last executing test programs:

2.671867123s ago: executing program 4 (id=8678):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
write$vga_arbiter(r0, &(0x7f0000000440)=ANY=[], 0xb)

2.671779673s ago: executing program 4 (id=8679):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f0000000300)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window, @mss={0x2, 0xfff}, @window, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r0, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x0, 0x0, 0xfffffffffffffd25)

2.330434194s ago: executing program 3 (id=8687):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000006800)={&(0x7f0000000080)={0x20, r1, 0x615, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x20}, 0x5}, 0x0)

2.268266869s ago: executing program 3 (id=8688):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000027c0)={0x2, 0x3, 0x0, 0x2, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_sa={0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0x70}, 0x1, 0x7}, 0x0)

2.268105989s ago: executing program 3 (id=8689):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x68}}, 0x0)

2.267983749s ago: executing program 3 (id=8690):
socket$inet6(0xa, 0x0, 0x3a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x0, &(0x7f0000000280)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
listen(0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500e3ff2c0000009500000000000000e581e89881ee4f1e77bf6886155ac4018f986b6de3082447e3460a34359a422961"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0xb)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0xb)
socket$netlink(0x10, 0x3, 0x0)

1.630014456s ago: executing program 4 (id=8692):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000006800)={&(0x7f0000000080)={0x18, r1, 0x615, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}, 0x5}, 0x0)

1.629660166s ago: executing program 4 (id=8694):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)

1.629496346s ago: executing program 2 (id=8695):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r1}, 0x10)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r3=>0x0})
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000540)=@newqdisc={0x48, 0x24, 0xd0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x3}}}}]}, 0x48}, 0x1, 0x8100000018000000}, 0x0)

1.629382956s ago: executing program 2 (id=8696):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_ENTRY(r2, &(0x7f00000004c0)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2}}, 0x90)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}})

1.629230526s ago: executing program 4 (id=8697):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x21000f, &(0x7f00000001c0)={[{@data_journal}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2006}}], [{@subj_role={'subj_role', 0x3d, '(\xbc](,((^'}}, {@pcr={'pcr', 0x3d, 0x39}}, {@func={'func', 0x3d, 'PATH_CHECK'}}, {@subj_user={'subj_user', 0x3d, '\xachMs\xf1\xe5\x81:Wi\x96pe\t\x9d\xcc\xe4\xaa\xf6\x87Y\xcb\x03%\x9f\xc2\x87y8\xf4\nk_\xab\xc0h\xaeb\xf6\x93Y\t~\xf8+T\b3\x04\x00\xc5\x92\x12\xd0\xb2\xff\xad\x06\x8a3\xe2\xb2\"\x92\xda2\xfb\xa8\x8d\x9c\x90\xda>\xf1\xdd\xaf\r\x8d#\xfc\xe8P\xed\x9d\xe6\bz\x9dA\xa3\x8dn\xdfH\xcaz\xff\xdfj\xa5T\xf0\f&\x99?\xcdbL\x06\xce\x95\xabH\xc0|\xafw\xfc\xda\xd9\xbb\xdd0mu\x99\x93unxw\xc2\x19o\xe7\xd7(\xc93\x9ef\xc5\n\xc2\x00ugi\'\a\xd0\x93\xf9\xd48\'Vv\xd1\xaeD\xf0\xa4\x7f\xb5T|Y\xe6Y\xf2.Q\x82\xbe\x1a\xed\x04EHv^*\xfazX\xe78\x92\xa1'}}]}, 0x1, 0x51c, &(0x7f0000000cc0)="$eJzs3cFvI1cZAPBvnLibdFOSAodSqaWiRdkCaycNbaMe2iIhbpVA5b5EiRNFceIodtpNVEEqzlwQEpU4ceKCxB+AhPonVJUqwR0BAiHYwoEDMGjG423iHZNEje2V8/tJ43nzdma+79nr8cy8yUwA19YzEfF6RExFxPMRMV/UV4ohTrpDNt/H995Zz4Yk0vTNvyWRZHXpD9YjL/VeI24Wi810R6XaR8c7a81m46CYrnd29+vto+Pb27trW42txt7KyvJLqy+vvri6dMkWfaW0NmvXq9/800n84luv/uZrb//+zl9ufT8p2h9F2y4Z6EK670k1ey/um46Ig2EEG4Opoj3VcScCAMCFZPtvn42IL+X7//Mxle/N5ezSAQAAwIRIX5uLfycRKQAAADCxXouIuUgqteJ637moVGq17jW8n49HK81Wu/PVzdbh3kb2bxELUa1sbjcbS8U1tQtRTbLp5bz8yfQLfdMrEfF4RPxkfjafrq23mhvjPvkBAAAA18TNvuP/f853j/8BAACACbMw7gQAAACAoRt0/J+MOA8AAABgePT/AwAAwET79htvZEPae/71xltHhzutt25vNNo7td3D9dp662C/ttVqbeX37Ns9b33NVmv/67F3eLfeabQ79fbR8Z3d1uFe5872mUdgAwAAACP0+Bff/10ScSNemY2TV2bzukeyl6kBC7hWACZG5TIz/3F4eQCjN+hnfhRLA+M1Pe4EgPE5GXcCwLidudVHyU7B6Yt3zpwz+GB4OQEAAFdr8Qt5/3/e93+6/z87BKg+OHt6Y/QpAkNyqf5/YKKU9uD/KBLdAjD5Ltn//+Gw8gBGr+oaPrj2znvUx8Cbd3xQfqLwQWl67roAAIChmsuHpFIr+gLnolKp1SIey//Uv5psbjcbSxHxmYj47Xz1Rja9nC+ZeDwgAAAAAAAAAAAAAAAAAAAAAAAAAFxQmiaRAgAAABMtovLnpHj+1+L8c3P95wceSf41n48j4u2fvfnTu2udzsFyVv/3+/Wd94r6F8ZxBgMAAADo1ztO7x3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBV+vjeO+u9YZRx//qNiFgoiz8dM/l4JqoR8eg/kpg+tVwSEVNXEP/k3Yh4oix+kqUVC0UW/fErETE7mvhPpWlaGv/mFcSH6+z9bPvzetn3rxLP5OPy7/90MXxag7d/lfvbv6kB27/HLhjjyY9+VR8Y/92IJ6fLtz+9+MmA+M+WrbDkTfned4+PB8VPfx6xWPr7k5yJVe/s7tfbR8e3t3fXthpbjb2VleWXVl9efXF1qb653Wws1Tej2VgqjfHjp379376q/6RdeftjQPyFc9r/XFaonm5Mf5gi2Ed3732uW6z2rSKPf+vZ8s//iV78GxHRFz/7P/Hl4ncgW9Fir3zSLZ/29C8/fLo0sSL+xoD2n/f53xq00j7Pf+eHf7jgrADACLSPjnfWms3GwdAL76VpOqpYCg9hYebhSEPh/MJVnNkCAAAeNp/s9I87EwAAAAAAAAAAAAAAAAAAALi+2kdRGfbtxPpjnoynqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/9f/AgAA//+I1uMz")
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prlimit64(0x0, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0xd, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8}, 0x90)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x1c, r3, 0x62c21a4ade68aba1, 0x0, 0x0, {{0x5}, {@val={0x8, 0x3, 0xa}, @void, @void}}}, 0x1c}}, 0x0)

1.548018303s ago: executing program 2 (id=8698):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {}, {}, {}, {0x2}, {}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)

1.547919993s ago: executing program 2 (id=8699):
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0)
fsetxattr(r1, &(0x7f0000000000)=@known='trusted.overlay.nlink\x00', 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fremovexattr(r0, &(0x7f00000000c0)=@known='trusted.overlay.nlink\x00')

1.547784113s ago: executing program 2 (id=8700):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, &(0x7f0000000380)})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000780)=[{0x0}], 0x1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv6_newrule={0x24, 0x20, 0x1, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x0, 0xffff}}]}, 0x24}}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
setns(r1, 0x24020000)
syz_clone(0x72b80180, 0x0, 0x0, 0x0, 0x0, 0x0)

1.508297746s ago: executing program 2 (id=8701):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000000)={0x2c, &(0x7f0000000300)=ANY=[@ANYBLOB="000005"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0003020000000203"], 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f00000004c0)={0x2c, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014001100b7030000000000698500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000500)={0x2c, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="000315"], 0x0, 0x0, 0x0}, 0x0)

1.371740148s ago: executing program 3 (id=8702):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r2, 0x4b72, &(0x7f0000000400)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0})

1.319973003s ago: executing program 3 (id=8703):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000e21800000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
fallocate(r4, 0x0, 0x40000000, 0x3)

735.467615ms ago: executing program 4 (id=8704):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
socket$inet6(0xa, 0x0, 0x0)
getgid()
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x77359400}, {0x0, 0x3938700}}, &(0x7f00000003c0))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0xb, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001c00f9ffff7f00000000000007000000", @ANYRES32=r6, @ANYBLOB="8000a2070a000200a2"], 0x30}}, 0x0)

623.488975ms ago: executing program 0 (id=8705):
socket$packet(0x11, 0xa, 0x300)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
r2 = socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
syz_emit_ethernet(0x56, &(0x7f0000004600)=ANY=[], 0x0)

538.101312ms ago: executing program 0 (id=8706):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x16}, @map_fd={0x18, 0x0, 0x0}, @generic, @initr0, @exit, @alu, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)

537.961242ms ago: executing program 0 (id=8707):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000680)='!', &(0x7f0000000780), 0x6, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r2}, 0x10)

537.905602ms ago: executing program 0 (id=8708):
r0 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r0, &(0x7f0000003680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x100, 0x0)

535.716512ms ago: executing program 0 (id=8709):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@u, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setregid(0x0, 0x0)

461.046419ms ago: executing program 0 (id=8710):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1fd2, 0x6007, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000a00)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="002205000000722e98d6"], 0x0}, 0x0)

11.849489ms ago: executing program 1 (id=8713):
syz_emit_ethernet(0x11, &(0x7f00000004c0)={@link_local, @local, @void, {@llc_tr={0x11, {@llc={0x0, 0x0, 'P'}}}}}, 0x0)

11.665009ms ago: executing program 1 (id=8714):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x70, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x70}}, 0x0)

11.539749ms ago: executing program 1 (id=8715):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f00000013c0)={0x2c, r1, 0xf21, 0x0, 0x0, {{}, {@void, @val={0x8}, @void}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8}, @NL80211_ATTR_VENDOR_ID={0x8}]}, 0x2c}}, 0x0)

9.288129ms ago: executing program 1 (id=8716):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0xe, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x0, 0x4, 0x0, 0x1, 0x70}, @jmp={0x5, 0x0, 0x9}], &(0x7f0000000280)='GPL\x00'}, 0x90)

4.362289ms ago: executing program 1 (id=8717):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0xe, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x0, 0x4, 0x0, 0x1, 0x64}, @jmp={0x5, 0x0, 0x9}], &(0x7f0000000280)='GPL\x00'}, 0x90)

0s ago: executing program 1 (id=8718):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008230000b7040000000000008500000001000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000060ff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10)

kernel console output (not intermixed with test programs):

