last executing test programs: 8m40.947486826s ago: executing program 3 (id=528): socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pipe2$9p(0x0, 0x80) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0) ioctl$AUTOFS_IOC_FAIL(r3, 0x4c80, 0x7000000) r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip6_tables_matches\x00') read$FUSE(r4, &(0x7f00000027c0)={0x2020}, 0x2038) 8m39.004957659s ago: executing program 3 (id=531): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x3) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00') read$FUSE(r1, &(0x7f0000006540)={0x2020}, 0x5b3) ioctl$TCSETSW2(r0, 0x5408, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0x2, 0x4fd, &(0x7f0000000b00)="$eJzs3ctvW1kZAPDv3jycyWQmGZgFoAHKMFBQVTtxZ6LRbBhWI4RGQsySRSckThTFiaPYGZrQRbpkj0QlVrDiHwCJBVJX7JFYwI5NWSDxqEANEgsjX19nnIcbq03sNv79pCufe47t75xa9xzrc3NPACPrWkQcRMRkRHwcEbN5fZIf8X77aD3v8aO7y4eP7i4n0Wx+9M8ka2/VRddrWl7O33MqIr7/QcQPkxNB/xhR39vfWKpWKzt5VamxuV2q7+3fXN9cWqusVbbK5cWFxfl3b71TvqCR/vqo9LvffvHhHw6++eNWt2byuu5xXKT20CeO4rSMR8R3LyPYEIzl45l8mhc/1Yu4SGlEfCYi3syu/9kYyz7N445/TN+K/NIGAF5QzeZsNGe7zwGAqy7NcmBJWsxzATORpsViO4f3ekyn1Vq9cWO1tru10s6VzcVEurpercznucK5mEhW18crC1m5c16tlE+c34qI1yLip4WXsvPicq26MswvPgAwwl4+sf7/p9Be/wGAK67r1/zCMPsBAAyO/80HAKPH+g8Ao8f6DwCjx/oPAKPH+g8Ao8f6DwAj5Xsfftg6mof5/a9XPtnb3ah9cnOlUt8obu4uF5drO9vFtVptLbtnz+Z571et1bYX3o7dO6VGpd4o1ff2b2/Wdrcat7P7et+uTAxkVADAk7z25Qd/TiLi4L2XsiO67vd/7lr9xmX3DrhM6bA7AAzN2LA7AAzN6d2+gFEhHw90bdF7r6t66lThpPt9vX2a7xsKPEeuf/4Z8v/AC03+H0bX0+X/fZeHq0D+H0ZXs5nY8x8ARowcP5Cc0979+/98s+ukv9//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4EqayY4kLeZ7gc9EmhaLEa9ExFxMJKvr1cp8RLwaEX8qTBRa5wsRYd8gAHiRpX9L8v2/rs++NXOydbLw30L2GBE/+vlHP7uz1GjsLERMJv86qm/cz+vLw+g/AHCezjrdWcc7Hj+6u9w5Btmfv3+7vbloK+5hfrRbxmM8e5zKcg3T/07y87bW95WxC4h/cC8iPnfW+JMsNzKX73x6Mn4r9isDjZ8ei59mbe3H1r/FZy+gLzBqHrTmn/fPuv7SuJY9nn39T2Uz1LPrzH+Hp+a/9Gj+G+sx/13rN8bbv//OqcrmbLvtXsQXxiMOO2/eNf904ic94r/VZ/y/vPGlN3u1NX8RcT3OGn9yLFapsbldqu/t31zfXFqrrFW2yuXFhcX5d2+9Uy5lOepSJ1N92j/eu/Fqr/it8U/3iD91zvi/1uf4f/m/j3/wlSfE/8ZXz/78X39C/Naa+PU+4y9N/2aqV1sr/kqP8Z/3+d/oM/7Dv+6v9PlUAGAA6nv7G0vVamXnsgvp5YfICknEwQCG0y4UfvWTDwYV6xIL8Xx0Q+F5Kgx7ZgIu26cX/bB7AgAAAAAAAAAAAAAA9DKIPyca9hgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//2KH0wQ=") r2 = getpgrp(0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r3 = getpid() openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x0, 0x0) fanotify_init(0x200, 0x0) sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) read$FUSE(0xffffffffffffffff, &(0x7f0000003a00)={0x2020}, 0x2020) quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000200)={0x80000005, 0x5, 0x7, 0x47, 0x1b0a9fffe, 0x8, 0x1ff, 0x400000000000007, 0x400}) 8m38.117588411s ago: executing program 3 (id=534): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0xfffffe58) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47) setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000400)=0x4614, 0x4) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x2000000000000061) sendto(r3, 0x0, 0x0, 0x4000, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r3, &(0x7f00000004c0), 0x0, 0x805, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001300)={'veth1_vlan\x00', 0x0}) sendmsg$ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={0x34, 0x0, 0x1, 0x70bd2c, 0x2, {0x18}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}]}, 0x34}}, 0x20048004) socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x29, 0x80000, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6) 8m35.975167455s ago: executing program 3 (id=538): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007200000018110000", @ANYRES32=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000000c0)={r1}, 0xc) 8m35.698295691s ago: executing program 3 (id=539): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48) r3 = syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS64(r3, 0x40084146, 0x0) 8m31.619469387s ago: executing program 3 (id=548): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x183081, 0x0) close(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000500)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random='\x00\a\x00'}) 8m16.195671572s ago: executing program 32 (id=548): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x183081, 0x0) close(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000500)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random='\x00\a\x00'}) 7m6.141870204s ago: executing program 5 (id=736): openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x842, 0x0) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) syz_open_dev$audion(&(0x7f0000000040), 0x1ff, 0x0) openat$drirender128(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x108200, 0x1ce) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) 7m4.416286194s ago: executing program 5 (id=740): r0 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0) ioctl$HIDIOCSREPORT(r0, 0x81044804, &(0x7f0000000400)={0x1, 0x2}) 7m2.906185492s ago: executing program 5 (id=742): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="180000000000000000000000000a000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') getdents(r0, 0x0, 0x3b) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x1}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000001c0)={r2, 0xffffffffffffffff, 0x60000000}, 0xc) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x2642, 0x0) syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') syz_open_dev$tty1(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x6c}, [@ldst={0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48) 6m58.200049834s ago: executing program 5 (id=750): socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, 0x0) syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0xc1) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x20000885) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0xa}, @hci_rp_le_read_buffer_size_v2={{0x7}, {0x0, 0x1, 0x3, 0x1be, 0x4}}}}, 0xd) 6m57.113914737s ago: executing program 5 (id=753): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000780)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getrlimit(0x0, &(0x7f0000000040)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) request_key(&(0x7f0000000200)='logon\x00', &(0x7f0000000340)={'syz', 0x2}, 0x0, 0xfffffffffffffffa) r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) getgroups(0x2, &(0x7f0000001080)=[0xee01, 0xffffffffffffffff]) keyctl$chown(0x4, r3, 0xee01, r4) 6m56.010844191s ago: executing program 5 (id=754): openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0) r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) r4 = dup(r0) connect$unix(r4, &(0x7f0000002200)=@file={0x27, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) unshare(0x24020400) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r7, 0x421, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xc35d4f6d52288271}, 0x200048c4) r8 = syz_pidfd_open(0x0, 0x0) syz_socket_connect_nvme_tcp() ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r8, 0x81f8943c, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) socket$igmp6(0xa, 0x3, 0x2) r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0) syz_usb_control_io$hid(r9, 0x0, 0x0) syz_usb_control_io(r9, &(0x7f0000000000)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) 6m40.694221619s ago: executing program 33 (id=754): openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0) r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) r4 = dup(r0) connect$unix(r4, &(0x7f0000002200)=@file={0x27, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) unshare(0x24020400) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r7, 0x421, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xc35d4f6d52288271}, 0x200048c4) r8 = syz_pidfd_open(0x0, 0x0) syz_socket_connect_nvme_tcp() ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r8, 0x81f8943c, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) socket$igmp6(0xa, 0x3, 0x2) r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0) syz_usb_control_io$hid(r9, 0x0, 0x0) syz_usb_control_io(r9, &(0x7f0000000000)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) 57.938308808s ago: executing program 1 (id=1541): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0xfffffe58) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47) setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000400)=0x4614, 0x4) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000340)=[@window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x7) sendto(r3, 0x0, 0x0, 0x4000, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r3, &(0x7f00000004c0), 0x0, 0x805, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(r4, 0x0, 0x20048004) socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x29, 0x80000, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5) 56.927826016s ago: executing program 1 (id=1543): msgget$private(0x0, 0x200) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000) r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) syz_emit_ethernet(0x432, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) mlockall(0x2) r3 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xff}, 0x7}, 0x1c) writev(r3, 0x0, 0x0) 55.348835818s ago: executing program 1 (id=1546): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) pipe(&(0x7f0000000440)) r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x42002, 0x0) write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e) 46.51013051s ago: executing program 1 (id=1557): socket$phonet_pipe(0x23, 0x5, 0x2) socket$inet_mptcp(0x2, 0x1, 0x106) openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) socket$kcm(0x10, 0x2, 0x0) r0 = open(&(0x7f0000000380)='./bus\x00', 0x40, 0x0) r1 = creat(&(0x7f0000000200)='./bus\x00', 0x4) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000240)=ANY=[], 0x2b) sendfile(r2, r0, 0x0, 0x4000000053d2) 45.254072863s ago: executing program 1 (id=1559): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x30, '\x00', 0x0, 0x24}, 0x94) r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r4 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r4, &(0x7f0000000180)=[{0x0}], 0x1) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x240080c0) unshare(0x62040200) r5 = getpid() r6 = syz_pidfd_open(r5, 0x0) r7 = pidfd_getfd(r6, r6, 0x0) setns(r7, 0x66020000) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) 42.340891423s ago: executing program 1 (id=1563): openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x35c, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r1, 0x6, 0x0) fcntl$lock(r1, 0x26, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$IPCTNL_MSG_EXP_GET(r2, &(0x7f0000006680)={0x0, 0x0, &(0x7f0000006640)={&(0x7f0000001e40)={0x14, 0x1, 0x2, 0x101, 0x0, 0x0, {0xa}}, 0x14}}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 29.28626252s ago: executing program 0 (id=1583): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e00000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f00000004c0)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xf, 0x0, &(0x7f0000000000)="14fd54ab72df97e6256c00000000c3", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 26.218977358s ago: executing program 34 (id=1563): openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x35c, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r1, 0x6, 0x0) fcntl$lock(r1, 0x26, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$IPCTNL_MSG_EXP_GET(r2, &(0x7f0000006680)={0x0, 0x0, &(0x7f0000006640)={&(0x7f0000001e40)={0x14, 0x1, 0x2, 0x101, 0x0, 0x0, {0xa}}, 0x14}}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 25.003364948s ago: executing program 4 (id=1589): prlimit64(0x0, 0x3, &(0x7f0000000180)={0xffffffffffffffad, 0x107}, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f00000000c0)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0xc, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x12, &(0x7f0000000180)=0x5, 