9, r8, 0x0, 0x5) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r10}, 0x10) sendmmsg$sock(r5, &(0x7f0000000cc0)=[{{&(0x7f0000000100)=@l2tp={0x2, 0x0, @multicast1}, 0x80, 0x0}}, {{&(0x7f0000000700)=@hci={0x1f, 0xffffffffffffffff, 0x3}, 0x80, 0x0}}], 0x400000000000297, 0x48094) close(r0) r11 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x200000a, 0x13, r11, 0x40000) write$cgroup_type(r1, &(0x7f0000000280), 0x9) 7.718215711s ago: executing program 3 (id=769): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000700), 0xff, 0x49b, &(0x7f0000001040)="$eJzs3MtvVNUfAPDvnbY8fjzaHyIKglbQSHy0tKCycKFGExeamOgCl7UtiAzU0JoIabQYg0tD4t64NPEvcOfGqAtj4lYTl4aEaGNCcTXmvugwnSltaTvS+XyS6ZxzH3PO9957Zs69p/cG0LH60z9JxPaI+DUievPsrQv0529zs9OjN2anR5Oo1d74M8mWuz47PVouWq63rcgcrkRUPkni+WRhuZMXLp4ZqVbHzxf5wamz7w1OXrj41OmzI6fGT42fGz5+/NjRoWefGX56VeJM47q+78OJ/XtfeevKa6Mnrrz9w9dptfYcyOfXx3FbN5oE1ER/utX+qmUa5z26jLrfDXbUpZPuNlaEZemKiHR39WTtvze6Yn7n9cbLH7dec/P6VBBYM+lv0yIteaYGbGBJtLsGQHuUP/Tp+W/5Wqeux3/CtRciNhXpudnp0bmb8XdHpZjes4bl90fEiZl/vkhfsdzrEAAAK5D1bZ5s1v+rxJ7sPR/r2FmMofRFxP8jYldE3BMRuyPi3ohs2fsi4v585VrvEsvvb8gv7P9Urjat8ypJ+3/P1fX95uriL976uorcjiz+nuTk6er4kWKbHI6ezWl+aJEyvn3pl89azavv/6WvtPyyL1hU4Gp3wwW6sZGpkdXaCNcuRezrbhZ/cnMkID0C9kbEvuV99M4ycfrxr/a3Wuj28S9iFcaZal9GPJbv/5loiL+ULD4+ObglquNHBsujYqEff778eqvy7yj+VXDt4AN5Yn7/NyzR+3eSj9f2RLU6fn5y+WVc/u3Tluc0Kz3+NyVvZmPWP72TT/tgZGrq/FDEpuTVLF+e02XTh+fXLfPl8unxf/hQ8/a/q1gnjT/dSulBfCAiHoyIh4q6PxwRByPi0CLxf//iI+8uEn8SSbRv/1+KGGv6/Xfz+O9L6sfrV5DoOvPdN61GzOv3fy1ptf+PxUz2XZvLvv9uY6kVvMPNBwAAAHeFSkRsj6QykKf7t0elMjCQ/w//7vhfpToxOfXEyYn3z43l9wj0RU+lvNLVW3c9dCiZKT4xzw8X14rL+UeL68afd23N8gOjE9WxNscOnW7bre0/yvaf+qOr3bUD1pz7taBzNbb/SpvqAay/pfz+OxeAjenW9r8l/bO1XXUB1pfzf+hczdr/Rw15/X/YmBY+AOj3Jo+sAzYi/X/oXNo/dC7tHzpSfif8lVjJff0rT5Q3C6z8c7Ys+Q7/TkmUT7xYy7K2xvyUqLQ95A5KpC1mfQudf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3ezfAAAA//+5XeWQ") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x0) socket(0x10, 0x803, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="02000000000080008000120008"], 0xa0}}, 0x0) socket(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10}, 0x50) vmsplice(r3, &(0x7f0000000380)=[{&(0x7f0000000280)="c1c7d5c65fc27233f5c34ad1b11d24fc27f031e385f29143f696", 0x1a}, {&(0x7f0000000440)="99898f95e610d1dbc5f7faa144f2694ab36976dc9e58b53a2ec088a25846f5293531ea2f8323281e0e2727a6d9e029e968412fd19484e93d5cb1101d92cd1f50268d70f406242a98857e5856bbc6e9de2665f5670cd9278cbb5121f2cd262f620f44207bb855898ba3c408c48ba939ec6bea466942652648ee8505610da713b7f0b84452b8882e0f775252aba2edfff451d7c2c0dd66382cd8e53a3606db3169220775efb28a9fc092c4c65a1f75b8d4704e6e7062d6174b", 0xb8}], 0x2, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) bpf$MAP_CREATE(0x0, 0x0, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r4, &(0x7f0000000200), 0xf000) 7.717366272s ago: executing program 4 (id=770): socket(0x1e, 0x80004, 0x0) socket(0x1e, 0x4, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b7000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x3, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 7.116251179s ago: executing program 4 (id=771): io_setup(0x490, &(0x7f0000000000)) syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f00000007c0)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x80, 0x1c, {0x0, 0x0, 0xb, 0x0, 0x1, 0x4, 0x7, 0x40, 0x6, 0xe, 0x0, 0x1000}}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0) 6.708297912s ago: executing program 3 (id=772): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_open_procfs(0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) sched_rr_get_interval(r0, &(0x7f0000000000)) 6.248522359s ago: executing program 3 (id=774): r0 = syz_create_resource$binfmt(0x0) socket$nl_route(0x10, 0x3, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) mount$binderfs(0x0, 0x0, 0x0, 0x0, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r4}, &(0x7f00000001c0), &(0x7f0000000240)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1341, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r7 = openat$binfmt(0xffffffffffffff9c, r0, 0x41, 0x1ff) pwritev(r7, &(0x7f00000020c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000002080)="5d5ca2f8", 0x4}], 0x4, 0x6, 0x0) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r8, 0x800448d2, 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) 6.247987539s ago: executing program 4 (id=775): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x2000020, &(0x7f0000000300)={[{@nombcache}, {@mblk_io_submit}, {@data_ordered}, {@lazytime}, {@nombcache}, {@min_batch_time={'min_batch_time', 0x3d, 0x200009}}, {@test_dummy_encryption_v1}, {@init_itable_val={'init_itable', 0x3d, 0x5}}, {@acl}]}, 0x5, 0x4ea, &(0x7f00000006c0)="$eJzs3UtvG1sdAPD/OPa9yW3AuYVFqURb+lCKoE7S9BGxKK3EY1UJUfZpSJwoihNXidM2UQXuJwChCpBYsWKDxAdAQv0ICKkS7FiwAlWQ0gUbZDR+tI1jh+TWjdvk95NO58w59fz/x4/xnJlRHMCRdSYibkbEQERciIh8sz3TLFFtlPT/vdh6NJuWJGq1O/9MImm2tW/zWPNhqe9/N+KHyc64axubSzOlUnF1e/PmpcXlmYXiQnFlcnLi2tT1qatT43scSZLdrXc4Im586+XPf/Kb79z4w9cf/G36Hxd/lKZ1t9nfaRy90Bh6LgZbDdV3EaV/0vdNtj5CAAA+BOcj4nhEnI2Ir0Y+BmLXw2gAAADgA1T75vDHrSoAAABwOGXq98YmmULzft/hyGQKhcY9vF+MTzKl8lrla/Pl9ZW5xj20I5HLzC+WiuPNe4VHIpek6xP1+uv1y23rkxHxaUQ8yQ+l6/U+AAAA4GAca5v/v8w35v8AAADAIeNiPAAAABx+5v8AAABw+Jn/AwAAwKH2vdu301J7sfWo/jsAc/c31pfK9y/NFdeWCsvrs4XZ8uq9wkK5vFAqFgb+//ZK5fK9K7Gy/nCskl2rjK1tbE4vl9dXKtP13/WeLh4/gDEBAAAA2316+ulfkoiofmOoXlIfNftyfc0MeI8k2baGu1/pUyZAT+zhlP52Z9bfTSLAgWv/TgeODnN8IGlvaDswGOx2qPDH/cdyzAEAAP0x+iXX/+GoyvQ7AaBvftrvBIC+cS4ejq7c/u8ABA6ZHdf/2wx269jz9f9abV8JAQAAPTfcWFSjeS1wODKZQuHVZcFkfrFUHI+Iz0fEn/O5j9P1iT7mCwAAAAAAAAAAAAAAAAAAAAAAAAAfolotiRoAAABwqEVk/p40f/9rNH9+uP38wEfJf/L1ZUQ8+NWdXzycqVRWJ9L2f71qr/yy2X65H2cwAAAA4CjK7drbmqe35vEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Esvth7NtspBxn1+K4ZipFP8bAzWl4ORi4hP/p1E9o3HJREx0IP41ccRcaJT/CRNK0aaWbTHz0TEUJ/jH+tBfDjKnt6KiJudPn+ZOFNfdv78ZZvlbT2/Vf+Qd4zf2v8NdNn/fW6PMU4++91Y1/iPI05mO+9/WvGTLvHP7TH+3R9sbnbrq/06YrTj90+yLdZYZfne2NrG5qXF5ZmF4kJxZXJy4trU9amrU+Nj84ulYvPfjjF+9uXfV590HX+mvnwzfmucI40Mf9xt/Of3OP7/Pnu49YVGNbczfsTFc51f/xP1ZefnP31PXGh+D6T9o616tVF/06nf/ulUt9zS+HNdnv/G65+vdRv/xb0Nf8eYAYD+WtvYXJoplYqrB1A5e6V3G0wOKGeVLpXB9yONg658+6230zocfpvt/LVn40rnDJ27+rxjAgAAeu71QX+/MwEAAAAAAAAAAAAAAAAAAICj6zP98bDT+3tUe8xqf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCr/wUAAP//GpnIcw==") sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) socket$pppl2tp(0x18, 0x1, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000000002) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bpf$MAP_CREATE(0x0, 0x0, 0x48) r6 = dup(r5) sendmsg$netlink(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000540)=ANY=[], 0x1b8}, {0x0, 0x1f88}], 0x2}, 0x0) r7 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r7, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4) bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000640)=[{0x6, 0x0, 0x0, 0xea}]}, 0x10) sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10) sendmmsg$inet(r7, &(0x7f0000001780)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000004c0)="48ca8b98825ad05ecffa939c1c3f3abe962e289527340a9df3ca6a2d07954526dbc1734e9a6e1e26e4fa634d92009ed008cc3a7e5f36b40685bae810134441fdc3d3a30034038c5ae30a2ecc9ab1e87c3783b1f44bf73bcd89aa1fa45ca62dffe4e3863c445fa43350f4cb136cbfc130c556a37442fad8258458834fc01cbed5a5a48487795104f157aff06b58b8d3", 0x8f}, {&(0x7f0000000740)="97d17744aa9566d244b4a6a7bac3043aad7ead0625c7a01517485ca1171e2d8b21659736b5247ad8288fdd48f9bc2cdf7ab29c70255fbab7766e6e0d0d3fa89bad35b4aed5a0965fe952f7", 0x4b}, {&(0x7f0000000280)="d0dc81873ef03a796b2a22ba029070ad1380604c9f", 0x15}, {&(0x7f00000002c0)="6d2657493131db30447fce55af67ac7f10106db6d5cacd06cd9a77b801ded29e208feef1fc2a5bbf1c2783c821e1d0c07bbb11ed8ebb37d0dbcfac913bf604dd833dd7fd2cbd028227ddfaec1d73aed98147250dac77ea7c6603f217dd6648ef9dd91e3fc2f0f7d40cbd9199b32b62d89c1c1cb6ce18e744658c1c50fdba612b6ff093a3c8d0b813aef1aa5ed0c1ed82ae1eaaada03e42b1c2", 0x99}, {&(0x7f00000025c0)="7ce25d3d1ff616b9177084ce66661b70adff5e1974482c2e0574573896b909e9096359f8b1ab5032a4518865e7294d4f1132967e5271493a7b8711f1ce353779600c5cab79530917268c15b3c2a9736169a7e6bf69467e0127f832ad8e43040945513537e70b9852bfb336e7a42f4331ed804be1e2c6786f6485a60639058ff9b6e9c96e88dbba0c7a10a29186a66ce520a3884bff954bea8683307de777354c8b8b0a1c05342942a465d13eb0864300cbe91f209d4c9074d0faf49c371c3cf98d224bb2a2a7e2cb66ca83fbdc9f838a79f71f5c2f1c08b3d3902af23ef7eaf496ed24677cda4295945ecd059b7b79e9e8758c40bbbe66e65e65c8229ed44fbcf0e46643c65138ce387cdeb28b99fdf63f20ed9f8f746e83593c5f994af84db339c0d815ac0b1163cc76f58138e8ccdabdff833b7ea97722c6a9260d0389aedd69cf92fb1ca9c302c4c517a79877895a8c203f964091e9caa4fe5a6046531c60f24bedc80761f4b32082c2b97775bd793de992083abf3dd41b6f55432f42631fa998a8b2d237e76617a10346e58c26b577107df17c04d15c36cac62463a780366edfc0b0cec7b72dbb46ffec8ed506f1835c66dac9976f1f4682e90f16adb301034d10fd1a896a0423a97c3cc244c9b3e40a894ea5ba85491356675d191c6274814e03ddeec8cf3315ac2d460ff5c503dbdb52b083cdd8fdf7c0cebd983e4449a1fc247dea198f27d3e014e6cd4b758dfea2a767ebcd325df6bf266286d316b76e9133d16d15f2977bfda3e40ab26866c70e8ed7c92812f791014930c2b54435c4b300bc9c2ea785aedecb85427e81be8c21ef781770e3360f8270493cb8bb063ce95e5e8c574b003a29cdc1c762c3ca5f516461113390fa2778bb5973815ec7dd97e143b38af2e126a3d43c6c7c9174523f17fa231c7163ed2992d27c1d0686c2d3bbf645851cf8e94c7e89cdd609e9dd559f29f74dc8de25edf48e2f93de4c43b8944ee561ea2ed37c698d3f5adea0814e2ef3c493f8ce89cab0b541513e7f9dad78112a60c7005ab6e7ee04860182180a9902733ab355b6462914be4541518ee6f758e4ad0f7c63c9fe7e43dc3f0f33c11cc1ca7a8d5f22c87d4c03094503af4a55490fce9999287aba03010a5e90ae8eee63ed76c9c627a5f0e2dbf4a6fe53eb750ab20cbea7555e07e4ab3c9f2dab51f3bb7b031506eb76016a59913a72a2f365b6c94f3e1bb3ed35fbe33aaefb262a89edd3fbdba43d9ac317b91415fc8b3866116d22975c711df9f3413f5b1bc660d35fec2badb88a4db1d7c61b59fb44e53b33a4e71e362805d02b49067792a7016afc882e50c1f644adc4dcea37fc35ca1da68aec01e961e7a76b03ed0c1c35d5c0ce0e2236059d28c098d0a27a87392901012aacfa0f6f8d1095426807b68f1a9ff516fbbcfdca20db4b9584bc7062d8bb67ca2b676e9cb532b8e9c436c4adf5c0c0f054cd55ff4cd8142bf6dd435c44bf374b347eb1099e043f90ccbd2a0d3899fa039418adef8fd7d31f647fe0deb26cdd2bbca9de7254ecffd7a1f782d9a69cf9d88a09b667231b9f23f0864029cfceded40a2ae8e7ff5dceb5ce1e3914495a5184fcad35dada50bbcff9f21d8d5afcf703c69356a2e17fcdc9227adc0a1910303a8019285eba4dbca9867520cfc71d6f8e94b05b9756d2f45548d9e61c345d52a3871e2db9984e0de3050cb47c0560f753d32f8bebc40574269fb5974d992c2eda1ae728611d411aed61b4eab31618735800045ca972652c156117cdc75024251d9b0fe738025f8db348eeca894b10e47b33f3a54949aaa9229f6e99c50101b2b5920a8d5c9043624bc810797c4144a621da82a0d268da176e0a975f928b3783ca4303087bba544590cf4b5ad7864ac35bcb947263d77edb5921e697ea78b4df17de1260249c69aa4419f28668d1ff80a6e7076d7f65a15f7c62ffba0246919959626a4db0644c60d8fbd1ce8369936a1f1d95d6af94dd52c62d89a0ac7bbde96ecc8cbafc92c35ac17020cec87f24c23cf9276f87659ff9f848b32171c2829972a39a9bd298c02c8590ba7cd982ea27a2e2a2d21bee943147920033df06f234f32f786c26aedbbf893b9b40cfb4ab9a51717758465b10825a497d7b4b8676059f06b88faa5b4a2b476f5c5bb20284c90d3cd137ed092da9932ada95cbf3479913cbf5eae9f60d8693599ca464e3a78c9fb67c6b7503fc474f58e5454f3c0f53c957e020c89201abbae992d089938d612fc45373958c5096ad9885db74777b61bf17c85f933e22136016914870a6e07f0a7f4cae165755536e7bdda07c2991efd5733c06ba577acd565aa55cfec17ddcced81473ecb4a3dd2c9525df071c6497ff38ca85658768fcb6450e68531858e9a517abff0fe8929bfbb9f2fa746478fc4c46af8e93a305c2e97f89ddf040a057a49d8b819b2f6776fba4c9cfc534d36e2350177cac6caa642a39b08d8ddbfef6fa86851a4da57ca5e10318a559e0e4e51a6b9ad6129317b908d0694c4268f6049a4f614fe67c4fa0742155798f105528512b6a8bd03b1611ae9fdf579b2ceb9b6c4257e0aeef6a342548f0ea3d911282a786dfde88b61ee9a80443985c68b06853cdb48a932dbe170dd1b65a20aeb8abfd3eac8c76f51903de9c620f26855bf795b3bd12a93de744b3cfaf574a72589512140ca83e5ab9a11c7ff55ae1c1cfb3ca58140f6e946fe9d8edb937e83645481fd1e08f2d40fa34ac78f0fd6552dfbf6294aa2d5ce463c21e9dddf8e107f86fc7b777cf9c7993d7b4ee405bcc73e51fe354b32ef435028125e9398b2382d9f9ba0eeb3ce6e7903f71cd734c38599ef38bb926c7118abe7091b4da5c094bc46cc3874082ad11ff3d1502d1e0257da221de41db213bb28d1002bcf1db0fc40269a735eb34e8a6a8d4302e9d2ffb7937f70af3fe8579656d5ea4afd2bf5e8d60decae4af7d8f8aaef370c089c09ee92b64f31ede253999387932267f8e1fd26e4f6e0c5d5ee5dd590686692d685da578c6e7cf769995a49eac2eb9322e036e1e6fc28a9da608b6c37b9e4f73143bf1fef74b8e8081ac3aa109f901c54497f114980bab78dda170402ad26abd43cb7697740d7345761b7dd7a8cc32536574e1b49fd72af43d6c7ff7c4d8b0e54d9fc18603ef14668e26f1cc0253928ebc845d63ba93205a6d866f0259dbca45384da15ea7d1ce81d7f08ac4bcd596ac7b699df09e2b563e8c4e798774b69f1d2d7561346a846e86506a40acfbf708fd46459d7aef688dd06ec44074778f8b99e21cb01ca60632b786634f1ca379fafe6363cfe85a472270abf223c99797543c609b5c845b6450fffd220b2f90f78866e2a083ce46cf8ef4f1b9515341499c72c1f715d7089fd05c43db357ecd27dce3bc78b2cdc9f2515a47d5acb54c4c0d11cd5aee0a8bb21a6a4c9673ebe9c48e3ab1a64e73a67d2b6c0937ca234a0d3d9921ac47596766c0350c0a60874dfb88c4def2842194b3baffbb6b3480b6442f4179ebd0d84952943d9d7b54c4ab93880730bff7569918fbbda4e8e092e88148ec707d54112d13a72fc902f659db4695022e6e92ea7e79b25eaf18ebbe7134c69411cd495d5232d5849a70b13ba5119398fe356ed1fc22fb3d23c9fe1861ea3764c9b92bbd5d431cbcc4a3c7c29a60c917bd64f6aad7b4f16e9d6ef38f8e71ec4737bc02c274136de98135b0945b4c71b145ac60c947e2a5d2ad0f22494593c9698b6042a5ad87aab030a3466255fe3a778186f97e7e3d8a0444ea840aaffcc50bdf36b0a9d8bdf0d7d3ac420a5afb1ecd6f5bbbccd5706297fad645675baa4d4fd89ad1b267c55c50a6a2704356708dcbb9f41b97c774c41e1bea64670eb729f121846a4a08642a54955f0ae1af70775d44e8093f9bd3ef3b45543ecf62fb079c4321beefa227987d69df89e98ce9478d836191ed1dd88c84d13942202b4504d8cda40606f7f1be287a2def938ba3882b08f382e8347d2613f01a68761355f7e138bfbc71c0118889641596006bf378f3e9271ce6507e9d8a4334a6209d64a601645fc29e7ca536c95f2732b065251d67b0d4aca0eeca52f938fbbc254bfb6a9f27a7e1ca4db569f53dedbb1d404e910faf29db320d3b5819757118bef2e1971c9431a29f85b1f5116794072883a9fa286eaf1e0af1fb2d9bc9f776daa1af387f68cbdf1730266f5fb90506d55ee41030ef5c691882f6ba4d09f8f5b28df2e34ec2cfcc233797d008fa5068328fea9ae56ad352333c5abe71294215572dbc8144b832f295f1b53e3bd1b93f2794f135b9429195646dcd94a2b53403d4f7c983693acbbaf954dd0e988f31c1901cb40ae3ca51c59abab2f17994aeaea6d8bbe40116d8cbcb3ac9bac38e44de13099c5d27a130165589bcce2d7244a77e82b3dfe9713d394af9f7ad668c398d81673367d46ff64940172e04e5e14ae6a3e52bb92f35fa31fed2c44eed69ea366237df9468d49578dded49f38cbf3c051c0777b25bc9dbe738752af81cbc3d33b21ebbf855808adb79547720927f5b2495996ff031e47071921e5fe5afd17a8bd12713607e2cc89427f9d5f81d6fdb4f4b69284e9c91320117a02da7eaf0505a4bb0c76a65d5bc4e4a61c29c15f27e5a172e54f57a1c1a7d2af02c32921e6c4c6f534c8af1a074fec705534c391216209bd1e1400e541443fd2ac91d3b452578594584953c5d5563826e18fc2982f399cf4745a62c67349cceffe40687d99e905d164f1829ea2018669f2a040017cd14410f1138a0495f1fb87c2239380cfb2e3468c941634a032b5623857c7fa0cf5ab8c76b0b357975fd4132d6577e13d1de72476d57c122b7e2667cf8d73e07d1604ab72ec0cc28900739ef75d258a2553d7110806b9b83e6c137b713b43b50635dd117c5bd5db44328571f8a4180bab20c8abab6d7a1069011605d71591daa8e9fd6cd91b388250d93e2dd63cb360a2af98f99fb38fdc66c640f52f8461c5c090e4d2c48e4fe97775bd4fc56d304aaf9a6dec1297c64293b256f251ec8fb899447ee1e8bccf3bd7f8b2fed74b3063e18ec7f7fe212306abe2cc6f3e41627333ad8054c28d3570c2a799a1a3e21f67aeb2528b9e12b1000b968d828bd5630c9eef6be1a9894d15bdcb5091cde66d5b957f5a83344ca7b32dfc48d8611c5ee6d0fd025feeb327b2e05fd7f33311d0bb16160766dd14ed6873e10b7f3244feb2dc177b62d2b6f", 0xe7e}], 0x5}}], 0x1, 0x4000040) 6.147196977s ago: executing program 1 (id=776): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) r1 = socket(0x10, 0x2, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32=0x0, @ANYRES32], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r6}, 0x10) write(r1, &(0x7f0000000280)="1c0000001a009b8a14e5f4070009042402000000ff02000300000000", 0x1e5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x1b, &(0x7f0000001800)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) connect$unix(r7, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r8, 0x0, 0x0, 0x0) 6.005038958s ago: executing program 2 (id=777): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x32, &(0x7f0000000040)={@local, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x88, 0x0, @empty}, {0x0, 0x0, 0x8, 0x0, @gue={{0x2}}}}}}}, 0x0) 4.976667061s ago: executing program 3 (id=778): bpf$ITER_CREATE(0x21, 0x0, 0x0) timer_create(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1600000000000000040000000500"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r3}, 0x10) socketpair(0xa, 0x1, 0x0, &(0x7f0000000000)) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x9}}, 0x18) getresuid(0x0, 0x0, 0x0) 4.957522672s ago: executing program 2 (id=779): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000000)="670f1be066b9b10000400f32b8a3000f00d80f3266adbaf80c66b8d63a458666efbafc0ced0fa9b872008ec80fc7b8c1daf2660f09", 0x35}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 4.690439324s ago: executing program 3 (id=780): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc) r1 = socket(0xa, 0x1, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2c, &(0x7f0000000180)={0x0, {{0xa, 