is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1554.476687][T31517] input: syz1 as /devices/virtual/input/input85
[ 1554.494991][T31520] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1554.507251][T31522] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8083'.
[ 1554.517530][T31522] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8083'.
[ 1554.518271][T31520] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1554.681240][T31534] incfs: Can't find or create .index dir in ./file0
[ 1554.687994][T31534] incfs: mount failed -5
[ 1554.716022][T31537] loop4: detected capacity change from 0 to 256
[ 1554.831502][T15339] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 1555.005546][T31544] overlayfs: invalid redirect ((null))
[ 1555.272214][T15339] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1555.283972][T15339] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1555.297692][T15339] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1555.307629][T15339] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1555.420295][T15339] usb 4-1: config 0 descriptor??
[ 1555.797698][T31559] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8095'.
[ 1555.808419][T31559] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8095'.
[ 1555.827831][T31561] loop4: detected capacity change from 0 to 512
[ 1555.861749][T31561] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1555.883486][T31561] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1555.984897][T31572] loop2: detected capacity change from 0 to 1024
[ 1555.993215][T15339] sony 0003:054C:0268.0203: unknown main item tag 0x0
[ 1556.003262][T15339] sony 0003:054C:0268.0203: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.3-1/input0
[ 1556.015279][T15339] sony 0003:054C:0268.0203: failed to claim input
[ 1556.041859][T31572] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1556.062901][T31572] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1556.238619][T31572] syz.2.8099[31572] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1556.239011][T31572] syz.2.8099[31572] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1556.278974][T31526] UDC core: couldn't find an available UDC or it's busy: -16
[ 1556.504854][T31572] input: syz1 as /devices/virtual/input/input86
[ 1556.539588][T31526] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1556.578201][T31526] UDC core: couldn't find an available UDC or it's busy: -16
[ 1556.585877][T31526] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1556.608505][T31526] loop3: detected capacity change from 0 to 256
[ 1556.645307][T31526] exfat: Deprecated parameter 'namecase'
[ 1556.650942][T31526] exfat: Deprecated parameter 'utf8'
[ 1556.659561][T31526] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1556.680411][T31587] loop2: detected capacity change from 0 to 512
[ 1556.742719][T31587] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1556.771786][T31585] loop1: detected capacity change from 0 to 40427
[ 1556.796998][T31587] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1557.017946][T31585] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1557.040117][T31597] loop4: detected capacity change from 0 to 256
[ 1557.047223][T31585] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1557.067686][T31585] F2FS-fs (loop1): invalid crc value
[ 1557.085404][T31585] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1557.122965][T31585] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1557.130344][T31585] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1557.156299][T31585] overlayfs: invalid redirect ((null))
[ 1557.170557][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1557.180635][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1557.207036][T15339] usb 4-1: USB disconnect, device number 62
[ 1557.266128][T31607] loop3: detected capacity change from 0 to 512
[ 1557.268456][T31606] incfs: Can't find or create .index dir in ./file0
[ 1557.278807][T31606] incfs: mount failed -5
[ 1557.311858][T31607] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[ 1557.345347][T31607] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1557.396294][T31616] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8107'.
[ 1557.523329][T31620] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8107'.
[ 1557.938296][   T60] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[ 1557.951967][T31639] incfs: Can't find or create .index dir in ./file0
[ 1557.958453][T31639] incfs: mount failed -5
[ 1558.108062][T31641] overlayfs: invalid redirect ((null))
[ 1558.146889][T31646] loop2: detected capacity change from 0 to 512
[ 1558.181169][   T60] usb 2-1: Using ep0 maxpacket: 32
[ 1558.187371][T31646] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1558.203257][T31646] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1558.289639][T31650] incfs: Can't find or create .index dir in ./file0
[ 1558.296183][T31650] incfs: mount failed -5
[ 1558.301139][   T60] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1558.311611][   T60] usb 2-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1558.320689][   T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1558.330183][   T60] usb 2-1: config 0 descriptor??
[ 1558.347235][T31652] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8121'.
[ 1558.357482][T31652] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8121'.
[ 1558.371609][   T60] usb 2-1: bad CDC descriptors
[ 1558.381081][   T39] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[ 1558.498262][T31657] loop3: detected capacity change from 0 to 256
[ 1558.598317][T31659] loop4: detected capacity change from 0 to 1024
[ 1558.628849][T31660] loop1: detected capacity change from 0 to 16
[ 1558.651626][T31659] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1558.681665][T31660] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1558.741169][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1558.752097][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1558.761644][   T39] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1558.770472][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1558.778985][   T39] usb 1-1: config 0 descriptor??
[ 1558.931107][   T60] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[ 1559.201139][   T60] usb 5-1: device descriptor read/64, error -71
[ 1559.261890][   T39] sony 0003:054C:0268.0204: unknown main item tag 0x0
[ 1559.269589][   T39] sony 0003:054C:0268.0204: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.0-1/input0
[ 1559.281750][   T39] sony 0003:054C:0268.0204: failed to claim input
[ 1559.469062][T31644] UDC core: couldn't find an available UDC or it's busy: -16
[ 1559.476472][T31644] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1559.485276][T31644] UDC core: couldn't find an available UDC or it's busy: -16
[ 1559.492979][T31644] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1559.621123][   T60] usb 5-1: device descriptor read/64, error -71
[ 1559.731197][   T39] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 1559.891084][   T60] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[ 1560.026473][T31684] loop2: detected capacity change from 0 to 40427
[ 1560.081782][T31684] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1560.089535][T31684] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1560.098982][T31684] F2FS-fs (loop2): invalid crc value
[ 1560.101195][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1560.109674][T31684] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1560.115285][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1560.131080][   T39] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1560.140045][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1560.148588][T31684] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1560.148949][   T39] usb 4-1: config 0 descriptor??
[ 1560.155830][T31684] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1560.161106][   T60] usb 5-1: device descriptor read/64, error -71
[ 1560.181915][T31684] overlayfs: invalid redirect ((null))
[ 1560.193493][    T8] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1560.202321][    T8] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1560.601105][   T60] usb 5-1: device descriptor read/64, error -71
[ 1560.644254][T15339] usb 2-1: USB disconnect, device number 29
[ 1560.654547][T31695] loop1: detected capacity change from 0 to 512
[ 1560.682404][T31695] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1560.703452][T31695] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1560.721140][   T60] usb usb5-port1: attempt power cycle
[ 1560.779673][T31699] incfs: Can't find or create .index dir in ./file0
[ 1560.786206][T31699] incfs: mount failed -5
[ 1560.831530][T31675] UDC core: couldn't find an available UDC or it's busy: -16
[ 1560.838986][T31675] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1560.846746][T31675] UDC core: couldn't find an available UDC or it's busy: -16
[ 1560.854000][T31675] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1560.863512][T31675] loop3: detected capacity change from 0 to 256
[ 1560.901337][T31675] exfat: Deprecated parameter 'namecase'
[ 1560.907096][T31675] exfat: Deprecated parameter 'utf8'
[ 1560.914720][T31675] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1561.131180][   T60] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[ 1561.237564][T23051] usb 1-1: USB disconnect, device number 35
[ 1561.411251][   T60] usb 5-1: device descriptor read/8, error -71
[ 1561.641163][   T60] usb 5-1: device descriptor read/8, error -71
[ 1561.654076][T31718] loop4: detected capacity change from 0 to 256
[ 1561.713013][T31721] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1561.872041][T31723] loop1: detected capacity change from 0 to 40427
[ 1561.901739][T31723] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1561.909918][T31723] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1561.921204][T31723] F2FS-fs (loop1): invalid crc value
[ 1561.942113][T31723] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1561.984106][T31723] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1561.991247][T31723] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1562.016617][T31723] overlayfs: invalid redirect ((null))
[ 1562.031469][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1562.040344][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1562.074217][T31732] loop2: detected capacity change from 0 to 1024
[ 1562.122570][T31732] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1562.165875][T31732] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1562.249241][T31732] syz.2.8142[31732] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1562.249328][T31732] syz.2.8142[31732] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1562.290642][T31732] input: syz1 as /devices/virtual/input/input87
[ 1562.313648][T31738] incfs: Can't find or create .index dir in ./file0
[ 1562.320860][T31738] incfs: mount failed -5
[ 1562.741582][   T39] usbhid 4-1:0.0: can't add hid device: -71
[ 1562.747863][   T39] usbhid: probe of 4-1:0.0 failed with error -71
[ 1562.858061][   T39] usb 4-1: USB disconnect, device number 63
[ 1562.930482][T31752] loop2: detected capacity change from 0 to 1024
[ 1562.963636][T31752] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1563.154803][T31761] loop4: detected capacity change from 0 to 40427
[ 1563.161101][T23051] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 1563.201638][T31761] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1563.209352][T31761] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1563.218571][T31761] F2FS-fs (loop4): invalid crc value
[ 1563.225318][T31761] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1563.249150][ T1445] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[ 1563.261083][T31761] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1563.268029][T31761] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1563.287357][T31761] overlayfs: invalid redirect ((null))
[ 1563.298646][    T8] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1563.307708][    T8] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1563.523800][T31775] loop4: detected capacity change from 0 to 512
[ 1563.534053][T31775] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1563.556887][T31775] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1563.572861][T23051] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1563.584216][T23051] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1563.594114][T23051] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1563.603198][T23051] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1563.611544][T23051] usb 1-1: config 0 descriptor??
[ 1563.621395][ T1445] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1563.631667][ T1445] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1563.640748][ T1445] usb 3-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[ 1563.649789][ T1445] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1563.658799][ T1445] usb 3-1: config 0 descriptor??
[ 1563.941095][  T518] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[ 1564.068659][T31794] loop1: detected capacity change from 0 to 256
[ 1564.075474][T23051] sony 0003:054C:0268.0205: unknown main item tag 0x0
[ 1564.084486][T23051] sony 0003:054C:0268.0205: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.0-1/input0
[ 1564.096238][T23051] sony 0003:054C:0268.0205: failed to claim input
[ 1564.181122][  T518] usb 5-1: Using ep0 maxpacket: 32
[ 1564.276314][T31748] UDC core: couldn't find an available UDC or it's busy: -16
[ 1564.283807][T31748] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1564.292795][T31748] UDC core: couldn't find an available UDC or it's busy: -16
[ 1564.300411][T31748] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1564.307890][  T518] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1564.322221][  T518] usb 5-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1564.340952][  T518] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1564.355667][  T518] usb 5-1: config 0 descriptor??
[ 1564.451450][  T518] usb 5-1: bad CDC descriptors
[ 1564.735898][T31803] loop4: detected capacity change from 0 to 16
[ 1564.754626][T31808] incfs: Can't find or create .index dir in ./file0
[ 1564.761152][T31808] incfs: mount failed -5
[ 1564.769573][T31803] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1564.789216][T31810] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1564.918540][T31812] loop3: detected capacity change from 0 to 40427
[ 1564.971850][T31812] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1564.979505][T31812] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1564.979780][T31814] loop1: detected capacity change from 0 to 512
[ 1564.988614][T31812] F2FS-fs (loop3): invalid crc value
[ 1565.000284][T31812] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1565.012128][T31814] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1565.026959][T31812] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1565.033365][T31814] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1565.033949][T31812] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1565.069485][T31812] overlayfs: failed to resolve './file0': -2
[ 1565.086687][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1565.096377][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1565.897831][  T518] usb 1-1: USB disconnect, device number 36
[ 1565.956198][ T1445] usb 3-1: USB disconnect, device number 47
[ 1566.272429][T31847] incfs: Can't find or create .index dir in ./file0
[ 1566.278968][T31847] incfs: mount failed -5
[ 1566.301619][T31849] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1566.331085][T15339] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[ 1566.477791][T31855] overlayfs: failed to resolve './file0': -2
[ 1566.601127][T15339] usb 2-1: Using ep0 maxpacket: 32
[ 1566.641271][   T20] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[ 1566.679251][  T518] usb 5-1: USB disconnect, device number 31
[ 1566.751247][T15339] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1566.761336][T15339] usb 2-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1566.770376][T15339] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1566.779054][T15339] usb 2-1: config 0 descriptor??
[ 1566.831452][T15339] usb 2-1: bad CDC descriptors
[ 1567.031296][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1567.042162][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1567.051778][   T20] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1567.060652][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1567.069745][   T20] usb 3-1: config 0 descriptor??
[ 1567.099975][T31864] loop1: detected capacity change from 0 to 16
