last executing test programs: 2m49.991949627s ago: executing program 1 (id=425): r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xc}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtfilter={0x24, 0x2a, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x8, 0xfff1}, {0xfff1, 0x2}, {0xb, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x24044801}, 0x20000000) 2m49.067458229s ago: executing program 1 (id=428): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0) getdents64(r1, 0x0, 0x22) 2m48.290759853s ago: executing program 1 (id=432): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0xf, {[@global=@item_012={0x0, 0x1, 0x5}, @local=@item_4={0x3, 0x2, 0x0, "45501821"}, @global=@item_012={0x1, 0x1, 0x9, "f5"}, @global=@item_012={0x1, 0x1, 0x7, "84"}, @main=@item_4={0x3, 0x0, 0xb, "9e3ce079"}]}}, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0x400c4807, 0x0) 2m44.944178562s ago: executing program 1 (id=441): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f00000002c0)=@file={0x1, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 2m43.838955749s ago: executing program 1 (id=445): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x20000000}, 0x1c) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00', 0x0}) bind$packet(r0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x6, 0x6, @remote}, 0x14) sendmmsg$sock(r0, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@timestamping={{0x10, 0x1, 0x25, 0xfffb}}], 0x10}}], 0x2, 0x10) 2m42.991549004s ago: executing program 1 (id=449): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) r1 = eventfd2(0x4, 0x1) ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f00000000c0)={0x1, r1}) ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000000)={0x1}) 2m39.6997525s ago: executing program 32 (id=449): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) r1 = eventfd2(0x4, 0x1) ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f00000000c0)={0x1, r1}) ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000000)={0x1}) 4.387120124s ago: executing program 5 (id=1172): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3cb140bb}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_POLICY={0x8}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) sendto$inet6(r0, &(0x7f00000009c0)='\\', 0x1, 0x20000081, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c) 4.208848492s ago: executing program 2 (id=1173): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff000008000000000000000100008406000400"], 0x0, 0x42}, 0x28) r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x401, 0x1000004, 0x0, {0x0, 0x0, 0x0, 0x0, 0x503, 0x20000}, [@IFLA_LINK_NETNSID={0x8, 0x25, 0x1}, @IFLA_LINK={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004800}, 0x4000000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac141400340008"], 0x2c}}, 0x0) sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) 3.688097749s ago: executing program 2 (id=1176): r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) open_by_handle_at(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="0c0000000200010004"], 0x408100) 3.551582072s ago: executing program 3 (id=1177): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) writev(r0, &(0x7f0000000500)=[{&(0x7f0000000080)="2e9b5b0007e03dd65193dfb6c575963f86dd6067", 0x14}, {&(0x7f0000000240)="b700000006000000000000f1dd0fccd5de056d55c1fd369304aac000fc86e30000f39ba19d", 0x25}, {&(0x7f0000000100)="37a8", 0x2}], 0x3) 3.373913301s ago: executing program 0 (id=1178): geteuid() r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000009c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8b2b, &(0x7f0000000040)={'wlan1\x00', @random="010000000002"}) ioctl(r0, 0x8b2a, &(0x7f0000000040)) 3.293545063s ago: executing program 4 (id=1179): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) syz_open_procfs(0x0, 0x0) r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents64(r1, 0x0, 0x0) 3.128687337s ago: executing program 5 (id=1180): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r2, @ANYBLOB="00000000000000005c001280110001006272696467655f736c617665000000004400058005000500000000000500200001"], 0x7c}}, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0) 3.12630868s ago: executing program 2 (id=1181): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 2.869047256s ago: executing program 3 (id=1182): syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='mm_vmscan_write_folio\x00', r0, 0x0, 0x100000001}, 0x18) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15) ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, 0x0) 2.854271595s ago: executing program 0 (id=1183): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000440)={{0xfffe, 0x5, 0x2, 0x5}, 'syz1\x00', 0x53}) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x12) ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x6) ioctl$UI_DEV_CREATE(r0, 0x5501) 2.6092889s ago: executing program 4 (id=1184): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x1, 0x3}, 0x4) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x1, 0x3}, 0x4) close(0x3) 2.563084316s ago: executing program 2 (id=1185): openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='fd/3\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000240)={0x80000011}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)) 2.231850495s ago: executing program 5 (id=1186): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)={0x28, r1, 0x1, 0x0, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x29bb}]}, 0x28}}, 0x0) 2.159727268s ago: executing program 0 (id=1187): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000280)={0x9, 0x4, 0x0, 0xcc, 0x0, 0x0, 0x4, 0x2, 0x6}, 0xe) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000140)={r1}, &(0x7f0000000340)=0x8) 2.157365302s ago: executing program 4 (id=1188): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x181d82, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000100)={'syztnl1\x00', 0x0, 0x2f, 0x3, 0x2, 0x5, 0x4e, @empty, @mcast2, 0x8000, 0x80, 0x9, 0x3ef}}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="08000000000000006902"]) 2.073071968s ago: executing program 3 (id=1189): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ftruncate(r0, 0x5) 2.072732823s ago: executing program 2 (id=1190): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]}) setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0) 1.801440776s ago: executing program 0 (id=1191): r0 = openat$random(0xffffffffffffff9c, &(0x7f00000003c0), 0x40202, 0x0) r1 = socket$inet_icmp(0x2, 0x2, 0x1) sched_setscheduler(0x0, 0x5, &(0x7f0000000480)) ioprio_set$pid(0x2, 0x0, 0x0) sendfile(r1, r0, 0x0, 0x9) 1.661121647s ago: executing program 5 (id=1192): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 1.537750376s ago: executing program 2 (id=1193): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000009e602206d0414c340000000000109022400010400a000090480000103010100093700086ce82201000905815f"], 0x0) syz_usb_control_io(r0, &(0x7f0000000780)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x29, 0xf, {0xf, 0x29, 0x9, 0x10, 0x2, 0xff, "6006c4e7", "c916eb9e"}}, 0x0}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) close(0xffffffffffffffff) 1.463356692s ago: executing program 4 (id=1194): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000100)={r2, 0x8}, 0x8) 1.342453932s ago: executing program 3 (id=1195): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 1.1932353s ago: executing program 0 (id=1196): r0 = syz_io_uring_setup(0x239, &(0x7f0000000400)={0x0, 0x8c44, 0x10100, 0x3, 0x2b4}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r0, 0x708, 0x41e3, 0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x4, 0x0, 0x7fff0000}]}) 1.098419931s ago: executing program 4 (id=1197): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x18418, &(0x7f0000000380)=ANY=[@ANYRES8=0x0, @ANYRES32], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0) write$UHID_INPUT(r0, &(0x7f0000000540)={0x8, {"e4a5178d8af89c68da0bb25a3f9fc279c5b6585a069ceb3fe7dd48e73386d7b459bc4e0a4efb5930f94a6f060cf497b70d79135947daf02a5719ce3220b0119b397bb7d7685ce63b6ff47ce549e1ac866e34a76431681624d5c73f1283526684a9b2f443a10a886b273ed5599ec4254920d9b7b441c4d20535165f092527a28a9a1e4a190440aaccab749637fc6efba21f38cf79d7a12138af2c0101dc90dbb887a2cd991ed9884791f760d21bad1b76a758c7036b403b3fecb554cfe9bef9199b70f72c44bb738f07c2082089d8e6fc92e3c6ae7a7ed2ccd456ee83da2888ff1e0e8444830c92002589afafa69a7461242c0b70994c8a53f0a38e30c3100f687d90bed52eb012a39076c08ab9d86d2b12cdcadf9c6bb7ef1d80d2118474a4c7adc224bd8dc5f9cea53a54763d9ed98f52925b7d9ce0d304156870ffff842932bd175ebf6dd21573b374eccbc3113cb431732d830011c325b89300de4a9935c00bbdf7cbc55f79f5a9f7c01be95decc2bf377c2c132289508b789bf0ac66ae0d81c3b4e374d227cca3e5d55469d703cdcc50d9f31ca1eca0fa32cbd789a7f566bc69ec650335dd9909fd9e5adcd71670133d52c5287515c236c5476c32754bcac3afc4d8f1d0f20c2da7b33ba789cb131f7de631fd418de297646bbb25541eabe5d967fc0eedb6a4e1d94bba0c7df5eb213326e03ee03b151e62bb6a7656ddbaa880206d1c5c8cd1a8c9d646028fd49f252535e078de3718905f934f9f3829cdf1e9b32046be028d85a136fabb4063ca866658d45a12300a2afc3a42975e99d4bb3bb354b0ed4f28f2fdcd16077cf40f00d8697b7ecb1db336bcd0dd5abf2821594801b77b9d7a9d316bed3f7d0c12fa766317fe67b19f60d3f1dff4a2c011457e0d42ca276d53829bfb7fa7e4441dbc86941cfcbe65fd7ee67218f5057b723c488428414f02dc5b94761815b8362e639a63cd1ecd195ab360481021ac435cc0230781f4cfb1e03d000b1ee63157be6ca37b63069dc4d527238db0d962491365316996ea72a70e38562d9c672921f63ee4b5523e9e302565d1e2db284be7357c8eefcc45bac628cc0d7e34d71791cc85126f848bad589b7887fc99c005fca86f101d517a9beb6d3fdb997f1c278534bcb1b7982d9f188bd6e473251123443f82d80aabdbe1ed125694daabe0dc0cbfbd00c6ac4da13a4140cc802e902717e572a0beae972b916eae2af74789b5c8ea3aef23289d22328c971d037d72b422d4bfbd9a20a4c3617f449b28681c937b5063d8d98bdfaafb7269eb0bfa7f2c0e77dbd4e4548aced3d9b0f3d23ddc06422fa4b076072953122795ef945563aeedf73920912e927d470f03aa2163f97e98051bf89f33951758016bb69cfbcb4ce064402f585fd7d8c590790df8e21ab16617e0b60a5db28b5e47086b2105260f1e87b2a7d01a55747bc92f636f3cb8ff625849bae0b4f5bad0885f9154eb674c635b9034d647765c9f65c9203a384049d00fc8edf64f4ebb28ce05a44654a57045301a9518b4a61a55bc6cb02f2e318f182f61b5ffebe9bc1c0330b850442137b9c6683e2033c9a92d0ce909a2c73120fbb60a97d59e267663a9ff0ebd46e6c2df95dc24a2436f5c25c0113954fe38b217ed5a26156e7bb7f36caa41d56aff7a2c4f0c9f8c2e3cccfa236467b92102fb211e77b33d5fd356ec870f6cc4af989b2e6488edb12d82c6cdaf5900ddd4d26fc1e86d9d378f96441ca8e3f5891506ba90de83293b6a5b026adb9c663544e00f6a9cebd44c541d3cd54477eb25ede89524a36064de4cacb568badb7e8437be5c3d81211675efe86fce2e29787390e9fb5b237b513bd584a69a0d896ab03a1dbe0bd0ff0b97dde53a31c78856d1149b8a5d35403284e0c1f6c961243340ad7ec6668314cfe75752d740bb8e4e8b587918c495bd508244a5b0e4e910afec275cb2043ed9d7c3ace12144a693e6a262cc2dc86bc727e94f3a12e4a384988ed96d6bf69b4693bccfe287e7fba4855e65227cf299c665d1f14f69ca490084ecb6460c3aea50d34bd9d0760d3aefe5954a4819e193be3562d58b64c49ab107b44d6560866953ab164f50b45265cd5d7d4f88f54381a607bddc53f8c361430b5da5a8810af4b65db41a155674d4c7a761b471ee864571cf29d722f01586374a2902f42bc4c854d66b079fbfdcfea970d3e7e5ab5476a2b344076c307fd2d84bdc6d0f8101771b1b85d0ecdda706c326667b87fd234bff586a6fb6aacbabd48039ebc501a13dec4b8f376c1f3dd1cd463966bc9d4e192ae5ea3dcccda0701efd8b4358dc710e4f9e0577ff7539437b659b5374c00e9572b01f390881860ec7ce1ee3ac9c3c9158bd76380a62e1ea47caed3349b39c10305f4763ea384454abd4b38ff43bac544ec650baad6c6dfb0150c80eeeffd2a22970071482fe83f74392acc76a44d0eb2b93d4894bef0dc4a96e4d9a0f44f6628df5ef85ab7574649e215cb6019fe39ea7bb76399346646ea219755c20d5d11793438cf0e60f7ad93b80c964b0930dfdf9ae2ffd2d0f7825f2fbfac19d228f4db50604edcd6d6e36fe8645a657a694c113d943db4b89d862c76260e228a06084a05685e0d357b8446df96a478bf19a0e204cac88ab8cee4297fa6d2281e9a501a1ca983cecd5da1950517df7c3fa1f6f2f9fd4d2ac9bfccae8928e743fb4ffed5f8b738a1d9983c2ae2ba0b8127f900ea1098d04733a480e6498e3b96d0ad27dc3dd9e382ed4c3051d88786cfaaf36b0e018b7993a2bf3d2a2372c2da8b9d069a5d10bf66b92557eaaee7825c0f23dac7aec1de836c7a517dde6f578f433b0981315e20e9c2f92925d3748bb0606e03df54ac5d10d927119e9fd877e32f439a90379adc6a35e9065f28fcfbb695bbf21eadf1c5c67f44969bed1ca127d9127cb335b83bb61f1aa2a2ca7495f22238ce2f8cb5554a220d23c937cd5cd9c9a273ac9d1b596d30fea1b6d24080963339417e255709a37472b7febceaddc3611360bde4a23cf79c112268cc0fc614d46b2f9d70dd237fbc9d3838a233863a21771c12374a741022c6dd515c4009df6402b1b08e45c6067c5a047e915a727b536cb90660c7843af3ee51c8f9e83a8bb0e48bec952140b576ca6904c56ef350948c96196ca558367da9b11d02e7a84091ac81f08ab480a6ca4d6d0e34642ece5cf88b05c99262669bcd56ce5fbcaa21531c409558a4ded717d19da5d4a6a916ea217109d3dadb00951e61ded9d8d7cb9de48886f53345b33105992b6bb9dbebb3cfde992f1f49f5beaeb8dfc6a9835574e7d525f07e4cfaa6fb653997a4159a418851ad8e85100ca1785715ef032d76d7f39cff6400b49dc387e8d35e28129df354a285a6e4657a9b1206700b5325e6f430f30ba0e4750def1e7052286829984dc936700dbfba0a569ffd20acfca8f0937d9849a664ff3cadb8e343776a6283d57c5cc728dc52fb71f090d40545d33195045ebdc139424cf9e817d17fcc00492600fea89618f00e13185f6e2c94db22f28b7f8016a9d021e63a583a45ea2ba38090728ab7c3566a4ef6685fc84fe556c75dd29b9e99e9960b2cb3a05c8b537ace7af87e6f4c27cc234823762d5b76441a553f82954d6e7dbfd2489541aca36368a48ee597a4a9fed888f04812ee15eb1f8e878d6b0d92a660002c974f1e38d6807e69168411680ff3d01138ae135485f84567b649eb95e933b316f6fe56e65cca6283c49a307afa76d9d711c059dea849e57340776cbad4cf31bdf38cbc7b0f0970e428b3dc9a841881b14ac6be6a4bd11bf8c33552f9ec177a6934edf9c662a3171a25650fc2303b5f7fb59407f0a5bd26ea821e228fc77e39ff5dcee309344505b2335ffe20de6e1c40e3d135e0d4a445ae6f75b998ac9b4b50f1a1a2df0caa0e9da6ca9aca02e8c38bb47a4fc99fa64250f0c07dc9c2c44364f9ba4acb48c37054436322d4dd846cf5ad988717045f4a578dafa001ae868c5ce8e510bc0ad0a06e9c27fd83ec2770ff5b7cf9fd450feaa5099a285b643c459734ac41bc62d39a84412fcd643e73c6de7c53e93f8bf2d113c1bb52f87fd19175f5ef572a3ea7795f3b8124fc3b07a591e0cfc622844152f98907efe3ac001ff542dbac359268288ea25fb15269838801749d1001fff6de96d4a700d7418f8dcb48eeec48abd422b98748456fab546e9048381b70ae5630168e3629ad95b81432cdddb695e3fa5fac916673ad2ae984a9fab0e4da0d6548015327d4fc1ffcde7e694bfade3eadeac5ac1f2fb3ef4c886bfdfe4aa3628a3258441bc9d767bbdc07031eecc3af0c030979dd23794bc365177a3f8d7c504d123e257ca57fceb5ac3e657998d03d055de2eda6afae14c6d5fa798dc043be9640308546082f7a268fab3535a89d8de572655cdce0829a5aa4a56f74919873c0b63622eb09636f5b27772b07a753fdf6eb5f731de31f2bc80507a34155ab4483e6fbe478ffa2ac1d504ae39d73398b28d038812da1eecc34f0580830e1874520ffa5e9afe257c279a02f4092c5f6926e5fe52af61f00cb11a0b6696c336240f13bd90372ee3ea36e6b658e9f2e783b00da04b0cea124246f9f25f317bc5eefd97d90140e21587c5c977836b73bf3d37e5960c53fb25914a1ae293517b636af4aa6ae0aff190bcb69a5cd59f7b4ad5689a467cd53ee0a02c73b81ab1b1f8280c5f685279c5cfae785b2c2d65d48b1c1660f558e13ad83ddeb06800f9b6a7d8482a3bd68a74f4c495017d79c2c5cdcedbd33f70b10101b183db23425850f3843c0367335ca96b346ddcfae5faa3fea5be424f99955bfe6e7cc40d50fb22ebbb3485e790f131f8195a824fdfcc40d607be4f28323e1fcdbda1d0cabb7dd9ac83975cde9c2a979161b11cc250449ed445aefa540c5a70420db99482c7339c251e9637221a07dfe8ee26c9796a5b0966219ba50675a286f193648f05c3554c1a2b99dfa530c90b24d244464d1f19f5d4ec708681fefd5609aebf46e1c0556b92beaa2153e17c616f3e8926cf7081160620ac2042df6506ec46039f9edf5657852f386a0229df70173c226f9f95f51a1038cd07287fb9b4987d46c3fbd73cb3746270967627d631fcd70bc596fdc0a79a91b7f485fdc985b3e88c1cc15c5e6dfcf5720157812c4e777d6e444b5430258be4446d9a0405943e276bbf549eddd1690277e224a763ec58eac940ab65e98925bc1013b4c2faec124487ba2ae8bbd17bbf6bc1577d92c0166f259c831e1607b18adbbdb1ab6b33c1360cfb72b9995e261150115d82bdf0a737bf30073342a8dc048d4b2f53f839d1a56f7744ae7fb6bdaf600a634d059db0b268683d3f9b88e4ccb99c68b80be7f7e72149c6d02e316a26fc6be41bfd23d23149c13aeaedb4d4b8a4a97302426d6d2158958d6533b83b15346ab07a0d48f0222db9f888d23edb363dd9b60e13f1b35e3515ced110bb080ecfa7096961cf3b5d47bd47664afcf0ac4707a3c922fcc246f1ed59e87824118f3b21d535ef59416a83e9f160d8a842658fb87d2dbf0defa3f0265efc06294d9843acbf14cad542b78397edba7269ed7f636c3b06e13c2a379a3141a51c90616ee74ce93e36eeb0a8460534ecad89a05692ab31097e9471994a49dedc6e098bee8e42f10e55d6672e1307e06d5d9704e554a0abf2debb5f24fccd8002552e64118a74db2185f1532c28be5611ee55bd7cfe883da26dd25a52833324bb18470b7c29973992509c49a804e4990b6f0377182150773e8c", 0x1000}}, 0x1006) sendfile(r0, r1, 0x0, 0x20fffe82) 994.859343ms ago: executing program 3 (id=1198): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file1\x00', 0x4000, &(0x7f00000003c0)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000102,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000011,fileset=00000000000000000011,uid=', @ANYBLOB="d6d84c0df937ed4a0cd30000f2e9ea9568eab74a46c525dc386983eade0b0ce5f1dd911706cf7d32d7d508d1823b8871e001000000eb4ce0a008f5cdea622fc6675e5486860a752ed0298a948efa72b2c8d8525181644a3124f3544a50f192b98f055ad125fd4674534413c6044136ea5aefac5267e43739626ea9391d8f346c4694f70400000000000000cee1f628d1cec3462830606bb612bfed91181cdc107bb91a2e86de2ad5", @ANYRESOCT], 0x12, 