0x4) writev(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x200, 0x18) finit_module(r4, 0x0, 0x3) 24.894100495s ago: executing program 6 (id=1590): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) pipe(&(0x7f0000000440)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x42002, 0x0) write$binfmt_aout(r3, 0x0, 0xff2e) 23.982682608s ago: executing program 4 (id=1591): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ptrace$getregset(0x4204, r0, 0x1, &(0x7f0000000340)={&(0x7f0000000300)=""/63, 0x3f}) socket$inet6(0xa, 0x3, 0x7) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x10, 0x701, 0x0, 0xffffffff, {0xa}, [@typed={0x8, 0xa, 0x0, 0x0, @fd=r3}]}, 0x1c}}, 0x20008080) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0xf, &(0x7f0000000100)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xcd9}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x4) r6 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000280)='devices.deny\x00', 0x2, 0x0) write(r6, &(0x7f00000002c0), 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000040)='9G', 0x2}, {0x0}], 0x2, 0xffffff01, 0xa) sendto$inet6(r5, &(0x7f0000000100)="c10e000018001f06b9409b0dffff110d0207be040205060506100a044300040018000000fac8388827a685a168d9a44604094565360c648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902fc3a10004a320c0400160012000a00000000000000000000080756ede4ccbe5880", 0xec1, 0x0, 0x0, 0x9e5e111c47e3504f) 19.018983886s ago: executing program 0 (id=1596): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4040044) socket$inet6_udplite(0xa, 0x2, 0x88) syz_mount_image$erofs(&(0x7f0000001240), &(0x7f0000000200)='./file0\x00', 0x2800080, &(0x7f0000001280)=ANY=[], 0xff, 0x20d, &(0x7f0000001000)="$eJzsmb9rFEEUx78zu/cjQQQbCxsLD4xo9nb3VIKQIoK9EDXa5TBriG5yYW/VS8Ai2NhYWgi2/gMWFqks7OxstdCAYGE67Q5GZnZ2d9i7PTzxziLvA3n5zts3M29n2e/BHQiCOLIcfP315fnVhRsXABxDAzWd/27lNdyo//zy4fkXi9devfn0+v3W8Sf7xfVqY+4vt3m3ZCHGjBoLIYR5vaEis2UXDZ27CY5zWq8YM1bBcUvnAzDc0fq+oTszWoSBc7cTrt3bCANXBk8GX4aWub8N4HCPYQ1AXffHjOvdnd0H7TAMoq6ViiRTEek+UV7zd2LU+an+ljgW9Vj2J5/X7WdP9+TY0XnXOD8PHJ7WLTAsa72AGhzHyY/EuP9Tdr6+NfT+JyWsYqZXqFk9KJt+Yn6Sjf0jUZnCGU5AMKSZ+qjilUf/v9WiYMWMfKGzzMnD/Q+Ds7796RY/t5MXY9iJTeuVKQhlXAAGLn2czTOpcY+zclXPGVqT+5N077OGP9mwM/9oxpvbze7O7vzGZns9WA+2fL912b3oupf8pjKiJA74Xj/zv7ryp1lj/UqJV1ZZFb12HEdeD4gjLxv7STQcd/lt54eaw5X/ccydSdaQD1HddskHHdN/XP1nfYE5q6QdgiAIgiAIgiAIgiAIgiCIMTkNpr4F1T9UiQKAuPJYCOFfV9W/AwAA//+VV18P") syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x457, &(0x7f0000000bc0)="$eJzs281vFOUfAPDvTLvl11/BVsQ38KWKRuJLSwGVgwc1mnjAxEQPevDQtAtBFjC0JkJIBGPwZIyJd+PRf8GTXozxZOJV74aEGC6CpzWzO9PuLrtLt+x2kf18koHnmZc+3+/OPLvPzLMbwMiazf5JIrZHxO8RMV2vNu8wW//v2tXzS9evnl9Kolp9+6+ktt/fV88vFbsWx03llX1pRPpZEnvatLty9tyJxUqlfCavz6+e/HB+5ey5546fXDxWPlY+deDw4UMHF1584cDzfclzKtK89MZ7X7155Ium/Fvy6JPZbhufrFb73Nxw7WgoJ+NDDISejEVEdrpKtf4/HWOxfvKm4/VPhxocMFDVarU61XnzhSpwB0uiua7Lw6goPuiz+99iaR0EvDy44cfQXXmlfgOU5X0tX+pbxteeGJRa7m/7aTYi3r3wzzfZEoN5DgEA0OSHbPzzbDbaaR3/pXFfw3535XNDMxFxd0TsjIh74lTsioh7I2r73h8RD/TYfuskyY3jn/TyphLboGz891I+t9U8/itGfzEzltd21PIvJUePV8r766/J+/kwurzQpY0fX/vty07bGsd/2ZK1X4wF8zguj29rPmZ5cXXxVnJudOVixO7xdvknazMBSUQ8GBG7N9nG8ae/e6jTtpvn30Uf5pmq30Y8VT//F6Il/0LSfX5y/n9RKe+fL66KG/3y66W3OrV/S/n3QXb+/9/2+l/LfyZpnK9d6b2NS3983vGeZrPX/0TyTq08ka/7eHF19cxCxERypB504/oD68cW9WL/LP99e9v3/52x/krsiYjsIn44Ih6JiEfz2B+LiMcjYm+X/H9+9YkPWtdNbjj/wcryX+7p/K8XJqJ1TfvC2Imfvm9qdGa9mOd/vfv5P1Qr7cvXbOT9byNxbe5qBgAAgP+eNCK2R5LOrZXTdG6u/h3+XRFp5fTK6jNHT390arn+G4GZKKXFk67phuehC/ltfb1+MSLqXy0oth/Mnxt/PTZZq88tna4sDzt5GHFTHfp/VvlzbNjRAQPn91owunrq/8ng4gC2ns9/GF299f9tA4sD2Gqldv1/chiRAFuv3ef/J0OIA9h6Lf3ftB+MEM//YHTp/zC69H8YSSuTcfMfyXctFH9pk4ffsYUo3RZhDKwQ6W0RhsKACsN9XwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiXfwMAAP//EBbjLA==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x64f681d277076723, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) semget$private(0x0, 0x4000, 0x0) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0xff, 0x0, &(0x7f00000007c0)) rseq(0x0, 0x0, 0x0, 0x0) lsetxattr$security_capability(0x0, &(0x7f0000000140), 0x0, 0x0, 0x0) r3 = syz_clone(0x100000, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x0, r3, 0x0, 0x61000004, 0x0) 17.498214344s ago: executing program 6 (id=1597): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x0, 0x0, 0x1, 0x1}, 0x21) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48, 0x83, 0x0, 0x80000001}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10) socket(0x2, 0x3, 0x6) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000080)='./file4\x00', 0xa18c14, &(0x7f0000000340)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'cp874'}}, {@uni_xlate}, {@shortname_lower}, {@utf8no}, {@fat=@codepage={'codepage', 0x3d, '1250'}}, {@uni_xlate}, {@numtail}, {@shortname_lower}, {@utf8no}, {@shortname_mixed}, {@fat=@time_offset={'time_offset', 0x3d, 0xe4}}, {@iocharset={'iocharset', 0x3d, 'cp437'}}]}, 0x89, 0x2b7, &(0x7f0000000840)="$eJzs3b2KY1UcAPD/zSSZRIWksBLBC1pYhd19gg0ywmIqJYU2OrizIElYmEDAD4xb2QtWvoPv4APY+AYWloKdW4hXbnJvksnHZgJjRsbfr5h7cs7/n/ORM3NDIGc+eX00ePx0/OTZV79Go5FE5WE8jOdJtKMSpW8CALhLnmdZ/JHN7YutRj0islbxqHKE4QEA/4LZ/T/Jb+v77/8AwN3wwYcfvdft9c7eT9NGxOjbST9/M5Bf5+3dJ/FZDOMi7kUr/pq9TVh8WpD/fOVR7yyqaVp+GDBpRj9i9PHPxePu7xGz/PvRivZ6fr2ISmfirdF00s97zq+1eCmJ6GbJPORBtOLViKwWxZPML+8+6p09SDfzo1+Pt9/8oRj/3xfRiVb88mk8jWE8nj3FMv/r+2n6Tvb9n1/OZ9CPSKaT/uksbik7OcoLAgAAAAAAAAAAAAAAAAAAAADA/0InXWivnp9TngbY6Wxv33k+UHHCz3TlfJ17aZqWx/hM+rWY51fjtWpUb2/mAAAAAAAAAAAAAAAAAAAA8N8x/vyLwflweHF5pfBTlheaL4xZL1RXasqv9e/P2l4Y/BhxeNZ1CnFSDG2YbHSRlE1Xs/KMg/s6PSS4udnp4Dwqu9awOoz54L87fBHe2DLBwwvlztgVU+6uwXmyb+ka2zfJyq4rO7scJwdsyGzL0p3szKrf0B6rvzxorta0rp3e3LpQ+Yxri8W8mtXIX8mVmtoN/6asSW707w4AAAAAAAAAAAAAAAAAALBp+aXf+G2j8dmtDAkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjm75//8XhWiv16wXpkXyrKby4uDTy/GWbttHniYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB33D8BAAD//x6QS7s=") r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r2, 0x29, 0x13, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xc1103000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) sendmsg$inet(r7, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0x2}], 0x1}, 0x0) 16.19722135s ago: executing program 6 (id=1598): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0xfffffe58) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47) setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000400)=0x4614, 0x4) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000340)=[@window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x7) sendto(r3, 0x0, 0x0, 0x4000, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r3, &(0x7f00000004c0), 0x0, 0x805, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20048004) socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x29, 0x80000, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5) 15.901426597s ago: executing program 4 (id=1599): sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x30, '\x00', 0x0, 0x24}, 0x94) r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r4 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r4, &(0x7f0000000180)=[{0x0}], 0x1) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x240080c0) unshare(0x62040200) r5 = getpid() r6 = syz_pidfd_open(r5, 0x0) r7 = pidfd_getfd(r6, r6, 0x0) setns(r7, 0x66020000) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) 14.534148826s ago: executing program 6 (id=1600): r0 = fsmount(0xffffffffffffffff, 0x0, 0x0) fchdir(r0) mkdir(0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) getdents64(r1, &(0x7f00000000c0)=""/55, 0x37) r2 = socket$packet(0x11, 0x3, 0x300) r3 = getpgrp(0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x2, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$packet_int(r2, 0x107, 0x14, 0x0, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000180)='smaps_rollup\x00') read$FUSE(r7, &(0x7f0000004440)={0x2020}, 0x2020) rename(&(0x7f0000000180)='./bus\x00', &(0x7f00000001c0)='./file0\x00') 13.019657864s ago: executing program 2 (id=1601): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1c, 0x0, 0x7ffc1ffb}]}) getpriority(0x2, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0xcc3f, 0x77b, 0xfffffff7, 0x8, 0x5, 0xffffffffffffffff}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), 0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000003c0)) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000cc0)=@newtaction={0x70, 0x30, 0x800, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ctinfo={0x58, 0x4, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x8}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x6}, @TCA_CTINFO_ZONE={0x6, 0x4, 0xe57}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x401}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0x9e57}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}, 0x70}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs={0x0, 0x0, 0x40}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) gettid() setns(0xffffffffffffffff, 0x24020000) syz_clone(0xf61e0000, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_NAME_TABLE_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="018f2bbd7000fcdbdf2510"], 0x14}, 0x1, 0x0, 0x0, 0x1021}, 0x4000000) syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), r0) 12.992676616s ago: executing program 0 (id=1602): prlimit64(0x0, 0x3, &(0x7f0000000180)={0xffffffffffffffad, 0x107}, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f00000000c0)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0xc, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x12, &(0x7f0000000180)=0x5, 0x4) writev(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x200, 0x18) finit_module(r4, 0x0, 0x3) 11.71402867s ago: executing program 0 (id=1603): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000780)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getrlimit(0x0, &(0x7f0000000040)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) request_key(&(0x7f0000000200)='logon\x00', &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000680)='\x00', 0xfffffffffffffffa) r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) getgroups(0x1, &(0x7f0000001080)=[0xffffffffffffffff]) keyctl$chown(0x4, r3, 0xee01, r4) keyctl$setperm(0x5, r3, 0x30925) keyctl$KEYCTL_MOVE(0x3, r3, 0x0, 0x0, 0x0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, 0x0) r5 = socket$inet6(0xa, 0x3, 0xff) r6 = dup(r5) request_key(&(0x7f0000000180)='keyring\x00', &(0x7f0000000280)={'syz', 0x2}, 0x0, 0xfffffffffffffffe) r7 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0) sendfile(r6, r7, 0x0, 0x80001d00c0d1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xad) keyctl$restrict_keyring(0x1d, 0x0, &(0x7f0000000080)='asymmetric\x00', &(0x7f0000000180)='key_or_keyring:') add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 11.297890574s ago: executing program 4 (id=1604): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) syz_open_procfs(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@remote, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x1, 0x2, 0x7, 0x200}}, 0xe8) sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r3, 0xffffffffffffffff, 0x15, 0x0, @val=@kprobe_multi=@syms={0x0, 0x0, 0x0}}, 0x30) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, 0x0) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044) statx(0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000040)='./bus\x00', 0x3010009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}, {@xino_auto}]}) r5 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') read$FUSE(r5, &(0x7f0000001400)={0x2020}, 0x2020) bpf$PROG_LOAD(0x5, 0x0, 0x0) 10.294688122s ago: executing program 4 (id=1605): msgget$private(0x0, 0x200) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000) r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) syz_emit_ethernet(0x432, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) mlockall(0x2) r3 