[ 1567.151673][T31864] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1567.571950][   T20] sony 0003:054C:0268.0206: unknown main item tag 0x0
[ 1567.579960][   T20] sony 0003:054C:0268.0206: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.2-1/input0
[ 1567.592345][   T20] sony 0003:054C:0268.0206: failed to claim input
[ 1567.621115][  T518] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 1567.772100][T31858] UDC core: couldn't find an available UDC or it's busy: -16
[ 1567.779643][T31858] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1567.787720][T31858] UDC core: couldn't find an available UDC or it's busy: -16
[ 1567.795334][T31858] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1567.808619][T31858] loop2: detected capacity change from 0 to 256
[ 1567.861391][T31858] exfat: Deprecated parameter 'namecase'
[ 1567.867021][T31858] exfat: Deprecated parameter 'utf8'
[ 1567.875199][T31858] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1568.021378][  T518] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1568.034315][  T518] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1568.043505][  T518] usb 1-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[ 1568.052802][  T518] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1568.140276][ T1445] usb 3-1: USB disconnect, device number 48
[ 1568.146695][  T518] usb 1-1: config 0 descriptor??
[ 1568.228516][T31880] incfs: Can't find or create .index dir in ./file0
[ 1568.235149][T31880] incfs: mount failed -5
[ 1568.358153][T31885] syz.3.8187[31885] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1568.358237][T31885] syz.3.8187[31885] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1568.372042][T31885] incfs: Error accessing: ./file0.
[ 1568.388387][T31885] incfs: mount failed -20
[ 1568.393360][T31885] input: syz1 as /devices/virtual/input/input88
[ 1568.466139][T31889] incfs: Can't find or create .index dir in ./file0
[ 1568.475946][T31889] incfs: mount failed -5
[ 1568.481405][T31892] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8190'.
[ 1568.493232][T31892] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8190'.
[ 1568.536765][T31899] loop4: detected capacity change from 0 to 512
[ 1568.562128][T31899] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1568.744425][T31899] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1568.981960][ T1445] usb 2-1: USB disconnect, device number 30
[ 1569.247468][T31897] loop3: detected capacity change from 0 to 40427
[ 1569.301864][T31897] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1569.309569][T31897] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1569.318812][T31897] F2FS-fs (loop3): invalid crc value
[ 1569.325797][T31897] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1569.624578][T31917] fuse: Bad value for 'fd'
[ 1570.087920][T31897] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1570.100548][T31897] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1570.136444][T31920] incfs: Can't find or create .index dir in ./file0
[ 1570.166605][T31920] incfs: mount failed -5
[ 1570.191155][ T1445] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[ 1570.258754][T31897] overlayfs: failed to resolve './file0': -2
[ 1570.273970][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1570.282832][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1570.289200][T31923] loop2: detected capacity change from 0 to 1024
[ 1570.311766][T31923] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1570.324376][T31923] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1570.350852][T31923] syz.2.8198[31923] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1570.350933][T31923] syz.2.8198[31923] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1570.362629][  T518] usb 1-1: USB disconnect, device number 37
[ 1570.385294][T31923] input: syz1 as /devices/virtual/input/input89
[ 1570.572830][T31938] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8202'.
[ 1570.583617][T31938] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8202'.
[ 1570.609635][T31940] syz.2.8203[31940] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1570.609714][T31940] syz.2.8203[31940] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1570.622466][T31940] incfs: Error accessing: ./file0.
[ 1570.638808][T31940] incfs: mount failed -20
[ 1570.643883][T31940] input: syz1 as /devices/virtual/input/input90
[ 1570.663260][ T1445] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1570.674554][ T1445] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1570.684123][ T1445] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1570.693070][ T1445] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1570.701613][ T1445] usb 2-1: config 0 descriptor??
[ 1571.021889][  T518] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 1571.181978][ T1445] sony 0003:054C:0268.0207: unknown main item tag 0x0
[ 1571.189945][ T1445] sony 0003:054C:0268.0207: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.1-1/input0
[ 1571.201937][ T1445] sony 0003:054C:0268.0207: failed to claim input
[ 1571.261111][  T518] usb 1-1: Using ep0 maxpacket: 32
[ 1571.285455][T31955] incfs: Can't find or create .index dir in ./file0
[ 1571.292107][T31955] incfs: mount failed -5
[ 1571.381201][  T518] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1571.382776][T31906] UDC core: couldn't find an available UDC or it's busy: -16
[ 1571.391277][  T518] usb 1-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1571.398401][T31906] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1571.412391][  T518] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1571.418471][T31906] UDC core: couldn't find an available UDC or it's busy: -16
[ 1571.429861][T31906] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1571.431448][  T518] usb 1-1: config 0 descriptor??
[ 1571.455256][T31906] loop1: detected capacity change from 0 to 256
[ 1571.481356][T31906] exfat: Deprecated parameter 'namecase'
[ 1571.481487][  T518] usb 1-1: bad CDC descriptors
[ 1571.487008][T31906] exfat: Deprecated parameter 'utf8'
[ 1571.500067][T31906] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1571.847371][T31970] loop2: detected capacity change from 0 to 1024
[ 1571.901762][T31970] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1571.912965][T31970] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1571.939714][T31970] syz.2.8213[31970] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1571.939796][T31970] syz.2.8213[31970] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1571.954630][T31970] input: syz1 as /devices/virtual/input/input91
[ 1572.097715][T31975] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8214'.
[ 1572.108532][T31975] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8214'.
[ 1572.128069][T31977] loop2: detected capacity change from 0 to 256
[ 1572.189425][T31979] loop3: detected capacity change from 0 to 1024
[ 1572.231751][T31979] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[ 1572.243315][T31979] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1572.279572][T31979] syz.3.8216[31979] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1572.279656][T31979] syz.3.8216[31979] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1572.305025][T31979] input: syz1 as /devices/virtual/input/input92
[ 1572.504289][T31994] incfs: Can't find or create .index dir in ./file0
[ 1572.510956][T31994] incfs: mount failed -5
[ 1572.886587][T15341] usb 2-1: USB disconnect, device number 31
[ 1572.927122][T32000] incfs: Error accessing: ./file0.
[ 1572.932220][T32000] incfs: mount failed -20
[ 1572.937198][T32000] input: syz1 as /devices/virtual/input/input93
[ 1573.008442][T32005] loop2: detected capacity change from 0 to 512
[ 1573.018392][T32004] overlayfs: invalid redirect ((null))
[ 1573.035410][T32007] loop1: detected capacity change from 0 to 1024
[ 1573.051865][T32005] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1573.081945][T32007] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1573.083141][T32005] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1573.093466][T32007] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1573.143663][T32007] input: syz1 as /devices/virtual/input/input94
[ 1573.179503][T32012] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8226'.
[ 1573.190031][T32012] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8226'.
[ 1573.199970][T32014] loop4: detected capacity change from 0 to 512
[ 1573.241161][T32019] loop2: detected capacity change from 0 to 1024
[ 1573.262774][T32014] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1573.267562][T32019] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1573.284392][T32019] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1573.316360][T32014] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1573.341232][T32019] input: syz1 as /devices/virtual/input/input95
[ 1573.399407][T32027] incfs: Can't find or create .index dir in ./file0
[ 1573.433242][T32027] incfs: mount failed -5
[ 1573.440975][T32022] loop1: detected capacity change from 0 to 40427
[ 1573.456728][T32034] bpf_get_probe_write_proto: 6 callbacks suppressed
[ 1573.456747][T32034] syz.2.8234[32034] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1573.462744][T32036] loop3: detected capacity change from 0 to 256
[ 1573.463905][T32034] syz.2.8234[32034] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1573.476780][T32022] F2FS-fs (loop1): invalid crc value
[ 1573.491150][T32039] loop4: detected capacity change from 0 to 512
[ 1573.505601][T32022] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1573.512470][T32034] incfs: Error accessing: ./file0.
[ 1573.517516][T32034] incfs: mount failed -20
[ 1573.522512][T32034] input: syz1 as /devices/virtual/input/input96
[ 1573.535791][T32022] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1
[ 1573.543149][T32022] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1573.543374][T32039] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1573.564249][   T30] audit: type=1326 audit(1573.551:1582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32021 comm="syz.1.8229" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57263ddbd9 code=0x0
[ 1573.590617][T32039] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1573.672580][T23051] usb 1-1: USB disconnect, device number 38
[ 1573.703400][T32054] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8238'.
[ 1573.714301][T32054] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8238'.
[ 1573.742382][T32057] loop4: detected capacity change from 0 to 1024
[ 1573.771760][T32057] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1573.784203][T32057] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1573.811682][T32057] syz.4.8240[32057] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1573.811768][T32057] syz.4.8240[32057] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1573.827349][T32057] input: syz1 as /devices/virtual/input/input97
[ 1573.940195][T32062] loop4: detected capacity change from 0 to 512
[ 1573.982086][T32062] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1574.003006][T32062] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1574.440673][T32077] incfs: Can't find or create .index dir in ./file0
[ 1574.447283][T32077] incfs: mount failed -5
[ 1574.490287][T32080] loop2: detected capacity change from 0 to 512
[ 1574.511852][T32082] syz.3.8247[32082] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1574.511974][T32082] syz.3.8247[32082] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1574.530565][T32082] incfs: Error accessing: ./file0.
[ 1574.549757][T32082] incfs: mount failed -20
[ 1574.554814][T32082] input: syz1 as /devices/virtual/input/input98
[ 1574.562245][T32080] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1574.583346][T32080] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1574.639832][T32093] loop3: detected capacity change from 0 to 512
[ 1574.662541][T32097] loop2: detected capacity change from 0 to 1024
[ 1574.670344][T32093] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[ 1574.681797][T32097] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1574.693251][T32093] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1574.711635][T32097] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1574.741649][T32097] syz.2.8253[32097] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1574.741750][T32097] syz.2.8253[32097] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1574.757098][T32097] input: syz1 as /devices/virtual/input/input99
[ 1574.802268][T32106] loop3: detected capacity change from 0 to 256
[ 1574.901104][T23053] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 1574.953509][T32109] loop2: detected capacity change from 0 to 1024
[ 1574.960957][T32111] incfs: Can't find or create .index dir in ./file0
[ 1574.967702][T32111] incfs: mount failed -5
[ 1574.991790][T32109] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1575.023351][T32109] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1575.059389][T32109] syz.2.8257[32109] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1575.059476][T32109] syz.2.8257[32109] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1575.076673][T32109] input: syz1 as /devices/virtual/input/input100
[ 1575.181127][T23053] usb 1-1: Using ep0 maxpacket: 32
[ 1575.321161][T23053] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1575.331378][T23053] usb 1-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1575.340298][T23053] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1575.349177][T23053] usb 1-1: config 0 descriptor??
[ 1575.391645][T23053] usb 1-1: bad CDC descriptors
[ 1575.421976][T32125] loop1: detected capacity change from 0 to 40427
[ 1575.461769][T32125] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1575.470024][T32125] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1575.479026][T32125] F2FS-fs (loop1): invalid crc value
[ 1575.485797][T32125] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1575.509306][T32125] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1575.516364][T32125] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1575.538227][T32125] overlayfs: invalid redirect ((null))
[ 1575.550829][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1575.559581][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1575.676259][T32133] incfs: Error accessing: ./file0.
[ 1575.682306][T32133] incfs: mount failed -20
[ 1575.687391][T32133] input: syz1 as /devices/virtual/input/input101
[ 1575.796239][T32142] loop1: detected capacity change from 0 to 1024
[ 1575.908658][T32142] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1576.016332][T32142] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1576.051564][T32142] input: syz1 as /devices/virtual/input/input102
[ 1576.254941][T32155] incfs: Can't find or create .index dir in ./file0
[ 1576.262284][T32155] incfs: mount failed -5
[ 1576.479676][T32161] loop4: detected capacity change from 0 to 1024
[ 1576.522128][T32161] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1576.534293][T32161] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1576.587519][T32161] input: syz1 as /devices/virtual/input/input103
[ 1576.765546][T32167] loop1: detected capacity change from 0 to 40427
[ 1576.811749][T32167] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1576.821137][T32167] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1576.833722][T32167] F2FS-fs (loop1): invalid crc value
[ 1576.856126][T32167] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1576.901476][T32179] loop2: detected capacity change from 0 to 256
[ 1576.941643][T32167] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1576.951844][T32173] loop4: detected capacity change from 0 to 40427
[ 1576.958187][T32167] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1577.001674][T32173] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1577.012084][T32173] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1577.025938][T32167] overlayfs: invalid redirect ((null))
[ 1577.032361][T32173] F2FS-fs (loop4): invalid crc value
[ 1577.050832][T32173] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1577.060184][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1577.071752][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1577.091175][T32173] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1577.100922][T32173] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1577.164807][T32173] overlayfs: invalid redirect ((null))
[ 1577.206806][ T1137] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1577.217563][ T1137] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1577.318479][T32188] input: syz1 as /devices/virtual/input/input104