0xc38, &(0x7f0000001080)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThq3m6ZIZcVy9S+mYhXuqqbZBpBlIRRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNiOSEml9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSoWwEAPExXRr5y+qz7PwA8Vq75/38AAAAAAAAAAAAAANjvUhTxZKSYubKSxqr3HfXL7b47d0eHhjevdiRVNQ9V5cuf+pmz585/8YXBC9283J76gPq77dPx2si1S42Xp2/PzE7MzU2MN0an2jemxye2vYed1t/oZHUCGrdfvzN+8+Zc4+zz59Z9fHfg/f4njg9cHHz21DPdsqNDw8Mja0XqveVrD9yQjq1meByOIk5Fiue++5PUiogidn4u6g937Dc6UnXiZNWJ0aHhqiOT7dbUfPnh1e6JKCIaPZWa3XO0+VhEre+h9mFrzYiFsvllg0+W3RuZac22rk9ONK62Zufb8+3pqaup09qyP40o4kKKWIyI5f77d9cXRdQixbePraTrEXGoex6+UE0M3rodxR72cRvKdjb6IhaLAzBm+1h/FPFqpPjpOyfiRr7OVNeaz0e8Wub3I94q86WIVH4xzke8t8n3iIOpFkX8ZTn+F1fSeHU96F5XLn+18eWpm9M9ZbvXlV/y/nDfleIR3R+ObMiHY59fm+pRRKu64q+kB//NDgAAAAAAAAAAAAAAAAC77UgU8alI8cp//Ek1rziqeenHLg7+4cCv9s4Zf/pD9lOWfT4iFortzck9nCcGXk1XU3rEc4kfZ/Uo4k/z/L9vPurGAAAAAAAAAAAAAAAAAAAAPNaK+HGkePHdE2kxetcUb0/dalxrXZ/srArbXfu3u2b66urqaiN1splzLOdCzsWcSzmXc0aR6+ds5hzLuZBzMedSzuWccSjXz9nMOZZzIedizqWcyzmjluvnbOYcy7mQczEvur+U3y/njH2ydi8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEdJEUX8PFJ86+srKVJENCPGopNL/Y+6dQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAqT8V8b1I0fij5r1ttYhI1b8dJ8pfzkfzcJkfj+ZgmS9F81LOVpW15jcfQfvZmb5UxI8iRX/97XsDnse/r/Pu3tcg3vrG2rtP1zp5qPvhwPv9Txw/dnFw+Dee3up12qwBJy+3p+7cbYwODQ+P9Gyu5aN/vGfbQD5usTtdJyLm3njz9dbk5MTsg78ovwI7qH6AXqTa49LTg/3iN3drh1HbD915NC8e9ZWJh6G8/78XKX733f/s3vA79/96/Ern3b07fPzsz9bu/y9u3NE27/+1jfXy/b+8p292/3+yZ9uL+XcjfbWI+vztmb7jEfW5N9481b7dujVxa2Lq/OnTXxoc/NK5032HI+o325MTPa925XQBAAAAAAAAAAAAAAAAPDypiN+PFK0fraRGRNyt5msNXBx89tQzh+JQNd9q3bzt10auXWq8PH17ZnZibm5ivDE61b4xPT6x3cPVq+leo0PDe9KZD3Vkj9t/pP7y9Mwbs+1bfzy/6edH65euz83Ptm5s/nEciSKi2bvlZNXg0aHhqtGT7dZUVfXqppPpf3l9qYj/ihQ3zjfSZ/O2PP9/4wz/dfP/FzbuaI/m/3+sZ1t5zJSK+Fmk+J2/ejo+W7XzaNx3znK5v4sUJy98JpeLw2W5bhs6zxXozAwsy/5fpPinn68v250P+eRa2TPbPrEHRDn+xyLF9/7iO/Fbedv65z9sPv5HN+5oj8b/qZ5tR9c9r2DHXSeP/6lI8dKTb8fn8rYPev5H99kbJ3Lhe8/n2KPx/0TPtoF83N/ena4DAAAAAAAAAAAcaH2piL+PFD8YrqUX8rbt/P2/8Y072qO///XJnm3ju7Ne0Ye+2PFJBQAAAIB9oi8V8eNIcWv+7XtzqNfP/+6Z//l7a/M/h9KGT6s/5/u16rkBu/nnf70G8nHHdt5tAAAAAAAAAAAAAAAAAAAA2FdSKuKFvJ76WDWff3zL9dSXIsUr//NcLpeOl+W668APVL/Wr0xPnbo0OTl9ozXfuj450RiZad2YKOs+FSlW/vYzuW5Rra/eXW++s8b72lrss5Fi+B+6ZTtrsXfXJn9qreyZsuzHIsV//+P6sp/L5T6xVvZsWfZvIsXX/uX+sqXja2XPlWW/Eyl++LVGt+zRsmz3+aifXCv7/I3pYo9GBgAAAAAAAAAAAAAAAAAAgMdJXyrizyPF/95evDeXP6//39fztvLWN3rW+9/gbrXO/0C1/v9Wrx9k/f/quQILWx0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+mlIU8WakmLmykpb6y/cd9cvtqTt3R4eGN692JFU1D1Xly5/6mbPnzn/xhcEL3fzg+rvtU/HayLVLjZenb8/MTszNTYw3RqfaN6bHJ7a9h53W3+hkdQIat1+/M37z5lzj7PPn1n18d+D9/ieOD1wcfPbUM92yo0PDwyM9ZWp9D3z0+6Qtth+OIv46Ujz33Z+kH/RHFLHzc/Eh3529dqTqxMmqE6NDw1VHJtutqfnyw6vdE1FENHoqNbvn6CGMxY40IxbK5pcNPll2b2SmNdu6PjnRuNqanW/Pt6enrqZOa8v+NKKICyliMSKW++/fXV8U8Xqk+PaxlfSv/RGHuufhC1dGvnL67NbtKPawj9tQtrPRF7FYHIAx28f6o4h/jhQ/fedE/Ft/RC06P/H5iFfL/H7EW9EZ71R+Mc5HvLfJ94iDqRZF/H85/hdX0jv95fWge125/NXGl6duTveU7V5XDvz94WHa59emehTxw+qKv5L+3X/XAAAAAAAAAAAAAAAAAPtIEb8eKV5890Sq5gffm1PcnrrVuNa6PtmZ1ted+9edM726urraSJ1s5hzLuZBzMedSzuWcUeT6OZtl1ldXx/L7hZyLOZdyLueMQ7l+zmbOsZwLORdzLuVczhm1XD9nM+dYzoWcizmXci7njH0ydw8AAAAAAAAAAAAAAAAAAPhoKap/Unzr6ytptb+zvvRYdHLJeqAfeb8IAAD//1qT9HY=") bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x12, 0x4, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @cgroup_sock_addr=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) 611.358064ms ago: executing program 5 (id=1199): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000040)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f00000000c0)="34ed0f6cae5088e090989473fe8ff8aa6f024721d7af89f2d0722a713d1f81838c95898d09ad6971c45917679cfb46156bfd1355005ff28f94e54f8538d02faa62d76f09a023d8a624183e99023d08fc3d9e20c8af06770b9532542dbdeb1196499ad460228fe7b36b5116324f0cdf8f530c1686ce1f8007b9c1df0518d633f7d47f3e4d85a30fed1bd5d9483cfeb1c60ac67f2eefe8e64ddeb6152e9031c8a4d48e00ba7c70814d7a6a215fa227c40b2fa8ddc70c240362f0a82f2fd4b3e9fe0ccf267f4942c1472ba89f9bb1cdd7ad0d3513661edbbc55330f5d5662180f8c5c7b53afb6edb7f075a6964d1f7062fc23cc4d7639e99506ae47b958281a4084b2e12f3b25a3197b0961466a16c9cc8e80f374b274c654454b7c9de9929a60d404a847e579ed01be256147283091b738780fcea59bfe2e3924d85210a7211f1d57e4d238b81433308c008f3bd141275ebc60ff503f5ab00e3c5c66ec75ca35a2010f0abbf9e4691f036cc64f3765302987abf4724065c11ec0bcd501805ecab2d9867ccab305a41f3ca26ddc47308e51a2d84336e7d1dc2fb583a1e3d2f7dc2090d6b68e80a2761a343f63abbd5b5165466d92ff983a841e43197632482c3965b6fa20593fa3482055b15a88ff68f29c65384e2bd4e6409e44dc65146eb572bb46132e3ad4ba3e18a84d6264b4b32906268dced15436967cc8eb9f21cc0206c6e01eeddf8646387c88e158f50ac3b2dc799a11d25b0df9a39643d327628c8b0eb09b2da1df550fc58289f4a373e739965f9db39734c5ac07d46623103d0def4117502cc1cb6f6860a946b1e77a2f62c292a2eabc5eea979a9167791d827d595c4bccccaea1c73a40a7d1cf657c6e75a4a44830e26b83d63a912edd046fb8e8bcbf1038fe1faad78677d82471fcc67435afeddc7c2aa69539048c27a6ac77dbf12811e2e459bf770048f31ca420daf31abeb19f6594f8ad0c4c886d2097cff19bff1acdb58e7fedef6f5a4bc63f28bc8c71cc81ee79bfab02e135b7725f3360c61ca486d3cfe4d45c741d24a112207b7d81c6411e22ba071ccfbd7cf2957d57fe9427484a41d58411e7ea4a4148910d366ebde6f9038aa82825b7102ca8f3c2beaba0195b141c54244b35df84f53a3a9944c3014b7d9caa43d5e0e057bb82749611b24c6a85ecb521ae6ab343819f09120d65c665aa617516a7639ed901bab315a3c2de0f5f7866a0fcd7d28fe64e0bda4fbf7e4175f60c86bd45bb62ffdd427a4dec2daacf6d41fc9bd9560e9527f061cc8db5d3fd4de4fb5ecae8cb921be3cb19812694905dd7213994c7f8e7d3d697522862213e09ceb45cafe0916f567cf529c86d984afe17b17913d8a486c8f97946f48d0e1a509eadac445bcb2409db9613ee9735f41edfe8a44f11ffa3ed84039f5fda6da4ab1489df1600f799ee400c533854c1c099d43b5c3269394ee6e39d6c2726e084c5f3c72a5e1d936e82f6c3318f17259c4caafeda7f3f0f959b9027f6facbee4255ba9800b0494e3967f581ac72fed505bbb552903744950ae5899b24e084a0a01c697d0d4d8c7f458865ea31fa444dabe3ddfdf8ff58a99db4972cb0b594391d581cfce4cfff341c725dbb757c615e9684bc8f0fb2e92e4a3973a1170084626f7b751562bee9931b846808b1f94f804365ad8d420fb163faf5dd766e043d857f27f76989b2b24975412f21641ed703e8794a76852c145cffe5fb213d5aaad91b2138a9df5717475d6e84b9897ff2acb8f1d61586d0b65792993e8a83ef6ac1db8957e374ccf5bd777edfad148143332d1cac5c7cfcba21d28d08ffbef39ee9ba6ea521c4c95300093f82e3b83adcb56072b5632176245cbc2a0f6890b27e91e5484f8c3391f29e43f661accc7ccd9ad216b12fb525525b6eb5e57747ed9120900dd784100c2ad91261e41dc26c2ac576252d5167588fd41052bed4a817f348d7540c02b4082c009d5f7243ccc910a956717c6732c354f46e570ca27f76c7defa41c7916ff009a5b1becf8554646a094e249d238016026b332597756e785ffae2b87c55f0e1e9b31dae0b8138", 0x5c1}], 0x1}}], 0x1, 0x4000000) 256.308834ms ago: executing program 4 (id=1200): mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32, @ANYBLOB="0000000040000200280012800a000100767863616e0000001800028014000100000000004cc1f3b2"], 0x48}, 0x1, 0x2000, 0x0, 0x40}, 0x4048880) 40.936358ms ago: executing program 3 (id=1201): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf", @ANYRESOCT], 0x0) ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(0xffffffffffffffff, 0x4068aea3, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KIOCSOUND(r1, 0x4b2f, 0x400d83f) 35.532749ms ago: executing program 5 (id=1202): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000006040), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000006080)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000006180)={0x0, 0x0, &(0x7f0000006140)={&(0x7f0000000000)={0x48, r1, 0x11, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xfffffffb, 0xfffffffb}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'pimreg\x00'}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x10) 0s ago: executing program 0 (id=1203): mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000080)={&(0x7f000012e000/0x2000)=nil, &(0x7f0000768000/0x3000)=nil, 0x2000, 0x1, 0x18100}) kernel console output (not intermixed with test programs): 007: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 281.270097][ T6499] EXT4-fs: Mount option(s) incompatible with ext3 [ 281.281016][ T6515] binder: 6514:6515 ioctl c0306201 0 returned -14 [ 281.857595][ T116] usb 3-1: USB disconnect, device number 5 [ 282.332445][ T6518] fido_id[6518]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 282.708167][ T6533] Bluetooth: MGMT ver 1.23 [ 283.989674][ T6547] netlink: 40 bytes leftover after parsing attributes in process `syz.3.226'. [ 284.096907][ T1978] IPVS: starting estimator thread 0... [ 284.200111][ T6556] IPVS: using max 192 ests per chain, 9600 per kthread [ 285.661709][ T1978] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 285.915160][ T1978] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 285.927049][ T1978] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 285.938130][ T1978] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 285.947547][ T1978] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.084518][ T6575] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 286.138447][ T1978] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 286.152552][ T116] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 286.353275][ T116] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 286.367817][ T116] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 286.379955][ T116] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 286.390624][ T116] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 286.404054][ T116] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 286.413527][ T116] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.593554][ T116] usb 1-1: config 0 descriptor?? [ 286.922176][ T1978] usb 2-1: USB disconnect, device number 7 [ 287.138033][ T116] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 287.310542][ T5872] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 287.428718][ T38] usb 1-1: USB disconnect, device number 5 [ 287.563934][ T5872] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 287.575021][ T5872] usb 5-1: config 0 interface 0 has no altsetting 0 [ 287.703854][ T5872] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 287.713710][ T5872] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 287.722342][ T5872] usb 5-1: Product: syz [ 287.726712][ T5872] usb 5-1: Manufacturer: syz [ 287.733127][ T5872] usb 5-1: SerialNumber: syz [ 287.757956][ T6243] udevd[6243]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 287.853270][ T5872] usb 5-1: config 0 descriptor?? [ 287.877515][ T5872] usb 5-1: selecting invalid altsetting 0 [ 288.195395][ T5872] usb 5-1: USB disconnect, device number 5 [ 289.104349][ T6603] fido_id[6603]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 289.532284][ T6006] udevd[6006]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 289.861557][ T6617] veth0: entered promiscuous mode [ 289.906751][ T6617] veth0: left promiscuous mode [ 290.101974][ T6622] netlink: 84 bytes leftover after parsing attributes in process `syz.2.259'. [ 290.732620][ T6633] loop2: detected capacity change from 0 to 128 [ 290.882872][ T6633] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 290.973061][ T6633] ext4 filesystem being mounted at /59/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 291.402106][ T5812] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 294.206743][ T6665] netlink: 24 bytes leftover after parsing attributes in process `syz.2.276'. [ 294.378577][ T6656] loop3: detected capacity change from 0 to 8192 [ 294.433398][ T6656] msdos: Unknown parameter 'A' [ 296.324743][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 296.331735][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 297.081072][ T6684] netlink: 'syz.1.285': attribute type 2 has an invalid length. [ 297.089133][ T6684] netlink: 8 bytes leftover after parsing attributes in process `syz.1.285'. [ 297.098400][ T6684] netlink: 156 bytes leftover after parsing attributes in process `syz.1.285'. [ 297.107775][ T6684] netlink: 'syz.1.285': attribute type 2 has an invalid length. [ 297.122408][ T6684] netlink: 8 bytes leftover after parsing attributes in process `syz.1.285'. [ 298.590264][ T6703] batadv_slave_1: entered promiscuous mode [ 298.633172][ T6703] batadv_slave_1: left promiscuous mode [ 299.830718][ T5872] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 300.005766][ T5872] usb 5-1: Using ep0 maxpacket: 8 [ 300.038146][ T5872] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 300.048196][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.134934][ T5872] usb 5-1: config 0 descriptor?? [ 300.450634][ T5872] asix 5-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 301.027735][ T6734] GUP no longer grows the stack in syz.3.306 (6734): 80004000-80005000 (80002000) [ 301.038046][ T6734] CPU: 0 UID: 0 PID: 6734 Comm: syz.3.306 Not tainted syzkaller #0 PREEMPT(none) [ 301.038208][ T6734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 301.038310][ T6734] Call Trace: [ 301.038376][ T6734] [ 301.038431][ T6734] __dump_stack+0x26/0x30 [ 301.038634][ T6734] dump_stack_lvl+0x1df/0x270 [ 301.038841][ T6734] dump_stack+0x1e/0x25 [ 301.039022][ T6734] __get_user_pages+0x52c2/0x6180 [ 301.039219][ T6734] ? kmsan_get_metadata+0xfb/0x160 [ 301.039437][ T6734] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 301.039661][ T6734] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 301.039864][ T6734] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 301.040061][ T6734] get_user_pages_remote+0x468/0x13b0 [ 301.040251][ T6734] ? kmsan_get_metadata+0xfb/0x160 [ 301.040457][ T6734] ? access_remote_vm+0x4e/0x70 [ 301.040643][ T6734] __access_remote_vm+0x2f8/0xff0 [ 301.040868][ T6734] access_remote_vm+0x4e/0x70 [ 301.041050][ T6734] proc_pid_cmdline_read+0xa75/0x19e0 [ 301.041277][ T6734] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 301.041442][ T6734] vfs_readv+0x931/0xf30 [ 301.041643][ T6734] ? kmsan_get_metadata+0xfb/0x160 [ 301.041825][ T6734] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 301.042024][ T6734] __ia32_compat_sys_preadv+0x2da/0x540 [ 301.042275][ T6734] ia32_sys_call+0x28d3/0x4310 [ 301.042430][ T6734] __do_fast_syscall_32+0xb0/0x150 [ 301.042598][ T6734] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 301.042825][ T6734] do_fast_syscall_32+0x38/0x80 [ 301.042985][ T6734] do_SYSENTER_32+0x1f/0x30 [ 301.043177][ T6734] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 301.043378][ T6734] RIP: 0023:0xf7f13539 [ 301.043510][ T6734] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 301.043635][ T6734] RSP: 002b:00000000f540655c EFLAGS: 00000206 ORIG_RAX: 000000000000014d [ 301.043784][ T6734] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 301.043884][ T6734] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000 [ 301.043971][ T6734] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 301.044058][ T6734] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 301.044229][ T6734] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 301.044353][ T6734] [ 301.278136][ T5872] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 301.289598][ T5872] asix 5-1:0.0: probe with driver asix failed with error -71 [ 301.444494][ T5872] usb 5-1: USB disconnect, device number 6 [ 302.538311][ T6746] loop2: detected capacity change from 0 to 2048 [ 302.617986][ T6746] EXT4-fs: Ignoring removed orlov option [ 302.916529][ T6746] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 303.814085][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 304.739388][ T6772] loop1: detected capacity change from 0 to 512 [ 305.154390][ T6772] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.320: casefold flag without casefold feature [ 305.185429][ T6772] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.320: couldn't read orphan inode 15 (err -117) [ 305.334954][ T6772] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 305.686413][ T6780] loop3: detected capacity change from 0 to 64 [ 305.994992][ T6783] !: renamed from dummy0 (while UP) [ 306.444360][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.140702][ T1978] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 310.450824][ T1978] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 310.460560][ T1978] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.468789][ T1978] usb 4-1: Product: syz [ 310.473565][ T1978] usb 4-1: Manufacturer: syz [ 310.478373][ T1978] usb 4-1: SerialNumber: syz [ 310.611943][ T6831] loop4: detected capacity change from 0 to 4096 [ 310.812921][ T6836] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 310.995940][ T30] audit: type=1800 audit(1758938826.878:4): pid=6831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.344" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 310.998664][ T1978] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 311.017328][ T30] audit: type=1800 audit(1758938826.888:5): pid=6831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.344" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 311.059225][ T1978] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 311.072048][ T1978] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 311.293908][ T1978] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71 [ 311.497469][ T1978] usb 4-1: USB disconnect, device number 7 [ 313.503418][ T6855] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.354'. [ 313.627951][ T6856] syzkaller1: entered promiscuous mode [ 313.633969][ T6856] syzkaller1: entered allmulticast mode [ 314.835207][ T9] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 315.057320][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 315.069881][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 315.080175][ T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 