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xff}, 0x7}, 0x1c) writev(r3, &(0x7f00000000c0)=[{0x0}], 0x1) 10.081453834s ago: executing program 6 (id=1606): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e00000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f00000004c0)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xf, 0x0, &(0x7f0000000000)="14fd54ab72df97e6256c00000000c3", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 8.350000845s ago: executing program 4 (id=1607): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x0, 0x0, 0x1, 0x1}, 0x21) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48, 0x83, 0x0, 0x80000001}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10) socket(0x2, 0x3, 0x6) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000080)='./file4\x00', 0xa18c14, &(0x7f0000000340)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'cp874'}}, {@uni_xlate}, {@shortname_lower}, {@utf8no}, {@fat=@codepage={'codepage', 0x3d, '1250'}}, {@uni_xlate}, {@numtail}, {@shortname_lower}, {@utf8no}, {@shortname_mixed}, {@fat=@time_offset={'time_offset', 0x3d, 0xe4}}, {@iocharset={'iocharset', 0x3d, 'cp437'}}]}, 0x89, 0x2b7, &(0x7f0000000840)="$eJzs3b2KY1UcAPD/zSSZRIWksBLBC1pYhd19gg0ywmIqJYU2OrizIElYmEDAD4xb2QtWvoPv4APY+AYWloKdW4hXbnJvksnHZgJjRsbfr5h7cs7/n/ORM3NDIGc+eX00ePx0/OTZV79Go5FE5WE8jOdJtKMSpW8CALhLnmdZ/JHN7YutRj0islbxqHKE4QEA/4LZ/T/Jb+v77/8AwN3wwYcfvdft9c7eT9NGxOjbST9/M5Bf5+3dJ/FZDOMi7kUr/pq9TVh8WpD/fOVR7yyqaVp+GDBpRj9i9PHPxePu7xGz/PvRivZ6fr2ISmfirdF00s97zq+1eCmJ6GbJPORBtOLViKwWxZPML+8+6p09SDfzo1+Pt9/8oRj/3xfRiVb88mk8jWE8nj3FMv/r+2n6Tvb9n1/OZ9CPSKaT/uksbik7OcoLAgAAAAAAAAAAAAAAAAAAAADA/0InXWivnp9TngbY6Wxv33k+UHHCz3TlfJ17aZqWx/hM+rWY51fjtWpUb2/mAAAAAAAAAAAAAAAAAAAA8N8x/vyLwflweHF5pfBTlheaL4xZL1RXasqv9e/P2l4Y/BhxeNZ1CnFSDG2YbHSRlE1Xs/KMg/s6PSS4udnp4Dwqu9awOoz54L87fBHe2DLBwwvlztgVU+6uwXmyb+ka2zfJyq4rO7scJwdsyGzL0p3szKrf0B6rvzxorta0rp3e3LpQ+Yxri8W8mtXIX8mVmtoN/6asSW707w4AAAAAAAAAAAAAAAAAALBp+aXf+G2j8dmtDAkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjm75//8XhWiv16wXpkXyrKby4uDTy/GWbttHniYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB33D8BAAD//x6QS7s=") r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r2, 0x29, 0x13, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xc1103000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) sendmsg$inet(r7, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0x2}], 0x1}, 0x0) 8.159585156s ago: executing program 2 (id=1608): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) pipe(&(0x7f0000000440)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x42002, 0x0) write$binfmt_aout(r3, 0x0, 0xff2e) 7.05089784s ago: executing program 2 (id=1609): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0xfffffe58) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47) setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000400)=0x4614, 0x4) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000340)=[@window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x7) sendto(r3, 0x0, 0x0, 0x4000, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r3, &(0x7f00000004c0), 0x0, 0x805, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20048004) socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x29, 0x80000, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5) 6.01565208s ago: executing program 2 (id=1610): r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000340)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000013c0)={{0x14, 0x453, 0x1, 0x0, 0x0, {0x5}}, [], {0x14, 0x3f4}}, 0x28}, 0x1, 0x0, 0x0, 0x64841}, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x18) syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000240), 0x5, 0x1a0, &(0x7f0000000000)="$eJzs0MFrE0EUx/Hvm91sEqXKVvEQwQQsxi3VZLfiwVPwFKELIl4Egy5pbIobNd0ItrTQixSk2H9BT/Uogp5EFDwXD4IHXS+9SXPoSTxIJMnkr3A+sPt7b9mZN0w76SZZ4O/hepMaIxbH+IJgA0UZf1NqnO90/0vnzji4qvttna90FpLVtftRHLdWSldK6E2I4ryuSrjYTP5JipxS9IUa8u1wvRnJ3ZBBjY5adHAXRidq0PWeU7CnOHkHi0F5m2uKrjy+Accrvc6jSrK6dmG5Ey21lloPgmD+cvVSNUtQubcct6pvEe+ZKF6wgReSDcl7G2QaPN2zjzAniNdWqSWzfZwGO3vW+bNzfZR3wADhY7lP9ofdLqmbnCN3GxfqnBBeYoXMLJBX2IwG1ZHr6o349lf7d0aR27Ssi82H8eLWLSV/nN2aHOTE3ydT9glmfeZdKDDNJ7ZSZlLqKbsp+z8pyvvhlMm92pvD92vdneYMODyJer0V34HPUg4Jho8LU0xzFDXQPug1Ovg+KQzDMAzDMAzDMIz/wL8AAAD//+qBZD0=") 4.614009402s ago: executing program 0 (id=1611): syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file1\x00', 0x1180809, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYRES64, @ANYRES32, @ANYRES16, @ANYRESOCT, @ANYRESOCT], 0x2, 0x22d, &(0x7f0000000780)="$eJzslb9v00AUx793dpy0gkoMMLCkQyWKRB3bBdSFoexISC0Cxoheq4DbVGmGthJSKxYWZsQfwMbM0ImBDSZmBkBCYqAjC0gcuvM5Ptd22igIhr6PlMv33t27H8/PzyAI4tTy5fOPT89uLixfAXAGM6gb+zcnm8Ot+R9fODUj325MPT6whhqqYQCkzIzuMft7AN4sOsBesqyUmfcr86/WXAbHjOnfAcdlo++CwU/PKjNvAYb7xvxwUw5u050wIhbsQTdeWe3EIlBNqJpotfOyljufOv/hPsOKuaDagVnjWzu7j9ox0EtELFJRk+k+haFUJDcDSoZyYlj89PkWOW5YIVDP697TJ/uq7xt7YMUvBEdo9DwYloxeQB2+7zdNV4TW/S+62fpO8tgS9qrPXRSNUSaPL87N5SzTUEJl+HD3iVio2/61Y/yWQ+bUR16Qmazycin476JansrA6F68WfTyius0zEW1RRzzkpxgd3bUwuyUuHB48K7o9fW/hnc8ARNAe+i5CtSHyTi+Vep1PmeZrnhlPJzVJaEyJZL6wVzgklWfXOur0Oqvb7a2dnbnOuvtNbEmNqJo/npwNQiuRS1dm5PWLndH6l9D16dJa/1aRa30mIftdr/fC7eBfi8c9KOktZJp6XX3u/bhuv5xzP6SMv286Bcv/VCy/B7M/Lj+V2rWqTgOQRAEQRAEQRAEQRAEQRDECfhp6SYY3k8NurIcN7qth/8EAAD//7LLT5w=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_dev$sndpcmc(0x0, 0x0, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1d, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) write(r3, &(0x7f0000000380)="6c1ca7a7fc07c5375ad1a077c4246a722fb9e32ec1654ef826bc43f99287a9848ac52f3ade1791eaae6d2341cd8e20ce2a9c7f5216e812522f9de3384b6941cfbb8d25a4407565ce6b7c1a73350bed5a0216a68589228af07ae4ba64d5cd7cb40fad8dddae0a074e73711051e4489ce5f4a668f338e0ad2fc7c9ac3fddb575623629f4ca", 0x84) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x8, 0xf, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x94) bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x20) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x20000, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0xb, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0) ioctl$F2FS_IOC_ABORT_ATOMIC_WRITE(r4, 0xf505, 0x0) 2.135937136s ago: executing program 6 (id=1612): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4040044) socket$inet6_udplite(0xa, 0x2, 0x88) syz_mount_image$erofs(&(0x7f0000001240), &(0x7f0000000200)='./file0\x00', 0x2800080, &(0x7f0000001280)=ANY=[], 0xff, 0x20d, &(0x7f0000001000)="$eJzsmb9rFEEUx78zu/cjQQQbCxsLD4xo9nb3VIKQIoK9EDXa5TBriG5yYW/VS8Ai2NhYWgi2/gMWFqks7OxstdCAYGE67Q5GZnZ2d9i7PTzxziLvA3n5zts3M29n2e/BHQiCOLIcfP315fnVhRsXABxDAzWd/27lNdyo//zy4fkXi9devfn0+v3W8Sf7xfVqY+4vt3m3ZCHGjBoLIYR5vaEis2UXDZ27CY5zWq8YM1bBcUvnAzDc0fq+oTszWoSBc7cTrt3bCANXBk8GX4aWub8N4HCPYQ1AXffHjOvdnd0H7TAMoq6ViiRTEek+UV7zd2LU+an+ljgW9Vj2J5/X7WdP9+TY0XnXOD8PHJ7WLTAsa72AGhzHyY/EuP9Tdr6+NfT+JyWsYqZXqFk9KJt+Yn6Sjf0jUZnCGU5AMKSZ+qjilUf/v9WiYMWMfKGzzMnD/Q+Ds7796RY/t5MXY9iJTeuVKQhlXAAGLn2czTOpcY+zclXPGVqT+5N077OGP9mwM/9oxpvbze7O7vzGZns9WA+2fL912b3oupf8pjKiJA74Xj/zv7ryp1lj/UqJV1ZZFb12HEdeD4gjLxv7STQcd/lt54eaw5X/ccydSdaQD1HddskHHdN/XP1nfYE5q6QdgiAIgiAIgiAIgiAIgiCIMTkNpr4F1T9UiQKAuPJYCOFfV9W/AwAA//+VV18P") syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x457, &(0x7f0000000bc0)="$eJzs281vFOUfAPDvTLvl11/BVsQ38KWKRuJLSwGVgwc1mnjAxEQPevDQtAtBFjC0JkJIBGPwZIyJd+PRf8GTXozxZOJV74aEGC6CpzWzO9PuLrtLt+x2kf18koHnmZc+3+/OPLvPzLMbwMiazf5JIrZHxO8RMV2vNu8wW//v2tXzS9evnl9Kolp9+6+ktt/fV88vFbsWx03llX1pRPpZEnvatLty9tyJxUqlfCavz6+e/HB+5ey5546fXDxWPlY+deDw4UMHF1584cDzfclzKtK89MZ7X7155Ium/Fvy6JPZbhufrFb73Nxw7WgoJ+NDDISejEVEdrpKtf4/HWOxfvKm4/VPhxocMFDVarU61XnzhSpwB0uiua7Lw6goPuiz+99iaR0EvDy44cfQXXmlfgOU5X0tX+pbxteeGJRa7m/7aTYi3r3wzzfZEoN5DgEA0OSHbPzzbDbaaR3/pXFfw3535XNDMxFxd0TsjIh74lTsioh7I2r73h8RD/TYfuskyY3jn/TyphLboGz891I+t9U8/itGfzEzltd21PIvJUePV8r766/J+/kwurzQpY0fX/vty07bGsd/2ZK1X4wF8zguj29rPmZ5cXXxVnJudOVixO7xdvknazMBSUQ8GBG7N9nG8ae/e6jTtpvn30Uf5pmq30Y8VT//F6Il/0LSfX5y/n9RKe+fL66KG/3y66W3OrV/S/n3QXb+/9/2+l/LfyZpnK9d6b2NS3983vGeZrPX/0TyTq08ka/7eHF19cxCxERypB504/oD68cW9WL/LP99e9v3/52x/krsiYjsIn44Ih6JiEfz2B+LiMcjYm+X/H9+9YkPWtdNbjj/wcryX+7p/K8XJqJ1TfvC2Imfvm9qdGa9mOd/vfv5P1Qr7cvXbOT9byNxbe5qBgAAgP+eNCK2R5LOrZXTdG6u/h3+XRFp5fTK6jNHT390arn+G4GZKKXFk67phuehC/ltfb1+MSLqXy0oth/Mnxt/PTZZq88tna4sDzt5GHFTHfp/VvlzbNjRAQPn91owunrq/8ng4gC2ns9/GF299f9tA4sD2Gqldv1/chiRAFuv3ef/J0OIA9h6Lf3ftB+MEM//YHTp/zC69H8YSSuTcfMfyXctFH9pk4ffsYUo3RZhDKwQ6W0RhsKACsN9XwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiXfwMAAP//EBbjLA==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x64f681d277076723, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) semget$private(0x0, 0x4000, 0x0) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0xff, 0x0, &(0x7f00000007c0)) rseq(0x0, 0x0, 0x0, 0x0) lsetxattr$security_capability(0x0, &(0x7f0000000140), 0x0, 0x0, 0x0) r3 = syz_clone(0x100000, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x0, r3, 0x0, 0x61000004, 0x0) 1.830614623s ago: executing program 0 (id=1613): sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x30, '\x00', 0x0, 0x24}, 0x94) r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r4 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r4, &(0x7f0000000180)=[{0x0}], 0x1) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x240080c0) unshare(0x62040200) r5 = getpid() r6 = syz_pidfd_open(r5, 0x0) r7 = pidfd_getfd(r6, r6, 0x0) setns(r7, 0x66020000) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) 1.634141094s ago: executing program 2 (id=1614): prlimit64(0x0, 0x3, &(0x7f0000000180)={0xffffffffffffffad, 0x107}, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f00000000c0)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0xc, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x12, &(0x7f0000000180)=0x5, 0x4) writev(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x200, 0x18) finit_module(r4, 0x0, 0x3) 0s ago: executing program 2 (id=1615): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) syz_open_procfs(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000100000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@remote, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x1, 0x2, 0x7, 0x200}}, 0xe8) sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r3, 0xffffffffffffffff, 0x15, 0x0, @val=@kprobe_multi=@syms={0x0, 0x0, 0x0}}, 0x30) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, 0x0) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044) statx(0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000040)='./bus\x00', 0x3010009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}, {@xino_auto}]}) r5 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') read$FUSE(r5, &(0x7f0000001400)={0x2020}, 0x2020) bpf$PROG_LOAD(0x5, 0x0, 0x0) kernel console output (not intermixed with test programs): 16383][ T7924] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 566.564320][ T7373] usb usb2-port1: attempt power cycle [ 567.023253][ T7373] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 567.085468][ T7373] usb 2-1: device descriptor read/8, error -71 [ 567.562840][ T7373] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 567.603713][ T7373] usb 2-1: device descriptor read/8, error -71 [ 567.723035][ T7373] usb usb2-port1: unable to enumerate USB device [ 567.779049][ T7933] loop6: detected capacity change from 0 to 16 [ 567.884908][ T7935] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 569.868760][ T7950] netlink: 4 bytes leftover after parsing attributes in process `syz.6.932'. [ 569.877763][ T7950] netlink: 7 bytes leftover after parsing attributes in process `syz.6.932'. [ 571.877833][ T7963] loop6: detected capacity change from 0 to 256 [ 572.230174][ T7965] wlan1 speed is unknown, defaulting to 1000 [ 575.113649][ T7987] loop4: detected capacity change from 0 to 256 [ 575.123554][ T7987] exfat: Deprecated parameter 'utf8' [ 575.129341][ T7987] exfat: Deprecated parameter 'namecase' [ 575.987732][ T7987] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 