[ 1577.613142][T23051] usb 1-1: USB disconnect, device number 39
[ 1577.647907][T32199] incfs: Error accessing: ./file0.
[ 1577.659475][T32199] incfs: mount failed -20
[ 1577.670431][T32199] input: syz1 as /devices/virtual/input/input105
[ 1577.785265][T32197] loop3: detected capacity change from 0 to 40427
[ 1577.831628][T32197] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1577.839327][T32197] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1577.848528][T32197] F2FS-fs (loop3): invalid crc value
[ 1577.866477][T32207] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1577.885095][T32197] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1577.917806][T32197] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1577.925209][T32197] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1577.956975][T32197] overlayfs: invalid redirect ((null))
[ 1579.193354][T32222] bpf_get_probe_write_proto: 10 callbacks suppressed
[ 1579.193536][T32222] syz.2.8288[32222] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.276414][    T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1579.302843][T32222] syz.2.8288[32222] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.304012][T32222] incfs: Error accessing: ./file0.
[ 1579.315627][    T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1579.326700][T32224] incfs: Can't find or create .index dir in ./file0
[ 1579.336763][T32227] syz.0.8291[32227] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.336844][T32227] syz.0.8291[32227] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.350803][T32222] incfs: mount failed -20
[ 1579.357915][T32224] incfs: mount failed -5
[ 1579.371624][T32222] input: syz1 as /devices/virtual/input/input106
[ 1579.384346][T32227] input: syz1 as /devices/virtual/input/input107
[ 1579.466097][T32239] loop2: detected capacity change from 0 to 256
[ 1579.481999][T32240] syz.0.8295[32240] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.482076][T32240] syz.0.8295[32240] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.494130][T32240] incfs: Error accessing: ./file0.
[ 1579.511664][T32240] incfs: mount failed -20
[ 1579.516960][T32240] input: syz1 as /devices/virtual/input/input108
[ 1579.600369][T32233] loop3: detected capacity change from 0 to 40427
[ 1579.631112][T23051] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[ 1579.661657][T32233] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1579.669278][T32233] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1579.671265][ T1445] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[ 1579.678390][T32233] F2FS-fs (loop3): invalid crc value
[ 1579.692549][T32233] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1579.728981][T32233] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1579.736273][T32233] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1579.761550][T32233] overlayfs: invalid redirect ((null))
[ 1579.775884][    T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1579.784791][    T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1579.931116][ T1445] usb 2-1: Using ep0 maxpacket: 32
[ 1580.001273][T23051] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1580.012726][T23051] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1580.023012][T23051] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1580.032291][T23051] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1580.043046][T23051] usb 5-1: config 0 descriptor??
[ 1580.061390][ T1445] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1580.071700][ T1445] usb 2-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1580.080737][ T1445] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1580.090044][ T1445] usb 2-1: config 0 descriptor??
[ 1580.166470][ T1445] usb 2-1: bad CDC descriptors
[ 1580.466396][T32260] loop1: detected capacity change from 0 to 16
[ 1580.521609][T32260] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1580.522129][T23051] sony 0003:054C:0268.0208: report_id 0 is invalid
[ 1580.535879][T23051] sony 0003:054C:0268.0208: item 0 0 1 8 parsing failed
[ 1580.544264][T23051] sony 0003:054C:0268.0208: parse failed
[ 1580.551558][T23051] sony: probe of 0003:054C:0268.0208 failed with error -22
[ 1580.562109][T32265] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8302'.
[ 1580.577320][T32265] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8302'.
[ 1580.723238][T32229] UDC core: couldn't find an available UDC or it's busy: -16
[ 1580.730498][T32229] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1580.739356][T32229] UDC core: couldn't find an available UDC or it's busy: -16
[ 1580.746613][T32229] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1580.767610][T32229] loop4: detected capacity change from 0 to 256
[ 1580.811339][T32229] exfat: Deprecated parameter 'namecase'
[ 1580.816951][T32229] exfat: Deprecated parameter 'utf8'
[ 1580.824750][T32229] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1580.932743][T32272] incfs: Can't find or create .index dir in ./file0
[ 1580.939404][T32272] incfs: mount failed -5
[ 1581.138552][T32276] syz.3.8305[32276] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1581.138609][T32276] syz.3.8305[32276] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1581.152297][T32276] input: syz1 as /devices/virtual/input/input109
[ 1581.236339][T32280] syz.3.8306[32280] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1581.236416][T32280] syz.3.8306[32280] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1581.249288][T32280] incfs: Error accessing: ./file0.
[ 1581.265603][T32280] incfs: mount failed -20
[ 1581.271672][T32280] input: syz1 as /devices/virtual/input/input110
[ 1581.344976][T32288] loop3: detected capacity change from 0 to 1024
[ 1581.371798][T32288] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[ 1581.388033][T32288] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1581.417579][T32288] input: syz1 as /devices/virtual/input/input111
[ 1581.427777][T32295] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8311'.
[ 1581.439753][T32295] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8311'.
[ 1581.473446][T32299] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8313'.
[ 1581.484261][T32299] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8313'.
[ 1581.660061][T32304] loop2: detected capacity change from 0 to 40427
[ 1581.701808][T32304] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1581.709694][T32304] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1581.720797][T32304] F2FS-fs (loop2): invalid crc value
[ 1581.727782][T32304] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1581.767862][T32304] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1581.774960][T32304] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1581.819136][T32304] overlayfs: invalid redirect ((null))
[ 1581.834210][    T8] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1581.843373][    T8] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1581.994618][T32312] input: syz1 as /devices/virtual/input/input112
[ 1582.080849][T32315] loop2: detected capacity change from 0 to 1024
[ 1582.121813][T32315] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1582.133943][T32315] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1582.177532][T32315] input: syz1 as /devices/virtual/input/input113
[ 1582.351078][T32329] loop3: detected capacity change from 0 to 512
[ 1582.366091][T32331] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8323'.
[ 1582.376484][T32329] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[ 1582.388191][T32331] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8323'.
[ 1582.407341][T23051] usb 5-1: USB disconnect, device number 32
[ 1582.416644][T15339] usb 2-1: USB disconnect, device number 32
[ 1582.442445][T32329] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1582.492111][T32340] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8325'.
[ 1582.514443][T32340] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8325'.
[ 1582.564687][T32345] input: syz1 as /devices/virtual/input/input114
[ 1583.044493][T32335] loop1: detected capacity change from 0 to 40427
[ 1583.081681][T32335] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1583.091138][T32335] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1583.101242][T32335] F2FS-fs (loop1): invalid crc value
[ 1583.115812][T32335] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1583.173262][T32335] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1583.180334][T32335] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1583.224940][T32335] overlayfs: invalid redirect ((null))
[ 1583.239549][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1583.249024][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1583.332645][T32351] loop3: detected capacity change from 0 to 40427
[ 1583.370900][T32360] loop2: detected capacity change from 0 to 1024
[ 1583.379151][T32351] F2FS-fs (loop3): invalid crc value
[ 1583.405490][T32365] incfs: Error accessing: ./file0.
[ 1583.410792][T32365] incfs: mount failed -20
[ 1583.417299][T32365] input: syz1 as /devices/virtual/input/input115
[ 1583.420074][T32351] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1583.433194][T32360] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1583.456836][T32360] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1583.458699][T32351] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1
[ 1583.488784][T32351] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1583.501195][   T30] audit: type=1326 audit(1583.491:1583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32350 comm="syz.3.8329" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5be5ba5bd9 code=0x0
[ 1583.536864][T32360] input: syz1 as /devices/virtual/input/input116
[ 1583.562160][T32380] loop1: detected capacity change from 0 to 512
[ 1583.582464][T32380] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1583.606536][T32380] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1583.679509][T32388] input: syz1 as /devices/virtual/input/input117
[ 1583.759572][T23051] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[ 1584.118543][T32399] loop3: detected capacity change from 0 to 512
[ 1584.161213][T23051] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1584.172675][T32399] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[ 1584.183078][T23051] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1584.193238][T23051] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1584.203302][T23051] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1584.212441][T23051] usb 5-1: config 0 descriptor??
[ 1584.219010][T32399] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1584.233909][T32395] loop1: detected capacity change from 0 to 40427
[ 1584.281874][T32395] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1584.289586][T32395] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1584.298838][T32395] F2FS-fs (loop1): invalid crc value
[ 1584.302651][T32404] incfs: Can't find or create .index dir in ./file0
[ 1584.305472][T32395] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1584.310535][T32404] incfs: mount failed -5
[ 1584.356893][T32395] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1584.364043][T32395] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1584.383337][T32412] bpf_get_probe_write_proto: 14 callbacks suppressed
[ 1584.383357][T32412] syz.0.8345[32412] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1584.390002][T32412] syz.0.8345[32412] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1584.403849][T32412] incfs: Error accessing: ./file0.
[ 1584.420391][T32412] incfs: mount failed -20
[ 1584.426773][T32412] input: syz1 as /devices/virtual/input/input118
[ 1584.436314][T32395] overlayfs: invalid redirect ((null))
[ 1584.449535][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1584.458489][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1584.525744][T32417] incfs: Can't find or create .index dir in ./file0
[ 1584.532362][T32417] incfs: mount failed -5
[ 1584.605324][T32423] syz.0.8351[32423] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1584.605425][T32423] syz.0.8351[32423] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1584.620016][T32423] input: syz1 as /devices/virtual/input/input119
[ 1584.628779][T32410] loop3: detected capacity change from 0 to 40427
[ 1584.661767][T32410] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1584.669383][T32410] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1584.679287][T23051] sony 0003:054C:0268.0209: report_id 0 is invalid
[ 1584.679567][T32410] F2FS-fs (loop3): invalid crc value
[ 1584.686268][T23051] sony 0003:054C:0268.0209: item 0 0 1 8 parsing failed
[ 1584.699447][T23051] sony 0003:054C:0268.0209: parse failed
[ 1584.705671][T23051] sony: probe of 0003:054C:0268.0209 failed with error -22
[ 1584.714377][T32410] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1584.750530][T32410] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1584.757821][T32410] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1584.781758][T32410] overlayfs: failed to resolve './file0': -2
[ 1585.382161][T32373] UDC core: couldn't find an available UDC or it's busy: -16
[ 1585.402013][T32373] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1585.440424][T32373] UDC core: couldn't find an available UDC or it's busy: -16
[ 1585.448146][T32373] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1585.550775][    T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1585.642957][    T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1585.700996][T32373] loop4: detected capacity change from 0 to 256
[ 1585.751701][T32373] exfat: Deprecated parameter 'namecase'
[ 1585.757251][T32373] exfat: Deprecated parameter 'utf8'
[ 1585.765137][T32373] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1585.802623][T32451] syz.1.8359[32451] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1585.802710][T32451] syz.1.8359[32451] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1585.871902][T32453] incfs: Error accessing: ./file0.
[ 1585.899251][T32455] loop3: detected capacity change from 0 to 512
[ 1585.902561][T32453] incfs: mount failed -20
[ 1585.918466][T32451] input: syz1 as /devices/virtual/input/input120
[ 1585.926791][T32455] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[ 1585.948312][T32455] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1586.474237][T32471] input: syz1 as /devices/virtual/input/input121
[ 1586.543258][T32473] incfs: Can't find or create .index dir in ./file0
[ 1586.550198][T32473] incfs: mount failed -5
[ 1587.352320][T15339] usb 5-1: USB disconnect, device number 33
[ 1587.535070][T32494] syz.0.8371[32494] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1587.536119][T32494] syz.0.8371[32494] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1587.609501][T32491] incfs: Can't find or create .index dir in ./file0
[ 1587.662200][T32491] incfs: mount failed -5
[ 1587.671695][T32497] incfs: Error accessing: ./file0.
[ 1587.677147][T32497] incfs: mount failed -20
[ 1587.704154][T32494] input: syz1 as /devices/virtual/input/input122
[ 1587.749887][T32501] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1587.838634][T32510] input: syz1 as /devices/virtual/input/input123
[ 1588.236698][T32518] loop1: detected capacity change from 0 to 512
[ 1588.311770][T32518] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1588.350356][T32515] loop4: detected capacity change from 0 to 40427
[ 1588.363810][T32518] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1588.431595][T32515] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1588.449404][T32515] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1588.504050][T32515] F2FS-fs (loop4): invalid crc value
[ 1588.545103][T32515] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1588.824884][T32515] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1588.847313][T32515] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1589.238335][T32515] overlayfs: failed to resolve './file0': -2
[ 1589.284048][ T1137] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1589.297016][ T1137] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1589.758966][T32539] loop1: detected capacity change from 0 to 1024
[ 1589.814614][T32543] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1589.827563][T32539] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1589.847449][T32548] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1589.895325][T32555] __nla_validate_parse: 6 callbacks suppressed
[ 1589.895343][T32555] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8382'.
[ 1589.913150][T32555] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8382'.