0x4e22, 0x6ef, @mcast1, 0xfffffffd}}, {{0xa, 0x4e24, 0x21, @loopback, 0xfffffe01}}}, 0x108) 4.541151686s ago: executing program 2 (id=781): syz_emit_ethernet(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x9031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43) chdir(&(0x7f00000003c0)='./bus\x00') ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) write$uinput_user_dev(r4, &(0x7f0000000c80)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47b07c7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x6, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0xfff, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe04], [0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x758, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8000]}, 0x45c) ioctl$UI_DEV_CREATE(r4, 0x5501) dup(r4) 4.266222198s ago: executing program 4 (id=782): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_open_procfs(0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) sched_rr_get_interval(r0, &(0x7f0000000000)) 3.708647823s ago: executing program 4 (id=783): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_opts(r0, 0x29, 0x4d, &(0x7f0000000140)=ANY=[@ANYRESDEC], 0x8) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r1, &(0x7f0000000100)={0xa, 0xffff, 0x0, @loopback, 0x200}, 0x18) recvmsg$unix(0xffffffffffffffff, 0x0, 0xc0011122) sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d00)=[{{0x0, 0xffffffffffffff7c, 0x0, 0x0, &(0x7f0000003ac0)=""/4096, 0x1000}, 0x4}], 0x1, 0x100, 0x0) 1.502034459s ago: executing program 2 (id=784): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x20100, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x200) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), r3) sendmsg$IEEE802154_ADD_IFACE(r3, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000dffbdbdf25210000000500200041e9ff000b001f0070687931000000000c000500"], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x20048000) ioctl$TUNSETOFFLOAD(r1, 0x4004743d, 0x110e22fff6) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000001700)='\f', 0x1}], 0x2, 0x0, 0x0, 0x10}, 0x0) r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r6}, @generic={0x66}, @initr0, @exit, @alu={0x7, 0x0, 0x5, 0x3}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha512\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000580)="c705e395312d4e1a5df95256a640a7570000000087eeb182", 0xffffffffffffffe6) r8 = accept4(r7, 0x0, 0x0, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$alg(r9, &(0x7f0000000e80)=[{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000080)="be520b39ee0eec58dea2bf1efa027df3646073995c1194dfd8e1640e7aef69e5978d8ca658bc98fe3984e39be1d393650084302062687d35b3373223efbbba58f8e01a1b687a950d358232ba4a17ef5c541991b959794208f29eba4c0a27d0facaa937dfc8bd5813d59397afb9835cdef72582a2fd3d0f3d8d931bf19367f7ffe09f7ecad3944a52236d88e726742bfb28425a03595dd1f02063204d5745d52c4dc039ebca2e74cd4edce0770ba2246d8aaeaefc672d05f7b230e7c29040e2af1c677c9930b87a96ee509824c80a5b461f3a18762ba3fd", 0xd7}, {&(0x7f0000000200)="35d23d54d84d0d3c46509b5f068cc04702aed26ba2d81fc46fff24a43acce8cdee822cee5287f4c72034c5666b7e41237b348bf94d33ff5766e85954b94dd2a9528381ceadd9c080cbc680790cd52cd087318a4fd9911092329736a99031f76b2cb1c704c0e8e79c6a5f9fec5a4258a48401d76547b1788dbdae9577f3138864efd058922d184ac5b1d270de9e881287cfd803ed5c69ebee069d58ac84c11d89eacbe5", 0xa3}, {&(0x7f0000000400)="c079b09883300562afbf1441dbd9e2cb3b2d929be5e00e7937ab448971a7dbfbad61ba07cdde07016f83f55456781949444f1eabd5d8f4cdc37a5dd070b25657a585906c3c53ccee5bf5a5152e1b4acdb6a446a4978a4e689272e8dcf8ba762082ab129c855a23fb", 0x68}, {&(0x7f0000000480)="b7d645662f88dd7f3a188182d4deb411b6427b3ace83a0f01176f533b148e925fa3389246f9748be5c6f69fe8c20966997c4bba3eabfc3656911d17b6898d33648eb56721e3c5e6a6d200176cfa37b08ca04b880b046124483df87efdaea48f1a82099a1fee2862910cb08eb23a22972b2ecd05f61eca925cb385e8ee62bf952a41a3f1b458f8c7f652c6b24a67f2156e5", 0x91}, {&(0x7f00000005c0)="393d8c923b54352e545748e732e8dac9d2f37ca999e0a3e06c3038202be0caaa61d2c27cb2a65308cbfb167befac4f66f85dfa9964e38374d0285cadb61aaa5ef5b8ae241a8434d7349789e1b507d7f366778d195d10fdefd1c0e2f95f584cf5c76c0c7c90ef3e2986e37fa3b341c1d7ee578456c4c9bf7817aeccd2c0382f6010053b1a3eaec998f8f647aa885c1f3bb4524e4fd7c3cca2", 0x98}, {&(0x7f0000000540)="e02dd6102ed38e2199c9752ce07053d4bf1585004b48f1d9214eab877f302c852fe45a06eddab0040f92fc36a80e2ab711254d3fd1edd48b40b39eb7c23f0350", 0x40}, {&(0x7f0000000680)="21f590dc23b63ea13f5aafc8047c214914532b22ae3cf65cc7a540b8c20dd10bc89d6f4ef8cc1b5539dc2ee24c99332c9fb1f7942f375082555afaf3d04df4ed54743b06984ffd6783e5ba40c5501fec97609e9265b93919bbe6fddd75d6f49f44d397fdc0a95979255f4eb2f497db48b58f3e", 0x73}], 0x7, &(0x7f00000007c0)=[@op={0x18}, @iv={0x20, 0x117, 0x2, 0x6, "dcc6eb5e6dce"}, @op={0x18}, @op={0x18}], 0x68, 0x4001}, {0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f0000000840)}, {&(0x7f00000008c0)="4b7cb955af7d007f53da7af50846ca52323a9d121fad99947e7af7ba2700fa5c0ae0ab6bfd8d0ab70b395b6fa1d3851c07e03301afc7a6a1ac6b9f5e3f3e15f229bff7e1efcdcb976e39058d62fcc7f8c51f1d39e2984e1712dd4033d285a10b3508132765f49038ed764af68baaf2582ad078aaa55b2555aac3cfdfaf16ef0f329c21", 0x83}, {&(0x7f0000000980)="99838852c0febf58dc4fcdd22d8e5f1c23f1aa36e6d1b4fb2236d3c46e140666d575beb88e8fa1c7365a6d440ac9f391e8213977bf7bd4ed8e7e278de1e55b1ca0ea226420141a272342d782c8a9c0ee8fa6aadb2cecbae3c7dad3116b4de01929fb21017bf248dc1ac550a8b9cbfd734c4ee62966f195bf2f281d", 0x7b}, {&(0x7f0000000a00)="05d0d0ed0b560db3d9a998bc8a4284084033f1913c340b9666aeda5b93a2fbd14fd31fba5269f005777e54f4fe971f3b46ad680000b05a9592ee13a9d071fec073", 0x41}, {&(0x7f0000000ac0)="2e2e610a87eb7a52b1a2d6b17e54e760667dcfec12923de1d260ce96208ffd9c3a3aa0054a7f51c790e2c2a1a66cac773d6b7e035b83b1f208f4afd7c96ca456ad0f366910f62e6aa7d0ba8a6e774aefe167893fed99727b6d3f983bb48f8cbe672cf65734fcf1506416d847f24a871c5ea9fe951e0d42adf330c8e7fa4fe9e6a5b3412684dba2187135fbe0375d4cf21de7ee5cd98116a458ca995720a07df9e0c32eb2d1c1cde7e69a04535d9ee4f743986f2b2830fe097572c4b7b9251ecd92aaaa9307e6d162f54d67", 0xcb}, {&(0x7f0000000bc0)="af180d348826e86f54d1d68d9d01d0ae6683cd76d304798427a97fccc513e844c83a4e82286d43543446e25b427e6d6d1fb85a75c26245c7b132b076c46aaee5a8fdd0316ebfdbab3a5292782d8573fb8e1cb7a202e75ed62e2cfb5c98641905818d3c8405c3ff469bad17923c26693e13c03749ae3a", 0x76}, {&(0x7f0000000c40)="e6eb755e73624e2c2bf86a0657caec4e06aad817bd25e0580363170ca18519e920720e65ba9241c04d11bc87738ed5e5039c7d610c450b31345c4abf64465a4002fccd6ab3c48b0885e32d1ac7ffc4ff745f1ad73f1fb3347cd0eaca06e8be139ee28c0f6251d9d3b1d440a38df1cf6d0d63172b9f942b2d4e6ee769ed932e1836416e9e19a43db956da", 0x8a}, {&(0x7f0000000d00)="8e105f50cfd25f9d792b5feda9c5d524bd3d165bce84cd272d9a0c723a52503dc3d35c00cadfca0e4af8f17989a58b34c57b70550f48bafd182f59b464a642ebad9a4cfb225ef61f810acdd65cf3073f24dfbe6c954fe8966b072722f841489e3b", 0x61}], 0x8, &(0x7f0000000e00)=[@op={0x18, 0x117, 0x3, 0x1}, @op={0x18}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18}], 0x60, 0x800}], 0x2, 0x20048080) sendfile(r9, r8, 0x0, 0x5) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r10}, 0x10) sendmmsg$sock(r5, &(0x7f0000000cc0)=[{{&(0x7f0000000100)=@l2tp={0x2, 0x0, @multicast1}, 0x80, 0x0}}, {{&(0x7f0000000700)=@hci={0x1f, 0xffffffffffffffff, 0x3}, 0x80, 0x0}}], 0x400000000000297, 0x48094) close(r0) r11 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x200000a, 0x13, r11, 0x40000) write$cgroup_type(r1, &(0x7f0000000280), 0x9) 1.016683818s ago: executing program 3 (id=785): r0 = syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902640002010000000904010001020d0000052406000105240000000d240f0100000000000000000006241a00000008241c00000008000905810300020000000904010000020d00000904010102020d0000090582020002"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000007c0)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x80, 0x1c, {0x0, 0x0, 0xb, 0x0, 0x1, 0x4, 0x7, 0x40, 0x6, 0xe, 0x0, 0x1000}}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 739.361941ms ago: executing program 2 (id=786): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x4, &(0x7f0000000840)=ANY=[@ANYBLOB='discard,nfs,dots,check=strict,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c003a579da66b5c8b1eba83198de0855eeffdd30d734e2f8ae9290d5398a81393ef4b30b7050b551c2ef52a88c993b032d62634fe7877f07d881c98a580d3fdfeeedf901e5b45e43a5eeae8a314fd67dce3592212b2f38b3405da772948598507a55f7ebd1097370eb7412c24af39afb14d6de035be4de91b989e08177c2d75b64b8dd41197d24341d36a15980dd2a69888d9"], 0x1, 0x237, &(0x7f0000000b80)="$eJzs3TFrE2EYB/DHNm1DFzuLw4GLU1C/wSEVxAMhcoNOHlSXVoXrcjrlO7j4GfxIfoxO3U7MhUtaq4uer+F+Pwj3hz+B513yZnjf5PXdd6cnH87ftt++xHSaxSRiEZcRR7ETu9G5tXruLPN+bFoEALBt5vMqX4Y29SQMpa7zai8iDn5qyq9JBgIAAAAAAAAAAOCPOf8PAOPTn//f9Pl9klkYRl3n1eHq+9tVzv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Vy27e32N6/U8wEAf5/9HwDGx/4PAONj/weA8Xnx8tWzvCiO51k2jbhYNGVTds+uf/K0OH6QLR2t33XRNOVu3z/s+uxqvxeHq/7Rjf1+3L/X9T+6x8+La/1BnAy/fAAAAAAAAAAAAAAAAAAAAPgvzLLejff7Z7Nf9V3a+H2Aa/f3J3Fn8s+WAQAAAAAAAAAAAAAAAAAAAFvt/OOn0+rs7E0tCILQh9SfTAAAAAAAAAAAAAAAAAAAMD7rS7+pJwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdNb//z9cSL1GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYBy+BwAA//8xhJXQ") mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) mount(0x0, 0x0, 0x0, 0x0, 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) 468.703822ms ago: executing program 4 (id=787): syz_mount_image$erofs(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x3000801, &(0x7f0000000840)=ANY=[], 0x2, 0x1ea, &(0x7f00000003c0)="$eJzsmb2r01AYxp9zmuZeL6K4OLg4eMEretMkVenSoYKjIFRRx2JjqaattBHagmBxcXF0EFxdHB0cnBz8C1x1UEFwsKObcOScnCSn6Qdq/ULfH/Tkyfl4z3nf0ifQgCCI/5b37z6/vX+mcuEEBPZiGxu6/2Mhvor9s/PfPLx1/EH17KOnrx+/7O67/Twfj8k14tv3twG8qBUQgVl6x5nV21nYROMiOI5pfQkMTiy/CEV8E4Dhip5z3dC9PVqEgXO1FzavtcPAlY0nG182ZXN/eajphKEJYFOdTghmjA9G4xuNMAz6eVEUyT5zQ98rVtVPna/GUUVSPSE4gMv37k7kva4NXPC0fh44PK3LYKhrXcEGHMfJSmLkf8jK4gvjK1o3t18knihxYPd3bQoel+NvyP0fFsWfEofle+QPOu05OE080Jzz4Y/n/uNCGReAuaFXW2F4bo3I9oJCpSLzJ+nsRw1/smCl/lGKOjdLg9F4t91ptIJW0PX98mn3pOue8kvKiOJ2hf9tKn/aMuIXl8y1mY1hI4r63hCI+l5678et4bj1Z71Pag1X/sexcySOwfQzK31Q5mD6w9VVqp3C4pl3luZEEARBEARBEARBEARBEASxmMNgyVsalr2wmcM/r/6h/BoAAP//1aFq9g==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x1a4) fadvise64(r0, 0xe0ffff, 0x9, 0x3) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) 141.875519ms ago: executing program 2 (id=788): bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) socket$inet6_udp(0xa, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil) 0s ago: executing program 1 (id=789): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000000)="670f1be066b9b10000400f32b8a3000f00d80f3266adbaf80c66b8d63a458666efbafc0ced0fa9b872008ec80fc7b8c1daf2660f09", 0x35}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) kernel console output (not intermixed with test programs): process `syz.0.127'. [ 137.468115][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.998508][ T6331] loop3: detected capacity change from 0 to 512 [ 138.000275][ T6332] loop1: detected capacity change from 0 to 512 [ 138.017193][ T6331] EXT4-fs: inline encryption not supported [ 138.036783][ T6331] EXT4-fs: Ignoring removed mblk_io_submit option [ 138.064877][ T6331] EXT4-fs (loop3): Test dummy encryption mode enabled [ 138.076396][ T5943] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 138.094516][ T6331] EXT4-fs (loop3): orphan cleanup on readonly fs [ 138.105523][ T6331] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz.3.132: inode #13: comm syz.3.132: iget: illegal inode # [ 138.131280][ T6331] EXT4-fs (loop3): Remounting filesystem read-only [ 138.253749][ T6331] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 139.087727][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.103626][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.290577][ T6340] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 139.680801][ T6352] netlink: 12 bytes leftover after parsing attributes in process `syz.1.136'. [ 140.098757][ T6354] loop3: detected capacity change from 0 to 512 [ 140.156780][ T6354] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.139: casefold flag without casefold feature [ 140.222877][ T6354] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.139: couldn't read orphan inode 15 (err -117) [ 140.302332][ T6354] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.804841][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.172082][ T27] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 142.383963][ T27] usb 3-1: unable to get BOS descriptor or descriptor too short [ 142.408107][ T27] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 142.437766][ T27] usb 3-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 142.455378][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.473632][ T27] usb 3-1: Product: syz [ 142.484573][ T27] usb 3-1: Manufacturer: syz [ 142.498321][ T27] usb 3-1: SerialNumber: syz [ 142.549997][ T27] usbhid 3-1:1.0: couldn't find an input interrupt endpoint [ 142.608443][ T6369] loop3: detected capacity change from 0 to 512 [ 142.661372][ T6369] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.143: casefold flag without casefold feature [ 142.693536][ T6369] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.143: couldn't read orphan inode 15 (err -117) [ 142.728692][ T6369] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.776887][ T27] usb 3-1: USB disconnect, device number 3 [ 142.787415][ T6372] loop1: detected capacity change from 0 to 512 [ 144.013585][ T6380] loop0: detected capacity change from 0 to 512 [ 144.024005][ T6380] EXT4-fs: Ignoring removed nomblk_io_submit option [ 144.043674][ T6380] EXT4-fs (loop0): Test dummy encryption mode enabled [ 144.074013][ T6380] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c018, mo2=0002] [ 144.115550][ T6380] System zones: 2-12, 7-7 [ 144.129562][ T6380] EXT4-fs (loop0): 1 truncate cleaned up [ 144.142677][ T6380] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.423147][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.755581][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.802073][ T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 147.070329][ T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 147.088254][ T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 147.098558][ T9] usb 1-1: config 1 has no interface number 0 [ 147.108374][ T9] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 147.131717][ T9] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 147.148045][ T9] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 147.165287][ T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 147.182342][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.191082][ T9] usb 1-1: Product: syz [ 147.199693][ T9] usb 1-1: Manufacturer: syz [ 147.206635][ T9] usb 1-1: SerialNumber: syz [ 147.312358][ T5876] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 148.139151][ T5876] usb 3-1: unable to get BOS descriptor or descriptor too short [ 148.180310][ T5876] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 148.195034][ T6413] loop3: detected capacity change from 0 to 512 [ 148.254401][ T5876] usb 3-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 148.274248][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.325352][ T5876] usb 3-1: Product: syz [ 148.338968][ T5876] usb 3-1: Manufacturer: syz [ 148.354430][ T5876] usb 3-1: SerialNumber: syz [ 148.384373][ T5876] usbhid 3-1:1.0: couldn't find an input interrupt endpoint [ 148.546662][ T9] cdc_ncm 1-1:1.1: bind() failure [ 148.592893][ T6336] usb 3-1: USB disconnect, device number 4 [ 149.582987][ T5797] usb 1-1: USB disconnect, device number 5 [ 151.170411][ T6437] loop1: detected capacity change from 0 to 512 [ 151.274927][ T6437] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.163: casefold flag without casefold feature [ 152.925181][ T6437] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.163: couldn't read orphan inode 15 (err -117) [ 153.167933][ T6437] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 153.609090][ T6456] loop3: detected capacity change from 0 to 512 [ 155.099636][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.640359][ T6475] netlink: 12 bytes leftover after parsing attributes in process `syz.1.172'. [ 157.200488][ T6477] loop2: detected capacity change from 0 to 16 [ 157.207975][ T6477] erofs: Unknown parameter 'w_~{6Ic' [ 158.452084][ T5806] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 161.341857][ T6501] loop0: detected capacity change from 0 to 512 [ 161.366465][ T6501] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.180: casefold flag without casefold feature [ 161.481696][ T6501] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.180: couldn't read orphan inode 15 (err -117) [ 161.502403][ T6501] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.582127][ T6336] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 163.428335][ T6520] netlink: 12 bytes leftover after parsing attributes in process `syz.1.184'. [ 163.492121][ T6336] usb 