577.700840][ T8008] loop6: detected capacity change from 0 to 8 [ 577.708148][ T26] audit: type=1107 audit(1769946384.035:391): pid=8006 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 577.734510][ T8008] SQUASHFS error: lzo decompression failed, data probably corrupt [ 577.742419][ T8008] SQUASHFS error: Failed to read block 0x91: -5 [ 577.750539][ T8008] SQUASHFS error: Unable to read metadata cache entry [8f] [ 577.757821][ T8008] SQUASHFS error: Unable to read inode 0x11f [ 579.963056][ T8012] Invalid ELF header magic: != ELF [ 582.271738][ T8054] fuse: Bad value for 'fd' [ 582.769469][ T8066] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 582.885495][ T26] audit: type=1326 audit(1769946389.225:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 582.983877][ T26] audit: type=1326 audit(1769946389.325:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 583.073321][ T26] audit: type=1326 audit(1769946389.325:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 583.409751][ T26] audit: type=1326 audit(1769946389.325:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 584.155833][ T26] audit: type=1326 audit(1769946389.375:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 584.507952][ T26] audit: type=1326 audit(1769946389.375:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 584.632594][ T26] audit: type=1326 audit(1769946389.375:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 584.836387][ T26] audit: type=1326 audit(1769946389.385:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 585.018510][ T26] audit: type=1326 audit(1769946389.385:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 585.306661][ T26] audit: type=1326 audit(1769946389.385:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 585.786571][ T8091] loop6: detected capacity change from 0 to 16 [ 586.699040][ T8091] erofs: (device loop6): mounted with root inode @ nid 36. [ 586.953673][ T8098] binder: BINDER_SET_CONTEXT_MGR already set [ 586.959735][ T8098] binder: 8097:8098 ioctl 4018620d 2000000002c0 returned -16 [ 587.192273][ T8100] erofs: (device loop6): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 587.202274][ T8100] erofs: (device loop6): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 587.212784][ T8100] erofs: (device loop6): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 587.222648][ T8100] erofs: (device loop6): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 587.232802][ T8100] erofs: (device loop6): z_erofs_read_folio: failed to read, err [-117] [ 591.208518][ T8119] loop6: detected capacity change from 0 to 512 [ 591.270936][ T8119] EXT4-fs: Ignoring removed i_version option [ 591.328249][ T8119] EXT4-fs: Ignoring removed nobh option [ 591.392884][ T8119] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 591.423703][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 591.423720][ T26] audit: type=1326 audit(1769946397.765:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8124 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 591.473239][ T8119] EXT4-fs (loop6): can't mount with data_err=abort, fs mounted w/o journal [ 591.676700][ T26] audit: type=1326 audit(1769946397.845:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8124 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 592.648130][ T26] audit: type=1326 audit(1769946397.855:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8124 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 592.828425][ T26] audit: type=1326 audit(1769946397.855:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8124 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 593.079307][ T26] audit: type=1326 audit(1769946397.865:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8124 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 593.102377][ T26] audit: type=1326 audit(1769946397.865:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8124 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 593.124871][ T26] audit: type=1326 audit(1769946397.865:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8124 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 593.148596][ T26] audit: type=1326 audit(1769946397.865:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8124 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 593.346143][ T8145] loop4: detected capacity change from 0 to 16 [ 593.354722][ T26] audit: type=1326 audit(1769946397.865:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8124 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 593.387647][ T26] audit: type=1326 audit(1769946397.865:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8124 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 594.614117][ T8145] erofs: (device loop4): mounted with root inode @ nid 36. [ 594.919292][ T8152] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 594.929199][ T8152] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 594.939594][ T8152] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 594.949553][ T8152] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 594.959649][ T8152] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 598.118463][ T26] kauditd_printk_skb: 58 callbacks suppressed [ 598.118507][ T26] audit: type=1107 audit(1769946404.455:482): pid=8163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 598.206543][ T8178] loop1: detected capacity change from 0 to 256 [ 598.216153][ T8178] exfat: Deprecated parameter 'utf8' [ 598.221963][ T8178] exfat: Deprecated parameter 'namecase' [ 598.286967][ T8178] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 598.436719][ T8179] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 600.837035][ T7] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 601.138322][ T8210] wlan1 speed is unknown, defaulting to 1000 [ 601.832316][ T125] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 601.872966][ T7] usb 5-1: Using ep0 maxpacket: 8 [ 601.889772][ T7] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 601.943162][ T7] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 601.989166][ T7] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 602.018169][ T7] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 602.054346][ T125] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 602.071238][ T7] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 602.099261][ T125] usb 7-1: config 0 has no interfaces? [ 602.197832][ T125] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 602.226199][ T8218] netlink: 'syz.1.994': attribute type 4 has an invalid length. [ 602.243061][ T8218] netlink: 1601 bytes leftover after parsing attributes in process `syz.1.994'. [ 603.058547][ T125] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 603.066940][ T7] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 603.133897][ T125] usb 7-1: config 0 descriptor?? [ 603.142812][ T7] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 604.401979][ T125] usb 7-1: USB disconnect, device number 4 [ 604.452907][ T7] usb 5-1: can't set config #16, error -71 [ 604.508596][ T7] usb 5-1: USB disconnect, device number 36 [ 606.918535][ T8237] netlink: 12 bytes leftover after parsing attributes in process `syz.6.998'. [ 607.759935][ T8250] loop4: detected capacity change from 0 to 512 [ 607.799795][ T8250] EXT4-fs: Ignoring removed i_version option [ 607.851834][ T8250] EXT4-fs: Ignoring removed nobh option [ 607.912402][ T8250] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 607.966452][ T8250] EXT4-fs (loop4): can't mount with data_err=abort, fs mounted w/o journal [ 609.866866][ T8265] loop4: detected capacity change from 0 to 256 [ 611.137214][ T7373] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 611.352997][ T7373] usb 3-1: Using ep0 maxpacket: 8 [ 611.360278][ T7373] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 611.392938][ T7373] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 611.485659][ T7373] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 611.532906][ T7373] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 611.565759][ T7373] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 611.615576][ T7373] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 611.666841][ T7373] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 611.956954][ T7373] usb 3-1: usb_control_msg returned -32 [ 611.962621][ T7373] usbtmc 3-1:16.0: can't read capabilities [ 611.992915][ T125] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 612.043008][ T7373] usb 3-1: USB disconnect, device number 19 [ 612.219158][ T125] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 612.904998][ T125] usb 5-1: config 0 has no interfaces? [ 612.945409][ T125] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 612.992999][ T125] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 613.061931][ T125] usb 5-1: config 0 descriptor?? [ 613.293136][ T125] usb 5-1: USB disconnect, device number 37 [ 615.113410][ T8315] loop2: detected capacity change from 0 to 256 [ 615.124300][ T8315] exfat: Deprecated parameter 'utf8' [ 615.130020][ T8315] exfat: Deprecated parameter 'namecase' [ 615.161008][ T8310] loop4: detected capacity change from 0 to 512 [ 615.191652][ T8310] EXT4-fs: Ignoring removed i_version option [ 615.314414][ T8310] EXT4-fs: Ignoring removed nobh option [ 615.508808][ T8310] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 615.523702][ T8315] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 615.876493][ T8310] EXT4-fs (loop4): can't mount with data_err=abort, fs mounted w/o journal [ 616.128157][ T8318] loop2: detected capacity change from 0 to 256 [ 616.356578][ T4283] Bluetooth: hci4: command 0x0406 tx timeout [ 619.500145][ T8346] loop1: detected capacity change from 0 to 512 [ 619.805259][ T8346] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.1023: bad orphan inode 11862016 [ 620.723989][ T8346] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 620.742085][ T8346] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 623.709303][ T8373] wlan1 speed is unknown, defaulting to 1000 [ 624.584981][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.591344][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.045033][ T4274] EXT4-fs (loop1): unmounting filesystem. [ 625.792962][ T2167] usb 5-1: new full-speed USB device number 38 using dummy_hcd [ 626.013750][ T2167] usb 5-1: no configurations [ 626.018426][ T2167] usb 5-1: can't read configurations, error -22 [ 626.182933][ T2167] usb 5-1: new full-speed USB device number 39 using dummy_hcd [ 626.373839][ T2167] usb 5-1: no configurations [ 626.378535][ T2167] usb 5-1: can't read configurations, error -22 [ 626.421928][ T2167] usb usb5-port1: attempt power cycle [ 626.442991][ T8402] fuse: Bad value for 'fd' [ 626.729639][ T8407] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1040'. [ 626.857805][ T2167] usb 5-1: new full-speed USB device number 40 using dummy_hcd [ 627.064589][ T2167] usb 5-1: no configurations [ 627.094853][ T2167] usb 5-1: can't read configurations, error -22 [ 627.982918][ T2167] usb 5-1: new full-speed USB device number 41 using dummy_hcd [ 628.054626][ T2167] usb 5-1: device descriptor read/8, error -71 [ 628.277821][ T2167] usb usb5-port1: unable to enumerate USB device [ 628.309012][ T8433] loop4: detected capacity change from 0 to 512 [ 629.081881][ T8429] loop6: detected capacity change from 0 to 512 [ 629.151561][ T8433] EXT4-fs error (device loop4): ext4_orphan_get:1425: comm syz.4.1044: bad orphan inode 11862016 [ 629.164584][ T8429] EXT4-fs: Ignoring removed i_version option [ 629.170672][ T8429] EXT4-fs: Ignoring removed nobh option [ 629.204140][ T8433] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 629.213595][ T8433] ext4 filesystem being mounted at /206/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 629.312882][ T8429] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 629.389641][ T8429] EXT4-fs (loop6): can't