[ 1590.047060][T32562] loop4: detected capacity change from 0 to 512
[ 1590.107599][T32562] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1590.132236][   T60] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[ 1590.154534][T32562] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1590.182617][T32571] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1590.200525][T32573] loop3: detected capacity change from 0 to 256
[ 1590.621166][   T60] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1590.640437][   T60] usb 2-1: config 0 interface 0 altsetting 129 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1590.703316][   T60] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1590.728207][   T60] usb 2-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[ 1590.769516][   T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1590.801572][   T60] usb 2-1: config 0 descriptor??
[ 1590.841659][   T60] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1590.967468][T32585] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1591.393937][T32596] incfs: Can't find or create .index dir in ./file0
[ 1591.427079][T32596] incfs: mount failed -5
[ 1591.473731][T32591] loop2: detected capacity change from 0 to 40427
[ 1591.549663][T32605] loop3: detected capacity change from 0 to 512
[ 1591.561334][T32591] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1591.568913][T32591] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1591.578423][T32591] F2FS-fs (loop2): invalid crc value
[ 1591.583884][T32605] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[ 1591.594611][T32591] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1591.746936][T32591] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1591.755661][T32591] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1591.778906][T32605] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1591.819501][T32591] overlayfs: invalid redirect ((null))
[ 1591.831684][ T1137] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1591.837882][T32616] input: syz1 as /devices/virtual/input/input124
[ 1591.845369][ T1137] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1591.922627][T32624] loop3: detected capacity change from 0 to 512
[ 1591.942463][T32624] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[ 1591.983615][T32624] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1592.087987][T32631] loop3: detected capacity change from 0 to 256
[ 1592.190301][   T30] audit: type=1326 audit(1592.171:1584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32621 comm="syz.0.8409" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1c42bd1bd9 code=0x0
[ 1592.372819][T32637] incfs: Can't find or create .index dir in ./file0
[ 1592.380597][T32637] incfs: mount failed -5
[ 1592.446574][T32639] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1592.878104][T32651] loop2: detected capacity change from 0 to 512
[ 1592.885061][T15341] usb 2-1: USB disconnect, device number 33
[ 1592.902065][T32651] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1592.955328][T32651] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1593.034351][T32660] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8420'.
[ 1593.045404][T32660] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8420'.
[ 1593.069554][T32663] loop2: detected capacity change from 0 to 512
[ 1593.121705][T32663] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1593.170292][T32663] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1593.259946][T32658] loop3: detected capacity change from 0 to 40427
[ 1593.275800][T32668] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1593.291575][T32658] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1593.306743][T32658] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1593.324734][T32670] incfs: Can't find or create .index dir in ./file0
[ 1593.333445][T32658] F2FS-fs (loop3): invalid crc value
[ 1593.338690][T32670] incfs: mount failed -5
[ 1593.352262][T32658] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1593.577888][T32658] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1593.589430][T32658] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1593.619752][T32680] loop2: detected capacity change from 0 to 1024
[ 1593.661803][T32680] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1593.677323][T32658] overlayfs: invalid redirect ((null))
[ 1593.683708][T32682] incfs: Can't find or create .index dir in ./file0
[ 1593.691482][T32682] incfs: mount failed -5
[ 1593.696711][T32680] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1593.746159][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1593.746314][T32680] syz.2.8425[32680] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1593.754916][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1593.759860][T32680] syz.2.8425[32680] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1593.777059][T32685] incfs: Can't find or create .index dir in ./file0
[ 1593.828236][T32685] incfs: mount failed -5
[ 1593.906386][T32693] input: syz1 as /devices/virtual/input/input125
[ 1593.949411][T32695] loop2: detected capacity change from 0 to 256
[ 1594.938419][T32703] loop4: detected capacity change from 0 to 40427
[ 1594.991557][T32703] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1594.999585][T32703] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1595.009036][T32703] F2FS-fs (loop4): invalid crc value
[ 1595.016445][T32703] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1595.053581][T32703] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1595.060736][T32703] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1595.079563][T32725] incfs: Can't find or create .index dir in ./file0
[ 1595.086410][T32725] incfs: mount failed -5
[ 1595.116767][T32703] overlayfs: invalid redirect ((null))
[ 1595.132508][ T1137] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1595.141299][ T1137] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1595.263866][T32729] loop4: detected capacity change from 0 to 1024
[ 1595.277891][T32727] loop2: detected capacity change from 0 to 40427
[ 1595.291812][T32729] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1595.303205][T32729] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1595.329900][T32729] syz.4.8439[32729] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1595.329981][T32729] syz.4.8439[32729] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1595.341283][T32727] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1595.360601][T32727] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1595.372614][T32727] F2FS-fs (loop2): invalid crc value
[ 1595.383146][T32727] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1595.411585][T32727] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1595.418843][T32727] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1595.476739][T32727] overlayfs: invalid redirect ((null))
[ 1595.490201][   T10] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1595.499001][   T10] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1595.651261][   T60] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 1595.787073][T32744] incfs: Can't find or create .index dir in ./file0
[ 1595.793634][T32744] incfs: mount failed -5
[ 1595.859111][T32749] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1596.061142][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1596.071958][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1596.072188][T32757] loop2: detected capacity change from 0 to 256
[ 1596.081570][   T60] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1596.096459][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1596.105066][   T60] usb 1-1: config 0 descriptor??
[ 1596.317453][T32761] incfs: Can't find or create .index dir in ./file0
[ 1596.324446][T32761] incfs: mount failed -5
[ 1596.534735][T32764] loop4: detected capacity change from 0 to 40427
[ 1596.581824][   T60] sony 0003:054C:0268.020A: report_id 0 is invalid
[ 1596.588260][   T60] sony 0003:054C:0268.020A: item 0 0 1 8 parsing failed
[ 1596.591629][T32764] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1596.603005][   T60] sony 0003:054C:0268.020A: parse failed
[ 1596.603029][   T60] sony: probe of 0003:054C:0268.020A failed with error -22
[ 1596.608665][T32764] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1596.625164][T32764] F2FS-fs (loop4): invalid crc value
[ 1596.645319][T32764] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1596.669139][T32764] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1596.676319][T32764] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1596.706544][T32764] overlayfs: invalid redirect ((null))
[ 1596.718689][   T10] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1596.727720][   T10] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1596.787978][T32733] UDC core: couldn't find an available UDC or it's busy: -16
[ 1596.795441][T32733] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1596.813272][T32733] UDC core: couldn't find an available UDC or it's busy: -16
[ 1596.821291][T32733] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1597.156315][  T308] loop1: detected capacity change from 0 to 1024
[ 1597.211745][  T308] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1597.245327][  T308] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1597.268254][  T316] incfs: Can't find or create .index dir in ./file0
[ 1597.277208][  T316] incfs: mount failed -5
[ 1597.282933][  T308] syz.1.8451[308] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1597.283014][  T308] syz.1.8451[308] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1597.430601][  T310] loop3: detected capacity change from 0 to 40427
[ 1597.493216][  T310] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1597.501068][  T310] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1597.510363][  T310] F2FS-fs (loop3): invalid crc value
[ 1597.582197][  T326] FAULT_INJECTION: forcing a failure.
[ 1597.582197][  T326] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1597.592231][  T310] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1597.595704][  T326] CPU: 0 PID: 326 Comm: syz.1.8456 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[ 1597.612718][  T326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1597.622700][  T326] Call Trace:
[ 1597.625823][  T326]  <TASK>
[ 1597.628599][  T326]  dump_stack_lvl+0x151/0x1b7
[ 1597.633203][  T326]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1597.638844][  T326]  dump_stack+0x15/0x17
[ 1597.642843][  T326]  should_fail+0x3c6/0x510
[ 1597.647087][  T326]  should_fail_usercopy+0x1a/0x20
[ 1597.652033][  T326]  strncpy_from_user+0x24/0x2d0
[ 1597.656804][  T326]  ? kmem_cache_alloc+0xf5/0x200
[ 1597.661676][  T326]  getname_flags+0xf2/0x520
[ 1597.666092][  T326]  ? debug_smp_processor_id+0x17/0x20
[ 1597.671393][  T326]  getname+0x19/0x20
[ 1597.675116][  T326]  __x64_sys_execve+0x78/0xb0
[ 1597.679633][  T326]  do_syscall_64+0x3d/0xb0
[ 1597.683885][  T326]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1597.685605][  T310] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1597.689612][  T326] RIP: 0033:0x7f57263ddbd9
[ 1597.700726][  T326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1597.701076][  T310] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1597.720245][  T326] RSP: 002b:00007f572561d048 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[ 1597.720267][  T326] RAX: ffffffffffffffda RBX: 00007f572656c110 RCX: 00007f57263ddbd9
[ 1597.720278][  T326] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080
[ 1597.720288][  T326] RBP: 00007f572561d0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1597.720298][  T326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1597.720308][  T326] R13: 000000000000006e R14: 00007f572656c110 R15: 00007ffcb0580638
[ 1597.775461][  T326]  </TASK>
[ 1597.832959][  T310] overlayfs: invalid redirect ((null))
[ 1597.878485][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1597.890400][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1598.283654][  T329] loop4: detected capacity change from 0 to 40427
[ 1598.306662][  T336] loop1: detected capacity change from 0 to 512
[ 1598.351620][  T329] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1598.363527][  T329] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1598.397860][  T336] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1598.408099][  T329] F2FS-fs (loop4): invalid crc value
[ 1598.424035][  T329] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1598.449038][  T336] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1598.528536][  T329] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1598.539477][  T329] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1598.609900][  T329] overlayfs: invalid redirect ((null))
[ 1598.637722][ T1137] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1598.641564][  T340] loop2: detected capacity change from 0 to 40427
[ 1598.652912][ T1137] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1598.713228][  T340] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1598.727238][  T340] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1598.752628][  T340] F2FS-fs (loop2): invalid crc value
[ 1598.785774][  T340] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1598.869500][  T340] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1598.883893][  T340] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1598.896328][  T356] loop4: detected capacity change from 0 to 256
[ 1598.916341][  T349] loop1: detected capacity change from 0 to 40427
[ 1598.940734][  T340] overlayfs: invalid redirect ((null))
[ 1598.952855][  T349] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1598.960860][  T349] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1598.965873][    T8] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1598.978906][  T349] F2FS-fs (loop1): invalid crc value
[ 1598.981805][    T8] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1599.001883][  T349] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1599.091769][  T349] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1599.098631][  T349] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1599.107953][  T363] loop3: detected capacity change from 0 to 1024
[ 1599.146248][  T349] overlayfs: invalid redirect ((null))
[ 1599.152073][  T363] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[ 1599.173202][  T363] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1599.198616][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1599.209848][  T363] syz.3.8466[363] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1599.209930][  T363] syz.3.8466[363] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1599.221217][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1599.252489][  T363] input: syz1 as /devices/virtual/input/input126
[ 1599.430656][   T20] usb 1-1: USB disconnect, device number 40
[ 1600.365235][  T389] loop1: detected capacity change from 0 to 512
[ 1600.461710][  T389] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1600.492478][  T389] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1600.517224][  T376] loop3: detected capacity change from 0 to 40427
[ 1600.573452][  T376] F2FS-fs (loop3): invalid crc value
[ 1600.580331][  T376] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1600.620716][  T376] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1
[ 1600.661845][  T376] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1600.676925][   T30] audit: type=1326 audit(1600.661:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=375 comm="syz.3.8469" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5be5ba5bd9 code=0x0
[ 1600.822477][  T397] loop4: detected capacity change from 0 to 40427
[ 1600.861682][  T397] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1600.869241][  T397] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1600.896557][  T397] F2FS-fs (loop4): invalid crc value
[ 1600.908451][  T397] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1600.972492][  T397] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1600.981073][  T397] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1601.019528][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[ 1601.036223][  T397] overlayfs: invalid redirect ((null))
[ 1601.075246][    T8] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1601.084033][    T8] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1601.238844][  T421] input: syz1 as /devices/virtual/input/input127
[ 1601.321096][ T1445] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 1601.359046][  T419] loop4: detected capacity change from 0 to 40427