3-1: Using ep0 maxpacket: 8 [ 163.587478][ T6336] usb 3-1: config 135 has an invalid interface number: 230 but max is 0 [ 163.915040][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.527225][ T6336] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 164.539568][ T6336] usb 3-1: config 135 has no interface number 0 [ 164.545960][ T6336] usb 3-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 164.557282][ T6336] usb 3-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 164.570886][ T6336] usb 3-1: config 135 interface 230 has no altsetting 0 [ 164.580995][ T6336] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 164.590790][ T6336] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.599231][ T6336] usb 3-1: Product: syz [ 164.603497][ T6336] usb 3-1: Manufacturer: syz [ 164.608164][ T6336] usb 3-1: SerialNumber: syz [ 164.620422][ T6336] usb 3-1: Found UVC 0.00 device syz (18ec:3288) [ 164.626898][ T6336] usb 3-1: No valid video chain found. [ 165.245203][ T6336] usb 3-1: USB disconnect, device number 5 [ 166.743253][ T5876] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 167.010424][ T5876] usb 1-1: unable to get BOS descriptor or descriptor too short [ 167.031664][ T5876] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 167.078674][ T5876] usb 1-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 167.102127][ T5876] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 167.124314][ T5876] usb 1-1: Product: syz [ 167.129847][ T5876] usb 1-1: Manufacturer: syz [ 167.146235][ T5876] usb 1-1: SerialNumber: syz [ 167.184253][ T5876] usbhid 1-1:1.0: couldn't find an input interrupt endpoint [ 167.780999][ T23] usb 1-1: USB disconnect, device number 6 [ 170.926047][ T6553] netlink: 12 bytes leftover after parsing attributes in process `syz.3.193'. [ 170.973138][ T6562] netlink: 12 bytes leftover after parsing attributes in process `syz.0.195'. [ 173.611162][ T6586] loop3: detected capacity change from 0 to 128 [ 173.892358][ T27] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 174.074446][ T27] usb 3-1: device descriptor read/64, error -71 [ 174.914170][ T6591] loop1: detected capacity change from 0 to 512 [ 174.942237][ T27] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 175.172020][ T5839] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 175.252762][ T27] usb 3-1: device descriptor read/64, error -71 [ 175.500467][ T27] usb usb3-port1: attempt power cycle [ 176.106460][ T5839] usb 4-1: unable to get BOS descriptor or descriptor too short [ 176.153105][ T5839] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 176.172386][ T27] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 176.193143][ T5839] usb 4-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 176.219035][ T5839] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 176.227370][ T5839] usb 4-1: Product: syz [ 176.231584][ T5839] usb 4-1: Manufacturer: syz [ 176.237070][ T5839] usb 4-1: SerialNumber: syz [ 176.241492][ T27] usb 3-1: device descriptor read/8, error -71 [ 176.260722][ T5839] usbhid 4-1:1.0: couldn't find an input interrupt endpoint [ 176.509914][ T5839] usb 4-1: USB disconnect, device number 5 [ 176.994153][ T6606] netlink: 12 bytes leftover after parsing attributes in process `syz.2.207'. [ 179.959968][ T6621] loop2: detected capacity change from 0 to 512 [ 180.042033][ T5943] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 180.892082][ T9] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 181.022249][ T5876] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 181.084859][ T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 181.112080][ T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 181.121026][ T9] usb 1-1: config 1 has no interface number 0 [ 181.147848][ T9] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.179435][ T9] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 181.202010][ T9] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 181.215101][ T5876] usb 2-1: device descriptor read/64, error -71 [ 181.234757][ T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 181.252001][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.260067][ T9] usb 1-1: Product: syz [ 181.272072][ T9] usb 1-1: Manufacturer: syz [ 181.276738][ T9] usb 1-1: SerialNumber: syz [ 181.482150][ T5876] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 181.642456][ T5876] usb 2-1: device descriptor read/64, error -71 [ 181.765556][ T5876] usb usb2-port1: attempt power cycle [ 182.745065][ T9] cdc_ncm 1-1:1.1: bind() failure [ 183.190735][ T23] usb 1-1: USB disconnect, device number 7 [ 183.562234][ T5876] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 183.604348][ T5876] usb 2-1: device descriptor read/8, error -71 [ 183.866590][ T6655] netlink: 12 bytes leftover after parsing attributes in process `syz.3.220'. [ 185.132510][ T5839] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 185.354392][ T5839] usb 3-1: unable to get BOS descriptor or descriptor too short [ 185.371308][ T5839] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 185.852627][ T5839] usb 3-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 185.861745][ T5839] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 185.880704][ T5839] usb 3-1: Product: syz [ 185.885756][ T5839] usb 3-1: Manufacturer: syz [ 185.891447][ T5839] usb 3-1: SerialNumber: syz [ 185.931481][ T5839] usbhid 3-1:1.0: couldn't find an input interrupt endpoint [ 186.080992][ T6671] loop0: detected capacity change from 0 to 512 [ 186.150835][ T9] usb 3-1: USB disconnect, device number 10 [ 186.180641][ T5806] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 189.860719][ T6691] syz.2.231: vmalloc error: size 268435456, failed to allocated page array size 524288, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 189.916347][ T6691] CPU: 0 PID: 6691 Comm: syz.2.231 Not tainted 6.6.102-syzkaller #0 [ 189.924407][ T6691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 189.934519][ T6691] Call Trace: [ 189.937830][ T6691] [ 189.940796][ T6691] dump_stack_lvl+0x16c/0x230 [ 189.945528][ T6691] ? show_regs_print_info+0x20/0x20 [ 189.950759][ T6691] ? load_image+0x3b0/0x3b0 [ 189.955310][ T6691] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 189.961759][ T6691] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 189.968321][ T6691] warn_alloc+0x210/0x300 [ 189.972722][ T6691] ? zone_watermark_ok_safe+0x230/0x230 [ 189.978429][ T6691] ? _raw_spin_unlock+0x28/0x40 [ 189.983349][ T6691] __vmalloc_node_range+0x662/0x1320 [ 189.988719][ T6691] ? bpf_trace_run2+0x26f/0x3c0 [ 189.993615][ T6691] ? bpf_trace_run1+0x3b0/0x3b0 [ 189.998519][ T6691] ? translate_table+0x1b38/0x1f70 [ 190.003684][ T6691] ? free_vm_area+0x50/0x50 [ 190.008241][ T6691] ? __do_replace+0xb0/0xa90 [ 190.012877][ T6691] vzalloc+0x79/0x90 [ 190.016813][ T6691] ? __do_replace+0xb0/0xa90 [ 190.021440][ T6691] __do_replace+0xb0/0xa90 [ 190.025897][ T6691] ? arpt_register_table+0x690/0x690 [ 190.031230][ T6691] ? translate_compat_table+0x1740/0x1740 [ 190.036992][ T6691] ? __might_fault+0xaa/0x120 [ 190.041705][ T6691] ? __might_fault+0xc6/0x120 [ 190.046497][ T6691] ? __might_fault+0xaa/0x120 [ 190.051223][ T6691] do_arpt_set_ctl+0xa23/0xef0 [ 190.056028][ T6691] ? do_ip_setsockopt+0x1b86/0x2cf0 [ 190.061277][ T6691] ? arpt_unregister_table+0x50/0x50 [ 190.066613][ T6691] ? nf_setsockopt+0x21c/0x280 [ 190.071431][ T6691] ? __lock_acquire+0x7c80/0x7c80 [ 190.076498][ T6691] ? rcu_is_watching+0x15/0xb0 [ 190.081415][ T6691] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 190.087099][ T6691] ? mutex_unlock+0x10/0x10 [ 190.091639][ T6691] ? aa_sk_perm+0x7fc/0x930 [ 190.096204][ T6691] ? aa_af_perm+0x2b0/0x2b0 [ 190.100826][ T6691] nf_setsockopt+0x263/0x280 [ 190.105465][ T6691] ? sock_common_recvmsg+0x1b0/0x1b0 [ 190.110798][ T6691] do_sock_setsockopt+0x175/0x1a0 [ 190.115867][ T6691] ? __fdget+0x180/0x210 [ 190.120204][ T6691] __x64_sys_setsockopt+0x184/0x200 [ 190.125458][ T6691] do_syscall_64+0x55/0xb0 [ 190.129926][ T6691] ? clear_bhb_loop+0x40/0x90 [ 190.134637][ T6691] ? clear_bhb_loop+0x40/0x90 [ 190.139363][ T6691] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 190.145316][ T6691] RIP: 0033:0x7fc45738ebe9 [ 190.149811][ T6691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.169470][ T6691] RSP: 002b:00007fc45811b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 190.177936][ T6691] RAX: ffffffffffffffda RBX: 00007fc4575b5fa0 RCX: 00007fc45738ebe9 [ 190.185963][ T6691] RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000003 [ 190.193981][ T6691] RBP: 00007fc457411e19 R08: 0000000000000068 R09: 0000000000000000 [ 190.201994][ T6691] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000 [ 190.210005][ T6691] R13: 00007fc4575b6038 R14: 00007fc4575b5fa0 R15: 00007ffcdaca7478 [ 190.218046][ T6691] [ 190.242915][ T6691] Mem-Info: [ 190.246181][ T6691] active_anon:15175 inactive_anon:0 isolated_anon:0 [ 190.246181][ T6691] active_file:1187 inactive_file:39889 isolated_file:0 [ 190.246181][ T6691] unevictable:768 dirty:47 writeback:0 [ 190.246181][ T6691] slab_reclaimable:9998 slab_unreclaimable:94215 [ 190.246181][ T6691] mapped:29909 shmem:11265 pagetables:565 [ 190.246181][ T6691] sec_pagetables:0 bounce:0 [ 190.246181][ T6691] kernel_misc_reclaimable:0 [ 190.246181][ T6691] free:1343838 free_pcp:10976 free_cma:0 [ 190.294942][ T6691] Node 0 active_anon:59000kB inactive_anon:0kB active_file:4748kB inactive_file:159356kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:120836kB dirty:188kB writeback:0kB shmem:41824kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11560kB pagetables:2260kB sec_pagetables:0kB all_unreclaimable? no [ 190.327987][ T6691] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 190.365467][ T6691] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 190.395810][ T6691] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 190.402804][ T6691] Node 0 DMA32 free:1467020kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:55456kB inactive_anon:0kB active_file:4748kB inactive_file:158036kB unevictable:1536kB writepending:188kB present:3129332kB managed:2589596kB mlocked:0kB bounce:0kB free_pcp:28912kB local_pcp:16296kB free_cma:0kB [ 190.477228][ T6700] netlink: 12 bytes leftover after parsing attributes in process `syz.1.233'. [ 190.552764][ T6691] lowmem_reserve[]: 0 0 1 1 1 [ 190.564635][ T6691] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB [ 190.593974][ T6691] lowmem_reserve[]: 0 0 0 0 0 [ 190.601474][ T6691] Node 1 Normal free:3892964kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:20224kB local_pcp:12224kB free_cma:0kB [ 190.647614][ T6691] lowmem_reserve[]: 0 0 0 0 0 [ 190.677108][ T6691] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 190.700401][ T6691] Node 0 DMA32: 86*4kB (M) 25*8kB (ME) 19*16kB (ME) 22*32kB (UME) 13*64kB (UME) 28*128kB (UME) 24*256kB (UME) 14*512kB (UM) 7*1024kB (UME) 7*2048kB (UME) 350*4096kB (M) = 1474384kB [ 190.782038][ T6691] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 190.872197][ T6691] Node 1 Normal: 247*4kB (UM) 49*8kB (UME) 38*16kB (UME) 63*32kB (UME) 13*64kB (UME) 6*128kB (UME) 3*256kB (UM) 1*512kB (E) 1*1024kB (E) 1*2048kB (E) 948*4096kB (M) = 3892964kB [ 190.896948][ T6691] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 190.907425][ T6691] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 190.916946][ T6691] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 190.926874][ T6691] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 190.936524][ T6691] 51041 total pagecache pages [ 190.941532][ T6691] 0 pages in swap cache [ 190.945870][ T6691] Free swap = 124996kB [ 190.950057][ T6691] Total swap = 124996kB [ 190.954436][ T6691] 2097051 pages RAM [ 190.958281][ T6691] 0 pages HighMem/MovableOnly [ 190.963086][ T6691] 416138 pages reserved [ 190.967364][ T6691] 0 pages cma reserved [ 190.999946][ T6708] loop0: detected capacity change from 0 to 512 [ 191.053604][ T6708] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.236: casefold flag without casefold feature [ 191.089157][ T6708] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.236: couldn't read orphan inode 15 (err -117) [ 191.168860][ T6708] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 191.578762][ T6714] loop2: detected capacity change from 0 to 128 [ 193.990112][ T6729] syz.3.241[6729] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 193.990262][ T6729] syz.3.241[6729] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 194.692637][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.052778][ T6733] syz.2.242[6733] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 195.052923][ T6733] syz.2.242[6733] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 195.494981][ T6733] loop2: detected capacity change from 0 to 128 [ 195.818801][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.145058][ T6733] input: syz1 as /devices/virtual/input/input5 [ 198.680475][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.592204][ T6759] xt_ecn: cannot match TCP bits for non-tcp packets [ 203.452079][ T5859] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 203.465448][ T6785] loop3: detected capacity change from 0 to 256 [ 203.487793][ T6785] FAT-fs (loop3): Unrecognized mount option "nonumtail=" or missing value [ 203.642142][ T5859] usb 2-1: device descriptor read/64, error -71 [ 203.912255][ T5859] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 205.061983][ T5859] usb 2-1: device descriptor read/64, error -71 [ 205.196488][ T5859] usb usb2-port1: attempt power cycle [ 206.615075][ T5839] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 206.748189][ T6811] netlink: 12 bytes leftover after parsing attributes in process `syz.0.264'. [ 207.082928][ T5796] Bluetooth: hci2: command 0x0406 tx timeout [ 207.090399][ T5807] Bluetooth: hci0: command 0x0406 tx timeout [ 207.097899][ T5801] Bluetooth: hci1: command 0x0406 tx timeout [ 207.104153][ T5796] Bluetooth: hci3: command 0x0406 tx timeout [ 208.255296][ T5839] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 208.286418][ T5839] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 208.331566][ T5839] usb 3-1: config 1 has no interface number 0 [ 208.362985][ T5839] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 208.409495][ T5839] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 208.440548][ T5839] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 208.485596][ T5839] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 208.504323][ T5839] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 208.525502][ T5839] usb 3-1: Product: syz [ 208.529921][ T5839] usb 3-1: Manufacturer: syz [ 208.544780][ T5839] usb 3-1: SerialNumber: syz [ 209.185527][ T6830] syz.1.274[6830] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 209.185995][ T6830] syz.1.274[6830] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 209.234557][ T6830] loop1: detected capacity change from 0 to 128 [ 209.274729][ T23] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 209.404178][ T6830] input: syz1 as /devices/virtual/input/input6 [ 209.602365][ T23] usb 4-1: device descriptor read/64, error -71 [ 210.374505][ T23] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 210.778432][ T5839] cdc_ncm 3-1:1.1: bind() failure [ 210.999840][ T9] usb 3-1: USB disconnect, device number 11 [ 211.405376][ T23] usb 4-1: device descriptor read/64, error -71 [ 211.531462][ T23] usb usb4-port1: attempt power cycle [ 211.993814][ T6845] netlink: 12 bytes leftover after parsing attributes in process `syz.1.281'. [ 214.153630][ T6868] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.162619][ T6868] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.186512][ T6868] bridge0: entered allmulticast mode [ 214.316001][ T6868] bridge_slave_1: left allmulticast mode [ 214.331741][ T6868] bridge_slave_1: left promiscuous mode [ 214.362613][ T6868] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.402235][ T6868] bridge_slave_0: left allmulticast mode [ 214.408095][ T6868] bridge_slave_0: left promiscuous mode [ 214.419475][ T6868] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.503269][ T6873] syz.3.287[6873] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 214.504080][ T6873] syz.3.287[6873] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 214.553567][ T6873] loop3: detected capacity change from 0 to 128 [ 214.890645][ T6873] input: syz1 as /devices/virtual/input/input7 [ 216.941997][ T786] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 217.112183][ T27] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 217.159922][ T786] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 217.182664][ T786] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 217.191791][ T786] usb 3-1: config 1 has no interface number 0 [ 217.208632][ T786] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 217.220503][ T786] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 217.240837][ T786] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 217.461961][ T786] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 217.471154][ T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 217.480458][ T786] usb 3-1: Product: syz [ 217.484835][ T27] usb 1-1: Using ep0 maxpacket: 8 [ 217.490064][ T786] usb 3-1: Manufacturer: syz [ 217.495079][ T786] usb 3-1: SerialNumber: syz [ 217.501254][ T27] usb 1-1: config index 0 descriptor too short (expected 30768, got 252) [ 217.510510][ T27] usb 1-1: config 102 has too many interfaces: 102, using maximum allowed: 32 [ 217.520998][ T27] usb 1-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config [ 217.532543][ T27] usb 1-1: config 102 has 0 interfaces, different from the descriptor's value: 102 [ 217.570880][ T27] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 217.673950][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 217.689476][ T27] usb 1-1: Product: syz [ 217.698637][ T27] usb 1-1: Manufacturer: syz [ 217.707365][ T27] usb 1-1: SerialNumber: syz [ 218.558067][ T27] usb 1-1: USB disconnect, device number 8 [ 218.603366][ T786] cdc_ncm 3-1:1.1: bind() failure [ 219.234548][ T27] usb 3-1: USB disconnect, device number 12 [ 219.873343][ T786] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 220.093956][ T786] usb 1-1: unable to get BOS descriptor or descriptor too short [ 220.114611][ T786] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 220.134708][ T786] usb 1-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 220.144450][ T786] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.152782][ T786] usb 1-1: Product: syz [ 220.156991][ T786] usb 1-1: Manufacturer: syz [ 220.161622][ T786] usb 1-1: SerialNumber: syz [ 220.173874][ T786] usbhid 1-1:1.0: couldn't find an input interrupt endpoint [ 220.378933][ T786] usb 1-1: USB disconnect, device number 9 [ 221.165783][ T6913] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.173623][ T6913] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.181994][ T6913] bridge0: entered allmulticast mode [ 221.328648][ T6913] bridge_slave_1: left allmulticast mode [ 221.355218][ T6913] bridge_slave_1: left promiscuous mode [ 221.361229][ T6913] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.395080][ T6913] bridge_slave_0: left allmulticast mode [ 221.415974][ T6913] bridge_slave_0: left promiscuous mode [ 221.425666][ T6913] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.617673][ T6922] syz.0.301[6922] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 221.617815][ T6922] syz.0.301[6922] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 221.636439][ T6922] loop0: detected capacity change from 0 to 128 [ 222.932664][ T6922] input: syz1 as /devices/virtual/input/input8 [ 224.105986][ T5876] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 226.077285][ T786] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 226.371142][ T786] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 226.494538][ T786] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 226.604539][ T786] usb 4-1: config 1 has no interface number 0 [ 226.691703][ T786] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 226.802101][ T5876] usb 2-1: Using ep0 maxpacket: 8 [ 226.814055][ T5876] usb 2-1: unable to get BOS descriptor or descriptor too short [ 226.834093][ T5876] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 226.874091][ T5876] usb 2-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 226.894768][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.916989][ T5876] usb 2-1: Product: syz [ 226.919946][ T786] usb 4-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 226.930528][ T786] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 226.946842][ T786] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 226.962076][ T5876] usb 2-1: Manufacturer: syz [ 226.967253][ T786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.975924][ T5876] usb 2-1: SerialNumber: syz [ 227.002049][ T786] usb 4-1: Product: syz [ 227.011257][ T786] usb 4-1: Manufacturer: syz [ 227.017110][ T786] usb 4-1: SerialNumber: syz [ 227.032640][ T5876] usbhid 2-1:1.0: couldn't find an input interrupt endpoint [ 227.224846][ T5876] usb 2-1: USB disconnect, device number 11 [ 227.512868][ T28] audit: type=1326 audit(1755353741.342:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6950 comm="syz.2.316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 227.549133][ T28] audit: type=1326 audit(1755353741.352:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6950 comm="syz.2.316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 228.022200][ T28] audit: type=1326 audit(1755353741.352:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6950 comm="syz.2.316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 228.081943][ T28] audit: type=1326 audit(1755353741.352:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6950 comm="syz.2.316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 228.124559][ T786] cdc_ncm 4-1:1.1: bind() failure [ 228.156793][ T28] audit: type=1326 audit(1755353741.352:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6950 comm="syz.2.316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 228.339417][ T786] usb 4-1: USB disconnect, device number 9 [ 228.460426][ T6959] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.468341][ T6959] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.484557][ T6959] bridge0: entered allmulticast mode [ 228.494499][ T5876] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 228.545938][ T6960] bridge_slave_1: left allmulticast mode [ 228.565967][ T6960] bridge_slave_1: left promiscuous mode [ 228.571827][ T6960] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.609840][ T6960] bridge_slave_0: left allmulticast mode [ 228.617213][ T6960] bridge_slave_0: left promiscuous mode [ 228.627501][ T6960] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.682912][ T5876] usb 3-1: Using ep0 maxpacket: 8 [ 228.695054][ T5876] usb 3-1: config index 0 descriptor too short (expected 30768, got 252) [ 229.514728][ T5876] usb 3-1: config 102 has too many interfaces: 102, using maximum allowed: 32 [ 229.532722][ T5876] usb 3-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config [ 229.549193][ T5876] usb 3-1: config 102 has 0 interfaces, different from the descriptor's value: 102 [ 229.562549][ T5876] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 229.573059][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 229.591993][ T5876] usb 3-1: Product: syz [ 229.596246][ T5876] usb 3-1: Manufacturer: syz [ 229.601053][ T5876] usb 3-1: SerialNumber: syz [ 229.759889][ T6970] loop3: detected capacity change from 0 to 128 [ 229.870912][ T5876] usb 3-1: USB disconnect, device number 13 [ 234.050444][ T5876] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 234.145247][ T7000] loop3: detected capacity change from 0 to 128 [ 234.274748][ T7004] loop0: detected capacity change from 0 to 128 [ 234.655634][ T28] audit: type=1326 audit(1755353748.492:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7006 comm="syz.3.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba6b8ebe9 code=0x7ffc0000 [ 234.753845][ T28] audit: type=1326 audit(1755353748.522:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7006 comm="syz.3.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7ffba6b8ebe9 code=0x7ffc0000 [ 234.866943][ T28] audit: type=1326 audit(1755353748.522:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7006 comm="syz.3.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba6b8ebe9 code=0x7ffc0000 [ 236.250230][ T7012] netlink: 12 bytes leftover after parsing attributes in process `syz.1.336'. [ 237.529562][ T5876] usb 3-1: device descriptor read/all, error -71 [ 238.302919][ T5899] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 238.522050][ T5899] usb 2-1: Using ep0 maxpacket: 8 [ 238.566177][ T5899] usb 2-1: config 135 has an invalid interface number: 230 but max is 0 [ 238.592324][ T5899] usb 2-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 239.435728][ T5899] usb 2-1: config 135 has no interface number 0 [ 239.444064][ T5899] usb 2-1: too many endpoints for config 135 interface 230 altsetting 48: 120, using maximum allowed: 30 [ 239.456601][ T5899] usb 2-1: config 135 interface 230 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 120 [ 239.470303][ T5899] usb 2-1: config 135 interface 230 has no altsetting 0 [ 239.489068][ T5899] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 239.502030][ T5899] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.510138][ T5899] usb 2-1: Product: syz [ 239.525399][ T5899] usb 2-1: Manufacturer: syz [ 239.530090][ T5899] usb 2-1: SerialNumber: syz [ 239.556643][ T7040] loop0: detected capacity change from 0 to 128 [ 239.853726][ T5899] usb 2-1: USB disconnect, device number 12 [ 239.965264][ T7046] syz.2.346[7046] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 239.965540][ T7046] syz.2.346[7046] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 239.988161][ T7047] netlink: 12 bytes leftover after parsing attributes in process `syz.0.347'. [ 241.132890][ T7046] loop2: detected capacity change from 0 to 128 [ 243.257134][ T7061] netlink: 96 bytes leftover after parsing attributes in process `syz.3.353'. [ 243.300661][ T786] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 243.518438][ T786] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 243.586165][ T786] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 243.803801][ T786] usb 1-1: config 1 has no interface number 0 [ 243.964042][ T786] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 244.003870][ T786] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 244.232833][ T786] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 244.249943][ T786] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 244.260924][ T786] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 244.269334][ T786] usb 1-1: Product: syz [ 244.273629][ T786] usb 1-1: Manufacturer: syz [ 244.278349][ T786] usb 1-1: SerialNumber: syz [ 245.657089][ T786] cdc_ncm 1-1:1.1: bind() failure [ 245.672976][ T786] usb 1-1: USB disconnect, device number 10 [ 245.860017][ T7086] netlink: 12 bytes leftover after parsing attributes in process `syz.3.357'. [ 245.913137][ T5839] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 246.123584][ T5839] usb 2-1: Using ep0 maxpacket: 8 [ 246.136404][ T5839] usb 2-1: config 135 has an invalid interface number: 230 but max is 0 [ 246.159668][ T5839] usb 2-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 246.186686][ T5839] usb 2-1: config 135 has no interface number 0 [ 246.208247][ T5839] usb 2-1: too many endpoints for config 135 interface 230 altsetting 48: 120, using maximum allowed: 30 [ 246.244235][ T5839] usb 2-1: config 135 interface 230 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 120 [ 246.261306][ T5839] usb 2-1: config 135 interface 230 has no altsetting 0 [ 246.277370][ T5839] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 246.290990][ T5839] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 246.308180][ T5839] usb 2-1: Product: syz [ 246.315201][ T5839] usb 2-1: Manufacturer: syz [ 246.320068][ T5839] usb 2-1: SerialNumber: syz [ 246.625427][ T5839] usb 2-1: USB disconnect, device number 13 [ 246.852318][ T7095] netlink: 12 bytes leftover after parsing attributes in process `syz.0.363'. [ 246.920013][ T7097] loop2: detected capacity change from 0 to 512 [ 246.963333][ T7097] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.364: casefold flag without casefold feature [ 247.050939][ T7097] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.364: couldn't read orphan inode 15 (err -117) [ 247.084603][ T7097] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 247.172807][ T7101] 9pnet_fd: Insufficient options for proto=fd [ 249.720599][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.868768][ T27] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 250.064166][ T27] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 250.082053][ T27] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 250.091005][ T27] usb 1-1: config 1 has no interface number 0 [ 250.121981][ T27] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 250.151941][ T27] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 250.171383][ T27] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 250.197569][ T27] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 250.211920][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.230391][ T27] usb 1-1: Product: syz [ 250.234717][ T27] usb 1-1: Manufacturer: syz [ 250.239352][ T27] usb 1-1: SerialNumber: syz [ 251.083535][ T27] cdc_ncm 1-1:1.1: bind() failure [ 251.304075][ T5839] usb 1-1: USB disconnect, device number 11 [ 251.324511][ T7141] 9pnet_fd: Insufficient options for proto=fd [ 251.916734][ T28] audit: type=1326 audit(1755353765.742:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 253.041715][ T28] audit: type=1326 audit(1755353765.742:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 253.149108][ T28] audit: type=1326 audit(1755353765.752:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 253.182545][ T28] audit: type=1326 audit(1755353765.752:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 253.212332][ T28] audit: type=1326 audit(1755353765.752:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 253.344569][ T7156] loop1: detected capacity change from 0 to 512 [ 253.536558][ T7156] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.379: casefold flag without casefold feature [ 253.766114][ T7156] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.379: couldn't read orphan inode 15 (err -117) [ 254.132913][ T7156] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 254.692038][ T5899] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 254.912475][ T5899] usb 4-1: unable to get BOS descriptor or descriptor too short [ 254.931484][ T5899] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 254.964403][ T5899] usb 4-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 254.984273][ T5899] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 255.005719][ T5899] usb 4-1: Product: syz [ 255.025045][ T5899] usb 4-1: Manufacturer: syz [ 255.041543][ T5899] usb 4-1: SerialNumber: syz [ 255.073834][ T5899] usbhid 4-1:1.0: couldn't find an input interrupt endpoint [ 255.541024][ T7179] netlink: 12 bytes leftover after parsing attributes in process `syz.2.386'. [ 255.804663][ T5899] usb 4-1: USB disconnect, device number 10 [ 255.812784][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.037616][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.046359][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.806291][ T28] audit: type=1326 audit(1755353770.642:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7184 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba6b8ebe9 code=0x7ffc0000 [ 257.566350][ T28] audit: type=1326 audit(1755353770.642:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7184 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba6b8ebe9 code=0x7ffc0000 [ 257.772459][ T28] audit: type=1326 audit(1755353770.642:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7184 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7ffba6b8ebe9 code=0x7ffc0000 [ 257.876983][ T28] audit: type=1326 audit(1755353770.642:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7184 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba6b8ebe9 code=0x7ffc0000 [ 257.905531][ T28] audit: type=1326 audit(1755353770.642:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7184 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba6b8ebe9 code=0x7ffc0000 [ 258.022960][ T7198] loop0: detected capacity change from 0 to 128 [ 258.418290][ T7204] loop0: detected capacity change from 0 to 256 [ 258.702349][ T7204] exfat: Deprecated parameter 'utf8' [ 258.775990][ T7204] exfat: Deprecated parameter 'utf8' [ 258.808169][ T7204] exfat: Deprecated parameter 'utf8' [ 259.142630][ T7204] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 259.533608][ T7211] input: syz1 as /devices/virtual/input/input11 [ 260.033571][ T5899] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 260.233579][ T5899] usb 2-1: unable to get BOS descriptor or descriptor too short [ 260.252756][ T5899] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 260.274901][ T5899] usb 2-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 260.292604][ T5899] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.311180][ T5899] usb 2-1: Product: syz [ 260.327254][ T5899] usb 2-1: Manufacturer: syz [ 260.347549][ T5899] usb 2-1: SerialNumber: syz [ 260.383561][ T5899] usbhid 2-1:1.0: couldn't find an input interrupt endpoint [ 260.976189][ T786] usb 2-1: USB disconnect, device number 14 [ 261.416459][ T7224] loop0: detected capacity change from 0 to 256 [ 261.472062][ T7224] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 261.508810][ T7224] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 261.552164][ T7224] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 261.600214][ T7224] netlink: 28 bytes leftover after parsing attributes in process `syz.0.400'. [ 263.136054][ T7241] loop3: detected capacity change from 0 to 128 [ 264.872201][ T28] audit: type=1326 audit(1755353778.662:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7255 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 264.984056][ T28] audit: type=1326 audit(1755353778.662:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7255 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 265.031585][ T28] audit: type=1326 audit(1755353778.672:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7255 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 265.055516][ T28] audit: type=1326 audit(1755353778.672:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7255 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 265.079130][ T28] audit: type=1326 audit(1755353778.672:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7255 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 265.105426][ T28] audit: type=1326 audit(1755353778.672:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7255 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 265.129253][ T28] audit: type=1326 audit(1755353778.672:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7255 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 265.158612][ T28] audit: type=1326 audit(1755353778.682:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7255 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 265.191156][ T28] audit: type=1326 audit(1755353778.682:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7255 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 265.219237][ T28] audit: type=1326 audit(1755353778.702:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7255 comm="syz.1.