mount with data_err=abort, fs mounted w/o journal [ 629.402818][ T125] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 629.594481][ T125] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 629.613505][ T125] usb 2-1: config 0 has no interfaces? [ 629.619377][ T125] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 629.628873][ T125] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 629.695851][ T125] usb 2-1: config 0 descriptor?? [ 630.309513][ T22] usb 2-1: USB disconnect, device number 27 [ 631.432206][ T8456] fuse: Bad value for 'fd' [ 631.956485][ T8473] loop1: detected capacity change from 0 to 8 [ 632.022827][ T26] audit: type=1107 audit(1769946438.295:483): pid=8465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 632.059601][ T8473] SQUASHFS error: lzo decompression failed, data probably corrupt [ 632.067641][ T8473] SQUASHFS error: Failed to read block 0x91: -5 [ 632.074045][ T8473] SQUASHFS error: Unable to read metadata cache entry [8f] [ 632.081280][ T8473] SQUASHFS error: Unable to read inode 0x11f [ 633.216666][ T4275] EXT4-fs (loop4): unmounting filesystem. [ 633.441072][ T8484] loop6: detected capacity change from 0 to 512 [ 633.583830][ T8484] EXT4-fs: Ignoring removed i_version option [ 633.590027][ T8484] EXT4-fs: Ignoring removed nobh option [ 633.681034][ T8489] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1056'. [ 633.690357][ T8489] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1056'. [ 634.085601][ T8484] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 634.206164][ T8484] EXT4-fs (loop6): can't mount with data_err=abort, fs mounted w/o journal [ 634.500640][ T2167] usb 2-1: new full-speed USB device number 28 using dummy_hcd [ 635.865273][ T2167] usb 2-1: config 0 has an invalid interface number: 41 but max is 0 [ 635.878994][ T2167] usb 2-1: config 0 has no interface number 0 [ 635.898944][ T2167] usb 2-1: config 0 interface 41 has no altsetting 0 [ 635.916949][ T2167] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 635.933121][ T2167] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 635.968537][ T2167] usb 2-1: Product: syz [ 635.995183][ T2167] usb 2-1: Manufacturer: syz [ 636.012764][ T2167] usb 2-1: SerialNumber: syz [ 636.051737][ T2167] usb 2-1: config 0 descriptor?? [ 636.968798][ T2167] CoreChips: probe of 2-1:0.41 failed with error -71 [ 636.988065][ T2167] usb 2-1: USB disconnect, device number 28 [ 637.082330][ T8506] fuse: Bad value for 'fd' [ 637.422941][ T4320] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 637.503249][ T8527] loop6: detected capacity change from 0 to 8 [ 637.510552][ T26] audit: type=1107 audit(1769946443.835:484): pid=8516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 637.595064][ T8527] SQUASHFS error: lzo decompression failed, data probably corrupt [ 637.603827][ T8527] SQUASHFS error: Failed to read block 0x91: -5 [ 637.610204][ T8527] SQUASHFS error: Unable to read metadata cache entry [8f] [ 637.617560][ T8527] SQUASHFS error: Unable to read inode 0x11f [ 637.823324][ T4320] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 637.845280][ T4320] usb 5-1: config 0 has no interfaces? [ 637.857243][ T4320] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 637.882881][ T4320] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 637.911648][ T4320] usb 5-1: config 0 descriptor?? [ 638.126142][ T5087] usb 5-1: USB disconnect, device number 42 [ 638.431269][ T8537] loop1: detected capacity change from 0 to 512 [ 640.593831][ T8537] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.1067: bad orphan inode 11862016 [ 640.733880][ T8537] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 640.778356][ T8537] ext4 filesystem being mounted at /214/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 641.082797][ T7] usb 5-1: new full-speed USB device number 43 using dummy_hcd [ 641.944401][ T7] usb 5-1: config 0 has an invalid interface number: 41 but max is 0 [ 641.952568][ T7] usb 5-1: config 0 has no interface number 0 [ 642.772783][ T7] usb 5-1: config 0 interface 41 has no altsetting 0 [ 642.934910][ T7] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 643.009202][ T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 643.058326][ T7] usb 5-1: Product: syz [ 644.705215][ T7] usb 5-1: Manufacturer: syz [ 644.713834][ T7] usb 5-1: SerialNumber: syz [ 644.728764][ T7] usb 5-1: config 0 descriptor?? [ 645.039905][ T7] usb 5-1: can't set config #0, error -71 [ 645.061167][ T7] usb 5-1: USB disconnect, device number 43 [ 645.925211][ T4274] EXT4-fs (loop1): unmounting filesystem. [ 646.328195][ T8602] netlink: 'syz.1.1080': attribute type 4 has an invalid length. [ 646.336214][ T8602] netlink: 1601 bytes leftover after parsing attributes in process `syz.1.1080'. [ 648.923043][ T4320] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 649.112786][ T4320] usb 3-1: Using ep0 maxpacket: 32 [ 649.120011][ T4320] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 649.209111][ T4320] usb 3-1: config 0 interface 0 has no altsetting 0 [ 649.902864][ T4320] usb 3-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 649.912004][ T4320] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 650.063761][ T4320] usb 3-1: config 0 descriptor?? [ 650.135599][ T8622] loop6: detected capacity change from 0 to 512 [ 650.200938][ T8622] EXT4-fs: Ignoring removed i_version option [ 650.230278][ T8622] EXT4-fs: Ignoring removed nobh option [ 650.253329][ T8622] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 650.307445][ T8622] EXT4-fs (loop6): can't mount with data_err=abort, fs mounted w/o journal [ 652.555988][ T4320] usbhid 3-1:0.0: can't add hid device: -71 [ 652.562192][ T4320] usbhid: probe of 3-1:0.0 failed with error -71 [ 652.630486][ T4320] usb 3-1: USB disconnect, device number 20 [ 652.842827][ T4397] usb 5-1: new full-speed USB device number 44 using dummy_hcd [ 653.042015][ T8649] netlink: 'syz.6.1092': attribute type 4 has an invalid length. [ 653.050057][ T8649] netlink: 1601 bytes leftover after parsing attributes in process `syz.6.1092'. [ 653.065021][ T4397] usb 5-1: config 0 has an invalid interface number: 41 but max is 0 [ 653.272907][ T4320] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 653.482992][ T4320] usb 3-1: Using ep0 maxpacket: 8 [ 653.527858][ T4320] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 653.713330][ T4320] usb 3-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 653.786078][ T4397] usb 5-1: config 0 has no interface number 0 [ 653.792293][ T4397] usb 5-1: config 0 interface 41 has no altsetting 0 [ 653.811397][ T4397] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 653.823342][ T4320] usb 3-1: config 179 has no interface number 0 [ 653.829874][ T4320] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 653.851916][ T4397] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 653.872187][ T4397] usb 5-1: Product: syz [ 653.880798][ T4320] usb 3-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 653.893210][ T4397] usb 5-1: Manufacturer: syz [ 653.898618][ T4397] usb 5-1: SerialNumber: syz [ 653.926279][ T4320] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 653.942424][ T4397] usb 5-1: config 0 descriptor?? [ 653.967045][ T4320] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 654.538819][ T8642] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 654.564203][ T8642] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 654.581022][ T4320] usb 3-1: USB disconnect, device number 21 [ 655.312623][ T4397] CoreChips: probe of 5-1:0.41 failed with error -22 [ 655.751219][ T4365] usb 5-1: USB disconnect, device number 44 [ 655.878821][ T8685] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1099'. [ 657.542958][ T4365] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 659.112852][ T4365] usb 2-1: Using ep0 maxpacket: 8 [ 659.119974][ T4365] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 659.152825][ T4365] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 659.193158][ T4365] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 659.223973][ T4365] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 659.285162][ T4365] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 659.328976][ T4365] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 659.349211][ T4365] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 659.616712][ T4365] usb 2-1: GET_CAPABILITIES returned 0 [ 659.622289][ T4365] usbtmc 2-1:16.0: can't read capabilities [ 660.623665][ T4365] usb 2-1: USB disconnect, device number 29 [ 661.625624][ T4365] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 661.863012][ T4365] usb 3-1: Using ep0 maxpacket: 32 [ 661.876022][ T4365] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 662.032883][ T4365] usb 3-1: config 0 interface 0 has no altsetting 0 [ 662.131866][ T4365] usb 3-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 662.269047][ T4365] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 662.370557][ T4365] usb 3-1: config 0 descriptor?? [ 664.466602][ T4365] usbhid 3-1:0.0: can't add hid device: -71 [ 664.493035][ T4365] usbhid: probe of 3-1:0.0 failed with error -71 [ 664.547766][ T4365] usb 3-1: USB disconnect, device number 22 [ 666.437755][ T8790] netlink: 'syz.1.1126': attribute type 4 has an invalid length. [ 666.445639][ T8790] netlink: 1601 bytes leftover after parsing attributes in process `syz.1.1126'. [ 666.543875][ T8794] binder: 8793:8794 ioctl 4018620d 0 returned -22 [ 670.709564][ T8816] loop1: detected capacity change from 0 to 512 [ 672.364896][ T8816] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.1134: bad orphan inode 11862016 [ 672.382827][ T4365] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 672.418255][ T8816] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 672.487032][ T8816] ext4 filesystem being mounted at /228/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 672.572810][ T4365] usb 3-1: Using ep0 maxpacket: 8 [ 672.579921][ T4365] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 672.632795][ T4365] usb 3-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 672.672816][ T4365] usb 3-1: config 179 has no interface number 0 [ 672.709902][ T4365] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 672.752777][ T4365] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 672.792803][ T4365] usb 3-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 672.842514][ T4365] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 672.882542][ T4365] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 672.934839][ T8818] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 673.160229][ T8818] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 673.220753][ T8818] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 673.258685][ T4365] usb 3-1: USB disconnect, device number 23 [ 674.227137][ T8856] loop6: detected capacity change from 0 to 16 [ 674.908352][ T7953] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 674.942224][ T4274] EXT4-fs (loop1): unmounting filesystem. [ 674.954342][ T8859] binder: 8857:8859 ioctl 4018620d 0 returned -22 [ 680.564257][ T8900] loop6: detected capacity change from 0 to 512 [ 680.690110][ T8900] EXT4-fs error (device loop6): ext4_orphan_get:1425: comm syz.6.1151: bad orphan inode 11862016 [ 680.713919][ T8900] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 680.890947][ T8905] wlan1 speed is unknown, defaulting to 1000 [ 681.700817][ T8900] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 684.416070][ T7252] EXT4-fs (loop6): unmounting filesystem. [ 684.929705][ T8937] loop6: detected capacity change from 0 to 16 [ 685.190486][ T8939] binder: BINDER_SET_CONTEXT_MGR already set [ 685.208885][ T8939] binder: 8938:8939 ioctl 4018620d 2000000002c0 returned -16 [ 685.529831][ T26] audit: type=1107 audit(1769946491.865:485): pid=8941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 685.543691][ T8946] loop4: detected