[ 1601.391663][  T419] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1601.399477][  T419] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1601.408468][  T419] F2FS-fs (loop4): invalid crc value
[ 1601.414924][  T419] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1601.596769][  T419] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1601.621135][ T1445] usb 4-1: Using ep0 maxpacket: 32
[ 1601.641213][  T419] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1601.648728][   T39] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 1601.684852][  T438] loop1: detected capacity change from 0 to 256
[ 1601.741123][ T1445] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1601.751286][ T1445] usb 4-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1601.760120][ T1445] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1601.768685][ T1445] usb 4-1: config 0 descriptor??
[ 1601.811520][ T1445] usb 4-1: bad CDC descriptors
[ 1602.011138][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1602.022090][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1602.031848][   T39] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1602.040832][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1602.049900][   T39] usb 1-1: config 0 descriptor??
[ 1602.089003][  T443] loop3: detected capacity change from 0 to 16
[ 1602.111655][  T443] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1602.821825][   T39] sony 0003:054C:0268.020B: report_id 25600 is invalid
[ 1602.828641][   T39] sony 0003:054C:0268.020B: item 0 2 1 8 parsing failed
[ 1602.835670][   T39] sony 0003:054C:0268.020B: parse failed
[ 1602.841244][   T39] sony: probe of 0003:054C:0268.020B failed with error -22
[ 1603.024022][  T428] UDC core: couldn't find an available UDC or it's busy: -16
[ 1603.031380][  T428] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1603.042688][  T428] UDC core: couldn't find an available UDC or it's busy: -16
[ 1603.049951][  T428] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1603.273639][  T458] loop2: detected capacity change from 0 to 40427
[ 1603.383308][  T458] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1603.391290][  T458] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1603.405744][  T458] F2FS-fs (loop2): invalid crc value
[ 1603.481179][  T458] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1603.518016][  T458] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1603.526369][  T458] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1603.547938][  T458] overlayfs: invalid redirect ((null))
[ 1603.559406][ T1137] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1603.568685][ T1137] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1604.057938][   T20] usb 4-1: USB disconnect, device number 64
[ 1604.331888][  T477] loop1: detected capacity change from 0 to 1024
[ 1604.354045][  T477] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1604.461070][   T20] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 1604.510813][T15339] usb 1-1: USB disconnect, device number 41
[ 1604.631074][T15341] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[ 1604.861166][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1604.872080][   T20] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1604.880936][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1604.889289][   T20] usb 4-1: config 0 descriptor??
[ 1605.001159][T15341] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1605.011398][T15341] usb 2-1: config 0 interface 0 altsetting 129 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1605.024549][T15341] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1605.031110][T15341] usb 2-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[ 1605.039922][T15341] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1605.048239][T15341] usb 2-1: config 0 descriptor??
[ 1605.101444][T15341] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1605.577829][  T484] UDC core: couldn't find an available UDC or it's busy: -16
[ 1605.606113][  T494] UDC core: couldn't find an available UDC or it's busy: -16
[ 1605.619989][  T484] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1605.646890][  T494] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1605.656988][  T474] loop3: detected capacity change from 0 to 2048
[ 1605.751533][  T474] blk_update_request: I/O error, dev loop3, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0
[ 1605.762778][  T474] EXT4-fs (loop3): unable to read superblock
[ 1605.831183][   T20] usbhid 4-1:0.0: can't add hid device: -71
[ 1605.837135][   T20] usbhid: probe of 4-1:0.0 failed with error -71
[ 1605.844005][   T20] usb 4-1: USB disconnect, device number 65
[ 1606.838395][  T514] incfs: Can't find or create .index dir in ./file0
[ 1606.844971][  T514] incfs: mount failed -5
[ 1606.889583][  T520] input: syz1 as /devices/virtual/input/input128
[ 1607.132507][T15340] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[ 1607.590965][   T20] usb 2-1: USB disconnect, device number 34
[ 1607.658101][  T531] input: syz1 as /devices/virtual/input/input129
[ 1607.701329][T15340] usb 3-1: Using ep0 maxpacket: 32
[ 1607.831149][T15340] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1607.849556][T15340] usb 3-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1607.858797][T15340] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1607.868632][T15340] usb 3-1: config 0 descriptor??
[ 1607.922526][T15340] usb 3-1: bad CDC descriptors
[ 1608.334545][  T549] loop2: detected capacity change from 0 to 16
[ 1608.371905][  T549] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1608.605667][  T551] incfs: Can't find or create .index dir in ./file0
[ 1608.612228][  T551] incfs: mount failed -5
[ 1608.704741][  T558] input: syz1 as /devices/virtual/input/input130
[ 1608.743587][  T563] input: syz1 as /devices/virtual/input/input131
[ 1609.883191][   T20] usb 3-1: USB disconnect, device number 49
[ 1609.901054][T15340] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[ 1610.180314][  T585] loop2: detected capacity change from 0 to 256
[ 1610.201118][T15340] usb 2-1: device descriptor read/64, error -71
[ 1610.631202][T15340] usb 2-1: device descriptor read/64, error -71
[ 1610.814003][  T600] input: syz1 as /devices/virtual/input/input132
[ 1610.884435][  T603] input: syz1 as /devices/virtual/input/input133
[ 1610.921065][T15340] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 1611.081751][    T8] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1611.090971][    T8] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1611.152264][  T613] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1611.159266][  T613] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1611.166599][  T613] device bridge_slave_0 entered promiscuous mode
[ 1611.176242][  T613] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1611.183139][  T613] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1611.190402][  T613] device bridge_slave_1 entered promiscuous mode
[ 1611.221154][T15340] usb 2-1: device descriptor read/64, error -71
[ 1611.253809][  T613] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1611.260676][  T613] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1611.267894][  T613] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1611.274743][  T613] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1611.295673][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1611.302912][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1611.310156][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1611.318429][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1611.330852][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1611.339075][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1611.345932][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1611.362640][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1611.370711][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1611.377639][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1611.385256][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1611.391161][T15341] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[ 1611.393630][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1611.413942][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1611.425796][  T613] device veth0_vlan entered promiscuous mode
[ 1611.432727][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1611.440570][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1611.448321][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1611.461737][  T518] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1611.471173][  T613] device veth1_macvtap entered promiscuous mode
[ 1611.480689][  T518] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1611.494115][T15339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1611.621173][T15340] usb 2-1: device descriptor read/64, error -71
[ 1611.764801][T15340] usb usb2-port1: attempt power cycle
[ 1611.961252][T15341] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1611.972747][T15341] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1611.983442][ T1137] device bridge_slave_1 left promiscuous mode
[ 1611.983973][T15341] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1611.990564][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1611.998892][T15341] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1612.014548][T15341] usb 3-1: config 0 descriptor??
[ 1612.015231][ T1137] device bridge_slave_0 left promiscuous mode
[ 1612.020381][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1612.035824][  T638] input: syz1 as /devices/virtual/input/input134
[ 1612.050645][ T1137] device veth1_macvtap left promiscuous mode
[ 1612.057042][ T1137] device veth0_vlan left promiscuous mode
[ 1612.119253][  T641] input: syz1 as /devices/virtual/input/input135
[ 1612.341115][T15340] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1612.502145][T15341] sony 0003:054C:0268.020C: report_id 25600 is invalid
[ 1612.508866][T15341] sony 0003:054C:0268.020C: item 0 2 1 8 parsing failed
[ 1612.523937][T15341] sony 0003:054C:0268.020C: parse failed
[ 1612.529788][T15341] sony: probe of 0003:054C:0268.020C failed with error -22
[ 1612.541204][  T654] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8544'.
[ 1612.552155][T15340] usb 2-1: device descriptor read/8, error -71
[ 1612.560906][  T654] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8544'.
[ 1612.718143][  T617] UDC core: couldn't find an available UDC or it's busy: -16
[ 1612.739688][  T617] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1612.761106][T15340] usb 2-1: device descriptor read/8, error -71
[ 1612.812602][  T668] input: syz1 as /devices/virtual/input/input136
[ 1612.824330][  T617] UDC core: couldn't find an available UDC or it's busy: -16
[ 1612.832274][  T617] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1612.905335][  T671] input: syz1 as /devices/virtual/input/input137
[ 1613.024797][  T617] loop2: detected capacity change from 0 to 256
[ 1613.091377][  T617] exfat: Deprecated parameter 'namecase'
[ 1613.101149][  T617] exfat: Deprecated parameter 'utf8'
[ 1613.121774][  T617] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1613.388607][  T674] loop1: detected capacity change from 0 to 40427
[ 1613.521564][  T674] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1613.529216][  T674] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1613.560097][  T674] F2FS-fs (loop1): invalid crc value
[ 1613.812159][  T674] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1613.851094][   T20] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 1613.858668][  T674] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1613.866712][  T674] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1613.891830][  T674] attempt to access beyond end of device
[ 1613.891830][  T674] loop1: rw=34817, want=78704, limit=40427
[ 1613.937527][ T1137] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1613.949970][ T1137] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1614.111071][   T20] usb 1-1: Using ep0 maxpacket: 8
[ 1614.294665][   T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1614.479789][   T20] usb 1-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8
[ 1614.488695][   T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1614.497366][   T20] usb 1-1: config 0 descriptor??
[ 1614.517189][  T696] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8557'.
[ 1614.530495][  T696] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8557'.
[ 1614.551712][   T20] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[ 1614.563522][   T20] usb 1-1: Detected SIO
[ 1614.573641][   T20] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 1
[ 1614.583448][   T20] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1614.752526][   T20] usb 1-1: USB disconnect, device number 42
[ 1614.760740][   T20] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1614.771428][   T20] ftdi_sio 1-1:0.0: device disconnected
[ 1614.779205][  T702] FAULT_INJECTION: forcing a failure.
[ 1614.779205][  T702] name failslab, interval 1, probability 0, space 0, times 0
[ 1614.803465][  T702] CPU: 1 PID: 702 Comm: syz.4.8559 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[ 1614.814577][  T702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1614.824473][  T702] Call Trace:
[ 1614.828024][  T702]  <TASK>
[ 1614.830803][  T702]  dump_stack_lvl+0x151/0x1b7
[ 1614.835317][  T702]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1614.840789][  T702]  dump_stack+0x15/0x17
[ 1614.844781][  T702]  should_fail+0x3c6/0x510
[ 1614.849035][  T702]  __should_failslab+0xa4/0xe0
[ 1614.853630][  T702]  should_failslab+0x9/0x20
[ 1614.857967][  T702]  slab_pre_alloc_hook+0x37/0xd0
[ 1614.862748][  T702]  kmem_cache_alloc_trace+0x48/0x210
[ 1614.867860][  T702]  ? __se_sys_mount+0x156/0x3b0
[ 1614.872556][  T702]  __se_sys_mount+0x156/0x3b0
[ 1614.877060][  T702]  ? fput+0x1a/0x20
[ 1614.881314][  T702]  ? ksys_write+0x260/0x2c0
[ 1614.885654][  T702]  ? __x64_sys_mount+0xd0/0xd0
[ 1614.890258][  T702]  ? debug_smp_processor_id+0x17/0x20
[ 1614.895462][  T702]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1614.901368][  T702]  __x64_sys_mount+0xbf/0xd0
[ 1614.905792][  T702]  do_syscall_64+0x3d/0xb0
[ 1614.910042][  T702]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1614.915856][  T702] RIP: 0033:0x7ff1713cfbd9
[ 1614.920115][  T702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1614.939662][  T702] RSP: 002b:00007ff170630048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1614.947886][  T702] RAX: ffffffffffffffda RBX: 00007ff17155e038 RCX: 00007ff1713cfbd9
[ 1614.955691][  T702] RDX: 0000000020000200 RSI: 0000000020000000 RDI: 0000000000000000
[ 1614.963765][  T702] RBP: 00007ff1706300a0 R08: 0000000020000600 R09: 0000000000000000
[ 1614.971661][  T702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1614.979491][  T702] R13: 000000000000006e R14: 00007ff17155e038 R15: 00007fff7a508b48
[ 1614.987299][  T702]  </TASK>
[ 1615.024403][   T39] usb 3-1: USB disconnect, device number 50
[ 1615.040901][  T706] input: syz1 as /devices/virtual/input/input138
[ 1615.045255][  T708] loop1: detected capacity change from 0 to 256
[ 1615.090184][  T710] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1615.163143][  T716] incfs: Can't find or create .index dir in ./file0
[ 1615.170370][  T716] incfs: mount failed -5
[ 1615.188981][  T718] incfs: Can't find or create .index dir in ./file0
[ 1615.195766][  T718] incfs: mount failed -5
[ 1615.348730][  T730] incfs: Can't find or create .index dir in ./file0
[ 1615.355697][  T730] incfs: mount failed -14
[ 1615.541107][   T20] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 1615.871037][   T20] usb 4-1: Using ep0 maxpacket: 32
[ 1615.968038][  T744] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1616.011154][   T20] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1616.031329][  T748] 9pnet: Insufficient options for proto=fd
[ 1616.031691][   T20] usb 4-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1616.053993][  T746] incfs: Can't find or create .index dir in ./file0
[ 1616.068988][  T746] incfs: mount failed -5
[ 1616.071036][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1616.091671][   T20] usb 4-1: config 0 descriptor??
[ 1616.112697][  T754] loop2: detected capacity change from 0 to 512
[ 1616.131478][   T20] usb 4-1: bad CDC descriptors
[ 1616.132112][  T754] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1616.163342][  T754] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1616.331078][   T39] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1616.546969][  T764] loop3: detected capacity change from 0 to 16