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 265.482065][ T786] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 265.565145][ T7269] loop0: detected capacity change from 0 to 128 [ 265.694493][ T786] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 265.710479][ T786] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 265.726701][ T786] usb 3-1: config 1 has no interface number 0 [ 265.734381][ T786] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 265.752233][ T786] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 265.766101][ T786] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 265.787574][ T786] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 265.798373][ T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.808085][ T786] usb 3-1: Product: syz [ 265.813833][ T786] usb 3-1: Manufacturer: syz [ 265.818575][ T786] usb 3-1: SerialNumber: syz [ 266.392262][ T7278] netlink: 12 bytes leftover after parsing attributes in process `syz.0.417'. [ 266.692463][ T786] cdc_ncm 3-1:1.1: bind() failure [ 266.925738][ T9] usb 3-1: USB disconnect, device number 16 [ 269.702031][ T27] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 269.752865][ T7305] syz.3.426[7305] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 269.753055][ T7305] syz.3.426[7305] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 269.796767][ T7305] loop3: detected capacity change from 0 to 128 [ 269.932247][ T27] usb 3-1: Using ep0 maxpacket: 8 [ 269.963279][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 269.963319][ T28] audit: type=1326 audit(1755353783.772:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.1.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7fc00000 [ 270.113831][ T27] usb 3-1: config 135 has an invalid interface number: 230 but max is 0 [ 270.489036][ T7310] input: syz1 as /devices/virtual/input/input12 [ 270.528094][ T27] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 271.039009][ T27] usb 3-1: config 135 has no interface number 0 [ 271.039031][ T28] audit: type=1326 audit(1755353783.862:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.1.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff836b8ebe9 code=0x7fc00000 [ 271.061965][ T27] usb 3-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 271.119886][ T28] audit: type=1326 audit(1755353783.902:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.1.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7fc00000 [ 271.157426][ T27] usb 3-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 271.472078][ T27] usb 3-1: config 135 interface 230 has no altsetting 0 [ 271.952499][ T27] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 271.961617][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.970514][ T27] usb 3-1: Product: syz [ 271.975749][ T27] usb 3-1: Manufacturer: syz [ 271.980413][ T27] usb 3-1: SerialNumber: syz [ 272.124234][ T9] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 272.332387][ T27] usb 3-1: Found UVC 0.00 device syz (18ec:3288) [ 272.338542][ T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 272.339419][ T27] usb 3-1: No valid video chain found. [ 272.362253][ T27] usb 3-1: USB disconnect, device number 17 [ 272.379953][ T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 272.399397][ T9] usb 2-1: config 1 has no interface number 0 [ 272.626116][ T7323] netlink: 12 bytes leftover after parsing attributes in process `syz.3.431'. [ 273.002499][ T7325] syz.0.432[7325] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 273.002650][ T7325] syz.0.432[7325] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 273.675182][ T7325] loop0: detected capacity change from 0 to 128 [ 275.022028][ T9] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 276.021992][ T9] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 276.822016][ T9] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 276.936778][ T9] usb 2-1: string descriptor 0 read error: -71 [ 277.003676][ T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 277.083408][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 277.197187][ T9] usb 2-1: can't set config #1, error -71 [ 277.227138][ T28] audit: type=1326 audit(1755353791.072:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.1.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 277.282244][ T9] usb 2-1: USB disconnect, device number 15 [ 277.335426][ T28] audit: type=1326 audit(1755353791.072:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.1.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 277.402039][ T28] audit: type=1326 audit(1755353791.152:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.1.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 277.455365][ T28] audit: type=1326 audit(1755353791.152:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.1.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 277.518046][ T28] audit: type=1326 audit(1755353791.152:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.1.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff836b8ebe9 code=0x7ffc0000 [ 277.537798][ T7340] loop1: detected capacity change from 0 to 512 [ 277.562662][ T786] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 277.606196][ T5806] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 278.785658][ T786] usb 4-1: unable to get BOS descriptor or descriptor too short [ 278.806441][ T786] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 278.841272][ T786] usb 4-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 278.867008][ T786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 278.891915][ T786] usb 4-1: Product: syz [ 278.896205][ T786] usb 4-1: Manufacturer: syz [ 278.900860][ T786] usb 4-1: SerialNumber: syz [ 278.918550][ T786] usbhid 4-1:1.0: couldn't find an input interrupt endpoint [ 279.048709][ T7360] syz.0.439[7360] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 279.048853][ T7360] syz.0.439[7360] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 279.065026][ T7360] loop0: detected capacity change from 0 to 128 [ 279.113593][ T7360] input: syz1 as /devices/virtual/input/input13 [ 279.148644][ T27] usb 4-1: USB disconnect, device number 11 [ 279.241995][ T786] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 279.457578][ T786] usb 3-1: Using ep0 maxpacket: 8 [ 279.474060][ T786] usb 3-1: config 135 has an invalid interface number: 230 but max is 0 [ 279.497893][ T786] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 279.518730][ T786] usb 3-1: config 135 has no interface number 0 [ 279.539049][ T786] usb 3-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 279.560486][ T786] usb 3-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 279.579158][ T786] usb 3-1: config 135 interface 230 has no altsetting 0 [ 279.594672][ T786] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 279.606343][ T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.616455][ T786] usb 3-1: Product: syz [ 279.620746][ T786] usb 3-1: Manufacturer: syz [ 279.707475][ T7366] netlink: 12 bytes leftover after parsing attributes in process `syz.1.444'. [ 280.465201][ T786] usb 3-1: SerialNumber: syz [ 280.792353][ T786] usb 3-1: Found UVC 0.00 device syz (18ec:3288) [ 280.799222][ T786] usb 3-1: No valid video chain found. [ 281.112693][ T7370] syz.3.445[7370] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 281.112837][ T7370] syz.3.445[7370] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 281.545137][ T7370] loop3: detected capacity change from 0 to 128 [ 281.928574][ T7370] input: syz1 as /devices/virtual/input/input14 [ 282.034690][ T786] usb 3-1: USB disconnect, device number 18 [ 282.868118][ T28] audit: type=1326 audit(1755353796.642:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc45738ebe9 code=0x7fc00000 [ 283.022147][ T28] audit: type=1326 audit(1755353796.652:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc45738ebe9 code=0x7fc00000 [ 283.116716][ T28] audit: type=1326 audit(1755353796.662:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc45738ebe9 code=0x7fc00000 [ 283.750356][ T7385] loop3: detected capacity change from 0 to 512 [ 284.397613][ T7390] loop2: detected capacity change from 0 to 256 [ 284.453732][ T7390] exfat: Deprecated parameter 'namecase' [ 284.676705][ T7390] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 285.078844][ T7398] netlink: 12 bytes leftover after parsing attributes in process `syz.1.454'. [ 285.313625][ T27] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 285.672116][ T27] usb 4-1: Using ep0 maxpacket: 8 [ 285.690938][ T27] usb 4-1: config 135 has an invalid interface number: 230 but max is 0 [ 285.711584][ T27] usb 4-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 285.751958][ T27] usb 4-1: config 135 has no interface number 0 [ 285.768704][ T27] usb 4-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 285.790616][ T27] usb 4-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 285.824837][ T27] usb 4-1: config 135 interface 230 has no altsetting 0 [ 285.852700][ T27] usb 4-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 285.874736][ T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 285.896770][ T27] usb 4-1: Product: syz [ 285.901010][ T27] usb 4-1: Manufacturer: syz [ 285.912349][ T27] usb 4-1: SerialNumber: syz [ 285.937207][ T27] usb 4-1: Found UVC 0.00 device syz (18ec:3288) [ 285.972023][ T27] usb 4-1: No valid video chain found. [ 286.011971][ T9] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 286.148536][ T786] usb 4-1: USB disconnect, device number 12 [ 286.904601][ T28] audit: type=1326 audit(1755353800.752:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7399 comm="syz.3.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba6b8ebe9 code=0x7fc00000 [ 286.986517][ T28] audit: type=1326 audit(1755353800.772:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7399 comm="syz.3.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ffba6b8ebe9 code=0x7fc00000 [ 287.012581][ T28] audit: type=1326 audit(1755353800.782:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7399 comm="syz.3.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffba6b8ebe9 code=0x7fc00000 [ 287.194481][ T9] usb 3-1: unable to get BOS descriptor or descriptor too short [ 287.200138][ T786] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 287.213694][ T9] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 287.237491][ T9] usb 3-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 287.251964][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 287.271775][ T9] usb 3-1: Product: syz [ 287.279636][ T786] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 287.289779][ T9] usb 3-1: Manufacturer: syz [ 287.289802][ T9] usb 3-1: SerialNumber: syz [ 287.316737][ T9] usbhid 3-1:1.0: couldn't find an input interrupt endpoint [ 287.406986][ T7408] fido_id[7408]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 287.512062][ T9] usb 3-1: USB disconnect, device number 19 [ 287.679480][ T7414] syz.1.460[7414] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 287.679850][ T7414] syz.1.460[7414] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 287.711514][ T7414] loop1: detected capacity change from 0 to 128 [ 287.820846][ T7414] input: syz1 as /devices/virtual/input/input15 [ 290.832699][ T7438] syz.3.469[7438] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 290.832853][ T7438] syz.3.469[7438] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 291.359397][ T7438] loop3: detected capacity change from 0 to 128 [ 295.072214][ T5806] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 295.270599][ T27] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 295.321684][ T7452] loop3: detected capacity change from 0 to 4096 [ 295.527555][ T7452] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.747770][ T7452] EXT4-fs error (device loop3): ext4_empty_dir:3154: inode #12: block 80: comm syz.3.472: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0 [ 295.840519][ T7452] EXT4-fs warning (device loop3): ext4_empty_dir:3156: inode #12: comm syz.3.472: directory missing '..' [ 295.958413][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.681377][ T7465] syz.1.476[7465] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 296.681527][ T7465] syz.1.476[7465] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 296.802934][ T7459] loop1: detected capacity change from 0 to 128 [ 296.852897][ T7467] netlink: 12 bytes leftover after parsing attributes in process `syz.2.478'. [ 297.043419][ T27] usb 1-1: unable to get BOS descriptor or descriptor too short [ 297.687324][ T27] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 297.723962][ T27] usb 1-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 297.749862][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.760748][ T27] usb 1-1: Product: syz [ 297.770107][ T27] usb 1-1: Manufacturer: syz [ 297.779945][ T27] usb 1-1: SerialNumber: syz [ 297.803174][ T27] usbhid 1-1:1.0: couldn't find an input interrupt endpoint [ 297.828528][ T7473] bridge_slave_0: entered promiscuous mode [ 298.194798][ T27] usb 1-1: USB disconnect, device number 12 [ 298.314262][ T7478] syz.1.480[7478] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 298.315019][ T7478] syz.1.480[7478] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 298.358155][ T7478] loop1: detected capacity change from 0 to 128 [ 298.499971][ T7478] input: syz1 as /devices/virtual/input/input17 [ 301.233776][ T5808] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 301.441726][ T7497] loop0: detected capacity change from 0 to 128 [ 301.793364][ T7503] syz.3.487[7503] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 301.794108][ T7503] syz.3.487[7503] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 301.837787][ T7503] loop3: detected capacity change from 0 to 128 [ 304.001977][ T5876] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 304.192757][ T5876] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 304.232540][ T5876] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 304.250823][ T5876] usb 2-1: config 1 has no interface number 0 [ 304.265296][ T5876] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 304.291474][ T28] audit: type=1326 audit(1755353818.132:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7518 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 304.325550][ T5876] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 304.365534][ T5876] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 304.395229][ T28] audit: type=1326 audit(1755353818.162:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7518 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 304.430218][ T28] audit: type=1326 audit(1755353818.162:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7518 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 304.459397][ T5876] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 304.477064][ T28] audit: type=1326 audit(1755353818.162:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7518 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 304.484823][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 304.506751][ T28] audit: type=1326 audit(1755353818.172:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7518 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 304.529179][ T5876] usb 2-1: Product: syz [ 304.539040][ T28] audit: type=1326 audit(1755353818.172:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7518 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 304.570179][ T7524] syz.3.494[7524] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 304.570842][ T7524] syz.3.494[7524] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 304.606850][ T7524] loop3: detected capacity change from 0 to 128 [ 304.643020][ T28] audit: type=1326 audit(1755353818.172:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7518 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 304.667845][ T28] audit: type=1326 audit(1755353818.172:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7518 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 304.694013][ T28] audit: type=1326 audit(1755353818.172:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7518 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 304.732258][ T5876] usb 2-1: Manufacturer: syz [ 304.737057][ T5876] usb 2-1: SerialNumber: syz [ 304.856631][ T7524] input: syz1 as /devices/virtual/input/input19 [ 305.146645][ T28] audit: type=1326 audit(1755353818.172:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7518 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc45738ebe9 code=0x7ffc0000 [ 307.090092][ T5876] cdc_ncm 2-1:1.1: bind() failure [ 307.370085][ T9] usb 2-1: USB disconnect, device number 16 [ 309.062676][ T7549] netlink: 12 bytes leftover after parsing attributes in process `syz.0.504'. [ 310.030907][ T7553] loop3: detected capacity change from 0 to 512 [ 312.452422][ T7569] syz.1.507[7569] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 312.452568][ T7569] syz.1.507[7569] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 312.469641][ T7569] loop1: detected capacity change from 0 to 128 [ 312.531482][ T7569] input: syz1 as /devices/virtual/input/input20 [ 313.288529][ T28] kauditd_printk_skb: 16 callbacks suppressed [ 313.288545][ T28] audit: type=1326 audit(1755353827.132:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.0.