capacity change from 0 to 8 [ 685.555830][ T8946] SQUASHFS error: lzo decompression failed, data probably corrupt [ 685.564098][ T8946] SQUASHFS error: Failed to read block 0x91: -5 [ 685.570399][ T8946] SQUASHFS error: Unable to read metadata cache entry [8f] [ 685.577906][ T8946] SQUASHFS error: Unable to read inode 0x11f [ 685.766605][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.775864][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.866381][ T8952] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1159'. [ 685.875778][ T8952] netlink: 7 bytes leftover after parsing attributes in process `syz.6.1159'. [ 686.329097][ T8956] netlink: 'syz.4.1162': attribute type 4 has an invalid length. [ 686.337058][ T8956] netlink: 1601 bytes leftover after parsing attributes in process `syz.4.1162'. [ 690.604938][ T4397] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 690.802848][ T4397] usb 5-1: Using ep0 maxpacket: 8 [ 690.810391][ T4397] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 690.835664][ T4397] usb 5-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 690.860796][ T8983] binder: BINDER_SET_CONTEXT_MGR already set [ 690.863045][ T4397] usb 5-1: config 179 has no interface number 0 [ 690.892835][ T4397] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 690.904289][ T8983] binder: 8982:8983 ioctl 4018620d 2000000002c0 returned -16 [ 690.962876][ T4397] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 690.993204][ T4397] usb 5-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 691.046148][ T4397] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 691.097956][ T4397] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 691.143326][ T8967] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 691.439522][ T8967] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 691.490667][ T8967] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 691.560562][ T4365] usb 5-1: USB disconnect, device number 45 [ 691.665144][ T8995] loop6: detected capacity change from 0 to 8 [ 691.667874][ T26] audit: type=1107 audit(1769946498.005:486): pid=8990 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 691.690460][ T8995] SQUASHFS error: lzo decompression failed, data probably corrupt [ 691.698623][ T8995] SQUASHFS error: Failed to read block 0x91: -5 [ 691.705658][ T8995] SQUASHFS error: Unable to read metadata cache entry [8f] [ 691.713119][ T8995] SQUASHFS error: Unable to read inode 0x11f [ 693.901238][ T9018] netlink: 'syz.4.1175': attribute type 4 has an invalid length. [ 693.909130][ T9018] netlink: 1601 bytes leftover after parsing attributes in process `syz.4.1175'. [ 696.814771][ T26] audit: type=1326 audit(1769946503.155:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 696.889226][ T26] audit: type=1326 audit(1769946503.155:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 696.912525][ C0] vkms_vblank_simulate: vblank timer overrun [ 697.032788][ T26] audit: type=1326 audit(1769946503.185:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 697.128017][ T26] audit: type=1326 audit(1769946503.185:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 697.150990][ T26] audit: type=1326 audit(1769946503.185:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 697.254968][ T26] audit: type=1326 audit(1769946503.215:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 697.827946][ T26] audit: type=1326 audit(1769946503.215:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 698.042744][ T26] audit: type=1326 audit(1769946503.215:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 698.065945][ T26] audit: type=1326 audit(1769946503.215:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 698.089408][ T26] audit: type=1326 audit(1769946503.215:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 698.118286][ T9039] loop1: detected capacity change from 0 to 16 [ 699.080501][ T9058] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1182'. [ 699.089840][ T9058] netlink: 7 bytes leftover after parsing attributes in process `syz.1.1182'. [ 699.353552][ T4365] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 700.869903][ T4365] usb 7-1: device descriptor read/64, error -71 [ 700.876303][ T4351] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 701.859468][ T4351] usb 3-1: Using ep0 maxpacket: 8 [ 701.913275][ T4351] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 701.921824][ T4351] usb 3-1: config 179 has no interface number 0 [ 701.929183][ T4351] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 701.940515][ T4365] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 701.951505][ T4351] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 701.963281][ T4351] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 701.990407][ T4351] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 702.102221][ T4351] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 702.162901][ T4351] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 702.252916][ T4351] usb 3-1: can't set config #179, error -71 [ 702.288603][ T4351] usb 3-1: USB disconnect, device number 24 [ 702.294718][ T26] kauditd_printk_skb: 39 callbacks suppressed [ 702.294733][ T26] audit: type=1326 audit(1769946508.635:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9077 comm="syz.2.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 703.298479][ T26] audit: type=1326 audit(1769946508.705:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9077 comm="syz.2.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 703.801114][ T26] audit: type=1326 audit(1769946508.705:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9077 comm="syz.2.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 703.839195][ T26] audit: type=1326 audit(1769946508.705:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9077 comm="syz.2.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 703.978438][ T26] audit: type=1326 audit(1769946508.705:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9077 comm="syz.2.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 704.215982][ T26] audit: type=1326 audit(1769946508.705:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9077 comm="syz.2.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 704.365996][ T26] audit: type=1326 audit(1769946508.705:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9077 comm="syz.2.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 704.394122][ T9099] loop6: detected capacity change from 0 to 8 [ 704.415435][ T9099] SQUASHFS error: lzo decompression failed, data probably corrupt [ 704.423401][ T9099] SQUASHFS error: Failed to read block 0x91: -5 [ 704.429688][ T9099] SQUASHFS error: Unable to read metadata cache entry [8f] [ 704.436972][ T9099] SQUASHFS error: Unable to read inode 0x11f [ 704.463128][ T26] audit: type=1326 audit(1769946508.705:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9077 comm="syz.2.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 704.594211][ T26] audit: type=1326 audit(1769946508.705:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9077 comm="syz.2.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 704.654832][ T9101] loop2: detected capacity change from 0 to 256 [ 704.720613][ T26] audit: type=1326 audit(1769946508.705:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9077 comm="syz.2.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 706.992745][ T4320] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 707.122834][ T7373] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 707.162796][ T4320] usb 3-1: device descriptor read/64, error -71 [ 707.322807][ T7373] usb 5-1: Using ep0 maxpacket: 8 [ 707.329792][ T7373] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 707.369120][ T7373] usb 5-1: config 179 has no interface number 0 [ 707.399530][ T7373] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 707.431334][ T7373] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 707.462797][ T7373] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 707.473136][ T4320] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 707.495739][ T7373] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 707.550303][ T7373] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 707.572162][ T7373] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 707.593019][ T9115] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 707.662965][ T4320] usb 3-1: device descriptor read/64, error -71 [ 707.783156][ T4320] usb usb3-port1: attempt power cycle [ 707.824807][ T9115] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 707.860387][ T9115] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 707.888672][ T7373] usb 5-1: USB disconnect, device number 46 [ 708.262950][ T4320] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 708.348723][ T4320] usb 3-1: device descriptor read/8, error -71 [ 708.746750][ T4320] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 708.824689][ T4320] usb 3-1: device descriptor read/8, error -71 [ 708.962971][ T4320] usb usb3-port1: unable to enumerate USB device [ 709.562481][ T9154] netlink: 'syz.4.1210': attribute type 4 has an invalid length. [ 709.570350][ T9154] netlink: 1601 bytes leftover after parsing attributes in process `syz.4.1210'. [ 710.447691][ T9159] loop1: detected capacity change from 0 to 256 [ 712.215818][ T26] kauditd_printk_skb: 54 callbacks suppressed [ 712.215836][ T26] audit: type=1107 audit(1769946518.555:600): pid=9167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 712.244943][ T9172] loop1: detected capacity change from 0 to 8 [ 712.263918][ T9172] SQUASHFS error: lzo decompression failed, data probably corrupt [ 712.271979][ T9172] SQUASHFS error: Failed to read block 0x91: -5 [ 712.278374][ T9172] SQUASHFS error: Unable to read metadata cache entry [8f] [ 712.286060][ T9172] SQUASHFS error: Unable to read inode 0x11f [ 713.319625][ T9183] wlan1 speed is unknown, defaulting to 1000 [ 714.362820][ T4320] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 714.578509][ T4320] usb 3-1: Using ep0 maxpacket: 8 [ 714.586198][ T4320] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 714.620690][ T4320] usb 3-1: config 179 has no interface number 0 [ 714.653567][ T4320] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 714.705894][ T4320] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 714.756791][ T4320] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 714.797773][ T4320] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 714.842811][ T4320] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 714.879819][ T4320] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 714.913414][ T9190] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 715.149358][ T9190] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 715.163204][ T9190] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 715.189215][ T8603] usb 3-1: USB disconnect, device number 29 [ 717.561204][ T9253] wlan1 speed is unknown, defaulting to 1000 [ 717.732915][ T4397] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 719.255908][ T9255] sctp: failed to load transform for md5: -2 [ 719.363201][ T4397] usb 3-1: Using ep0 maxpacket: 32 [ 719.370225][ T4397] usb 3-1: config 0 has an invalid interface number: 196 but max is 0 [ 719.392872][ T4351] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 719.414895][ T4397] usb 3-1: config 0 has no interface number 0 [ 719.421108][ T4397] usb 3-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528 [ 719.483837][ T4397] usb 3-1: config 0 interface 196 has no altsetting 0 [ 719.536388][ T4397] usb 3-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 719.553157][ T4351] usb 7-1: device descriptor read/64, error -71 [ 719.572100][ T4397] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 719.580856][ T4397] usb 3-1: Product: syz [ 719.585693][ T4397] usb 3-1: Manufacturer: syz [ 719.590337][ T4397] usb 3-1: SerialNumber: syz [ 719.608036][ T4397] usb 3-1: config 0 descriptor?? [ 719.621945][ T9247] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 719.824292][ T4351] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 719.983015][ T4351] usb 7-1: device descriptor read/64, error -71 [ 720.044047][ T4397] ipheth 3-1:0.196: ipheth_get_macaddr: usb_control_msg: short packet: 0 bytes [ 720.064865][ T4397] ipheth: probe of 3-1:0.196 failed with error -22 [ 720.112956][ T4351] usb usb7-port1: attempt power cycle [ 720.268613][ T7373] usb 3-1: USB disconnect, device number 30 [ 720.473072][ T4365] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 720.553102][ T4351] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 720.605255][ T4351] usb 7-1: device descriptor read/8, error -71 [ 720.689460][ T4365] usb 2-1: Using ep0 maxpacket: 32 [ 720.708848][ T4365] usb 2-1: config 0 has an invalid interface number: 56 but max is 0 [ 720.933529][ T4365] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 720.963317][ T4351] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 721.427874][ T4365] usb 2-1: config 0 has no interface number 0 [ 721.580769][ T4365] usb 2-1: config 0 interface 56 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 721.593836][ T4365] usb 2-1: config 0 interface 56 has no altsetting 0 [ 721.608013][ T4351] usb 7-1: device descriptor read/8, error -71 [ 721.624266][ T4365] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 721.672993][ T4365] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 721.681073][ T4365] usb 2-1: Product: syz [ 721.727645][ T4365] usb 2-1: Manufacturer: syz [ 721.732332][ T4365] usb 2-1: SerialNumber: syz [ 721.742932][ T4351] usb usb7-port1: unable to enumerate USB device [ 721.784652][ T4365] usb 2-1: config 0 descriptor?? [ 721.813628][ T4365] smsc75xx v1.0.0 [ 721.817393][ T4365] smsc75xx 2-1:0.56 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 721.848706][ T4365] smsc75xx: probe of 2-1:0.56 failed with error -22 [ 721.982924][ T4397] usb 5-1: new full-speed USB device number 47 using dummy_hcd [ 722.006986][ T4365] usb 2-1: USB disconnect, device number 30 [ 722.172978][ T4351] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 722.177785][ T4397] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 722.190448][ T4397] usb 5-1: config 0 has no interface number 0 [ 722.202790][ T4397] usb 5-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 722.211957][ T4397] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 722.241159][ T4397] usb 5-1: config 0 descriptor?? [ 722.272070][ T4397] usb 5-1: selecting invalid altsetting 1 [ 722.279562][ T4397] dvb_ttusb_budget: ttusb_init_controller: error [ 722.290304][ T4397] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 722.382932][ T4351] usb 7-1: Using ep0 maxpacket: 32 [ 722.390749][ T4351] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 722.415117][ T4351] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 722.432580][ T4351] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 722.454356][ T4351] usb 7-1: Product: syz [ 722.472478][ T4351] usb 7-1: Manufacturer: syz [ 722.480015][ T4351] usb 7-1: SerialNumber: syz [ 722.494116][ T4397] DVB: Unable to find symbol cx22700_attach() [ 722.501587][ T4351] usb 7-1: config 0 descriptor?? [ 722.514541][ T9308] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 722.523320][ T4351] hub 7-1:0.0: bad descriptor, ignoring hub [ 722.546697][ T4351] hub: probe of 7-1:0.0 failed with error -5 [ 722.634297][ T9310] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 722.660728][ T9310] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 722.674994][ T9310] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 722.686232][ T4397] DVB: Unable to find symbol tda10046_attach() [ 722.695738][ T4397] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 722.707068][ T9310] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 722.726461][ T4397] usb 5-1: USB disconnect, device number 47 [ 722.913270][ T7] usb 7-1: USB disconnect, device number 11 [ 723.265262][ T4351] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 723.503458][ T4397] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 723.752773][ T4351] usb 2-1: Using ep0 maxpacket: 8 [ 723.761090][ T4351] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 723.768893][ T4397] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 140, changing to 11 [ 723.781301][ T4351] usb 2-1: config 179 has no interface number 0 [ 723.801922][ T4351] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 723.804493][ T4397] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 723.822884][ T4351] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 723.822939][ T4351] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 723.822967][ T4351] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 723.822990][ T4351] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 723.823052][ T4351] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 723.886800][ T4397] usb 3-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00 [ 723.898876][ T4397] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 723.922865][ T4270] Bluetooth: hci0: command 0x0c1a tx timeout [ 723.934614][ T4397] usb 3-1: config 0 descriptor?? [ 724.059844][ T4351] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 724.089548][ T9339] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 724.106722][ T4351] xpad: probe of 2-1:179.65 failed with error -5 [ 724.339284][ T9339] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 724.360189][ T9339] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 724.369021][ T4397] greenasia 0003:0E8F:0012.0003: hidraw0: USB HID v0.40 Device [HID 0e8f:0012] on usb-dummy_hcd.2-1/input0 [ 724.391827][ T4397] greenasia 0003:0E8F:0012.0003: no inputs found [ 724.506796][ T7373] usb 2-1: USB disconnect, device number 31 [ 724.582976][ T4397] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 724.615354][ T4334] usb 3-1: USB disconnect, device number 31 [ 724.663002][ T4270] Bluetooth: hci2: command 0x0c1a tx timeout [ 724.723487][ T4283] Bluetooth: hci3: command 0x0c1a tx timeout [ 724.729789][ T4270] Bluetooth: hci4: command 0x0c1a tx timeout [ 725.542907][ T4397] usb 5-1: Using ep0 maxpacket: 16 [ 725.552257][ T4397] usb 5-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22 [ 725.614612][ T4397] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 725.664092][ T4397] usb 5-1: Product: syz [ 725.668518][ T4397] usb 5-1: Manufacturer: syz [ 725.707328][ T9374] fido_id[9374]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 725.722599][ T4397] usb 5-1: SerialNumber: syz [ 725.944320][ T4397] usb 5-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state [ 725.979222][ T4397] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 726.012901][ T4397] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0) [ 726.039866][ T4397] usb 5-1: media controller created [ 726.073452][ T4397] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 726.163006][ T4397] zl10353_read_register: readreg error (reg=127, ret==-71) [ 726.238624][ T4397] dvb_usb_gl861: probe of 5-1:157.0 failed with error -5 [ 726.256130][ T4365] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 726.268170][ T4397] usb 5-1: USB disconnect, device number 48 [ 726.422839][ T4365] usb 3-1: device descriptor read/64, error -71 [ 726.871176][ T4365] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 727.104428][ T4365] usb 3-1: device descriptor read/64, error -71 [ 727.223841][ T4365] usb usb3-port1: attempt power cycle [ 727.357382][ T7407] Bluetooth: hci3: unexpected event for opcode 0x0406 [ 727.706689][ T4365] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 727.763635][ T4365] usb 3-1: device descriptor read/8, error -71 [ 727.942803][ T4351] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 727.988068][ T9442] wlan1 speed is unknown, defaulting to 1000 [ 728.027135][ T9444] loop4: detected capacity change from 0 to 256 [ 728.035818][ T4365] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 728.146249][ T7373] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 728.249148][ T4365] usb 3-1: device descriptor read/8, error -71 [ 728.272746][ T4351] usb 7-1: Using ep0 maxpacket: 8 [ 728.279710][ T4351] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 728.292715][ T4351] usb 7-1: config 179 has no interface number 0 [ 728.299076][ T4351] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 728.318971][ T4351] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 728.351700][ T4351] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 728.378686][ T4365] usb usb3-port1: unable to enumerate USB device [ 728.509327][ T4351] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 728.621830][ T4351] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 728.764213][ T4351] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 728.989746][ T4351] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 729.076936][ T7373] usb 2-1: Using ep0 maxpacket: 8 [ 729.098940][ T9429] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 729.108720][ T7373] usb 2-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2 [ 729.118376][ T7373] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 729.127421][ T7373] usb 2-1: Product: syz [ 729.131640][ T7373] usb 2-1: Manufacturer: syz [ 729.136443][ T7373] usb 2-1: SerialNumber: syz [ 729.183068][ T7373] usb 2-1: config 0 descriptor?? [ 729.256214][ T4351] xpad: probe of 7-1:179.65 failed with error -5 [ 729.408814][ T7373] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 729.465179][ T9429] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 729.488262][ T9429] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 729.504163][ T9454] overlayfs: failed to clone upperpath [ 729.527451][ T4351] usb 7-1: USB disconnect, device number 12 [ 729.943118][ T6670] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 730.163344][ T6670] usb 3-1: Using ep0 maxpacket: 8 [ 730.186818][ T6670] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 730.187094][ T6670] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 730.187169][ T6670] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 730.187401][ T6670] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 730.187471][ T6670] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 730.370877][ T6670] usb 3-1: config 0 descriptor?? [ 730.661683][ T6670] usb 3-1: USB disconnect, device number 36 [ 732.302740][ T7373] gspca_sunplus: reg_w_riv err -110 [ 732.308270][ T7373] sunplus: probe of 2-1:0.0 failed with error -110 [ 732.915432][ T4334] usb 2-1: USB disconnect, device number 32 [ 733.572935][ T125] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 733.622854][ T4334] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 733.655648][ T9482] loop6: detected capacity change from 0 to 256 [ 733.776317][ T125] usb 3-1: Using ep0 maxpacket: 8 [ 733.785956][ T125] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 733.822850][ T4334] usb 2-1: Using ep0 maxpacket: 8 [ 733.831871][ T4334] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 733.862844][ T125] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 733.878262][ T4334] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 733.908357][ T125] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 733.918823][ T4334] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 733.937891][ T125] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 733.952286][ T4334] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 733.967670][ T125] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 733.978201][ T125] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 734.885750][ T125] usb 3-1: GET_CAPABILITIES returned 0 [ 734.984338][ T125] usbtmc 3-1:16.0: can't read capabilities [ 