[ 1616.571084][  T518] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[ 1616.581044][   T39] usb 2-1: Using ep0 maxpacket: 16
[ 1616.591646][  T764] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1616.701507][   T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1616.730235][   T39] usb 2-1: New USB device found, idVendor=046d, idProduct=c08d, bcdDevice= 0.00
[ 1616.749275][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1616.768003][   T39] usb 2-1: config 0 descriptor??
[ 1616.931160][  T518] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1616.961071][  T518] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1616.970735][  T518] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1617.001076][  T518] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1617.021313][  T518] usb 3-1: config 0 descriptor??
[ 1617.272275][   T39] hid-generic 0003:046D:C08D.020D: unknown main item tag 0x0
[ 1617.284366][   T39] hid-generic 0003:046D:C08D.020D: hidraw0: USB HID v0.06 Device [HID 046d:c08d] on usb-dummy_hcd.1-1/input0
[ 1617.487584][  T750] loop1: detected capacity change from 0 to 2048
[ 1617.502040][  T518] sony 0003:054C:0268.020E: report_id 4272251904 is invalid
[ 1617.513473][  T518] sony 0003:054C:0268.020E: item 0 4 1 8 parsing failed
[ 1617.529674][  T518] sony 0003:054C:0268.020E: parse failed
[ 1617.542438][  T518] sony: probe of 0003:054C:0268.020E failed with error -22
[ 1617.572535][  T750] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1617.597125][   T30] audit: type=1400 audit(1617.581:1586): avc:  denied  { map } for  pid=749 comm="syz.1.8578" path="/143/bus" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1617.704934][  T763] UDC core: couldn't find an available UDC or it's busy: -16
[ 1617.719588][  T763] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1617.751963][  T763] UDC core: couldn't find an available UDC or it's busy: -16
[ 1617.759555][  T763] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1617.828773][  T763] loop2: detected capacity change from 0 to 256
[ 1617.871753][  T763] exfat: Deprecated parameter 'namecase'
[ 1617.877532][  T763] exfat: Deprecated parameter 'utf8'
[ 1617.885044][  T763] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1618.304848][   T39] usb 4-1: USB disconnect, device number 66
[ 1618.342037][   T20] usb 3-1: USB disconnect, device number 51
[ 1618.403123][  T791] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8588'.
[ 1618.413560][  T791] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8588'.
[ 1618.442123][  T793] 9pnet: Insufficient options for proto=fd
[ 1618.468809][  T795] input: syz1 as /devices/virtual/input/input139
[ 1618.560715][  T798] loop2: detected capacity change from 0 to 512
[ 1618.601932][  T798] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1618.623123][  T798] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1619.213084][  T815] loop3: detected capacity change from 0 to 256
[ 1619.222468][   T39] usb 2-1: USB disconnect, device number 39
[ 1619.320785][  T820] loop1: detected capacity change from 0 to 1024
[ 1619.352089][  T820] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1619.364270][  T820] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1619.394323][  T820] input: syz1 as /devices/virtual/input/input140
[ 1619.543296][  T829] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8600'.
[ 1619.552208][T15340] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[ 1619.561187][  T829] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8600'.
[ 1619.591574][  T831] 9pnet: Insufficient options for proto=fd
[ 1619.606319][  T833] input: syz1 as /devices/virtual/input/input141
[ 1619.731082][   T20] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[ 1619.791052][T15340] usb 1-1: Using ep0 maxpacket: 32
[ 1619.911122][T15340] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1619.931069][T15340] usb 1-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1619.939931][T15340] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1619.948577][T15340] usb 1-1: config 0 descriptor??
[ 1619.991573][T15340] usb 1-1: bad CDC descriptors
[ 1620.091211][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1620.102492][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1620.112681][   T20] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1620.126232][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1620.146738][   T20] usb 5-1: config 0 descriptor??
[ 1620.149359][  T841] incfs: Can't find or create .index dir in ./file0
[ 1620.158354][  T841] incfs: mount failed -14
[ 1620.622095][   T20] sony 0003:054C:0268.020F: report_id 4272251904 is invalid
[ 1620.629845][   T20] sony 0003:054C:0268.020F: item 0 4 1 8 parsing failed
[ 1620.656350][   T20] sony 0003:054C:0268.020F: parse failed
[ 1620.673772][   T20] sony: probe of 0003:054C:0268.020F failed with error -22
[ 1620.824999][  T827] UDC core: couldn't find an available UDC or it's busy: -16
[ 1620.832270][  T827] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1620.846457][  T827] UDC core: couldn't find an available UDC or it's busy: -16
[ 1620.853760][  T827] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1620.927452][  T827] loop4: detected capacity change from 0 to 256
[ 1620.981348][  T827] exfat: Deprecated parameter 'namecase'
[ 1620.986895][  T827] exfat: Deprecated parameter 'utf8'
[ 1621.003953][  T827] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1622.359442][   T20] usb 1-1: USB disconnect, device number 43
[ 1622.396536][  T863] incfs: Error accessing: ./file0.
[ 1622.401601][  T863] incfs: mount failed -20
[ 1622.406502][  T863] input: syz1 as /devices/virtual/input/input142
[ 1622.661193][  T859] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[ 1622.698056][  T874] incfs: Error accessing: ./file0.
[ 1622.703358][  T874] incfs: mount failed -20
[ 1622.709020][  T874] input: syz1 as /devices/virtual/input/input143
[ 1622.720679][  T876] loop1: detected capacity change from 0 to 256
[ 1622.852408][  T882] input: syz1 as /devices/virtual/input/input144
[ 1622.911077][  T859] usb 3-1: Using ep0 maxpacket: 16
[ 1623.031616][  T859] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1623.045266][  T859] usb 3-1: New USB device found, idVendor=046d, idProduct=c08d, bcdDevice= 0.00
[ 1623.054268][  T859] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1623.062969][  T859] usb 3-1: config 0 descriptor??
[ 1623.211085][   T39] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[ 1623.561180][   T39] usb 1-1: Using ep0 maxpacket: 16
[ 1623.615088][  T894] input: syz1 as /devices/virtual/input/input145
[ 1623.632271][   T39] usb 1-1: too many configurations: 46, using maximum allowed: 8
[ 1623.686364][  T859] hid-generic 0003:046D:C08D.0210: unknown main item tag 0x0
[ 1623.725940][   T20] usb 5-1: USB disconnect, device number 34
[ 1623.741263][  T859] hid-generic 0003:046D:C08D.0210: hidraw0: USB HID v0.06 Device [HID 046d:c08d] on usb-dummy_hcd.2-1/input0
[ 1623.789543][  T899] loop1: detected capacity change from 0 to 1024
[ 1623.795951][   T39] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 1623.803393][   T39] usb 1-1: can't read configurations, error -61
[ 1623.821780][  T899] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1623.833428][  T899] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1623.859423][  T899] syz.1.8622[899] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1623.859492][  T899] syz.1.8622[899] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1623.874188][  T899] input: syz1 as /devices/virtual/input/input146
[ 1623.894472][  T865] loop2: detected capacity change from 0 to 2048
[ 1623.943125][  T865] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1623.951102][   T39] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[ 1624.043842][  T906] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1624.171081][   T20] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[ 1624.191081][   T39] usb 1-1: Using ep0 maxpacket: 16
[ 1624.231168][   T39] usb 1-1: too many configurations: 46, using maximum allowed: 8
[ 1624.361130][   T39] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 1624.368748][   T39] usb 1-1: can't read configurations, error -61
[ 1624.375721][   T39] usb usb1-port1: attempt power cycle
[ 1624.411043][   T20] usb 5-1: Using ep0 maxpacket: 32
[ 1624.531123][   T20] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1624.561064][   T20] usb 5-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1624.570098][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1624.586219][   T20] usb 5-1: config 0 descriptor??
[ 1624.631375][   T20] usb 5-1: bad CDC descriptors
[ 1624.791061][   T39] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[ 1624.881165][   T39] usb 1-1: Using ep0 maxpacket: 16
[ 1624.921167][   T39] usb 1-1: too many configurations: 46, using maximum allowed: 8
[ 1624.960906][  T919] loop4: detected capacity change from 0 to 16
[ 1624.975147][  T923] loop3: detected capacity change from 0 to 1024
[ 1624.991685][  T919] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1625.021945][  T923] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[ 1625.034080][  T923] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[ 1625.058829][   T39] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 1625.066371][   T39] usb 1-1: can't read configurations, error -61
[ 1625.079397][  T923] input: syz1 as /devices/virtual/input/input147
[ 1625.163722][  T926] loop1: detected capacity change from 0 to 40427
[ 1625.192229][  T926] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1625.199844][  T926] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1625.208874][  T926] F2FS-fs (loop1): invalid crc value
[ 1625.215583][  T926] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1625.221051][   T39] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[ 1625.241751][  T926] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1625.248653][  T926] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1625.279663][  T926] overlayfs: invalid redirect ((null))
[ 1625.292080][ T1137] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1625.300867][ T1137] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1625.311149][   T39] usb 1-1: Using ep0 maxpacket: 16
[ 1625.351223][   T39] usb 1-1: too many configurations: 46, using maximum allowed: 8
[ 1625.395199][  T938] input: syz1 as /devices/virtual/input/input148
[ 1625.401800][ T5115] usb 3-1: USB disconnect, device number 52
[ 1625.437529][  T940] loop2: detected capacity change from 0 to 512
[ 1625.465664][  T943] input: syz1 as /devices/virtual/input/input149
[ 1625.471182][   T39] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 1625.471906][   T20] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 1625.479286][   T39] usb 1-1: can't read configurations, error -61
[ 1625.487862][  T940] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1625.493222][   T39] usb usb1-port1: unable to enumerate USB device
[ 1625.523211][  T940] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1625.721042][   T20] usb 4-1: Using ep0 maxpacket: 32
[ 1625.851096][   T20] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1625.861043][   T20] usb 4-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1625.869851][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1625.878422][   T20] usb 4-1: config 0 descriptor??
[ 1625.921353][   T20] usb 4-1: bad CDC descriptors
[ 1625.951062][ T5115] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[ 1626.191042][ T5115] usb 3-1: Using ep0 maxpacket: 32
[ 1626.208321][  T960] loop3: detected capacity change from 0 to 16
[ 1626.261657][  T960] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1626.311111][ T5115] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1626.321237][ T5115] usb 3-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1626.330061][ T5115] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1626.338575][ T5115] usb 3-1: config 0 descriptor??
[ 1626.381396][ T5115] usb 3-1: bad CDC descriptors
[ 1626.713047][  T969] loop2: detected capacity change from 0 to 16
[ 1626.751572][  T969] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1626.771382][   T20] usb 5-1: USB disconnect, device number 35
[ 1627.091550][  T979] input: syz1 as /devices/virtual/input/input150
[ 1627.374427][  T988] loop1: detected capacity change from 0 to 512
[ 1627.401725][  T988] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[ 1627.423808][  T988] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1627.441075][   T20] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[ 1627.691040][   T20] usb 1-1: Using ep0 maxpacket: 16
[ 1628.119078][   T20] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1628.131714][   T20] usb 1-1: New USB device found, idVendor=046d, idProduct=c08d, bcdDevice= 0.00
[ 1628.140528][   T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1628.148855][   T20] usb 1-1: config 0 descriptor??
[ 1628.206789][T15340] usb 4-1: USB disconnect, device number 67
[ 1628.218190][ T1005] loop3: detected capacity change from 0 to 512
[ 1628.251870][ T1005] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1628.260911][ T1005] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c198, mo2=0002]
[ 1628.268790][ T1005] System zones: 1-12
[ 1628.273117][ T1005] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz.3.8652: corrupted in-inode xattr
[ 1628.285177][ T1005] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.8652: couldn't read orphan inode 15 (err -117)
[ 1628.297259][ T1005] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,nolazytime,debug,noload,minixdf,commit=0x0000000000000005,lazytime,acl,,errors=continue. Quota mode: none.
[ 1628.366492][ T1007] FAULT_INJECTION: forcing a failure.
[ 1628.366492][ T1007] name failslab, interval 1, probability 0, space 0, times 0
[ 1628.381386][ T1007] CPU: 1 PID: 1007 Comm: syz.3.8652 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[ 1628.392663][ T1007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1628.402565][ T1007] Call Trace:
[ 1628.405681][ T1007]  <TASK>
[ 1628.408462][ T1007]  dump_stack_lvl+0x151/0x1b7
[ 1628.413082][ T1007]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1628.418640][ T1007]  dump_stack+0x15/0x17
[ 1628.422626][ T1007]  should_fail+0x3c6/0x510
[ 1628.426873][ T1007]  __should_failslab+0xa4/0xe0
[ 1628.431474][ T1007]  ? getname_flags+0xba/0x520
[ 1628.435996][ T1007]  should_failslab+0x9/0x20
[ 1628.440330][ T1007]  slab_pre_alloc_hook+0x37/0xd0
[ 1628.445102][ T1007]  ? getname_flags+0xba/0x520
[ 1628.449610][ T1007]  kmem_cache_alloc+0x44/0x200
[ 1628.454219][ T1007]  getname_flags+0xba/0x520
[ 1628.458553][ T1007]  user_path_at_empty+0x2d/0x1a0
[ 1628.463325][ T1007]  __se_sys_mount+0x285/0x3b0
[ 1628.467834][ T1007]  ? fput+0x1a/0x20
[ 1628.471483][ T1007]  ? ksys_write+0x260/0x2c0
[ 1628.475823][ T1007]  ? __x64_sys_mount+0xd0/0xd0
[ 1628.480424][ T1007]  ? debug_smp_processor_id+0x17/0x20
[ 1628.485718][ T1007]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1628.491704][ T1007]  __x64_sys_mount+0xbf/0xd0
[ 1628.496129][ T1007]  do_syscall_64+0x3d/0xb0
[ 1628.500382][ T1007]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1628.506114][ T1007] RIP: 0033:0x7f5be5ba5bd9
[ 1628.510509][ T1007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1628.530122][ T1007] RSP: 002b:00007f5be4e06048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1628.538633][ T1007] RAX: ffffffffffffffda RBX: 00007f5be5d34038 RCX: 00007f5be5ba5bd9
[ 1628.546509][ T1007] RDX: 0000000000000000 RSI: 0000000020000580 RDI: 0000000020000000
[ 1628.554252][ T1007] RBP: 00007f5be4e060a0 R08: 0000000000000000 R09: 0000000000000000
[ 1628.562064][ T1007] R10: 0000000000223216 R11: 0000000000000246 R12: 0000000000000001
[ 1628.569959][ T1007] R13: 000000000000006e R14: 00007f5be5d34038 R15: 00007ffce427f518
[ 1628.577799][ T1007]  </TASK>
[ 1628.618119][T23051] usb 3-1: USB disconnect, device number 53
[ 1628.685001][ T1016] input: syz1 as /devices/virtual/input/input151
[ 1628.696011][ T1018] input: syz1 as /devices/virtual/input/input152
[ 1628.702167][   T20] hid-generic 0003:046D:C08D.0211: unknown main item tag 0x0
[ 1628.702810][   T20] hid-generic 0003:046D:C08D.0211: hidraw0: USB HID v0.06 Device [HID 046d:c08d] on usb-dummy_hcd.0-1/input0
[ 1628.748413][ T1021] loop3: detected capacity change from 0 to 512
[ 1628.802268][ T1021] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[ 1628.824350][ T1021] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1629.211064][   T20] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 1629.521129][ T5115] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1629.631124][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1629.651303][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1629.661838][   T20] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1629.672038][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1629.681188][   T20] usb 4-1: config 0 descriptor??