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f562a18ebe9 code=0x7ffc0000 [ 313.402012][ T28] audit: type=1326 audit(1755353827.132:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.0.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f562a18ebe9 code=0x7ffc0000 [ 313.498047][ T28] audit: type=1326 audit(1755353827.132:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.0.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f562a18ebe9 code=0x7ffc0000 [ 313.504525][ T7578] loop3: detected capacity change from 0 to 1024 [ 313.550543][ T28] audit: type=1326 audit(1755353827.132:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.0.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f562a18ebe9 code=0x7ffc0000 [ 313.583728][ T7578] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 313.604588][ T28] audit: type=1326 audit(1755353827.132:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.0.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f562a18ebe9 code=0x7ffc0000 [ 313.669292][ T28] audit: type=1326 audit(1755353827.132:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.0.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f562a18ebe9 code=0x7ffc0000 [ 313.693436][ T28] audit: type=1326 audit(1755353827.132:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.0.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f562a18ebe9 code=0x7ffc0000 [ 313.716950][ T28] audit: type=1326 audit(1755353827.142:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.0.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f562a18ebe9 code=0x7ffc0000 [ 313.775087][ T28] audit: type=1326 audit(1755353827.142:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.0.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f562a18ebe9 code=0x7ffc0000 [ 313.799020][ T28] audit: type=1326 audit(1755353827.142:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.0.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f562a18ebe9 code=0x7ffc0000 [ 314.482283][ T5876] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 314.753577][ T5876] usb 2-1: unable to get BOS descriptor or descriptor too short [ 314.764567][ T5876] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 314.789336][ T5876] usb 2-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 314.801952][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 314.832249][ T5876] usb 2-1: Product: syz [ 314.836559][ T5876] usb 2-1: Manufacturer: syz [ 314.841210][ T5876] usb 2-1: SerialNumber: syz [ 314.867301][ T5876] usbhid 2-1:1.0: couldn't find an input interrupt endpoint [ 315.079031][ T5876] usb 2-1: USB disconnect, device number 17 [ 315.744010][ T7606] syz.0.520[7606] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 315.744746][ T7606] syz.0.520[7606] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 315.788563][ T7606] loop0: detected capacity change from 0 to 128 [ 316.081952][ T7606] input: syz1 as /devices/virtual/input/input21 [ 317.492634][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.500188][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.829783][ T7613] netlink: 12 bytes leftover after parsing attributes in process `syz.2.519'. [ 318.822443][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.651963][ T5876] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 319.863976][ T5876] usb 4-1: unable to get BOS descriptor or descriptor too short [ 319.886412][ T5876] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 319.921407][ T5876] usb 4-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 319.944702][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 319.977193][ T5876] usb 4-1: Product: syz [ 319.990022][ T5876] usb 4-1: Manufacturer: syz [ 320.005199][ T5876] usb 4-1: SerialNumber: syz [ 320.039899][ T5876] usbhid 4-1:1.0: couldn't find an input interrupt endpoint [ 320.249151][ T5876] usb 4-1: USB disconnect, device number 13 [ 320.613380][ T7645] loop0: detected capacity change from 0 to 128 [ 320.688694][ T7641] syz.0.532[7641] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 320.811149][ T7645] input: syz1 as /devices/virtual/input/input22 [ 322.922160][ T9] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 323.112112][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 323.130872][ T9] usb 2-1: config 135 has an invalid interface number: 230 but max is 0 [ 323.149074][ T9] usb 2-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 323.176880][ T9] usb 2-1: config 135 has no interface number 0 [ 323.189918][ T9] usb 2-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 323.217666][ T9] usb 2-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 323.247219][ T9] usb 2-1: config 135 interface 230 has no altsetting 0 [ 323.264777][ T9] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 323.274230][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 323.282484][ T9] usb 2-1: Product: syz [ 323.286784][ T9] usb 2-1: Manufacturer: syz [ 323.291536][ T9] usb 2-1: SerialNumber: syz [ 323.311700][ T9] usb 2-1: Found UVC 0.00 device syz (18ec:3288) [ 323.322648][ T9] usb 2-1: No valid video chain found. [ 323.420542][ T7667] loop0: detected capacity change from 0 to 1024 [ 323.448082][ T7667] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 323.536885][ T9] usb 2-1: USB disconnect, device number 18 [ 324.733242][ T7683] syz.1.543[7683] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 324.733994][ T7683] syz.1.543[7683] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 324.759838][ T7683] loop1: detected capacity change from 0 to 128 [ 325.102910][ T7683] input: syz1 as /devices/virtual/input/input23 [ 326.092658][ T7690] syz.2.545[7690] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 326.092822][ T7690] syz.2.545[7690] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 326.464862][ T7690] loop2: detected capacity change from 0 to 128 [ 327.027096][ T7690] input: syz1 as /devices/virtual/input/input24 [ 328.887451][ T7693] loop1: detected capacity change from 0 to 40427 [ 328.913878][ T7693] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 328.958272][ T7693] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 329.085631][ T7693] F2FS-fs (loop1): Found nat_bits in checkpoint [ 329.181938][ T7693] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 329.189602][ T7693] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 329.313094][ T5899] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 329.329639][ T28] kauditd_printk_skb: 30 callbacks suppressed [ 329.329666][ T28] audit: type=1804 audit(1755353843.172:223): pid=7693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.547" name="/newroot/152/file0/bus" dev="loop1" ino=11 res=1 errno=0 [ 329.415181][ T7709] netlink: 12 bytes leftover after parsing attributes in process `syz.3.550'. [ 329.462414][ T28] audit: type=1804 audit(1755353843.182:224): pid=7693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.547" name="/newroot/152/file0/bus" dev="loop1" ino=11 res=1 errno=0 [ 329.605628][ T7693] F2FS-fs (loop1): Stopped filesystem due to reason: 0 [ 331.126772][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.191944][ T5899] usb 3-1: Using ep0 maxpacket: 8 [ 331.203630][ T5899] usb 3-1: config 135 has an invalid interface number: 230 but max is 0 [ 331.224232][ T5899] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 331.291960][ T5899] usb 3-1: config 135 has no interface number 0 [ 331.299414][ T5899] usb 3-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 331.357710][ T5899] usb 3-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 331.391980][ T5899] usb 3-1: config 135 interface 230 has no altsetting 0 [ 331.403883][ T5899] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 331.426790][ T5899] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 331.472269][ T5899] usb 3-1: Product: syz [ 331.476607][ T5899] usb 3-1: Manufacturer: syz [ 331.481262][ T5899] usb 3-1: SerialNumber: syz [ 331.550378][ T5899] usb 3-1: Found UVC 0.00 device syz (18ec:3288) [ 331.564291][ T5899] usb 3-1: No valid video chain found. [ 331.776016][ T9] usb 3-1: USB disconnect, device number 20 [ 332.442280][ T7729] syz.1.557[7729] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 332.442429][ T7729] syz.1.557[7729] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 332.611937][ T7727] loop0: detected capacity change from 0 to 512 [ 332.652519][ T7729] loop1: detected capacity change from 0 to 128 [ 332.720962][ T7727] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 332.848407][ T7729] input: syz1 as /devices/virtual/input/input25 [ 333.120575][ T7727] EXT4-fs (loop0): 1 orphan inode deleted [ 333.127981][ T7727] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.185149][ T7727] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 334.042860][ T64] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 334.322745][ T7740] syz.2.560[7740] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 334.322888][ T7740] syz.2.560[7740] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 334.416893][ T7740] loop2: detected capacity change from 0 to 128 [ 334.512273][ T64] EXT4-fs error (device loop0): ext4_release_dquot:6974: comm kworker/u4:4: Failed to release dquot type 1 [ 334.765209][ T7740] input: syz1 as /devices/virtual/input/input26 [ 335.105269][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 337.455869][ T7764] netlink: 12 bytes leftover after parsing attributes in process `syz.2.563'. [ 337.691351][ T7766] syz.0.567[7766] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 337.692233][ T7766] syz.0.567[7766] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 337.734441][ T7766] loop0: detected capacity change from 0 to 128 [ 338.701921][ T7768] loop1: detected capacity change from 0 to 1024 [ 338.748167][ T7768] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 338.991618][ T7773] loop2: detected capacity change from 0 to 128 [ 339.521394][ T7776] loop3: detected capacity change from 0 to 512 [ 339.632056][ T5806] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 341.915679][ T7789] syz.3.572[7789] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 341.916416][ T7789] syz.3.572[7789] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 341.960302][ T7789] loop3: detected capacity change from 0 to 128 [ 345.534865][ T7809] netlink: 12 bytes leftover after parsing attributes in process `syz.0.577'. [ 346.825802][ T7815] loop3: detected capacity change from 0 to 128 [ 348.499327][ T7824] ip6gre1: entered allmulticast mode [ 349.814138][ T7830] syz.2.582[7830] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 349.814877][ T7830] syz.2.582[7830] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 349.852934][ T7830] loop2: detected capacity change from 0 to 128 [ 351.034403][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.232589][ T6336] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 352.015919][ T6336] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 352.260502][ T6336] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 352.281082][ T6336] usb 4-1: config 1 has no interface number 0 [ 352.288250][ T6336] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 352.299731][ T6336] usb 4-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 352.309376][ T6336] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 352.340738][ T6336] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 352.418741][ T6336] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 352.504661][ T6336] usb 4-1: Product: syz [ 352.564807][ T6336] usb 4-1: Manufacturer: syz [ 352.698345][ T6336] usb 4-1: SerialNumber: syz [ 353.325758][ T7850] loop0: detected capacity change from 0 to 512 [ 353.619309][ T7853] netlink: 12 bytes leftover after parsing attributes in process `syz.1.590'. [ 355.556819][ T6336] cdc_ncm 4-1:1.1: bind() failure [ 355.635441][ T6336] usb 4-1: USB disconnect, device number 14 [ 357.348004][ T7860] ip6gre1: entered allmulticast mode [ 358.671361][ T7864] loop2: detected capacity change from 0 to 4096 [ 358.771158][ T7864] EXT4-fs (loop2): Test dummy encryption mode enabled [ 358.824753][ T7871] loop1: detected capacity change from 0 to 512 [ 358.848549][ T7864] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 358.863553][ T7871] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.596: casefold flag without casefold feature [ 358.929692][ T7871] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.596: couldn't read orphan inode 15 (err -117) [ 358.967779][ T7871] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 359.499319][ T7864] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 360.672743][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.682388][ T27] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 360.894381][ T27] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 360.924992][ T27] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 360.964573][ T27] usb 1-1: config 1 has no interface number 0 [ 360.981054][ T27] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 361.003764][ T27] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 361.228990][ T27] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 361.465294][ T7903] syz.2.603[7903] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 361.465437][ T7903] syz.2.603[7903] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 361.492455][ T7898] loop2: detected capacity change from 0 to 128 [ 361.516359][ T27] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 361.525646][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 361.731880][ T7905] netlink: 12 bytes leftover after parsing attributes in process `syz.3.605'. [ 362.211147][ T27] usb 1-1: Product: syz [ 362.785992][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.831426][ T27] usb 1-1: Manufacturer: syz [ 362.837407][ T27] usb 1-1: SerialNumber: syz [ 364.330400][ T27] usb 1-1: can't set config #1, error -71 [ 364.338099][ T27] usb 1-1: USB disconnect, device number 13 [ 365.038075][ T7924] syz.3.610[7924] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 365.038827][ T7924] syz.3.610[7924] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 365.079563][ T7924] loop3: detected capacity change from 0 to 128 [ 367.071313][ T7915] ip6gre1: entered allmulticast mode [ 367.260292][ T7933] loop3: detected capacity change from 0 to 512 [ 367.392283][ T7933] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.614: casefold flag without casefold feature [ 367.412541][ T7933] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.614: couldn't read orphan inode 15 (err -117) [ 367.437247][ T7933] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 369.601397][ T7951] syz.1.615[7951] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 369.601549][ T7951] syz.1.615[7951] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 369.617501][ T7951] loop1: detected capacity change from 0 to 128 [ 370.501476][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.792391][ T7956] netlink: 12 bytes leftover after parsing attributes in process `syz.0.618'. [ 371.162151][ T27] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 371.384324][ T27] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 371.409441][ T27] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 371.433210][ T27] usb 3-1: config 1 has no interface number 0 [ 371.456707][ T27] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 371.477450][ T27] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 371.507456][ T27] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 371.545077][ T27] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 371.561747][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 371.581116][ T27] usb 3-1: Product: syz [ 371.604379][ T27] usb 3-1: Manufacturer: syz [ 371.609177][ T27] usb 3-1: SerialNumber: syz [ 371.866444][ T7963] capability: warning: `syz.1.622' uses 32-bit capabilities (legacy support in use) [ 373.496036][ T27] cdc_ncm 3-1:1.1: failed GET_NTB_PARAMETERS [ 373.507575][ T27] cdc_ncm 3-1:1.1: bind() failure [ 373.540784][ T27] usb 3-1: USB disconnect, device number 21 [ 373.615818][ T7971] syz.3.623[7971] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 373.615960][ T7971] syz.3.623[7971] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 373.632323][ T7971] loop3: detected capacity change from 0 to 128 [ 376.550539][ T7988] loop1: detected capacity change from 0 to 512 [ 376.622854][ T7988] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.628: casefold flag without casefold feature [ 376.636973][ T7988] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.628: couldn't read orphan inode 15 (err -117) [ 376.655230][ T7988] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 379.014261][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.021181][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.970722][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 383.405908][ T8018] syz.1.632[8018] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 383.406636][ T8018] syz.1.632[8018] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 383.449213][ T8018] loop1: detected capacity change from 0 to 128 [ 383.655763][ T8020] input: syz1 as /devices/virtual/input/input30 [ 385.563566][ T8030] syz.2.636[8030] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 385.564343][ T8030] syz.2.636[8030] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 385.606208][ T8030] loop2: detected capacity change from 0 to 128 [ 386.648963][ T8034] loop3: detected capacity change from 0 to 512 [ 386.721771][ T8034] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.638: casefold flag without casefold feature [ 386.803616][ T8034] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.638: couldn't read orphan inode 15 (err -117) [ 386.869127][ T8034] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 387.165326][ T5805] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 387.178359][ T5805] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 387.187159][ T5805] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 387.195619][ T5805] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 387.203763][ T5805] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 387.211843][ T5805] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 387.737384][ T8042] syz.1.639[8042] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 387.738169][ T8042] syz.1.639[8042] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 387.780323][ T8042] loop1: detected capacity change from 0 to 128 [ 389.610322][ T5808] Bluetooth: hci4: command tx timeout [ 389.827249][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.197508][ T8037] chnl_net:caif_netlink_parms(): no params data found [ 391.632005][ T5808] Bluetooth: hci4: command tx timeout [ 392.245700][ T1140] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.282983][ T5793] syz-executor (5793) used greatest stack depth: 19976 bytes left [ 392.564479][ T1140] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.627589][ T8037] bridge0: port 1(bridge_slave_0) entered blocking state [ 392.646391][ T8037] bridge0: port 1(bridge_slave_0) entered disabled state [ 392.655476][ T8037] bridge_slave_0: entered allmulticast mode [ 392.665516][ T8037] bridge_slave_0: entered promiscuous mode [ 392.691566][ T1140] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.707112][ T8037] bridge0: port 2(bridge_slave_1) entered blocking state [ 392.728155][ T8037] bridge0: port 2(bridge_slave_1) entered disabled state [ 392.758508][ T8037] bridge_slave_1: entered allmulticast mode [ 392.765533][ T8072] syz.3.644[8072] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 392.765668][ T8072] syz.3.644[8072] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 392.782173][ T8072] loop3: detected capacity change from 0 to 128 [ 392.801628][ T27] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 392.845110][ T8072] input: syz1 as /devices/virtual/input/input31 [ 392.857705][ T8037] bridge_slave_1: entered promiscuous mode [ 393.002992][ T27] usb 2-1: Using ep0 maxpacket: 8 [ 393.017056][ T27] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=1b.21 [ 393.031878][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 393.039930][ T1140] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.072002][ T27] usb 2-1: Product: syz [ 393.086873][ T27] usb 2-1: Manufacturer: syz [ 393.091715][ T27] usb 2-1: SerialNumber: syz [ 393.112016][ T27] usb 2-1: config 0 descriptor?? [ 393.125919][ T8037] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 393.127663][ T27] usb_ehset_test: probe of 2-1:0.0 failed with error -32 [ 393.193389][ T8037] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 393.239973][ T8076] loop2: detected capacity change from 0 to 2048 [ 393.306963][ T8076] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 393.329801][ T8069] netlink: 100 bytes leftover after parsing attributes in process `syz.1.645'. [ 393.340882][ T27] usb 2-1: USB disconnect, device number 19 [ 393.361263][ T8076] ext4 filesystem being mounted at /142/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 393.383805][ T8037] team0: Port device team_slave_0 added [ 393.410084][ T8076] fs-verity: sha512 using implementation "sha512-avx2" [ 393.483309][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 393.507324][ T8037] team0: Port device team_slave_1 added [ 393.674808][ T8081] loop2: detected capacity change from 0 to 512 [ 393.683441][ T8037] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 393.694351][ T8037] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 393.733496][ T5808] Bluetooth: hci4: command tx timeout [ 393.750778][ T8081] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.648: casefold flag without casefold feature [ 393.791515][ T8081] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.648: couldn't read orphan inode 15 (err -117) [ 393.810218][ T8037] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 393.858167][ T8081] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 394.217538][ T8037] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 394.250276][ T8037] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 394.288973][ T8087] syz.1.649[8087] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 394.289766][ T8087] syz.1.649[8087] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 394.331547][ T8087] loop1: detected capacity change from 0 to 128 [ 394.914084][ T8037] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 395.495148][ T8037] hsr_slave_0: entered promiscuous mode [ 395.622346][ T8037] hsr_slave_1: entered promiscuous mode [ 396.056996][ T5808] Bluetooth: hci4: command tx timeout [ 396.112138][ T8037] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 396.131936][ T8037] Cannot create hsr debugfs directory [ 396.528580][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.872084][ T8037] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 399.932164][ T8037] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 400.023308][ T8037] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 400.049282][ T8037] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 400.177894][ T1140] hsr_slave_0: left promiscuous mode [ 400.212427][ T1140] hsr_slave_1: left promiscuous mode [ 400.258182][ T1140] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 400.270448][ T1140] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 400.286486][ T1140] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 400.304451][ T1140] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 400.666150][ T8137] syz.1.658[8137] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 400.666911][ T8137] syz.1.658[8137] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 400.707972][ T8137] loop1: detected capacity change from 0 to 128 [ 402.023135][ T1140] veth1_macvtap: left promiscuous mode [ 402.029572][ T1140] veth0_macvtap: left promiscuous mode [ 402.035414][ T1140] veth1_vlan: left promiscuous mode [ 402.041114][ T1140] veth0_vlan: left promiscuous mode [ 403.993011][ T8155] loop3: detected capacity change from 0 to 512 [ 406.761920][ T8174] loop1: detected capacity change from 0 to 512 [ 406.824621][ T8174] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.667: casefold flag without casefold feature [ 406.871560][ T8174] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.667: couldn't read orphan inode 15 (err -117) [ 406.885733][ T8174] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 406.918482][ T8174] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 406.958223][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 407.376206][ T8188] syz.3.669[8188] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 407.376978][ T8188] syz.3.669[8188] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 407.422478][ T8188] loop3: detected capacity change from 0 to 128 [ 407.569821][ T8188] input: syz1 as /devices/virtual/input/input32 [ 408.631334][ T1140] team0 (unregistering): Port device team_slave_1 removed [ 408.711546][ T1140] team0 (unregistering): Port device team_slave_0 removed [ 408.792035][ T1140] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 408.870223][ T1140] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 409.458346][ T8192] loop3: detected capacity change from 0 to 512 [ 410.705133][ T1140] bond0 (unregistering): Released all slaves [ 411.820365][ T8209] tipc: Started in network mode [ 411.825952][ T8209] tipc: Node identity 2, cluster identity 4711 [ 411.832286][ T8209] tipc: Node number set to 2 [ 412.351330][ T8037] 8021q: adding VLAN 0 to HW filter on device bond0 [ 412.412695][ T8037] 8021q: adding VLAN 0 to HW filter on device team0 [ 412.438217][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 412.445456][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 413.406460][ T1121] bridge0: port 2(bridge_slave_1) entered blocking state [ 413.414526][ T1121] bridge0: port 2(bridge_slave_1) entered forwarding state [ 413.627791][ T8037] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 414.024361][ T8235] syz.1.678[8235] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 414.025123][ T8235] syz.1.678[8235] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 414.066855][ T8235] loop1: detected capacity change from 0 to 128 [ 414.252974][ T8235] input: syz1 as /devices/virtual/input/input33 [ 415.427991][ T8037] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 415.821546][ T8225] loop2: detected capacity change from 0 to 40427 [ 415.893196][ T8225] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 415.940422][ T8245] loop3: detected capacity change from 0 to 512 [ 415.949666][ T8225] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 416.045659][ T8245] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.679: casefold flag without casefold feature [ 416.069099][ T8225] F2FS-fs (loop2): invalid crc value [ 416.124340][ T8245] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.679: couldn't read orphan inode 15 (err -117) [ 416.183385][ T8245] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 416.240514][ T8225] F2FS-fs (loop2): Found nat_bits in checkpoint [ 416.350757][ T8256] loop1: detected capacity change from 0 to 512 [ 416.499509][ T7999] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 416.915324][ T8037] veth0_vlan: entered promiscuous mode [ 416.955922][ T8037] veth1_vlan: entered promiscuous mode [ 417.027547][ T8037] veth0_macvtap: entered promiscuous mode [ 417.057121][ T8037] veth1_macvtap: entered promiscuous mode [ 417.128962][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.167601][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.193253][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.232959][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.247168][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.260648][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.414159][ T8037] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 417.571604][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.644250][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.684897][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.723386][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.766441][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.807295][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.819025][ T8037] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 417.832605][ T8037] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.834280][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 417.841356][ T8037] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.859542][ T8037] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.868521][ T8037] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 418.167735][ T3474] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.192095][ T3474] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.346375][ T3474] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.364777][ T3474] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.642320][ T8288] loop2: detected capacity change from 0 to 256 [ 418.656654][ T8288] FAT-fs (loop2): Unrecognized mount option "18446744073709551615" or missing value [ 426.414975][ T7998] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 427.244032][ T8313] overlayfs: failed to resolve './bus': -2 [ 427.263759][ T786] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 427.891920][ T786] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 427.922205][ T786] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 427.931156][ T786] usb 5-1: config 1 has no interface number 0 [ 427.946028][ T786] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 427.976483][ T786] usb 5-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 427.996659][ T786] usb 5-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 428.031939][ T786] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 428.041114][ T786] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 428.111595][ T786] usb 5-1: Product: syz [ 428.134251][ T786] usb 5-1: Manufacturer: syz [ 428.138926][ T786] usb 5-1: SerialNumber: syz [ 428.147547][ T8322] loop3: detected capacity change from 0 to 512 [ 428.206603][ T8322] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.692: casefold flag without casefold feature [ 428.236878][ T8322] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.692: couldn't read orphan inode 15 (err -117) [ 428.256322][ T8322] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 428.432211][ T27] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 428.634389][ T27] usb 2-1: unable to get BOS descriptor or descriptor too short [ 428.654492][ T27] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 428.942003][ T786] cdc_ncm 5-1:1.1: failed GET_NTB_PARAMETERS [ 428.948931][ T786] cdc_ncm 5-1:1.1: bind() failure [ 428.957289][ T27] usb 2-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.40 [ 428.975957][ T786] usb 5-1: USB disconnect, device number 2 [ 428.987591][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 429.045173][ T27] usb 2-1: Product: syz [ 429.345947][ T27] usb 2-1: Manufacturer: syz [ 429.692030][ T27] usb 2-1: SerialNumber: syz [ 429.744587][ T27] usbhid 2-1:1.0: couldn't find an input interrupt endpoint [ 429.944303][ T786] usb 2-1: USB disconnect, device number 20 [ 429.986768][ T8348] loop2: detected capacity change from 0 to 128 [ 430.044424][ T8348] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 430.068007][ T8348] ext4 filesystem being mounted at /159/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 431.005441][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 431.084264][ T28] audit: type=1800 audit(1755353944.922:225): pid=8348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.696" name="file2" dev="loop2" ino=12 res=0 errno=0 [ 431.260407][ T5791] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 431.397939][ T8365] loop1: detected capacity change from 0 to 256 [ 431.483630][ T8366] loop4: detected capacity change from 0 to 512 [ 431.682510][ T8365] FAT-fs (loop1): Directory bread(block 64) failed [ 431.709633][ T8365] FAT-fs (loop1): Directory bread(block 65) failed [ 431.712035][ T7998] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 431.743181][ T8365] FAT-fs (loop1): Directory bread(block 66) failed [ 431.751004][ T8365] FAT-fs (loop1): Directory bread(block 67) failed [ 431.810875][ T8365] FAT-fs (loop1): Directory bread(block 68) failed [ 431.839462][ T8365] FAT-fs (loop1): Directory bread(block 69) failed [ 431.876458][ T8365] FAT-fs (loop1): Directory bread(block 70) failed [ 431.920849][ T8365] FAT-fs (loop1): Directory bread(block 71) failed [ 431.968894][ T8365] FAT-fs (loop1): Directory bread(block 72) failed [ 432.002060][ T8365] FAT-fs (loop1): Directory bread(block 73) failed [ 433.452809][ T8395] loop1: detected capacity change from 0 to 128 [ 433.492817][ T8395] EXT4-fs (loop1): Test dummy encryption mode enabled [ 433.627831][ T8395] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 433.663735][ T8395] ext4 filesystem being mounted at /194/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 435.060415][ T8408] loop3: detected capacity change from 0 to 512 [ 435.308297][ T8395] fscrypt (loop1): Error allocating 'xts(aes)' transform: -4 [ 435.501009][ T8395] overlayfs: upper fs does not support tmpfile. [ 435.514293][ T8408] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.708: casefold flag without casefold feature [ 435.533084][ T8395] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 435.612057][ T8408] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.708: couldn't read orphan inode 15 (err -117) [ 435.645848][ T8395] overlayfs: Failed to create volatile/dirty file. [ 435.678686][ T8408] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 435.975150][ T5790] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 436.328361][ T8428] loop1: detected capacity change from 0 to 256 [ 436.356398][ T8428] FAT-fs (loop1): Unrecognized mount option "00000000000000000004cDk98RMz=)n{.Y'@|mX"jr(HUαs@TxbIw|?r" or missing value [ 437.668376][ T8446] loop2: detected capacity change from 0 to 512 [ 437.976133][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 438.487805][ T8462] syz.4.716[8462] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 438.488543][ T8462] syz.4.716[8462] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 438.527913][ T8462] loop4: detected capacity change from 0 to 128 [ 438.817162][ T8462] input: syz1 as /devices/virtual/input/input34 [ 440.374594][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.380993][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.124749][ T8468] loop2: detected capacity change from 0 to 1024 [ 441.348950][ T8468] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 443.417657][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 444.845706][ T8517] loop2: detected capacity change from 0 to 256 [ 444.989678][ T8517] FAT-fs (loop2): Directory bread(block 64) failed [ 445.018125][ T8517] FAT-fs (loop2): Directory bread(block 65) failed [ 445.050809][ T8517] FAT-fs (loop2): Directory bread(block 66) failed [ 445.086012][ T8517] FAT-fs (loop2): Directory bread(block 67) failed [ 445.112443][ T8517] FAT-fs (loop2): Directory bread(block 68) failed [ 445.146873][ T8517] FAT-fs (loop2): Directory bread(block 69) failed [ 445.187358][ T8517] FAT-fs (loop2): Directory bread(block 70) failed [ 445.220082][ T8517] FAT-fs (loop2): Directory bread(block 71) failed [ 445.276988][ T8517] FAT-fs (loop2): Directory bread(block 72) failed [ 445.304402][ T8517] FAT-fs (loop2): Directory bread(block 73) failed [ 445.350575][ T8525] syz.1.727[8525] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 445.351299][ T8525] syz.1.727[8525] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 445.390294][ T8525] loop1: detected capacity change from 0 to 128 [ 445.573821][ T8525] input: syz1 as /devices/virtual/input/input35 [ 448.254615][ T8542] vlan2: entered allmulticast mode [ 452.611986][ T28] audit: type=1326 audit(1755353966.452:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25fd8ebe9 code=0x7ffc0000 [ 452.742917][ T8583] loop2: detected capacity change from 0 to 512 [ 452.771683][ T28] audit: type=1326 audit(1755353966.512:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25fd8ebe9 code=0x7ffc0000 [ 452.841896][ T28] audit: type=1326 audit(1755353966.512:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25fd8ebe9 code=0x7ffc0000 [ 452.865364][ T28] audit: type=1326 audit(1755353966.512:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25fd8ebe9 code=0x7ffc0000 [ 452.888090][ T28] audit: type=1326 audit(1755353966.512:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25fd8ebe9 code=0x7ffc0000 [ 453.020402][ T28] audit: type=1326 audit(1755353966.512:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25fd8ebe9 code=0x7ffc0000 [ 453.146977][ T8583] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.739: casefold flag without casefold feature [ 453.170709][ T8583] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.739: couldn't read orphan inode 15 (err -117) [ 453.361436][ T8595] syz.1.740[8595] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 453.361580][ T8595] syz.1.740[8595] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 453.377982][ T8595] loop1: detected capacity change from 0 to 128 [ 454.215178][ T8595] input: syz1 as /devices/virtual/input/input36 [ 454.315272][ T8583] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 454.493336][ T28] audit: type=1326 audit(1755353966.512:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25fd8ebe9 code=0x7ffc0000 [ 454.739195][ T28] audit: type=1326 audit(1755353966.512:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25fd8ebe9 code=0x7ffc0000 [ 455.031050][ T28] audit: type=1326 audit(1755353966.522:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25fd8ebe9 code=0x7ffc0000 [ 455.784166][ T28] audit: type=1326 audit(1755353966.522:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25fd8ebe9 code=0x7ffc0000 [ 456.327471][ T786] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 456.347379][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 456.750849][ T786] usb 5-1: unable to get BOS descriptor or descriptor too short [ 456.774474][ T786] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 456.791958][ T786] usb 5-1: can't read configurations, error -71 [ 460.055521][ T8647] loop3: detected capacity change from 0 to 512 [ 460.177525][ T8647] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.756: casefold flag without casefold feature [ 460.319208][ T8655] loop1: detected capacity change from 0 to 1024 [ 460.533470][ T8655] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 461.398415][ T8647] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.756: couldn't read orphan inode 15 (err -117) [ 461.526188][ T8647] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 462.544318][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 463.032104][ T786] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 463.268770][ T786] usb 2-1: unable to get BOS descriptor or descriptor too short [ 463.461211][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 463.508798][ T786] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 463.517280][ T786] usb 2-1: can't read configurations, error -71 [ 464.396722][ T8682] loop4: detected capacity change from 0 to 256 [ 464.425442][ T8681] loop1: detected capacity change from 0 to 512 [ 464.470069][ T8681] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.761: casefold flag without casefold feature [ 464.509718][ T8681] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.761: couldn't read orphan inode 15 (err -117) [ 464.580582][ T8682] FAT-fs (loop4): Directory bread(block 64) failed [ 464.589244][ T8682] FAT-fs (loop4): Directory bread(block 65) failed [ 464.596939][ T8682] FAT-fs (loop4): Directory bread(block 66) failed [ 464.599614][ T8681] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 464.613124][ T8682] FAT-fs (loop4): Directory bread(block 67) failed [ 464.631979][ T8682] FAT-fs (loop4): Directory bread(block 68) failed [ 464.650314][ T8682] FAT-fs (loop4): Directory bread(block 69) failed [ 464.657467][ T8682] FAT-fs (loop4): Directory bread(block 70) failed [ 464.664692][ T8682] FAT-fs (loop4): Directory bread(block 71) failed [ 464.683217][ T8682] FAT-fs (loop4): Directory bread(block 72) failed [ 464.689828][ T8682] FAT-fs (loop4): Directory bread(block 73) failed [ 464.773285][ T8685] overlayfs: failed to resolve './file0/file0': -2 [ 465.095342][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 467.036736][ T8707] loop4: detected capacity change from 0 to 1024 [ 467.216491][ T8707] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 468.604980][ T5884] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 468.806701][ T5884] usb 4-1: Using ep0 maxpacket: 32 [ 468.824531][ T5884] usb 4-1: unable to get BOS descriptor or descriptor too short [ 468.841039][ T5884] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 468.877750][ T5884] usb 4-1: New USB device found, idVendor=17ef, idProduct=7000, bcdDevice=a1.ec [ 468.892264][ T5884] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 468.900518][ T5884] usb 4-1: Product: syz [ 468.919219][ T5884] usb 4-1: Manufacturer: syz [ 468.931662][ T5884] usb 4-1: SerialNumber: syz [ 468.958027][ T5884] usb 4-1: config 0 descriptor?? [ 469.218432][ T5884] usb 4-1: USB disconnect, device number 16 [ 469.297206][ T8037] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 470.499888][ T8718] loop3: detected capacity change from 0 to 512 [ 470.547532][ T8718] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.769: casefold flag without casefold feature [ 470.602419][ T8718] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.769: couldn't read orphan inode 15 (err -117) [ 470.633593][ T8718] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 471.500532][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 472.984765][ T8742] loop4: detected capacity change from 0 to 512 [ 473.039826][ T7998] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 474.393035][ T8761] syz.2.781[8761] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 474.393177][ T8761] syz.2.781[8761] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 474.409231][ T8761] loop2: detected capacity change from 0 to 128 [ 474.597928][ T8761] input: syz1 as /devices/virtual/input/input37 [ 477.617489][ T9] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 477.665711][ T8779] loop2: detected capacity change from 0 to 512 [ 477.853438][ T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 477.916577][ T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 477.928903][ T8783] loop4: detected capacity change from 0 to 16 [ 477.972359][ T9] usb 4-1: config 1 has no interface number 0 [ 478.015909][ T8783] erofs: (device loop4): mounted with root inode @ nid 36. [ 478.034720][ T9] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 478.099887][ T9] usb 4-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 478.134378][ T8783] syz.4.787: attempt to access beyond end of device [ 478.134378][ T8783] loop4: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 478.169849][ T9] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 478.193576][ T8783] syz.4.787: attempt to access beyond end of device [ 478.193576][ T8783] loop4: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 478.248215][ T8783] syz.4.787: attempt to access beyond end of device [ 478.248215][ T8783] loop4: rw=0, sector=8, nr_sectors = 16 limit=16 [ 478.274082][ T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 478.298680][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 478.337588][ T9] usb 4-1: Product: syz [ 478.357252][ T9] usb 4-1: Manufacturer: syz [ 478.377114][ T9] usb 4-1: SerialNumber: syz [ 478.495437][ T8037] BUG: Bad page state in process syz-executor pfn:1e353 [ 478.503137][ T8037] page:ffffea000078d4c0 refcount:0 mapcount:0 mapping:ffff88805d9687c8 index:0x2 pfn:0x1e353 [ 478.513529][ T8037] aops:z_erofs_cache_aops ino:0 [ 478.518523][ T8037] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff) [ 478.526608][ T8037] page_type: 0xffffffff() [ 478.531033][ T8037] raw: 00fff00000000001 dead000000000100 dead000000000122 ffff88805d9687c8 [ 478.539774][ T8037] raw: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 478.550259][ T8037] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 478.558839][ T8037] page_owner tracks the page as allocated [ 478.565889][ T8037] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192840(GFP_NOWAIT|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 8783, tgid 8782 (syz.4.787), ts 478133837528, free_ts 478004884211 [ 478.588126][ T8037] post_alloc_hook+0x1cd/0x210 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 478.593115][ T8037] get_page_from_freelist+0x195c/0x19f0 [ 478.598852][ T8037] __alloc_pages+0x1e3/0x460 [ 478.603589][ T8037] z_erofs_do_read_page+0x20c0/0x3680 [ 478.609055][ T8037] z_erofs_readahead+0x862/0xd50 [ 478.614185][ T8037] read_pages+0x177/0x840 [ 478.618643][ T8037] page_cache_ra_unbounded+0x692/0x770 [ 478.624399][ T8037] force_page_cache_ra+0x2c1/0x320 [ 478.629963][ T8037] generic_fadvise+0x44f/0x730 [ 478.634923][ T8037] __x64_sys_fadvise64+0x140/0x180 [ 478.640141][ T8037] do_syscall_64+0x55/0xb0 [ 478.644716][ T8037] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 478.651950][ T8037] page last free stack trace: [ 478.656677][ T8037] free_unref_page_prepare+0x7ce/0x8e0 [ 478.662513][ T8037] free_unref_page+0x32/0x2e0 [ 478.667317][ T8037] __slab_free+0x35e/0x410 [ 478.672123][ T8037] qlist_free_all+0x75/0xe0 [ 478.676741][ T8037] kasan_quarantine_reduce+0x143/0x160 [ 478.682381][ T8037] __kasan_slab_alloc+0x22/0x80 [ 478.687345][ T8037] slab_post_alloc_hook+0x6e/0x4d0 [ 478.693121][ T8037] kmem_cache_alloc+0x11e/0x2e0 [ 478.698088][ T8037] getname_flags+0xbb/0x500 [ 478.702800][ T8037] do_sys_openat2+0xcb/0x1c0 [ 478.707479][ T8037] __x64_sys_openat+0x139/0x160 [ 478.712502][ T8037] do_syscall_64+0x55/0xb0 [ 478.717009][ T8037] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 478.723150][ T8037] Modules linked in: [ 478.727135][ T8037] CPU: 0 PID: 8037 Comm: syz-executor Not tainted 6.6.102-syzkaller #0 [ 478.735411][ T8037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 478.745519][ T8037] Call Trace: [ 478.748829][ T8037] [ 478.751803][ T8037] dump_stack_lvl+0x16c/0x230 [ 478.756511][ T8037] ? show_regs_print_info+0x20/0x20 [ 478.761831][ T8037] ? swiotlb_print_info+0x70/0x70 [ 478.766968][ T8037] bad_page+0x14b/0x170 [ 478.771162][ T8037] free_unref_page_prepare+0x887/0x8e0 [ 478.776674][ T8037] free_unref_page+0x32/0x2e0 [ 478.781396][ T8037] ? __folio_put+0xef/0x210 [ 478.785941][ T8037] erofs_try_to_free_all_cached_pages+0x295/0x600 [ 478.792415][ T8037] erofs_shrink_workstation+0x118/0x290 [ 478.798004][ T8037] ? erofs_shrinker_unregister+0x170/0x170 [ 478.803838][ T8037] ? io_schedule+0xd0/0xd0 [ 478.808284][ T8037] ? kobject_put+0x43c/0x470 [ 478.812905][ T8037] erofs_shrinker_unregister+0x5d/0x170 [ 478.818483][ T8037] erofs_put_super+0x4e/0x150 [ 478.823188][ T8037] ? erofs_free_inode+0xb0/0xb0 [ 478.828177][ T8037] generic_shutdown_super+0x134/0x2b0 [ 478.833583][ T8037] kill_block_super+0x44/0x90 [ 478.838291][ T8037] erofs_kill_sb+0x4c/0x140 [ 478.842827][ T8037] deactivate_locked_super+0x97/0x100 [ 478.848230][ T8037] cleanup_mnt+0x429/0x4c0 [ 478.852673][ T8037] task_work_run+0x1ce/0x250 [ 478.857290][ T8037] ? task_work_cancel+0x240/0x240 [ 478.862349][ T8037] ? exit_to_user_mode_loop+0x3b/0x110 [ 478.867878][ T8037] exit_to_user_mode_loop+0xe6/0x110 [ 478.873307][ T8037] exit_to_user_mode_prepare+0xb1/0x140 [ 478.878882][ T8037] syscall_exit_to_user_mode+0x1a/0x50 [ 478.884374][ T8037] do_syscall_64+0x61/0xb0 [ 478.888807][ T8037] ? clear_bhb_loop+0x40/0x90 [ 478.893507][ T8037] ? clear_bhb_loop+0x40/0x90 [ 478.898288][ T8037] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 478.904211][ T8037] RIP: 0033:0x7fc25fd8ff17 [ 478.908649][ T8037] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 478.928275][ T8037] RSP: 002b:00007ffe5c5f3908 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 478.936891][ T8037] RAX: 0000000000000000 RBX: 00007fc25fe11c05 RCX: 00007fc25fd8ff17 [ 478.944881][ T8037] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe5c5f39c0 [ 478.952955][ T8037] RBP: 00007ffe5c5f39c0 R08: 0000000000000000 R09: 0000000000000000 [ 478.960954][ T8037] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe5c5f4a50 [ 478.968947][ T8037] R13: 00007fc25fe11c05 R14: 0000000000074c79 R15: 00007ffe5c5f4a90 [ 478.976951][ T8037] [ 478.982436][ T8037] Disabling lock debugging due to kernel taint [ 483.475521][ T9] cdc_ncm 4-1:1.1: bind() failure