315.093514][ T9] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 315.103011][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 315.235652][ T9] usb 1-1: config 0 descriptor?? [ 315.874389][ T9] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 315.931652][ T1978] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 316.076241][ T5876] usb 1-1: USB disconnect, device number 6 [ 316.150777][ T1978] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 316.168177][ T1978] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 316.180345][ T1978] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 316.193906][ T1978] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 316.203506][ T1978] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 316.407863][ T1978] usb 4-1: config 0 descriptor?? [ 316.426913][ T6877] fido_id[6877]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 316.645042][ T6881] team0 (unregistering): Port device team_slave_0 removed [ 316.771995][ T6881] team0 (unregistering): Port device team_slave_1 removed [ 317.109034][ T1978] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 317.292024][ T1978] usb 4-1: USB disconnect, device number 8 [ 317.948688][ T6886] fido_id[6886]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 318.240938][ T6893] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 318.330425][ T6893] netlink: 'syz.0.371': attribute type 12 has an invalid length. [ 318.338393][ T6893] netlink: 'syz.0.371': attribute type 29 has an invalid length. [ 318.346656][ T6893] netlink: 148 bytes leftover after parsing attributes in process `syz.0.371'. [ 318.356237][ T6893] netlink: 2 bytes leftover after parsing attributes in process `syz.0.371'. [ 319.591064][ T5872] IPVS: starting estimator thread 0... [ 319.680304][ T6912] IPVS: using max 192 ests per chain, 9600 per kthread [ 319.704227][ T6911] tipc: Started in network mode [ 319.709637][ T6911] tipc: Node identity ac1414aa, cluster identity 4711 [ 319.720107][ T6911] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 319.727260][ T6911] tipc: Enabled bearer , priority 10 [ 319.766956][ T6910] loop4: detected capacity change from 0 to 1024 [ 319.835711][ T6910] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 319.850202][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 319.863611][ T6910] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 319.920190][ T6910] JBD2: no valid journal superblock found [ 319.926322][ T6910] EXT4-fs (loop4): Could not load journal inode [ 319.990003][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 320.130152][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 320.270005][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 320.409962][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 320.550043][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 320.689988][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 320.804344][ T6923] netlink: 72 bytes leftover after parsing attributes in process `syz.2.384'. [ 320.830532][ T5872] tipc: Node number set to 2886997162 [ 320.969945][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 321.239996][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 321.653625][ T6935] syzkaller1: entered promiscuous mode [ 321.659473][ T6935] syzkaller1: entered allmulticast mode [ 322.170211][ T5872] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 322.390478][ T5872] usb 5-1: Using ep0 maxpacket: 32 [ 322.432794][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 322.444814][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 322.455545][ T5872] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 322.467012][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 322.617286][ T5872] usb 5-1: config 0 descriptor?? [ 322.892809][ T1318] Bluetooth: hci5: Frame reassembly failed (-84) [ 323.162753][ T5872] savu 0003:1E7D:2D5A.000B: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0 [ 323.414896][ T5872] usb 5-1: USB disconnect, device number 7 [ 323.454939][ T1978] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 323.670408][ T38] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 323.715811][ T1978] usb 1-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 323.725809][ T1978] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 323.734358][ T1978] usb 1-1: Product: syz [ 323.743844][ T1978] usb 1-1: Manufacturer: syz [ 323.748690][ T1978] usb 1-1: SerialNumber: syz [ 323.868992][ T1978] usb 1-1: config 0 descriptor?? [ 323.914374][ T1978] gspca_main: sq905c-2.14.0 probing 2770:9052 [ 323.919327][ T38] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 323.932601][ T38] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 323.946405][ T38] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 323.957161][ T38] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 324.163543][ T6958] fido_id[6958]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 324.224351][ T38] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 324.234213][ T38] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 324.242928][ T38] usb 2-1: Manufacturer: syz [ 324.373549][ T38] usb 2-1: config 0 descriptor?? [ 324.834774][ T1978] usb 1-1: USB disconnect, device number 7 [ 324.888053][ T38] appleir 0003:05AC:8243.000C: unknown main item tag 0x0 [ 324.930034][ C1] net_ratelimit: 3 callbacks suppressed [ 324.930121][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 324.945164][ T49] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 324.990371][ T38] appleir 0003:05AC:8243.000C: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 325.189572][ T38] usb 2-1: USB disconnect, device number 8 [ 325.970038][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 326.034873][ T6966] fido_id[6966]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 327.017722][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 327.196044][ T6992] netlink: 4 bytes leftover after parsing attributes in process `syz.2.414'. [ 327.328700][ T6992] bond_slave_0: entered promiscuous mode [ 327.334830][ T6992] bond_slave_1: entered promiscuous mode [ 327.341439][ T6992] macvlan2: entered promiscuous mode [ 327.346944][ T6992] bond0: entered promiscuous mode [ 327.361257][ T6992] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 328.050017][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 328.065448][ T6986] loop3: detected capacity change from 0 to 8192 [ 328.123376][ T6986] msdos: Unknown parameter 'A' [ 328.484116][ T7002] loop4: detected capacity change from 0 to 2048 [ 328.640660][ T7002] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 328.648757][ T7002] UDF-fs: Scanning with blocksize 512 failed [ 328.873854][ T7002] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 329.089984][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 329.142226][ T30] audit: type=1804 audit(1758938845.008:6): pid=7002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.419" name="/newroot/83/file1/file1" dev="loop4" ino=818 res=1 errno=0 [ 329.170738][ T5821] Bluetooth: hci0: command 0x0406 tx timeout [ 329.172676][ T5829] Bluetooth: hci1: command 0x0406 tx timeout [ 329.176961][ T5821] Bluetooth: hci2: command 0x0406 tx timeout [ 329.184319][ T5111] Bluetooth: hci3: command 0x0406 tx timeout [ 329.190262][ T5821] Bluetooth: hci4: command 0x0406 tx timeout [ 330.129961][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 330.632056][ T7024] netlink: 16 bytes leftover after parsing attributes in process `syz.3.426'. [ 331.169958][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 331.886336][ T7039] netlink: 16 bytes leftover after parsing attributes in process `syz.2.431'. [ 332.120225][ T5872] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 332.209956][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 332.588678][ T5872] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 332.600449][ T5872] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 332.610756][ T5872] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 332.625011][ T5872] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 332.634447][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 332.912573][ T5872] usb 2-1: config 0 descriptor?? [ 333.041647][ T5876] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 333.249958][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 333.513312][ T5876] usb 3-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 333.522961][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.531418][ T5876] usb 3-1: Product: syz [ 333.535783][ T5876] usb 3-1: Manufacturer: syz [ 333.540856][ T5876] usb 3-1: SerialNumber: syz [ 333.667715][ T5872] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 333.751181][ T5876] usb 3-1: config 0 descriptor?? [ 333.906288][ T5872] usb 2-1: USB disconnect, device number 9 [ 334.289935][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 334.407199][ T1978] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 334.656099][ T1978] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 334.667032][ T1978] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 334.676517][ T1978] usb 5-1: config 1 has no interface number 0 [ 334.683042][ T1978] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 334.699976][ T1978] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 334.712851][ T1978] usb 5-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 334.722457][ T1978] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 334.733868][ T1978] usb 5-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 334.836869][ T7059] fido_id[7059]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 334.916295][ T1978] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 334.926046][ T1978] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 334.935135][ T1978] usb 5-1: Product: syz [ 334.939647][ T1978] usb 5-1: Manufacturer: syz [ 334.944908][ T1978] usb 5-1: SerialNumber: syz [ 335.031040][ T5876] usb 3-1: f81604_read: reg: 100f failed: -EPROTO [ 335.120452][ T5876] usb 3-1: f81604_read: reg: 200f failed: -EPROTO [ 335.176375][ T7058] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 335.251152][ T5876] usb 3-1: USB disconnect, device number 6 [ 335.285286][ T5876] usb 3-1: f81604_read: reg: 100f failed: -ENODEV [ 335.330009][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 335.446171][ T5876] usb 3-1: f81604_read: reg: 200f failed: -ENODEV [ 335.483313][ T7058] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 335.743013][ T7058] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 336.253824][ T7058] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 336.361788][ T1978] cdc_ncm 5-1:1.1: bind() failure [ 336.369952][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 336.563722][ T5872] usb 5-1: USB disconnect, device number 8 [ 336.848615][ T3967] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.013540][ T3967] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.246306][ T3967] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.410212][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 337.548435][ T3967] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.109448][ T3967] bridge_slave_1: left allmulticast mode [ 338.117119][ T3967] bridge_slave_1: left promiscuous mode [ 338.124586][ T3967] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.155991][ T3967] bridge_slave_0: left allmulticast mode [ 338.162633][ T3967] bridge_slave_0: left promiscuous mode [ 338.169494][ T3967] bridge0: port 1(bridge_slave_0) entered disabled state [ 338.450304][ C1] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 338.861638][ T3967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 338.912367][ T3967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 338.946378][ T3967] bond0 (unregistering): Released all slaves [ 339.113281][ T3967] tipc: Disabling bearer [ 339.119001][ T3967] tipc: Left network mode [ 339.496049][ T3967] hsr_slave_0: left promiscuous mode [ 339.525383][ T3967] hsr_slave_1: left promiscuous mode [ 339.534111][ T3967] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 339.542096][ T3967] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 339.575411][ T3967] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 339.583558][ T3967] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 339.652009][ T3967] veth1_macvtap: left promiscuous mode [ 339.657769][ T3967] veth0_macvtap: left promiscuous mode [ 339.664143][ T3967] veth1_vlan: left promiscuous mode [ 339.670386][ T3967] veth0_vlan: left promiscuous mode [ 340.670627][ T38] IPVS: starting estimator thread 0... [ 340.771009][ T7109] IPVS: using max 192 ests per chain, 9600 per kthread [ 340.830483][ T3967] team0 (unregistering): Port device team_slave_1 removed [ 340.966764][ T3967] team0 (unregistering): Port device team_slave_0 removed [ 341.661934][ T5815] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 341.673488][ T5815] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 341.683807][ T5815] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 341.724161][ T5815] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 341.737981][ T5815] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 342.496494][ T5819] Bluetooth: hci3: adv larger than maximum supported [ 342.496617][ T5819] Bluetooth: hci3: Malformed LE Event: 0x0d [ 342.631327][ T3967] IPVS: stop unused estimator thread 0... [ 342.638975][ T7128] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'. [ 342.794871][ T7128] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'. [ 343.791249][ T7116] chnl_net:caif_netlink_parms(): no params data found [ 343.813066][ T5819] Bluetooth: hci4: command tx timeout [ 344.402531][ T7153] loop8: detected capacity change from 0 to 8 [ 344.485299][ T7153] Dev loop8: unable to read RDB block 8 [ 344.492645][ T7153] loop8: unable to read partition table [ 344.550850][ T7153] loop8: partition table beyond EOD, truncated [ 344.557414][ T7153] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 345.468509][ T7172] binder: 7170:7172 ioctl c0306201 0 returned -14 [ 345.531640][ T7172] binder: 7170:7172 ioctl 0 0 returned -22 [ 345.900300][ T5819] Bluetooth: hci4: command tx timeout [ 346.311110][ T7116] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.318948][ T7116] bridge0: port 1(bridge_slave_0) entered disabled state [ 346.328664][ T7116] bridge_slave_0: entered allmulticast mode [ 346.338952][ T7116] bridge_slave_0: entered promiscuous mode [ 346.543728][ T7116] bridge0: port 2(bridge_slave_1) entered blocking state [ 346.551668][ T7116] bridge0: port 2(bridge_slave_1) entered disabled state [ 346.559454][ T7116] bridge_slave_1: entered allmulticast mode [ 346.655654][ T7116] bridge_slave_1: entered promiscuous mode [ 346.890871][ T38] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 346.923055][ T5876] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 347.067131][ T7116] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 347.072882][ T38] usb 1-1: Using ep0 maxpacket: 8 [ 347.130246][ T5876] usb 4-1: Using ep0 maxpacket: 16 [ 347.138309][ T5876] usb 4-1: too many configurations: 123, using maximum allowed: 8 [ 347.144345][ T38] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 347.156515][ T38] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 347.165237][ T38] usb 1-1: Product: syz [ 347.169633][ T38] usb 1-1: Manufacturer: syz [ 347.174666][ T7116] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 347.174723][ T38] usb 1-1: SerialNumber: syz [ 347.217655][ T5876] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 347.261322][ T5876] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 347.316389][ T5876] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 347.377920][ T38] usb 1-1: config 0 descriptor?? [ 347.396556][ T5876] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 347.458591][ T5876] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 347.535510][ T5876] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 347.664646][ T5876] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 347.728418][ T5876] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 347.743327][ T38] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 347.775970][ T5876] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 347.785777][ T5876] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45 [ 347.794568][ T5876] usb 4-1: SerialNumber: syz [ 347.833886][ T7116] team0: Port device team_slave_0 added [ 347.890265][ T5876] usb 4-1: config 0 descriptor?? [ 347.916215][ T7116] team0: Port device team_slave_1 added [ 347.980439][ T5819] Bluetooth: hci4: command tx timeout [ 348.067069][ T5876] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input16 [ 348.243904][ T38] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 348.332918][ T38] usb 1-1: USB disconnect, device number 8 [ 348.361784][ T5156] bcm5974 4-1:0.0: could not read from device [ 348.363002][ T5872] usb 4-1: USB disconnect, device number 9 [ 348.455377][ T5156] bcm5974 4-1:0.0: could not read from device [ 348.467981][ T7116] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 348.475866][ T7116] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 348.503018][ T7116] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 