[ 1629.961087][   T39] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[ 1629.971144][ T5115] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1629.981134][ T5115] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1630.061191][ T5115] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1630.070133][ T5115] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1630.077964][ T5115] usb 2-1: SerialNumber: syz
[ 1630.161818][   T20] sony 0003:054C:0268.0212: item fetching failed at offset 1/5
[ 1630.169442][   T20] sony 0003:054C:0268.0212: parse failed
[ 1630.174830][   T20] sony: probe of 0003:054C:0268.0212 failed with error -22
[ 1630.201151][   T39] usb 3-1: Using ep0 maxpacket: 32
[ 1630.321156][   T39] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1630.331357][   T39] usb 3-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[ 1630.340308][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1630.348920][ T5115] usb 2-1: 0:2 : does not exist
[ 1630.354236][   T39] usb 3-1: config 0 descriptor??
[ 1630.371038][T15340] usb 1-1: USB disconnect, device number 48
[ 1630.390182][ T1055] input: syz1 as /devices/virtual/input/input153
[ 1630.391533][   T39] usb 3-1: bad CDC descriptors
[ 1630.519946][ T1063] loop4: detected capacity change from 0 to 512
[ 1630.551660][ T1063] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1630.572558][ T5115] usb 2-1: USB disconnect, device number 40
[ 1630.573413][ T1063] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,delalloc,,errors=continue. Quota mode: writeback.
[ 1630.713299][ T1069] loop2: detected capacity change from 0 to 16
[ 1630.734494][ T1072] input: syz1 as /devices/virtual/input/input154
[ 1630.742343][ T1069] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1630.917462][T15340] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[ 1631.511124][T15340] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1631.522132][T15340] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1631.531845][T15340] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1631.540660][T15340] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1631.549032][T15340] usb 1-1: config 0 descriptor??
[ 1631.945570][   T39] usb 4-1: USB disconnect, device number 68
[ 1632.031720][T15340] sony 0003:054C:0268.0213: report_id 4272251904 is invalid
[ 1632.038845][T15340] sony 0003:054C:0268.0213: item 0 4 1 8 parsing failed
[ 1632.047242][T15340] sony 0003:054C:0268.0213: parse failed
[ 1632.055170][T15340] sony: probe of 0003:054C:0268.0213 failed with error -22
[ 1632.235034][ T1060] UDC core: couldn't find an available UDC or it's busy: -16
[ 1632.242447][ T1060] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1632.251064][T15341] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 1632.257747][ T1060] UDC core: couldn't find an available UDC or it's busy: -16
[ 1632.265837][ T1060] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1632.700067][  T859] usb 3-1: USB disconnect, device number 54
[ 1632.737185][ T1129] loop4: detected capacity change from 0 to 512
[ 1632.762284][ T1129] EXT4-fs (loop4): Invalid want_extra_isize 8198
[ 1632.779558][   T30] audit: type=1400 audit(1632.761:1587): avc:  denied  { setattr } for  pid=1133 comm="syz.2.8699" name="zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[ 1632.808126][   T30] audit: type=1400 audit(1632.791:1588): avc:  denied  { sys_admin } for  pid=1135 comm="syz.2.8700" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[ 1633.061358][T15341] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1633.072145][T15341] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1633.081875][T15341] usb 2-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.00
[ 1633.090931][T15341] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1633.104108][T15341] usb 2-1: config 0 descriptor??
[ 1633.301144][  T859] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[ 1633.625260][T15341] apple 0003:05AC:0262.0214: hidraw0: USB HID v0.00 Device [HID 05ac:0262] on usb-dummy_hcd.1-1/input0
[ 1633.669783][  T859] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1633.680850][  T859] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1633.690830][  T859] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1633.699692][  T859] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1633.727209][   T39] usb 1-1: USB disconnect, device number 49
[ 1633.736404][  T859] usb 3-1: config 0 descriptor??
[ 1633.741878][ T1153] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8704'.
[ 1633.784049][T15341] usb 2-1: USB disconnect, device number 41
[ 1633.803474][   T30] audit: type=1400 audit(1633.791:1589): avc:  denied  { read } for  pid=1158 comm="syz.0.8708" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1633.829475][   T30] audit: type=1326 audit(1633.821:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1160 comm="syz.0.8709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c42bd1bd9 code=0x7ffc0000
[ 1633.852990][   T30] audit: type=1326 audit(1633.821:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1160 comm="syz.0.8709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c42bd1bd9 code=0x7ffc0000
[ 1633.876126][   T30] audit: type=1326 audit(1633.821:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1160 comm="syz.0.8709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f1c42bd1bd9 code=0x7ffc0000
[ 1633.899914][   T30] audit: type=1326 audit(1633.821:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1160 comm="syz.0.8709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c42bd1bd9 code=0x7ffc0000
[ 1633.923008][   T30] audit: type=1326 audit(1633.821:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1160 comm="syz.0.8709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c42bd1bd9 code=0x7ffc0000
[ 1634.271069][   T39] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[ 1634.324823][ T1171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8714'.
[ 1634.333593][ T1171] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8714'.
[ 1634.365077][ T1179] BUG: unable to handle page fault for address: ffffffffff600000
[ 1634.372804][ T1179] #PF: supervisor read access in kernel mode
[ 1634.378644][ T1179] #PF: error_code(0x0001) - permissions violation
[ 1634.384868][ T1179] PGD 6812067 P4D 6812067 PUD 6814067 PMD 6816067 PTE 8000000006809165
[ 1634.393022][ T1179] Oops: 0001 [#1] PREEMPT SMP KASAN
[ 1634.398053][ T1179] CPU: 0 PID: 1179 Comm: syz.1.8718 Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[ 1634.409551][ T1179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1634.419528][ T1179] RIP: 0010:copy_from_kernel_nofault+0x86/0x2e0
[ 1634.425606][ T1179] Code: 48 89 55 d0 0f 85 ea 01 00 00 ff 02 bf 07 00 00 00 4c 89 ee e8 8b 92 d6 ff 49 83 fd 07 76 5c 4d 89 fe 49 83 c5 f8 49 83 c7 08 <49> 8b 1c 24 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80
[ 1634.445131][ T1179] RSP: 0018:ffffc900009b7d50 EFLAGS: 00010296
[ 1634.451127][ T1179] RAX: 0000000000000002 RBX: 00007ffffffff000 RCX: ffff88810e5b13c0
[ 1634.458932][ T1179] RDX: ffff88810e5b1f50 RSI: 0000000000000008 RDI: 0000000000000007
[ 1634.466739][ T1179] RBP: ffffc900009b7d88 R08: ffffffff8199a955 R09: ffffed1021cb6279
[ 1634.474549][ T1179] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffffff600000
[ 1634.482603][ T1179] R13: 0000000000000000 R14: ffffc900009b7de8 R15: ffffc900009b7df0
[ 1634.490346][ T1179] FS:  00007f572565f6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1634.499451][ T1179] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1634.505876][ T1179] CR2: ffffffffff600000 CR3: 0000000133da9000 CR4: 00000000003506b0
[ 1634.513681][ T1179] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1634.521631][ T1179] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1634.529525][ T1179] Call Trace:
[ 1634.532657][ T1179]  <TASK>
[ 1634.535695][ T1179]  ? __die_body+0x62/0xb0
[ 1634.539859][ T1179]  ? __die+0x7e/0x90
[ 1634.543599][ T1179]  ? page_fault_oops+0x7f9/0xa90
[ 1634.548369][ T1179]  ? jump_label_update+0x3af/0x450
[ 1634.553307][ T1179]  ? kernelmode_fixup_or_oops+0x270/0x270
[ 1634.558950][ T1179]  ? __mutex_lock_slowpath+0x10/0x10
[ 1634.564178][ T1179]  ? tracepoint_add_func+0x77e/0x940
[ 1634.569282][ T1179]  ? alloc_file_pseudo+0x280/0x2f0
[ 1634.574217][ T1179]  ? exc_page_fault+0x521/0x830
[ 1634.578910][ T1179]  ? asm_exc_page_fault+0x27/0x30
[ 1634.583953][ T1179]  ? copy_from_kernel_nofault+0x75/0x2e0
[ 1634.589405][ T1179]  ? copy_from_kernel_nofault+0x86/0x2e0
[ 1634.594986][ T1179]  bpf_probe_read_compat+0x112/0x180
[ 1634.600083][ T1179]  bpf_prog_baa065642a502c00+0x64/0xc28
[ 1634.605721][ T1179]  bpf_trace_run2+0xec/0x210
[ 1634.610147][ T1179]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1634.614835][ T1179]  __bpf_trace_sys_exit+0x62/0x70
[ 1634.619811][ T1179]  syscall_exit_to_user_mode+0x149/0x160
[ 1634.625302][ T1179]  do_syscall_64+0x49/0xb0
[ 1634.629541][ T1179]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1634.635343][ T1179] RIP: 0033:0x7f57263ddbd9
[ 1634.639596][ T1179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1634.659400][ T1179] RSP: 002b:00007f572565f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1634.667630][ T1179] RAX: 0000000000000005 RBX: 00007f572656bf60 RCX: 00007f57263ddbd9
[ 1634.675582][ T1179] RDX: 0000000000000010 RSI: 0000000020000500 RDI: 0000000000000011
[ 1634.683336][ T1179] RBP: 00007f572644caa1 R08: 0000000000000000 R09: 0000000000000000
[ 1634.691145][ T1179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1634.698956][ T1179] R13: 000000000000000b R14: 00007f572656bf60 R15: 00007ffcb0580638
[ 1634.706775][ T1179]  </TASK>
[ 1634.709631][ T1179] Modules linked in:
[ 1634.713384][ T1179] CR2: ffffffffff600000
[ 1634.717389][ T1179] ---[ end trace 35b11bbe69759105 ]---
[ 1634.717432][  T613] BUG: unable to handle page fault for address: ffffffffff600000
[ 1634.722649][ T1179] RIP: 0010:copy_from_kernel_nofault+0x86/0x2e0
[ 1634.730204][  T613] #PF: supervisor read access in kernel mode
[ 1634.736288][ T1179] Code: 48 89 55 d0 0f 85 ea 01 00 00 ff 02 bf 07 00 00 00 4c 89 ee e8 8b 92 d6 ff 49 83 fd 07 76 5c 4d 89 fe 49 83 c5 f8 49 83 c7 08 <49> 8b 1c 24 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80
[ 1634.742092][  T613] #PF: error_code(0x0001) - permissions violation
[ 1634.761881][ T1179] RSP: 0018:ffffc900009b7d50 EFLAGS: 00010296
[ 1634.768217][  T613] PGD 6812067 P4D 6812067 PUD 6814067 
[ 1634.774119][ T1179] RAX: 0000000000000002 RBX: 00007ffffffff000 RCX: ffff88810e5b13c0
[ 1634.774135][ T1179] RDX: ffff88810e5b1f50 RSI: 0000000000000008 RDI: 0000000000000007
[ 1634.779413][  T613] PMD 6816067 
[ 1634.787223][ T1179] RBP: ffffc900009b7d88 R08: ffffffff8199a955 R09: ffffed1021cb6279
[ 1634.795039][  T613] PTE 8000000006809165
[ 1634.798247][ T1179] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffffff600000
[ 1634.806056][  T613] 
[ 1634.806062][  T613] Oops: 0001 [#2] PREEMPT SMP KASAN
[ 1634.809972][ T1179] R13: 0000000000000000 R14: ffffc900009b7de8 R15: ffffc900009b7df0
[ 1634.817800][  T613] CPU: 1 PID: 613 Comm: syz-executor Tainted: G      D W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[ 1634.819943][ T1179] FS:  00007f572565f6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1634.825066][  T613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1634.832881][ T1179] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1634.844163][  T613] RIP: 0010:copy_from_kernel_nofault+0x86/0x2e0
[ 1634.853098][ T1179] CR2: ffffffffff600000 CR3: 0000000133da9000 CR4: 00000000003506b0
[ 1634.863081][  T613] Code: 48 89 55 d0 0f 85 ea 01 00 00 ff 02 bf 07 00 00 00 4c 89 ee e8 8b 92 d6 ff 49 83 fd 07 76 5c 4d 89 fe 49 83 c5 f8 49 83 c7 08 <49> 8b 1c 24 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80
[ 1634.869504][ T1179] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1634.875578][  T613] RSP: 0018:ffffc90000f1fd50 EFLAGS: 00010296
[ 1634.883387][ T1179] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1634.902830][  T613] 
[ 1634.902837][  T613] RAX: 0000000000000000 RBX: 00007ffffffff000 RCX: ffff88811ecd3b40
[ 1634.910667][ T1179] Kernel panic - not syncing: Fatal exception
[ 1634.916543][  T613] RDX: ffff88811ecd46d0 RSI: 0000000000000008 RDI: 0000000000000007
[ 1634.948491][  T613] RBP: ffffc90000f1fd88 R08: ffffffff8199a955 R09: ffffed1023d9a769
[ 1634.956296][  T613] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffffff600000
[ 1634.964735][  T613] R13: 0000000000000000 R14: ffffc90000f1fde8 R15: ffffc90000f1fdf0
[ 1634.972553][  T613] FS:  0000555555aac500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1634.981387][  T613] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1634.987810][  T613] CR2: ffffffffff600000 CR3: 000000010d3e9000 CR4: 00000000003506a0
[ 1634.995625][  T613] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1635.003520][  T613] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1635.011331][  T613] Call Trace:
[ 1635.014455][  T613]  <TASK>
[ 1635.017239][  T613]  ? __die_body+0x62/0xb0
[ 1635.021399][  T613]  ? __die+0x7e/0x90
[ 1635.025139][  T613]  ? page_fault_oops+0x7f9/0xa90
[ 1635.029907][  T613]  ? kernelmode_fixup_or_oops+0x270/0x270
[ 1635.035464][  T613]  ? __schedule+0xcd4/0x1590
[ 1635.040062][  T613]  ? exc_page_fault+0x521/0x830
[ 1635.044762][  T613]  ? asm_exc_page_fault+0x27/0x30
[ 1635.049717][  T613]  ? copy_from_kernel_nofault+0x75/0x2e0
[ 1635.055182][  T613]  ? copy_from_kernel_nofault+0x86/0x2e0
[ 1635.060744][  T613]  bpf_probe_read_compat+0x112/0x180
[ 1635.065862][  T613]  bpf_prog_baa065642a502c00+0x64/0xc28
[ 1635.071248][  T613]  bpf_trace_run2+0xec/0x210
[ 1635.075668][  T613]  ? common_nsleep+0x91/0xb0
[ 1635.080178][  T613]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1635.084866][  T613]  ? __se_sys_clock_nanosleep+0x323/0x3b0
[ 1635.090508][  T613]  ? __x64_sys_clock_nanosleep+0xb0/0xb0
[ 1635.095975][  T613]  __bpf_trace_sys_exit+0x62/0x70
[ 1635.100834][  T613]  syscall_exit_to_user_mode+0x149/0x160
[ 1635.106390][  T613]  do_syscall_64+0x49/0xb0
[ 1635.110641][  T613]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[ 1635.116283][  T613]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1635.122012][  T613] RIP: 0033:0x7ff171401b83
[ 1635.126697][  T613] Code: 1f 84 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d be d9 12 00 00 74 14 b8 e6 00 00 00 0f 05 <f7> d8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10
[ 1635.146225][  T613] RSP: 002b:00007fff7a508e08 EFLAGS: 00000202 ORIG_RAX: 00000000000000e6
[ 1635.154469][  T613] RAX: 0000000000000000 RBX: 000000000000006a RCX: 00007ff171401b83
[ 1635.162284][  T613] RDX: 00007fff7a508e20 RSI: 0000000000000000 RDI: 0000000000000000
[ 1635.170091][  T613] RBP: 00007fff7a508eac R08: 00007fff7a543080 R09: 00007fff7a5430b0
[ 1635.177903][  T613] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032
[ 1635.185715][  T613] R13: 000000000018edd5 R14: 000000000018ed51 R15: 0000000000000016
[ 1635.193539][  T613]  </TASK>
[ 1635.196387][  T613] Modules linked in:
[ 1635.200123][  T613] CR2: ffffffffff600000
[ 1635.204115][  T613] ---[ end trace 35b11bbe69759106 ]---
[ 1635.209411][  T613] RIP: 0010:copy_from_kernel_nofault+0x86/0x2e0
[ 1635.215484][  T613] Code: 48 89 55 d0 0f 85 ea 01 00 00 ff 02 bf 07 00 00 00 4c 89 ee e8 8b 92 d6 ff 49 83 fd 07 76 5c 4d 89 fe 49 83 c5 f8 49 83 c7 08 <49> 8b 1c 24 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80
[ 1635.235011][  T613] RSP: 0018:ffffc900009b7d50 EFLAGS: 00010296
[ 1635.240912][  T613] RAX: 0000000000000002 RBX: 00007ffffffff000 RCX: ffff88810e5b13c0
[ 1635.248809][  T613] RDX: ffff88810e5b1f50 RSI: 0000000000000008 RDI: 0000000000000007
[ 1635.256620][  T613] RBP: ffffc900009b7d88 R08: ffffffff8199a955 R09: ffffed1021cb6279
[ 1635.264434][  T613] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffffff600000
[ 1635.272245][  T613] R13: 0000000000000000 R14: ffffc900009b7de8 R15: ffffc900009b7df0
[ 1635.280053][  T613] FS:  0000555555aac500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1635.288819][  T613] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1635.295330][  T613] CR2: ffffffffff600000 CR3: 000000010d3e9000 CR4: 00000000003506a0
[ 1635.303231][  T613] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1635.311041][  T613] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1636.035097][ T1179] Shutting down cpus with NMI
[ 1636.039828][ T1179] Kernel Offset: disabled
[ 1636.043950][ T1179] Rebooting in 86400 seconds..