348.523889][ T7202] loop4: detected capacity change from 0 to 128 [ 348.812658][ T7116] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 348.820274][ T7116] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 348.849578][ T7116] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 349.777204][ T7116] hsr_slave_0: entered promiscuous mode [ 349.787947][ T7116] hsr_slave_1: entered promiscuous mode [ 349.797654][ T7116] debugfs: 'hsr0' already exists in 'hsr' [ 349.803891][ T7116] Cannot create hsr debugfs directory [ 350.092165][ T5819] Bluetooth: hci4: command tx timeout [ 350.992412][ T5819] Bluetooth: hci2: unexpected event for opcode 0x0c7a [ 352.057752][ T7116] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 352.213659][ T7116] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 352.349277][ T7116] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 352.462417][ T7116] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 352.980932][ T7244] netlink: 4 bytes leftover after parsing attributes in process `syz.4.495'. [ 353.162959][ T7245] mmap: syz.2.494 (7245) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 354.040202][ T7116] 8021q: adding VLAN 0 to HW filter on device bond0 [ 354.336799][ T7116] 8021q: adding VLAN 0 to HW filter on device team0 [ 354.433448][ T1318] bridge0: port 1(bridge_slave_0) entered blocking state [ 354.441089][ T1318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 354.605118][ T1318] bridge0: port 2(bridge_slave_1) entered blocking state [ 354.613013][ T1318] bridge0: port 2(bridge_slave_1) entered forwarding state [ 355.300096][ T30] audit: type=1326 audit(1758938871.178:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.2.501" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x0 [ 355.952694][ T7274] netlink: 48 bytes leftover after parsing attributes in process `syz.4.504'. [ 357.555553][ T7116] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 357.764618][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 357.771786][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 357.832926][ C1] vcan0: j1939_tp_rxtimer: 0xffff88804e9aac00: rx timeout, send abort [ 357.842797][ C1] vcan0: j1939_tp_rxtimer: 0xffff88804e9aae00: rx timeout, send abort [ 357.860504][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88804e9aac00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 357.876023][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88804e9aae00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 360.277391][ T7335] netlink: 14560 bytes leftover after parsing attributes in process `syz.4.523'. [ 360.402699][ T5876] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 360.617091][ T5876] usb 1-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a [ 360.627138][ T5876] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.713139][ T5876] usb 1-1: config 0 descriptor?? [ 360.749483][ T5876] gspca_main: sn9c2028-2.14.0 probing 0c45:8001 [ 361.006799][ T5876] gspca_sn9c2028: read1 error -32 [ 361.045763][ T7116] veth0_vlan: entered promiscuous mode [ 361.163384][ T7116] veth1_vlan: entered promiscuous mode [ 361.231317][ T5876] gspca_sn9c2028: read1 error -71 [ 361.236911][ T5876] sn9c2028 1-1:0.0: probe with driver sn9c2028 failed with error -71 [ 361.340202][ T5876] usb 1-1: USB disconnect, device number 9 [ 361.581831][ T7116] veth0_macvtap: entered promiscuous mode [ 361.722227][ T7116] veth1_macvtap: entered promiscuous mode [ 361.941198][ T7116] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 362.032772][ T7116] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 362.260409][ T2901] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.283080][ T2901] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.296178][ T2901] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.308027][ T2901] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.770104][ T5876] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 363.005867][ T5876] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 363.017301][ T5876] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 363.028942][ T5876] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 363.039219][ T5876] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 363.257244][ T5876] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 363.270321][ T5876] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 363.278688][ T5876] usb 1-1: Manufacturer: syz [ 363.425824][ T5876] usb 1-1: config 0 descriptor?? [ 363.656020][ T7370] loop4: detected capacity change from 0 to 512 [ 363.912599][ T7370] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 363.923415][ T7370] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.534: invalid indirect mapped block 2683928664 (level 1) [ 363.986073][ T7370] EXT4-fs (loop4): Remounting filesystem read-only [ 363.993441][ T5876] appleir 0003:05AC:8243.000E: unknown main item tag 0x0 [ 364.013413][ T5876] appleir 0003:05AC:8243.000E: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 364.089211][ T7370] EXT4-fs (loop4): 1 truncate cleaned up [ 364.090524][ T7376] overlayfs: statfs failed on './file0' [ 364.097785][ T7370] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 364.320423][ T5876] usb 1-1: USB disconnect, device number 10 [ 364.347730][ T30] audit: type=1800 audit(1758938880.208:8): pid=7370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.534" name="file0" dev="loop4" ino=13 res=0 errno=0 [ 364.922800][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.357763][ T7381] fido_id[7381]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 365.383943][ T7387] syzkaller1: entered promiscuous mode [ 365.390521][ T7387] syzkaller1: entered allmulticast mode [ 366.580671][ T7400] loop2: detected capacity change from 0 to 2048 [ 366.640149][ T7400] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 366.651921][ T7400] UDF-fs: Scanning with blocksize 512 failed [ 366.768198][ T7400] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 367.134271][ T7393] loop0: detected capacity change from 0 to 8192 [ 367.643540][ T7404] loop3: detected capacity change from 0 to 4096 [ 367.858749][ T7415] netlink: 'syz.2.544': attribute type 5 has an invalid length. [ 367.865948][ T7404] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 368.750720][ T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 368.788641][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.940642][ T30] audit: type=1326 audit(1758938884.818:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 368.962967][ T30] audit: type=1326 audit(1758938884.818:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 368.996457][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 369.068797][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 369.080439][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 369.090665][ T9] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 369.102731][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 369.206848][ T30] audit: type=1326 audit(1758938884.918:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 369.229215][ T30] audit: type=1326 audit(1758938884.918:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 369.254365][ T30] audit: type=1326 audit(1758938884.928:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 369.278111][ T30] audit: type=1326 audit(1758938884.958:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 369.300656][ T30] audit: type=1326 audit(1758938884.978:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 369.325792][ T30] audit: type=1326 audit(1758938885.018:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 369.349121][ T30] audit: type=1326 audit(1758938885.018:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 369.371548][ T30] audit: type=1326 audit(1758938885.048:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=40000003 syscall=144 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 369.393729][ T30] audit: type=1326 audit(1758938885.048:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 369.419568][ T30] audit: type=1326 audit(1758938885.048:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 369.452959][ T9] usb 3-1: config 0 descriptor?? [ 369.555260][ T9] hub 3-1:0.0: USB hub found [ 369.785498][ T9] hub 3-1:0.0: 1 port detected [ 370.183386][ T9] usb 3-1: USB disconnect, device number 7 [ 370.324795][ T7435] loop4: detected capacity change from 0 to 512 [ 370.481953][ T7435] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 370.495488][ T7435] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 370.790708][ T7435] EXT4-fs (loop4): 1 truncate cleaned up [ 370.798810][ T7435] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 370.916066][ T7435] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt. [ 371.474935][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.509645][ T7448] loop0: detected capacity change from 0 to 128 [ 371.620545][ T7448] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 371.642043][ T7448] ext4 filesystem being mounted at /100/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 371.861546][ T2953] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.873005][ T2953] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.937556][ T7448] overlayfs: upper fs needs to support d_type. [ 372.245942][ T3967] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 372.257720][ T3967] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.412639][ T5811] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 372.631904][ T5872] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 372.843326][ T5872] usb 5-1: Using ep0 maxpacket: 16 [ 372.930683][ T5872] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 372.941502][ T5872] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 372.956517][ T5872] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 373.041271][ T5872] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 373.051174][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 373.059397][ T5872] usb 5-1: SerialNumber: syz [ 373.154837][ T5872] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 373.448307][ T5872] usb 5-1: USB disconnect, device number 9 [ 374.021072][ T7473] 9pnet: p9_errstr2errno: server reported unknown error @00000000000000000000004D†üB€|˜Ü0xffffffffffffffff [ 374.780571][ T7481] batadv_slave_1: entered promiscuous mode [ 374.831520][ T7480] batadv_slave_1: left promiscuous mode [ 375.025041][ T7485] netlink: 24 bytes leftover after parsing attributes in process `syz.2.567'. [ 375.387621][ T7490] loop0: detected capacity change from 0 to 64 [ 376.503397][ T7504] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 377.001231][ T9] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 377.231168][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 377.309528][ T9] usb 3-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 377.319489][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 377.328062][ T9] usb 3-1: Product: syz [ 377.332705][ T9] usb 3-1: Manufacturer: syz [ 377.337518][ T9] usb 3-1: SerialNumber: syz [ 377.345745][ T7518] binder: 7515:7518 ioctl c0306201 80000680 returned -14 [ 377.382446][ T7519] loop5: detected capacity change from 0 to 128 [ 377.512295][ T9] usb 3-1: config 0 descriptor?? [ 377.554978][ T9] ums-onetouch 3-1:0.0: USB Mass Storage device detected [ 377.791470][ T9] usb 3-1: USB disconnect, device number 8 [ 379.645330][ T7547] loop3: detected capacity change from 0 to 512 [ 379.961678][ T7547] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 380.202335][ T5872] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 380.384053][ T5872] usb 3-1: Using ep0 maxpacket: 32 [ 380.409221][ T5872] usb 3-1: unable to get BOS descriptor or descriptor too short [ 380.453375][ T5872] usb 3-1: config index 0 descriptor too short (expected 53, got 34) [ 380.462073][ T5872] usb 3-1: config 2 has an invalid interface number: 7 but max is 0 [ 380.474712][ T5872] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 380.486581][ T5872] usb 3-1: config 2 has no interface number 0 [ 380.806035][ T5872] usb 3-1: New USB device found, idVendor=05ac, idProduct=8701, bcdDevice=85.42 [ 380.815983][ T5872] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.824616][ T5872] usb 3-1: Product: syz [ 380.828991][ T5872] usb 3-1: Manufacturer: syz [ 380.834215][ T5872] usb 3-1: SerialNumber: syz [ 380.935986][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 382.368401][ T5872] uvcvideo 3-1:2.7: probe with driver uvcvideo failed with error -22 [ 382.440280][ T5872] usb 3-1: USB disconnect, device number 9 [ 382.519976][ T5987] udevd[5987]: setting owner of /dev/bus/usb/003/009 to uid=0, gid=0 failed: No such file or directory [ 384.800948][ T7645] 9pnet: p9_errstr2errno: server reported unknown error 01777777777777777777777 [ 386.256758][ T7666] Bluetooth: MGMT ver 1.23 [ 386.760211][ T9] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 386.998985][ T7678] netlink: 12 bytes leftover after parsing attributes in process `syz.2.610'. [ 387.008294][ T9] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 387.019141][ T9] usb 4-1: config 0 interface 0 has no altsetting 0 [ 387.085839][ T9] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 387.096379][ T9] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 387.104961][ T9] usb 4-1: Product: syz [ 387.109421][ T9] usb 4-1: Manufacturer: syz [ 387.114429][ T9] usb 4-1: SerialNumber: syz [ 387.204138][ T9] usb 4-1: config 0 descriptor?? [ 387.264249][ T9] usb 4-1: selecting invalid altsetting 0 [ 387.595811][ T5872] usb 4-1: USB disconnect, device number 10 [ 390.568445][ T7730] loop8: detected capacity change from 0 to 8 [ 390.601933][ T7732] loop5: detected capacity change from 0 to 128 [ 390.641035][ T7730] Dev loop8: unable to read RDB block 8 [ 390.647013][ T7730] loop8: unable to read partition table [ 390.768015][ T30] audit: type=1800 audit(1758938906.668:21): pid=7732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.629" name="file1" dev="loop5" ino=1048632 res=0 errno=0 [ 390.799434][ T7735] syzkaller1: entered promiscuous mode [ 390.805598][ T7735] syzkaller1: entered allmulticast mode [ 390.834644][ T7730] loop8: partition table beyond EOD, truncated [ 390.841278][ T7730] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– ) failed (rc=-5) [ 393.761297][ T7783] loop3: detected capacity change from 0 to 128 [ 394.860515][ T7804] netlink: 'syz.4.656': attribute type 12 has an invalid length. [ 394.868668][ T7804] netlink: 'syz.4.656': attribute type 29 has an invalid length. [ 394.877511][ T7804] netlink: 148 bytes leftover after parsing attributes in process `syz.4.656'. [ 394.886890][ T7804] netlink: 'syz.4.656': attribute type 2 has an invalid length. [ 394.894889][ T7804] netlink: 'syz.4.656': attribute type 3 has an invalid length. [ 395.661099][ T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 395.881617][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 395.893244][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 395.903547][ T9] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 395.913135][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 395.963588][ T7820] loop5: detected capacity change from 0 to 2048 [ 395.977825][ T9] usb 5-1: config 0 descriptor?? [ 395.984172][ T38] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 396.049333][ T7822] IPv6: NLM_F_CREATE should be specified when creating new route [ 396.093471][ T7820] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 396.185631][ T38] usb 1-1: Using ep0 maxpacket: 16 [ 396.244675][ T38] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 396.254238][ T38] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 396.262804][ T38] usb 1-1: Product: syz [ 396.267181][ T38] usb 1-1: Manufacturer: syz [ 396.272140][ T38] usb 1-1: SerialNumber: syz [ 396.351314][ T38] usb 1-1: config 0 descriptor?? [ 396.655456][ T9] usb 5-1: language id specifier not provided by device, defaulting to English [ 396.872032][ T9] uclogic 0003:256C:006D.000F: failed retrieving Huion firmware version: -71 [ 396.881541][ T9] uclogic 0003:256C:006D.000F: failed probing parameters: -71 [ 396.889626][ T9] uclogic 0003:256C:006D.000F: probe with driver uclogic failed with error -71 [ 396.925856][ T9] usb 5-1: USB disconnect, device number 10 [ 397.120986][ T38] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 397.287739][ T38] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 397.298507][ T38] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 397.353039][ T38] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 397.367820][ T38] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 397.377922][ T38] usb 6-1: SerialNumber: syz [ 397.865593][ T38] usb 6-1: 0:2 : does not exist [ 397.950779][ T38] usb 6-1: USB disconnect, device number 2 [ 398.004150][ T7841] syzkaller1: entered promiscuous mode [ 398.010138][ T7841] syzkaller1: entered allmulticast mode [ 398.811934][ T38] usb 1-1: USB disconnect, device number 11 [ 399.270290][ T38] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 399.443801][ T38] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 399.453383][ T38] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 399.496001][ T38] usb 1-1: config 0 descriptor?? [ 399.532449][ T38] cp210x 1-1:0.0: cp210x converter detected [ 399.938310][ T38] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 399.997571][ T38] usb 1-1: cp210x converter now attached to ttyUSB0 [ 400.175481][ T9] usb 1-1: USB disconnect, device number 12 [ 400.252887][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 400.302171][ T9] cp210x 1-1:0.0: device disconnected [ 401.030601][ T38] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 401.230042][ T38] usb 3-1: Using ep0 maxpacket: 32 [ 401.246914][ T38] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 401.262978][ T38] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 401.274791][ T38] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 401.284223][ T38] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 401.375500][ T38] usb 3-1: config 0 descriptor?? [ 401.850864][ T38] ft260 0003:0403:6030.0010: unknown main item tag 0x7 [ 402.064327][ T38] ft260 0003:0403:6030.0010: chip code: 6424 8183 [ 402.291098][ T38] ft260 0003:0403:6030.0010: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.2-1/input0 [ 402.492628][ T38] ft260 0003:0403:6030.0010: failed to retrieve status: -71, no wakeup [ 402.517066][ T38] ft260 0003:0403:6030.0010: failed to retrieve status: -71 [ 402.552679][ T38] ft260 0003:0403:6030.0010: failed to reset I2C controller: -71 [ 402.613581][ T38] usb 3-1: USB disconnect, device number 10 [ 403.797834][ T7921] loop4: detected capacity change from 0 to 64 [ 403.805250][ T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 403.831526][ T5876] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 404.081199][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 404.087280][ T5876] usb 4-1: Using ep0 maxpacket: 16 [ 404.113277][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 404.128151][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 404.139591][ T9] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 404.148972][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.174112][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 404.185971][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 404.196189][ T5876] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 404.209565][ T5876] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 404.219300][ T5876] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.261921][ T9] usb 3-1: config 0 descriptor?? [ 404.272275][ T5876] usb 4-1: config 0 descriptor?? [ 404.283231][ T9] hub 3-1:0.0: USB hub found [ 404.303760][ T7923] netlink: 28 bytes leftover after parsing attributes in process `syz.5.705'. [ 404.313995][ T7923] netlink: 28 bytes leftover after parsing attributes in process `syz.5.705'. [ 404.349865][ T7923] erspan0: entered promiscuous mode [ 404.361453][ T7923] gretap0: entered promiscuous mode [ 404.510472][ T9] hub 3-1:0.0: config failed, can't read hub descriptor (err -90) [ 404.773150][ T5876] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:05AC:8241.0011/input/input18 [ 404.889417][ T5876] appleir 0003:05AC:8241.0011: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0 [ 404.930578][ T9] hid-generic 0003:046D:C31C.0012: item fetching failed at offset 0/1 [ 404.955960][ T9] hid-generic 0003:046D:C31C.0012: probe with driver hid-generic failed with error -22 [ 405.015531][ T5872] usb 4-1: USB disconnect, device number 11 [ 405.281205][ T38] usb 3-1: USB disconnect, device number 11 [ 405.763960][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!! [ 406.548863][ T7952] netlink: 24 bytes leftover after parsing attributes in process `syz.2.716'. [ 407.022691][ T7959] loop4: detected capacity change from 0 to 128 [ 407.140066][ T30] audit: type=1800 audit(407.098:22): pid=7959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.720" name="file2" dev="loop4" ino=1048633 res=0 errno=0 [ 407.179554][ T7959] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 407.191447][ T7959] FAT-fs (loop4): Filesystem has been set read-only [ 407.204760][ T7959] bio_check_eod: 361 callbacks suppressed [ 407.204839][ T7959] syz.4.720: attempt to access beyond end of device [ 407.204839][ T7959] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 407.220384][ T7960] netlink: 4 bytes leftover after parsing attributes in process `syz.3.721'. [ 407.229268][ T7959] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 407.247620][ T7959] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 407.319005][ T7959] syz.4.720: attempt to access beyond end of device [ 407.319005][ T7959] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 407.334171][ T7959] syz.4.720: attempt to access beyond end of device [ 407.334171][ T7959] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 407.348632][ T7959] syz.4.720: attempt to access beyond end of device [ 407.348632][ T7959] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 407.375540][ T7960] netlink: 24 bytes leftover after parsing attributes in process `syz.3.721'. [ 407.426878][ T7959] syz.4.720: attempt to access beyond end of device [ 407.426878][ T7959] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 407.456757][ T7959] syz.4.720: attempt to access beyond end of device [ 407.456757][ T7959] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 407.479576][ T7959] syz.4.720: attempt to access beyond end of device [ 407.479576][ T7959] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 407.600651][ T7959] syz.4.720: attempt to access beyond end of device [ 407.600651][ T7959] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 407.666669][ T7959] syz.4.720: attempt to access beyond end of device [ 407.666669][ T7959] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 407.685387][ T7959] syz.4.720: attempt to access beyond end of device [ 407.685387][ T7959] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 408.045424][ T7971] netlink: 'syz.3.725': attribute type 11 has an invalid length. [ 409.358144][ T7989] loop2: detected capacity change from 0 to 512 [ 409.390679][ T7989] EXT4-fs: Ignoring removed nobh option [ 409.401766][ T7992] loop3: detected capacity change from 0 to 512 [ 409.444395][ T7989] EXT4-fs (loop2): orphan cleanup on readonly fs [ 409.455180][ T7989] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -13 [ 409.472258][ T7989] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 409.495368][ T38] kernel write not supported for file /vcsa (pid: 38 comm: kworker/1:1) [ 409.507702][ T7989] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.734: attempt to clear invalid blocks 2 len 1 [ 409.578759][ T7989] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.734: invalid indirect mapped block 1819239214 (level 0) [ 409.645789][ T7989] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.734: invalid indirect mapped block 1819239214 (level 1) [ 409.764207][ T7989] EXT4-fs (loop2): 1 truncate cleaned up [ 409.772440][ T7989] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 410.139137][ T8001] loop0: detected capacity change from 0 to 256 [ 410.167867][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 410.223524][ T8001] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 410.270579][ T8001] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 411.276735][ T8011] netlink: 'syz.2.743': attribute type 10 has an invalid length. [ 411.362397][ T8011] netlink: 'syz.2.743': attribute type 10 has an invalid length. [ 411.382152][ T8011] dummy0: entered promiscuous mode [ 411.400745][ T8011] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 411.867944][ T8018] process 'syz.5.746' launched './file2' with NULL argv: empty string added [ 412.012626][ T8020] vcan0: tx drop: invalid da for name 0x00000000000000c7 [ 412.290172][ T9] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 412.547872][ T9] usb 4-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 412.557286][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.607919][ T9] usb 4-1: config 0 descriptor?? [ 412.715195][ T9] gspca_main: spca508-2.14.0 probing 8086:0110 [ 412.871045][ T9] gspca_spca508: reg_read err -32 [ 412.893062][ T9] gspca_spca508: reg_read err -32 [ 412.914155][ T9] gspca_spca508: reg_read err -32 [ 413.191972][ T9] gspca_spca508: reg_read err -71 [ 413.230741][ T9] gspca_spca508: reg write: error -71 [ 413.241956][ T9] spca508 4-1:0.0: probe with driver spca508 failed with error -71 [ 413.291735][ T9] usb 4-1: USB disconnect, device number 12 [ 413.393654][ T30] audit: type=1326 audit(413.338:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8032 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 413.426022][ T8036] loop5: detected capacity change from 0 to 256 [ 413.482368][ T8036] exfat: Unknown parameter '017777777777777777777770x0000000000000000' [ 413.512159][ T30] audit: type=1326 audit(413.388:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8032 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 413.534426][ T30] audit: type=1326 audit(413.388:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8032 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 413.560266][ T30] audit: type=1326 audit(413.428:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8032 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=226 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 413.583305][ T30] audit: type=1326 audit(413.428:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8032 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 413.605174][ T30] audit: type=1326 audit(413.428:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8032 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 413.626850][ T30] audit: type=1326 audit(413.448:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8032 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 413.652074][ T30] audit: type=1326 audit(413.448:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8032 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 413.675210][ T30] audit: type=1326 audit(413.448:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8032 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 413.697806][ T30] audit: type=1326 audit(413.498:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8032 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=230 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 414.490595][ T38] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 414.604860][ T8049] netlink: 8 bytes leftover after parsing attributes in process `syz.0.759'. [ 414.616219][ T8049] erspan0: default FDB implementation only supports local addresses [ 414.682627][ T38] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 414.692259][ T38] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 414.702808][ T38] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 414.712604][ T38] usb 3-1: config 1 has no interface number 1 [ 414.718920][ T38] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 414.820373][ T38] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 414.830156][ T38] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 414.838425][ T38] usb 3-1: Product: syz [ 414.843126][ T38] usb 3-1: Manufacturer: syz [ 414.847923][ T38] usb 3-1: SerialNumber: syz [ 415.170334][ T5819] Bluetooth: hci2: hardware error 0xbf [ 415.303278][ T38] usb 3-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0 [ 415.311706][ T38] usb 3-1: MIDIStreaming interface descriptor not found [ 415.501814][ T38] usb 3-1: USB disconnect, device number 12 [ 415.933973][ T8066] 9pnet: p9_errstr2errno: server reported unknown error @câî18446744073709551615 [ 416.110795][ T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 416.121529][ T8069] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 416.226434][ T8069] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 416.360717][ T9] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 416.370344][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 416.490958][ T9] usb 5-1: config 0 descriptor?? [ 417.260960][ T5819] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 417.630535][ T9] usb 5-1: Cannot set autoneg [ 417.636252][ T9] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 417.714041][ T9] usb 5-1: USB disconnect, device number 11 [ 418.065269][ T8091] loop3: detected capacity change from 0 to 256 [ 418.079378][ T8091] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 418.170614][ T8093] capability: warning: `syz.5.777' uses deprecated v2 capabilities in a way that may be insecure [ 418.184829][ T8091] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 418.318382][ T8096] netlink: 'syz.0.778': attribute type 11 has an invalid length. [ 419.025028][ T38] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 419.202589][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 419.209361][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 419.266970][ T38] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 419.283045][ T38] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 419.295819][ T38] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 419.306101][ T38] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 419.319627][ T38] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 419.329123][ T38] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 419.437576][ T8116] netlink: 4 bytes leftover after parsing attributes in process `syz.2.785'. [ 419.473024][ T38] usb 5-1: config 0 descriptor?? [ 419.926701][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 419.927030][ T30] audit: type=1326 audit(419.888:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.791" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 419.955849][ T30] audit: type=1326 audit(419.888:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.791" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 419.980653][ T30] audit: type=1326 audit(419.898:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.791" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 420.006725][ T30] audit: type=1326 audit(419.898:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.791" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 420.029996][ T30] audit: type=1326 audit(419.948:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.791" exe="/root/syz-executor" sig=0 arch=40000003 syscall=277 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 420.051723][ T30] audit: type=1326 audit(419.948:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.791" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 420.074009][ T30] audit: type=1326 audit(419.948:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.791" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 420.100773][ T30] audit: type=1326 audit(419.948:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.791" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 420.123837][ T30] audit: type=1326 audit(419.948:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.791" exe="/root/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7fd3539 code=0x7ffc0000 [ 420.145608][ T30] audit: type=1326 audit(419.998:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.791" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd3539 code=0x0 [ 420.186860][ T8119] loop3: detected capacity change from 0 to 2048 [ 420.210093][ T38] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 420.283015][ T8119] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 420.479576][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 421.078708][ T8137] syzkaller1: entered promiscuous mode [ 421.084735][ T8137] syzkaller1: entered allmulticast mode [ 421.994383][ T8150] input: syz1 as /devices/virtual/input/input20 [ 422.025693][ T5872] usb 5-1: USB disconnect, device number 12 [ 422.306103][ T8154] binder: 8152:8154 ioctl c0306201 80000280 returned -14 [ 422.434758][ T8160] netlink: 16 bytes leftover after parsing attributes in process `syz.2.803'. [ 423.052682][ T8162] 9pnet: p9_errstr2errno: server reported unknown error [ 423.174225][ T8155] loop4: detected capacity change from 0 to 32768 [ 423.492633][ T8155] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 423.492768][ T8155] allowing incompatible features above 0.0: (unknown version) [ 423.492864][ T8155] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 423.532138][ T8155] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 423.547613][ T8155] bcachefs (loop4): initializing new filesystem [ 423.572230][ T8155] bcachefs (loop4): going read-write [ 423.593647][ T8176] netlink: 20 bytes leftover after parsing attributes in process `syz.5.808'. [ 423.617387][ T8155] bcachefs (loop4): marking superblocks [ 423.684464][ T8155] bcachefs (loop4): initializing freespace [ 423.716154][ T8155] bcachefs (loop4): done initializing freespace [ 423.737837][ T8155] bcachefs (loop4): reading snapshots table [ 423.744294][ T8155] bcachefs (loop4): reading snapshots done [ 423.872365][ T8155] bcachefs (loop4): done starting filesystem [ 424.043668][ T8155] syz.4.802 (8155) used greatest stack depth: 1152 bytes left [ 424.117614][ T5813] bcachefs (loop4): shutting down [ 424.123086][ T5813] bcachefs (loop4): going read-only [ 424.128502][ T5813] bcachefs (loop4): finished waiting for writes to stop [ 424.235361][ T5813] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3 [ 424.486947][ T8188] ALSA: mixer_oss: invalid OSS volume '' [ 424.549611][ T5813] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3 [ 424.590990][ T5813] bcachefs (loop4): clean shutdown complete, journal seq 4 [ 424.606565][ T5813] bcachefs (loop4): marking filesystem clean [ 424.679162][ T8190] loop5: detected capacity change from 0 to 1024 [ 424.736684][ T8190] EXT4-fs: Ignoring removed nobh option [ 424.744248][ T8190] EXT4-fs: Ignoring removed bh option [ 424.776560][ T5813] bcachefs (loop4): shutdown complete [ 424.859425][ T8190] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 425.222854][ T8190] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 15: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 425.663148][ T7116] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 425.993162][ T8203] loop3: detected capacity change from 0 to 512 [ 426.023757][ T8203] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 429.640428][ T5872] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 429.883544][ T5872] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 429.895266][ T5872] usb 1-1: config 0 interface 0 has no altsetting 0 [ 429.902794][ T5872] usb 1-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00 [ 429.912364][ T5872] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.004430][ T5872] usb 1-1: config 0 descriptor?? [ 430.496980][ T5872] nintendo 0003:057E:2009.0014: unknown main item tag 0x0 [ 430.505425][ T5872] nintendo 0003:057E:2009.0014: unknown main item tag 0x0 [ 430.658829][ T5872] nintendo 0003:057E:2009.0014: hidraw0: USB HID v80.00 Device [HID 057e:2009] on usb-dummy_hcd.0-1/input0 [ 430.741101][ T5872] nintendo 0003:057E:2009.0014: Failed to get joycon info; ret=-38 [ 430.755786][ T5872] nintendo 0003:057E:2009.0014: Failed to retrieve controller info; ret=-38 [ 430.767333][ T5872] nintendo 0003:057E:2009.0014: Failed to initialize controller; ret=-38 [ 430.881917][ T5872] nintendo 0003:057E:2009.0014: probe - fail = -38 [ 430.890054][ T5872] nintendo 0003:057E:2009.0014: probe with driver nintendo failed with error -38 [ 430.967033][ T5872] usb 1-1: USB disconnect, device number 13 [ 431.370989][ T38] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 431.580473][ T38] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 431.594192][ T38] usb 3-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00 [ 431.603711][ T38] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 431.766738][ T38] usb 3-1: config 0 descriptor?? [ 432.345758][ T38] itetech 0003:258A:6A88.0015: item fetching failed at offset 5/7 [ 432.442796][ T38] itetech 0003:258A:6A88.0015: probe with driver itetech failed with error -22 [ 432.580974][ T38] usb 3-1: USB disconnect, device number 13 [ 433.837375][ T8292] loop5: detected capacity change from 0 to 256 [ 433.976267][ T8292] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 434.074372][ T30] kauditd_printk_skb: 55 callbacks suppressed [ 434.074453][ T30] audit: type=1800 audit(434.038:99): pid=8292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.855" name="file1" dev="loop5" ino=1048637 res=0 errno=0 [ 435.010704][ T8309] netlink: 'syz.2.862': attribute type 13 has an invalid length. [ 435.018790][ T8309] netlink: 'syz.2.862': attribute type 17 has an invalid length. [ 435.472471][ T8309] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 436.502168][ T8326] netlink: 8 bytes leftover after parsing attributes in process `syz.0.870'. [ 436.511561][ T8326] netlink: 8 bytes leftover after parsing attributes in process `syz.0.870'. [ 436.792162][ T38] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 437.011174][ T38] usb 4-1: Using ep0 maxpacket: 8 [ 437.120702][ T38] usb 4-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab [ 437.130514][ T38] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 437.138930][ T38] usb 4-1: Product: syz [ 437.143567][ T38] usb 4-1: Manufacturer: syz [ 437.148935][ T38] usb 4-1: SerialNumber: syz [ 437.173747][ T38] usb 4-1: config 0 descriptor?? [ 437.360855][ T8340] loop5: detected capacity change from 0 to 2048 [ 437.495849][ T8340] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d [ 437.549591][ T8340] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 437.865461][ T38] usb 4-1: USB disconnect, device number 13 [ 438.001920][ C1] vkms_vblank_simulate: vblank timer overrun [ 438.955250][ T8355] netlink: 20 bytes leftover after parsing attributes in process `syz.3.884'. [ 438.965295][ T8355] 8021q: VLANs not supported on ip_vti0 [ 439.194703][ T8353] loop2: detected capacity change from 0 to 8192 [ 439.414991][ T30] audit: type=1800 audit(439.378:100): pid=8353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.883" name="file1" dev="loop2" ino=1048638 res=0 errno=0 [ 439.776880][ T8358] loop4: detected capacity change from 0 to 32768 [ 439.878791][ T8358] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 440.179304][ T8358] XFS (loop4): Ending clean mount [ 440.194973][ T8358] XFS (loop4): Quotacheck needed: Please wait. [ 440.282830][ T8358] XFS (loop4): Quotacheck: Done. [ 440.417706][ T5813] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 442.145122][ T30] audit: type=1326 audit(442.108:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.5.897" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ce539 code=0x0 [ 444.411336][ T8432] loop2: detected capacity change from 0 to 1024 [ 444.420930][ T8432] EXT4-fs: inline encryption not supported [ 444.427357][ T8432] EXT4-fs: Ignoring removed nobh option [ 444.433472][ T8432] EXT4-fs: Ignoring removed bh option [ 444.520043][ T38] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 444.559890][ T8432] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 444.690466][ T38] usb 4-1: Using ep0 maxpacket: 32 [ 444.704129][ T38] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 444.716164][ T38] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 444.726642][ T38] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 444.736210][ T38] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 444.750412][ T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 444.789083][ T38] usb 4-1: config 0 descriptor?? [ 444.950243][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 445.014371][ T9] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 445.024507][ T9] usb 5-1: config 0 has no interface number 0 [ 445.118009][ T9] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 445.128802][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 445.137330][ T9] usb 5-1: Product: syz [ 445.141979][ T9] usb 5-1: Manufacturer: syz [ 445.146847][ T9] usb 5-1: SerialNumber: syz [ 445.235077][ T9] usb 5-1: config 0 descriptor?? [ 445.303783][ T38] kone 0003:1E7D:2CED.0016: unknown main item tag 0x0 [ 445.311218][ T38] kone 0003:1E7D:2CED.0016: unknown main item tag 0x0 [ 445.318536][ T38] kone 0003:1E7D:2CED.0016: unknown main item tag 0x0 [ 445.325908][ T38] kone 0003:1E7D:2CED.0016: unknown main item tag 0x0 [ 445.335909][ T38] kone 0003:1E7D:2CED.0016: unknown main item tag 0x0 [ 445.365406][ T9] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 445.402301][ T38] kone 0003:1E7D:2CED.0016: hidraw0: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.3-1/input0 [ 445.428285][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 445.519465][ T38] usb 4-1: USB disconnect, device number 14 [ 445.551931][ T9] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 445.634897][ T9] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 445.869685][ C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 445.882586][ T9] usb 5-1: USB disconnect, device number 13 [ 445.948089][ T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 445.981378][ T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 445.995121][ T9] quatech2 5-1:0.51: device disconnected [ 446.577939][ T8460] loop3: detected capacity change from 0 to 64 [ 446.650860][ T8464] netlink: 64 bytes leftover after parsing attributes in process `syz.2.923'. [ 450.827975][ T8520] netlink: 8 bytes leftover after parsing attributes in process `syz.2.949'. [ 451.090769][ T5819] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 451.661316][ T8533] loop4: detected capacity change from 0 to 128 [ 451.721280][ T8533] EXT4-fs (loop4): Test dummy encryption mode enabled [ 451.827411][ T8533] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 451.906457][ T8533] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 451.952598][ T8535] loop5: detected capacity change from 0 to 1024 [ 451.996582][ T8535] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 452.154585][ T8535] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 452.253150][ T5813] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 452.274140][ T38] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 452.329227][ T8545] loop2: detected capacity change from 0 to 256 [ 452.376931][ T30] audit: type=1800 audit(452.328:102): pid=8535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.956" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 452.377307][ T8535] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: inode #11: comm syz.5.956: missing EA_INODE flag [ 452.414965][ T8546] netlink: 'syz.0.958': attribute type 13 has an invalid length. [ 452.421353][ T8545] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 452.424068][ T8546] netlink: 'syz.0.958': attribute type 17 has an invalid length. [ 452.433863][ T8545] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 452.484195][ T8535] EXT4-fs (loop5): Remounting filesystem read-only [ 452.491466][ T8535] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 452.531112][ T38] usb 4-1: Using ep0 maxpacket: 8 [ 452.564671][ T38] usb 4-1: config index 0 descriptor too short (expected 38180, got 36) [ 452.573464][ T38] usb 4-1: config 179 has too many interfaces: 44, using maximum allowed: 32 [ 452.582705][ T38] usb 4-1: config 179 has an invalid descriptor of length 238, skipping remainder of the config [ 452.593637][ T38] usb 4-1: config 179 has 0 interfaces, different from the descriptor's value: 44 [ 452.603410][ T38] usb 4-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00 [ 452.613549][ T38] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 452.706207][ T8545] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 453.152940][ T7116] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 453.181155][ T8546] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 453.327486][ T38] usb 4-1: string descriptor 0 read error: -71 [ 453.338323][ T38] usb 4-1: USB disconnect, device number 15 [ 453.750348][ T9] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 453.961378][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 453.976152][ T30] audit: type=1326 audit(453.938:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.964" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f25558 code=0x7ffc0000 [ 453.998235][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 453.998415][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 453.998561][ T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 453.998716][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 453.998880][ T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 453.999098][ T9] usb 6-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 453.999253][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 454.113454][ T9] usb 6-1: config 0 descriptor?? [ 454.122097][ T8552] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 454.377261][ T30] audit: type=1326 audit(454.058:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.964" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 454.403770][ T30] audit: type=1326 audit(454.058:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.964" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f25558 code=0x7ffc0000 [ 454.427046][ T30] audit: type=1326 audit(454.078:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.964" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 454.448987][ T30] audit: type=1326 audit(454.078:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.964" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f25558 code=0x7ffc0000 [ 454.470890][ T30] audit: type=1326 audit(454.098:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.964" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f25558 code=0x7ffc0000 [ 454.493206][ T30] audit: type=1326 audit(454.108:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.964" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f25558 code=0x7ffc0000 [ 454.518190][ T30] audit: type=1326 audit(454.108:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.964" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f25558 code=0x7ffc0000 [ 454.541854][ T30] audit: type=1326 audit(454.108:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.4.964" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25539 code=0x7ffc0000 [ 454.552012][ T5872] usb 6-1: USB disconnect, device number 3 [ 454.616951][ T5815] Bluetooth: hci5: Opcode 0x0c03 failed: -19 [ 454.704557][ T5876] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 454.867053][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 454.920388][ T5876] usb 1-1: Using ep0 maxpacket: 32 [ 454.974772][ T5876] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 454.983421][ T5876] usb 1-1: config 0 has no interface number 0 [ 454.990102][ T5876] usb 1-1: too many endpoints for config 0 interface 1 altsetting 0: 200, using maximum allowed: 30 [ 455.001672][ T5876] usb 1-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 200 [ 455.078028][ T8566] input: syz1 as /devices/virtual/input/input21 [ 455.371436][ T5876] usb 1-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=2c.d8 [ 455.381156][ T5876] usb 1-1: New USB device strings: Mfr=193, Product=2, SerialNumber=3 [ 455.389584][ T5876] usb 1-1: Product: syz [ 455.394346][ T5876] usb 1-1: Manufacturer: syz [ 455.399147][ T5876] usb 1-1: SerialNumber: syz [ 455.567295][ T5876] usb 1-1: config 0 descriptor?? [ 455.609548][ T5876] usb 1-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 455.619062][ T5876] usb 1-1: selecting invalid altsetting 1 [ 455.625329][ T5876] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 455.776734][ T5876] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 455.781468][ T8573] netlink: 4 bytes leftover after parsing attributes in process `syz.3.970'. [ 455.788413][ T5876] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 455.805267][ T5876] usb 1-1: media controller created [ 456.025255][ T5876] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 456.437094][ C1] hrtimer: interrupt took 328696 ns [ 456.461566][ T5876] usb 1-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 456.468897][ T5876] zl10353_read_register: readreg error (reg=127, ret==-71) [ 456.535742][ T5876] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 457.158443][ T5876] usb 1-1: USB disconnect, device number 14 [ 457.259136][ T5815] Bluetooth: hci0: command 0x0406 tx timeout [ 457.261291][ T8594] netlink: 'syz.5.976': attribute type 13 has an invalid length. [ 457.282554][ T8594] netlink: 'syz.5.976': attribute type 17 has an invalid length. [ 457.300182][ T5872] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 457.306520][ T5872] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 457.843164][ T8594] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 459.253154][ T8624] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 459.260847][ T8624] IPv6: NLM_F_CREATE should be set when creating new route [ 459.268403][ T8624] IPv6: NLM_F_CREATE should be set when creating new route [ 459.279148][ T8624] ------------[ cut here ]------------ [ 459.285028][ T8624] WARNING: CPU: 0 PID: 8624 at drivers/net/netdevsim/fib.c:831 nsim_fib_event_nb+0x1701/0x2010 [ 459.295966][ T8624] Modules linked in: [ 459.300348][ T8624] CPU: 0 UID: 0 PID: 8624 Comm: syz.2.988 Not tainted syzkaller #0 PREEMPT(none) [ 459.309984][ T8624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 459.325385][ T8624] RIP: 0010:nsim_fib_event_nb+0x1701/0x2010 [ 459.333526][ T8624] Code: c0 4c 8b 65 98 4c 8b 75 d0 48 83 7d a0 00 0f 84 dc fd ff ff 8b bd 78 ff ff ff e8 4a 46 50 f8 e9 cc fd ff ff e8 c0 72 ad f7 90 <0f> 0b 90 e9 fe fc ff ff 8b bd 50 ff ff ff e8 0c 42 50 f8 89 c7 e8 [ 459.353703][ T8624] RSP: 0018:ffff88804f4831f0 EFLAGS: 00010283 [ 459.360249][ T8624] RAX: ffffffff8a478980 RBX: 0000000000000001 RCX: 0000000000080000 [ 459.368492][ T8624] RDX: ffffc90009004000 RSI: 0000000000001b3c RDI: 0000000000001b3d [ 459.378262][ T8624] RBP: ffff88804f4832c0 R08: ffffea000000000f R09: 0000000000000004 [ 459.391738][ T8624] R10: ffff88804bfe622c R11: 0000000000000002 R12: 00000000ffffffff [ 459.400748][ T8624] R13: ffff88810ae22c20 R14: 0000000000000001 R15: 0000000000000002 [ 459.408956][ T8624] FS: 0000000000000000(0000) GS:ffff8881aa690000(0063) knlGS:00000000f54c6b40 [ 459.423400][ T8624] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 459.432162][ T8624] CR2: 0000000080002000 CR3: 000000004f484000 CR4: 00000000003526f0 [ 459.440565][ T8624] Call Trace: [ 459.444033][ T8624] [ 459.447169][ T8624] ? __pfx_nsim_fib_event_nb+0x10/0x10 [ 459.453227][ T8624] ? __pfx_nsim_fib_event_nb+0x10/0x10 [ 459.458965][ T8624] atomic_notifier_call_chain+0xea/0x430 [ 459.465108][ T8624] ? __rcu_read_unlock+0x6d/0xd0 [ 459.470566][ T8624] call_fib_notifiers+0xad/0x190 [ 459.475776][ T8624] call_fib6_notifiers+0x53/0x70 [ 459.481174][ T8624] call_fib6_multipath_entry_notifiers+0x12d/0x180 [ 459.488158][ T8624] inet6_rtm_newroute+0x2710/0x3810 [ 459.494602][ T8624] ? __pfx_inet6_rtm_newroute+0x10/0x10 [ 459.500682][ T8624] rtnetlink_rcv_msg+0x106f/0x14b0 [ 459.501567][ T5815] Bluetooth: hci1: command 0x0406 tx timeout [ 459.506025][ T8624] ? stack_depot_save_flags+0x35/0x7b0 [ 459.512708][ T5872] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 459.517848][ T8624] ? kmsan_get_metadata+0xfb/0x160 [ 459.529237][ T5872] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 459.544782][ T8624] netlink_rcv_skb+0x54d/0x680 [ 459.550408][ T8624] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 459.556146][ T8624] rtnetlink_rcv+0x35/0x40 [ 459.561217][ T8624] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 459.566584][ T8624] netlink_unicast+0xf01/0x12b0 [ 459.571899][ T8624] netlink_sendmsg+0x10b3/0x1250 [ 459.577177][ T8624] ? __pfx_netlink_sendmsg+0x10/0x10 [ 459.583136][ T8624] ? __pfx_netlink_sendmsg+0x10/0x10 [ 459.588737][ T8624] __sock_sendmsg+0x333/0x3d0 [ 459.593827][ T8624] ____sys_sendmsg+0x7e0/0xd80 [ 459.598922][ T8624] ___sys_sendmsg+0x271/0x3b0 [ 459.604142][ T8624] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 459.610556][ T8624] ? __rcu_read_unlock+0x6d/0xd0 [ 459.615766][ T8624] ? __fget_files+0x3b4/0x4a0 [ 459.625981][ T8624] ? __fget_files+0x3b9/0x4a0 [ 459.632693][ T8624] ? kmsan_get_metadata+0xfb/0x160 [ 459.638206][ T8624] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 459.644572][ T8624] __sys_sendmsg+0x1aa/0x300 [ 459.649519][ T8624] __ia32_compat_sys_sendmsg+0xa4/0x100 [ 459.655547][ T8624] ia32_sys_call+0x3f6c/0x4310 [ 459.660760][ T8624] __do_fast_syscall_32+0xb0/0x150 [ 459.666142][ T8624] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 459.672935][ T8624] do_fast_syscall_32+0x38/0x80 [ 459.678069][ T8624] do_SYSENTER_32+0x1f/0x30 [ 459.683038][ T8624] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 459.689860][ T8624] RIP: 0023:0xf7fd3539 [ 459.694148][ T8624] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 459.714357][ T8624] RSP: 002b:00000000f54c655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 459.728729][ T8624] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100 [ 459.738699][ T8624] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 459.747118][ T8624] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 459.755500][ T8624] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 459.763939][ T8624] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 459.772443][ T8624] [ 459.775647][ T8624] ---[ end trace 0000000000000000 ]--- [ 461.144347][ T8641] netlink: 'syz.3.994': attribute type 13 has an invalid length. [ 461.153288][ T8641] netlink: 'syz.3.994': attribute type 17 has an invalid length. [ 461.625109][ T8650] netlink: 'syz.2.997': attribute type 13 has an invalid length. [ 461.633383][ T8650] netlink: 14581 bytes leftover after parsing attributes in process `syz.2.997'. [ 461.683468][ T8641] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 461.810676][ T5815] Bluetooth: hci3: command 0x0406 tx timeout [ 461.831224][ T5872] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 461.837549][ T5872] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 464.372412][ T8686] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 464.384116][ T8686] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 464.691006][ T5815] Bluetooth: hci4: command 0x0c1a tx timeout [ 464.697509][ T5872] Bluetooth: hci4: Opcode 0x0c1a failed: -110 [ 464.704330][ T5872] Bluetooth: hci4: Error when powering off device on rfkill (-110) [ 465.288822][ T8694] KVM: debugfs: duplicate directory 8694-4 [ 467.123127][ T8726] input: syz1 as /devices/virtual/input/input22 [ 467.680245][ T24] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 467.900231][ T24] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 467.911787][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 467.923243][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 467.933690][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 468.047567][ T24] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 468.057358][ T24] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 468.066006][ T24] usb 5-1: Manufacturer: syz [ 468.163014][ T24] usb 5-1: config 0 descriptor?? [ 468.603590][ T24] appleir 0003:05AC:8243.0017: unknown main item tag 0x0 [ 468.673974][ T24] appleir 0003:05AC:8243.0017: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 468.889878][ T24] usb 5-1: USB disconnect, device number 14 [ 469.448802][ T8758] loop5: detected capacity change from 0 to 256 [ 469.515254][ T8758] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 469.622340][ T8758] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 471.411176][ T8781] netlink: 348 bytes leftover after parsing attributes in process `syz.5.1054'. [ 471.850902][ T8790] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1059'. [ 471.939356][ T8790] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1059'. [ 472.724109][ T24] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 472.900308][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 472.963697][ T24] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 472.972204][ T24] usb 1-1: config 0 has no interface number 0 [ 472.978536][ T24] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 55, changing to 9 [ 472.991011][ T24] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 8496, setting to 1024 [ 473.006158][ T8802] loop2: detected capacity change from 0 to 256 [ 473.140460][ T8802] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 473.161468][ T24] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 473.171125][ T24] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 473.179432][ T24] usb 1-1: Product: syz [ 473.183931][ T24] usb 1-1: SerialNumber: syz [ 473.235700][ T8806] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1067'. [ 473.274886][ T24] usb 1-1: config 0 descriptor?? [ 473.308450][ T24] cm109 1-1:0.8: invalid payload size 1024, expected 4 [ 473.319961][ T24] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input23 [ 473.458720][ T30] kauditd_printk_skb: 49 callbacks suppressed [ 473.458802][ T30] audit: type=1800 audit(473.418:161): pid=8802 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1065" name="file1" dev="loop2" ino=1048643 res=0 errno=0 [ 473.523577][ T8802] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 473.533529][ T8802] exFAT-fs (loop2): Filesystem has been set read-only [ 473.540834][ T8802] exFAT-fs (loop2): error, failed to bmap (inode : ffff88810114c730 iblock : 8, err : -5) [ 473.593730][ T8808] netlink: 'syz.3.1068': attribute type 10 has an invalid length. [ 473.636870][ T8808] syz_tun: entered promiscuous mode [ 473.661751][ T8802] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 473.669345][ T8808] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 473.906912][ C1] cm109 1-1:0.8: cm109_urb_irq_callback: urb status -71 [ 473.914214][ C1] ------------[ cut here ]------------ [ 473.919832][ C1] URB ffff8880503d6300 submitted while active [ 473.929515][ C1] WARNING: CPU: 1 PID: 8797 at drivers/usb/core/urb.c:379 usb_submit_urb+0x230/0x24e0 [ 473.939458][ C1] Modules linked in: [ 473.943668][ C1] CPU: 1 UID: 0 PID: 8797 Comm: syz.0.1062 Tainted: G W syzkaller #0 PREEMPT(none) [ 473.954857][ C1] Tainted: [W]=WARN [ 473.958852][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 473.969148][ C1] RIP: 0010:usb_submit_urb+0x230/0x24e0 [ 473.975021][ C1] Code: 00 00 00 00 48 c7 83 68 09 00 00 00 00 00 00 48 c7 83 80 0c 00 00 00 00 00 00 48 c7 c7 23 45 1e 92 4c 89 f6 e8 f1 e3 b9 f6 90 <0f> 0b 90 90 b8 f0 ff ff ff e9 98 fe ff ff 44 89 ef 48 89 8d 40 ff [ 473.994932][ C1] RSP: 0018:ffff88813fd04740 EFLAGS: 00010083 [ 474.001283][ C1] RAX: ffffffff81207e75 RBX: ffff88813fd9d300 RCX: 0000000000040000 [ 474.009468][ C1] RDX: ffffc90001602000 RSI: 00000000000014fd RDI: 00000000000014fe [ 474.017640][ C1] RBP: ffff88813fd04868 R08: ffffea000000000f R09: 0000000000000000 [ 474.025912][ C1] R10: ffff888237b7b028 R11: ffff88823f2635e0 R12: 0000000000000820 [ 474.035231][ C1] R13: 0000000000000000 R14: ffff8880503d6300 R15: 0000000000000000 [ 474.043524][ C1] FS: 0000000000000000(0000) GS:ffff8881aa790000(0063) knlGS:000000005724f440 [ 474.052667][ C1] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 474.059479][ C1] CR2: 0000000030016ffc CR3: 000000004f484000 CR4: 00000000003526f0 [ 474.067757][ C1] Call Trace: [ 474.071205][ C1] [ 474.074208][ C1] ? stack_depot_save_flags+0x615/0x7b0 [ 474.080007][ C1] ? kmsan_get_metadata+0xfb/0x160 [ 474.085397][ C1] ? kmsan_get_metadata+0xfb/0x160 [ 474.090788][ C1] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 474.097379][ C1] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 474.103752][ C1] ? kmsan_get_metadata+0xfb/0x160 [ 474.109137][ C1] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 474.115234][ C1] cm109_urb_irq_callback+0xff6/0x1570 [ 474.121077][ C1] ? __pfx_cm109_urb_irq_callback+0x10/0x10 [ 474.127326][ C1] __usb_hcd_giveback_urb+0x502/0x7b0 [ 474.133040][ C1] ? kmsan_get_metadata+0xfb/0x160 [ 474.138538][ C1] usb_hcd_giveback_urb+0x154/0x700 [ 474.144088][ C1] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 474.150481][ C1] dummy_timer+0xe33/0x70d0 [ 474.155410][ C1] ? __resched_curr+0xc3/0x8b0 [ 474.160512][ C1] ? tracing_record_taskinfo_sched_switch+0xc4/0x6f0 [ 474.167516][ C1] ? kmsan_get_metadata+0xfb/0x160 [ 474.172901][ C1] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 474.179536][ C1] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 474.185645][ C1] ? rb_erase+0x585/0x2750 [ 474.190411][ C1] ? __pfx_dummy_timer+0x10/0x10 [ 474.195640][ C1] __hrtimer_run_queues+0x556/0xd80 [ 474.201166][ C1] hrtimer_run_softirq+0x18e/0x760 [ 474.206745][ C1] ? kmsan_get_metadata+0xfb/0x160 [ 474.212175][ C1] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 474.218782][ C1] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 474.224890][ C1] ? __pfx_hrtimer_run_softirq+0x10/0x10 [ 474.230839][ C1] handle_softirqs+0x166/0x6e0 [ 474.235909][ C1] __irq_exit_rcu+0x66/0x180 [ 474.240751][ C1] irq_exit_rcu+0x12/0x20 [ 474.245336][ C1] sysvec_apic_timer_interrupt+0x84/0x90 [ 474.251281][ C1] [ 474.254361][ C1] [ 474.257460][ C1] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 474.263742][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0x33/0x60 [ 474.270489][ C1] Code: 56 53 48 89 f3 49 89 fe e8 4a 4d b5 f1 4c 89 f7 e8 52 40 b5 f1 c6 00 00 41 c6 06 00 f7 c3 00 02 00 00 74 01 fb be 04 00 00 00 <48> c7 c7 28 40 58 95 e8 61 42 b5 f1 65 ff 0d 42 bd 75 04 74 0a 5b [ 474.290373][ C1] RSP: 0018:ffff888053c57988 EFLAGS: 00000206 [ 474.296874][ C1] RAX: ffff888105e76000 RBX: 0000000000000292 RCX: 000000000051ec4e [ 474.305171][ C1] RDX: ffff888106276000 RSI: 0000000000000004 RDI: ffff888106676000 [ 474.313359][ C1] RBP: ffff888053c57998 R08: ffffea000000000f R09: 0000000000000000 [ 474.321533][ C1] R10: ffff888105e76000 R11: ffffffff81d44ae0 R12: ffff888106676bc4 [ 474.329725][ C1] R13: ffff888106676000 R14: ffff888106676000 R15: 0000000000000000 [ 474.337945][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 474.344573][ C1] ? _raw_spin_unlock_irqrestore+0x1e/0x60 [ 474.350770][ C1] dummy_pullup+0x186/0x360 [ 474.355604][ C1] ? __pfx_dummy_pullup+0x10/0x10 [ 474.360940][ C1] usb_gadget_disconnect_locked+0x1b6/0x570 [ 474.367183][ C1] gadget_unbind_driver+0xcc/0x5c0 [ 474.372546][ C1] ? kmsan_get_metadata+0xfb/0x160 [ 474.377973][ C1] ? __pfx_gadget_unbind_driver+0x10/0x10 [ 474.383948][ C1] device_release_driver_internal+0x4d2/0x900 [ 474.390351][ C1] driver_detach+0x30a/0x510 [ 474.395249][ C1] bus_remove_driver+0x44b/0x4e0 [ 474.400450][ C1] driver_unregister+0x8d/0x100 [ 474.405620][ C1] ? __pfx_gadget_unbind+0x10/0x10 [ 474.411037][ C1] usb_gadget_unregister_driver+0x55/0xa0 [ 474.417096][ C1] raw_release+0x156/0x580 [ 474.421850][ C1] ? __pfx_raw_release+0x10/0x10 [ 474.427173][ C1] __fput+0x608/0x1040 [ 474.431599][ C1] ? __pfx_____fput+0x10/0x10 [ 474.436941][ C1] ____fput+0x25/0x30 [ 474.441194][ C1] task_work_run+0x206/0x2b0 [ 474.446118][ C1] exit_to_user_mode_loop+0x2a6/0x330 [ 474.451776][ C1] __do_fast_syscall_32+0x12a/0x150 [ 474.457261][ C1] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 474.463488][ C1] do_fast_syscall_32+0x38/0x80 [ 474.468729][ C1] do_SYSENTER_32+0x1f/0x30 [ 474.473553][ C1] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 474.480212][ C1] RIP: 0023:0xf700e539 [ 474.484533][ C1] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 474.504602][ C1] RSP: 002b:00000000ffe04d8c EFLAGS: 00000206 ORIG_RAX: 00000000000001b4 [ 474.513331][ C1] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e [ 474.521525][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 474.529739][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 474.537927][ C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 474.546112][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 474.554374][ C1] [ 474.557543][ C1] ---[ end trace 0000000000000000 ]--- [ 474.563194][ C1] cm109 1-1:0.8: cm109_submit_ctl: usb_submit_urb (urb_ctl) failed -16 [ 474.572158][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 474.579916][ C1] vkms_vblank_simulate: vblank timer overrun [ 474.593025][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 474.600690][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 474.608254][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 474.615870][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 474.625761][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 474.633321][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 474.641024][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 474.648578][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 474.656440][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 474.667269][ T24] usb 1-1: USB disconnect, device number 15 [ 474.667519][ C1] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 474.688789][ T24] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 474.800423][ T9] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 474.980365][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 474.998815][ T9] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 475.008398][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 475.062742][ T9] usb 5-1: config 0 descriptor?? [ 475.100080][ T24] IPVS: starting estimator thread 0... [ 475.109983][ T9] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 475.113741][ T8816] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 475.190246][ T8822] IPVS: using max 192 ests per chain, 9600 per kthread [ 476.195287][ T9] gspca_nw80x: reg_w err -71 [ 476.200972][ T9] nw80x 5-1:0.0: probe with driver nw80x failed with error -71 [ 476.245426][ T9] usb 5-1: USB disconnect, device number 15 [ 476.698415][ T8841] loop2: detected capacity change from 0 to 1024 [ 476.865404][ T8839] hfsplus: invalid extended attribute record [ 477.122985][ T7622] hfsplus: b-tree write err: -5, ino 4 [ 477.453000][ T8859] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1086'. [ 477.623904][ T8861] loop3: detected capacity change from 0 to 16 [ 478.472161][ T8868] loop2: detected capacity change from 0 to 4096 [ 478.524780][ T8872] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 478.532500][ T8872] IPv6: NLM_F_CREATE should be set when creating new route [ 478.538538][ T8868] EXT4-fs (loop2): Test dummy encryption mode enabled [ 478.540212][ T8872] IPv6: NLM_F_CREATE should be set when creating new route [ 478.637379][ T8868] EXT4-fs (loop2): stripe (97) is not aligned with cluster size (16), stripe is disabled [ 478.739148][ T8868] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0002] [ 478.796050][ T8868] System zones: 0-5 [ 478.894275][ T8868] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 479.191298][ T8885] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1096'. [ 479.353496][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 480.462549][ T9] usb 4-1: new full-speed USB device number 16 using dummy_hcd [ 480.672139][ T9] usb 4-1: config 0 has an invalid interface number: 251 but max is 0 [ 480.683125][ T9] usb 4-1: config 0 has no interface number 0 [ 480.690323][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 480.696963][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 480.751507][ T8909] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 480.759136][ T8909] IPv6: NLM_F_CREATE should be set when creating new route [ 480.767017][ T8909] IPv6: NLM_F_CREATE should be set when creating new route [ 480.798857][ T9] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 480.809039][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 480.817695][ T9] usb 4-1: Product: syz [ 480.822414][ T9] usb 4-1: Manufacturer: syz [ 480.827323][ T9] usb 4-1: SerialNumber: syz [ 480.866243][ T8910] loop2: detected capacity change from 0 to 512 [ 480.897638][ T9] usb 4-1: config 0 descriptor?? [ 480.900666][ T8910] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 481.012065][ T8910] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.1106: invalid indirect mapped block 4294967295 (level 0) [ 481.079200][ T8910] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.1106: invalid indirect mapped block 4294967295 (level 1) [ 481.206507][ T8910] EXT4-fs (loop2): 1 orphan inode deleted [ 481.212972][ T8910] EXT4-fs (loop2): 1 truncate cleaned up [ 481.223096][ T8910] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 481.676239][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 481.718026][ T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 481.760416][ T9] asix 4-1:0.251 (unnamed net_device) (uninitialized): Invalid PHY address 0x44 [ 481.950802][ T24] usb 6-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 481.963051][ T24] usb 6-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 481.975312][ T24] usb 6-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 481.987206][ T24] usb 6-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 481.996888][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 482.018543][ T5876] usb 4-1: USB disconnect, device number 16 [ 482.107334][ T8916] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 482.271726][ T9] usb 3-1: new full-speed USB device number 14 using dummy_hcd [ 482.468292][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 482.480348][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 482.490909][ T9] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 482.500495][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 482.622492][ T9] usb 3-1: config 0 descriptor?? [ 483.073571][ T9] elan 0003:04F3:0755.0018: failed to start in urb: -90 [ 483.091596][ T9] elan 0003:04F3:0755.0018: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.2-1/input0 [ 483.273600][ T9] usb 3-1: USB disconnect, device number 14 [ 483.532824][ T24] aiptek 6-1:17.0: Aiptek using 400 ms programming speed [ 483.548949][ T24] input: Aiptek as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:17.0/input/input24 [ 483.670899][ T5876] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 483.679381][ C1] aiptek 6-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 483.688015][ T24] usb 6-1: USB disconnect, device number 4 [ 483.949465][ T5876] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 483.959849][ T5876] usb 4-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3 [ 483.968274][ T5876] usb 4-1: Product: syz [ 483.972866][ T5876] usb 4-1: Manufacturer: syz [ 483.977756][ T5876] usb 4-1: SerialNumber: syz [ 484.019537][ T5876] usb 4-1: config 0 descriptor?? [ 484.091571][ T5876] ch341 4-1:0.0: ch341-uart converter detected [ 484.154970][ T8942] capability: warning: `syz.0.1119' uses 32-bit capabilities (legacy support in use) [ 484.763595][ T8949] loop4: detected capacity change from 0 to 512 [ 484.912966][ T8949] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 484.990624][ T8954] EXT4-fs error (device loop4): ext4_validate_block_bitmap:423: comm ext4lazyinit: bg 0: bad block bitmap checksum [ 485.101848][ T5876] usb 4-1: failed to send control message: -71 [ 485.108436][ T5876] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 485.160151][ T5876] usb 4-1: USB disconnect, device number 17 [ 485.168781][ T5876] ch341 4-1:0.0: device disconnected [ 485.192483][ T30] audit: type=1800 audit(485.148:162): pid=8949 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1123" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 485.558263][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 486.074868][ T8963] kvm: user requested TSC rate below hardware speed [ 487.101402][ T24] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 487.321201][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 487.389403][ T24] usb 3-1: config index 0 descriptor too short (expected 35577, got 27) [ 487.398416][ T24] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 487.407865][ T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 487.419803][ T24] usb 3-1: config 1 has no interface number 0 [ 487.428214][ T24] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 487.439732][ T24] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 487.453431][ T24] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 487.463186][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 487.521868][ T24] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found [ 487.748395][ T8975] loop2: detected capacity change from 0 to 128 [ 487.805850][ T8975] vfat: Unknown parameter '' [ 487.863573][ T24] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached [ 488.372246][ T5876] usb 3-1: USB disconnect, device number 15 [ 488.380759][ T5876] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected [ 489.147147][ T5876] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 489.342522][ T5876] usb 1-1: Using ep0 maxpacket: 8 [ 489.407628][ T5876] usb 1-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 489.417271][ T5876] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 489.425990][ T5876] usb 1-1: Product: syz [ 489.430544][ T5876] usb 1-1: Manufacturer: syz [ 489.435360][ T5876] usb 1-1: SerialNumber: syz [ 489.562520][ T5876] usb 1-1: config 0 descriptor?? [ 489.608475][ T5876] gspca_main: sq905-2.14.0 probing 2770:9120 [ 490.802778][ T5876] gspca_sq905: sq905_read_data: usb_control_msg failed (-71) [ 490.811208][ T5876] sq905 1-1:0.0: probe with driver sq905 failed with error -71 [ 490.873368][ T5876] usb 1-1: USB disconnect, device number 16 [ 490.904133][ T9006] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1144'. [ 491.094684][ T9004] loop2: detected capacity change from 0 to 4096 [ 491.127128][ T9004] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 491.297956][ T9004] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 491.325592][ T9004] ntfs3(loop2): mft corrupted [ 491.331035][ T9004] ntfs3(loop2): Failed to load $Extend (-22). [ 491.337324][ T9004] ntfs3(loop2): Failed to initialize $Extend. [ 491.452619][ T9004] ntfs3(loop2): ino=1e, mi_enum_attr [ 491.458212][ T9004] ntfs3(loop2): ino=1e, mi_enum_attr [ 491.464466][ T9004] ntfs3(loop2): ino=1e, "file1" mi_enum_attr [ 491.471120][ T9004] ntfs3(loop2): ino=1e, "file1" mi_enum_attr [ 491.510941][ T9004] ntfs3(loop2): ino=1e, "file1" mi_enum_attr [ 491.690143][ T24] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 491.889870][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 491.901884][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 491.912170][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 491.925646][ T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 491.935218][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.125497][ T24] usb 5-1: config 0 descriptor?? [ 492.661801][ T24] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 492.916029][ T5876] usb 5-1: USB disconnect, device number 16 [ 493.784035][ T9032] loop3: detected capacity change from 0 to 8192 [ 493.842901][ T9046] batadv_slave_1: entered promiscuous mode [ 493.853812][ T9045] batadv_slave_1: left promiscuous mode [ 493.950392][ T24] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 494.132781][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 494.182547][ T24] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 494.194691][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 494.206495][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 494.218977][ T24] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 494.228373][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.304539][ T24] usb 3-1: config 0 descriptor?? [ 494.320870][ T9041] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 494.381230][ T24] hub 3-1:0.0: USB hub found [ 494.574618][ T24] hub 3-1:0.0: config failed, hub has too many ports! (err -19) [ 494.674840][ T9052] loop3: detected capacity change from 0 to 256 [ 494.822983][ T24] usbhid 3-1:0.0: can't add hid device: -71 [ 494.829956][ T24] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 494.902243][ T24] usb 3-1: USB disconnect, device number 16 [ 495.090974][ T9056] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 495.139219][ T9059] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1169'. [ 495.204384][ T9056] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 495.347039][ T9056] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 495.628299][ T9056] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 495.809932][ T9067] netlink: 27 bytes leftover after parsing attributes in process `syz.2.1173'. [ 495.957221][ T7636] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 496.160695][ T7630] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 496.175750][ T7628] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 496.198872][ T7628] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.321927][ T9081] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1180'. [ 497.359212][ T9088] input: syz1 as /devices/virtual/input/input26 [ 498.820239][ T5876] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 498.859061][ T30] audit: type=1326 audit(499.817:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9116 comm="syz.0.1196" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700e539 code=0x0 [ 498.917085][ T9121] loop4: detected capacity change from 0 to 128 [ 498.957380][ T9121] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 499.000057][ T5876] usb 3-1: Using ep0 maxpacket: 32 [ 499.042877][ T5876] usb 3-1: config 4 has an invalid interface number: 128 but max is 0 [ 499.051641][ T5876] usb 3-1: config 4 has no interface number 0 [ 499.058093][ T5876] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 499.069987][ T5876] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 499.081136][ T5876] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 499.090664][ T5876] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 499.136945][ T30] audit: type=1800 audit(500.077:164): pid=9121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1197" name="file1" dev="loop4" ino=94 res=0 errno=0 [ 499.179426][ T5876] hub 3-1:4.128: USB hub found [ 499.262109][ T9125] UDF-fs: error (device loop4): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 499.287672][ T9124] loop3: detected capacity change from 0 to 2048 [ 499.370647][ T9124] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 499.440907][ T5876] hub 3-1:4.128: 9 ports detected [ 499.446316][ T5876] hub 3-1:4.128: Using single TT (err -22) [ 499.470396][ T5876] hub 3-1:4.128: insufficient power available to use all downstream ports [ 499.651757][ T5876] hub 3-1:4.128: hub_hub_status failed (err = -71) [ 499.659114][ T5876] hub 3-1:4.128: config failed, can't get hub status (err -71) [ 499.768634][ T5876] usb 3-1: USB disconnect, device number 17 [ 499.928490][ T9130] ===================================================== [ 499.936304][ T9130] BUG: KMSAN: kernel-infoleak-after-free in _copy_to_iter+0xef3/0x33f0 [ 499.945130][ T9130] _copy_to_iter+0xef3/0x33f0 [ 499.950238][ T9130] __skb_datagram_iter+0x196/0x12c0 [ 499.955665][ T9130] skb_copy_datagram_iter+0x5b/0x1e0 [ 499.961647][ T9130] tun_do_read+0x3a71/0x4100 [ 499.966437][ T9130] tun_chr_read_iter+0x393/0x6b0 [ 499.971757][ T9130] vfs_read+0x8ed/0xf90 [ 499.976203][ T9130] __ia32_sys_read+0x1f9/0x4d0 [ 499.981452][ T9130] ia32_sys_call+0x18b8/0x4310 [ 499.986408][ T9130] __do_fast_syscall_32+0xb0/0x150 [ 499.992040][ T9130] do_fast_syscall_32+0x38/0x80 [ 499.997088][ T9130] do_SYSENTER_32+0x1f/0x30 [ 500.003341][ T9130] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 500.010279][ T9130] [ 500.012708][ T9130] Uninit was created at: [ 500.017172][ T9130] kfree+0x252/0xec0 [ 500.021988][ T9130] skb_free_head+0x1b5/0x3a0 [ 500.026821][ T9130] skb_release_data+0x9f7/0xac0 [ 500.032136][ T9130] __kfree_skb+0x6b/0x260 [ 500.036674][ T9130] sk_skb_reason_drop+0x126/0x440 [ 500.042116][ T9130] skb_queue_purge_reason+0x44f/0x640 [ 500.047681][ T9130] packet_release+0x1402/0x19c0 [ 500.053081][ T9130] sock_close+0xd6/0x2e0 [ 500.057509][ T9130] __fput+0x608/0x1040 [ 500.062025][ T9130] ____fput+0x25/0x30 [ 500.066173][ T9130] task_work_run+0x206/0x2b0 [ 500.071228][ T9130] exit_to_user_mode_loop+0x2a6/0x330 [ 500.076810][ T9130] __do_fast_syscall_32+0x12a/0x150 [ 500.082458][ T9130] do_fast_syscall_32+0x38/0x80 [ 500.087515][ T9130] do_SYSENTER_32+0x1f/0x30 [ 500.092589][ T9130] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 500.099141][ T9130] [ 500.102193][ T9130] Bytes 38-41 of 1000 are uninitialized [ 500.107934][ T9130] Memory access of size 1000 starts at ffff88802fec5880 [ 500.115504][ T9130] Data copied to user address 00000000ffe71078 [ 500.121995][ T9130] [ 500.124519][ T9130] CPU: 0 UID: 0 PID: 9130 Comm: syz-executor Tainted: G W syzkaller #0 PREEMPT(none) [ 500.136151][ T9130] Tainted: [W]=WARN [ 500.140265][ T9130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 500.150647][ T9130] ===================================================== [ 500.157960][ T9130] Disabling lock debugging due to kernel taint [ 500.164598][ T9130] Kernel panic - not syncing: kmsan.panic set ... [ 500.171170][ T9130] CPU: 0 UID: 0 PID: 9130 Comm: syz-executor Tainted: G B W syzkaller #0 PREEMPT(none) [ 500.182432][ T9130] Tainted: [B]=BAD_PAGE, [W]=WARN [ 500.187589][ T9130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 500.198067][ T9130] Call Trace: [ 500.201472][ T9130] [ 500.204528][ T9130] __dump_stack+0x26/0x30 [ 500.209086][ T9130] dump_stack_lvl+0x53/0x270 [ 500.213894][ T9130] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 500.219981][ T9130] dump_stack+0x1e/0x25 [ 500.224545][ T9130] vpanic+0x361/0xc50 [ 500.228895][ T9130] panic+0x15d/0x160 [ 500.233079][ T9130] kmsan_report+0x31c/0x320 [ 500.237981][ T9130] ? kmsan_internal_check_memory+0x16c/0x230 [ 500.244158][ T9130] ? kmsan_copy_to_user+0xf1/0x190 [ 500.249465][ T9130] ? _copy_to_iter+0xef3/0x33f0 [ 500.254514][ T9130] ? __skb_datagram_iter+0x196/0x12c0 [ 500.260139][ T9130] ? skb_copy_datagram_iter+0x5b/0x1e0 [ 500.265845][ T9130] ? tun_do_read+0x3a71/0x4100 [ 500.270819][ T9130] ? tun_chr_read_iter+0x393/0x6b0 [ 500.276133][ T9130] ? vfs_read+0x8ed/0xf90 [ 500.280665][ T9130] ? __ia32_sys_read+0x1f9/0x4d0 [ 500.285818][ T9130] ? ia32_sys_call+0x18b8/0x4310 [ 500.290958][ T9130] ? __do_fast_syscall_32+0xb0/0x150 [ 500.296467][ T9130] ? do_fast_syscall_32+0x38/0x80 [ 500.301691][ T9130] ? do_SYSENTER_32+0x1f/0x30 [ 500.306539][ T9130] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 500.313290][ T9130] ? kmsan_get_metadata+0xfb/0x160 [ 500.318578][ T9130] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 500.325093][ T9130] ? kmsan_get_metadata+0xfb/0x160 [ 500.330385][ T9130] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 500.336478][ T9130] kmsan_internal_check_memory+0x16c/0x230 [ 500.342481][ T9130] kmsan_copy_to_user+0xf1/0x190 [ 500.347587][ T9130] _copy_to_iter+0xef3/0x33f0 [ 500.352477][ T9130] ? is_module_text_address+0x1f4/0x240 [ 500.358205][ T9130] ? kmsan_get_metadata+0xfb/0x160 [ 500.363530][ T9130] __skb_datagram_iter+0x196/0x12c0 [ 500.368927][ T9130] ? filter_irq_stacks+0x49/0x190 [ 500.374109][ T9130] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 500.379959][ T9130] ? stack_depot_save_flags+0x35/0x7b0 [ 500.385608][ T9130] ? kmsan_get_metadata+0xfb/0x160 [ 500.390912][ T9130] skb_copy_datagram_iter+0x5b/0x1e0 [ 500.396397][ T9130] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 500.402399][ T9130] tun_do_read+0x3a71/0x4100 [ 500.407155][ T9130] ? kmsan_get_metadata+0xfb/0x160 [ 500.412454][ T9130] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 500.418953][ T9130] ? __pfx_default_wake_function+0x10/0x10 [ 500.424961][ T9130] ? __ia32_sys_read+0x1f9/0x4d0 [ 500.430130][ T9130] tun_chr_read_iter+0x393/0x6b0 [ 500.435261][ T9130] vfs_read+0x8ed/0xf90 [ 500.439598][ T9130] ? __pfx_tun_chr_read_iter+0x10/0x10 [ 500.445255][ T9130] __ia32_sys_read+0x1f9/0x4d0 [ 500.450223][ T9130] ia32_sys_call+0x18b8/0x4310 [ 500.455144][ T9130] __do_fast_syscall_32+0xb0/0x150 [ 500.460432][ T9130] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 500.466382][ T9130] do_fast_syscall_32+0x38/0x80 [ 500.471561][ T9130] do_SYSENTER_32+0x1f/0x30 [ 500.476223][ T9130] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 500.482749][ T9130] RIP: 0023:0xf70ce539 [ 500.486931][ T9130] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 500.506901][ T9130] RSP: 002b:00000000ffe71030 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 500.515478][ T9130] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 00000000ffe71078 [ 500.523578][ T9130] RDX: 00000000000003e8 RSI: 00000000f7465ff4 RDI: 0000000000000000 [ 500.531666][ T9130] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 500.539765][ T9130] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 500.547854][ T9130] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 500.556024][ T9130] [ 500.559491][ T9130] Kernel Offset: disabled [ 500.563888][ T9130] Rebooting in 86400 seconds..