735.079804][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.093702][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.102905][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.112108][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.121241][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.130478][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.208277][ C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.218085][ C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.227294][ C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.236373][ C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.245445][ C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.254695][ C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.263780][ C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.273117][ C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.282213][ C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.291385][ C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 735.333340][ T4351] usb 3-1: USB disconnect, device number 37 [ 735.374977][ T26] audit: type=1326 audit(1769946541.715:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9495 comm="syz.6.1299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 735.444008][ T26] audit: type=1326 audit(1769946541.735:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9495 comm="syz.6.1299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 735.612044][ T26] audit: type=1326 audit(1769946541.735:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9495 comm="syz.6.1299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 735.663067][ T26] audit: type=1326 audit(1769946541.735:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9495 comm="syz.6.1299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 735.686156][ T26] audit: type=1326 audit(1769946541.735:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9495 comm="syz.6.1299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 735.709289][ T26] audit: type=1326 audit(1769946541.745:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9495 comm="syz.6.1299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 735.749234][ T26] audit: type=1326 audit(1769946541.745:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9495 comm="syz.6.1299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 735.809334][ T26] audit: type=1326 audit(1769946541.745:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9495 comm="syz.6.1299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 735.864297][ T26] audit: type=1326 audit(1769946541.745:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9495 comm="syz.6.1299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 735.907761][ T26] audit: type=1326 audit(1769946541.745:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9495 comm="syz.6.1299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 736.532820][ T6670] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 736.619305][ T4334] usb 2-1: USB disconnect, device number 33 [ 736.732777][ T6670] usb 3-1: Using ep0 maxpacket: 8 [ 736.739977][ T6670] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 736.764971][ T6670] usb 3-1: config 179 has no interface number 0 [ 736.802567][ T6670] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 736.819903][ T6670] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 736.849512][ T6670] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 736.863613][ T6670] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 736.875584][ T6670] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 736.906790][ T6670] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 736.920894][ T9518] loop4: detected capacity change from 0 to 16 [ 736.937696][ T6670] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 736.977907][ T9507] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 736.991290][ T9518] erofs: (device loop4): mounted with root inode @ nid 36. [ 737.249888][ T4334] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 737.435159][ T6670] usb 3-1: USB disconnect, device number 38 [ 737.441304][ C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 737.441338][ C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 737.443179][ T4334] usb 2-1: Using ep0 maxpacket: 8 [ 737.471345][ T9523] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 737.508502][ T4334] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 737.532530][ T9523] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 737.543421][ T4334] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 737.553821][ T4334] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 737.582762][ T9523] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 737.582790][ T4334] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 737.630701][ T4334] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 737.647997][ T4334] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 737.813857][ T9523] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 737.859735][ T9523] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 737.872079][ T4334] usb 2-1: GET_CAPABILITIES returned 0 [ 737.881420][ T4334] usbtmc 2-1:16.0: can't read capabilities [ 738.574151][ T6670] usb 2-1: USB disconnect, device number 34 [ 741.353001][ T6670] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 741.554565][ T6670] usb 3-1: Using ep0 maxpacket: 8 [ 741.561672][ T6670] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 741.580661][ T6670] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 741.602733][ T6670] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 741.612329][ T6670] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 741.664810][ T4365] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 741.852797][ T4365] usb 5-1: Using ep0 maxpacket: 32 [ 741.868619][ T4365] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 741.914996][ T4365] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 741.933790][ T4365] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 741.943870][ T4365] usb 5-1: config 1 has no interface number 0 [ 741.950039][ T4365] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 741.961840][ T4365] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 741.987508][ T4365] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 742.042781][ T4365] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 742.236715][ T4365] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 742.331170][ T9559] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 742.723130][ T4351] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 742.981357][ T9548] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 743.158447][ T9548] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 743.174610][ T4365] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached [ 743.192924][ T4351] usb 2-1: Using ep0 maxpacket: 16 [ 743.276435][ T4351] usb 2-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22 [ 743.287088][ T4351] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 743.300116][ T4351] usb 2-1: Product: syz [ 743.308006][ T4351] usb 2-1: Manufacturer: syz [ 743.313798][ T4351] usb 2-1: SerialNumber: syz [ 744.233763][ T125] usb 3-1: USB disconnect, device number 39 [ 744.245324][ T4365] snd_usb_pod 5-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22) [ 744.294173][ T4365] usb 5-1: USB disconnect, device number 49 [ 744.321214][ T4365] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 744.402174][ T4351] usb 2-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state [ 744.441584][ T4351] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 744.478101][ T4351] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0) [ 744.519934][ T9579] loop6: detected capacity change from 0 to 16 [ 744.533617][ T4351] usb 2-1: media controller created [ 744.628805][ T4351] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 745.434036][ T9579] erofs: (device loop6): mounted with root inode @ nid 36. [ 745.452811][ T4351] zl10353_read_register: readreg error (reg=127, ret==-71) [ 745.535240][ T4351] dvb_usb_gl861: probe of 2-1:157.0 failed with error -5 [ 745.553202][ T4351] usb 2-1: USB disconnect, device number 35 [ 745.792303][ T26] kauditd_printk_skb: 37 callbacks suppressed [ 745.792323][ T26] audit: type=1326 audit(1769946551.965:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.1329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 745.849509][ T26] audit: type=1326 audit(1769946552.145:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.1329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 745.872973][ T26] audit: type=1326 audit(1769946552.145:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.1329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 745.910754][ T26] audit: type=1326 audit(1769946552.145:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.1329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 745.952798][ T9589] erofs: (device loop6): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 745.993721][ T9589] erofs: (device loop6): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 746.040859][ T26] audit: type=1326 audit(1769946552.175:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.1329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 746.071462][ T9589] erofs: (device loop6): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 746.132822][ T26] audit: type=1326 audit(1769946552.175:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.1329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 746.154446][ T9589] erofs: (device loop6): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 746.243489][ T26] audit: type=1326 audit(1769946552.175:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.1329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 746.244718][ T9589] erofs: (device loop6): z_erofs_read_folio: failed to read, err [-117] [ 746.348140][ T26] audit: type=1326 audit(1769946552.185:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.1329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 746.446282][ T9599] loop4: detected capacity change from 0 to 256 [ 746.458827][ T26] audit: type=1326 audit(1769946552.185:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.1329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 746.523550][ T26] audit: type=1326 audit(1769946552.185:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.1329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 748.142827][ T9604] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 748.249189][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 748.265857][ T4351] usb 3-1: new full-speed USB device number 40 using dummy_hcd [ 748.273562][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.574697][ T4351] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 748.613099][ T4351] usb 3-1: config 0 has no interface number 0 [ 748.633381][ T4351] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 748.669280][ T4351] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 748.699603][ T4351] usb 3-1: config 0 descriptor?? [ 748.724482][ T4351] usb 3-1: selecting invalid altsetting 1 [ 748.749296][ T4351] dvb_ttusb_budget: ttusb_init_controller: error [ 748.769658][ T4351] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 748.950410][ T7373] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 748.995294][ T4351] DVB: Unable to find symbol cx22700_attach() [ 749.147163][ T7373] usb 2-1: Using ep0 maxpacket: 8 [ 749.174765][ T7373] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 749.202828][ T7373] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 749.261716][ T7373] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 749.313015][ T7373] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 749.828952][ T4351] DVB: Unable to find symbol tda10046_attach() [ 749.861197][ T4351] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 750.057741][ T4351] usb 3-1: USB disconnect, device number 40 [ 750.642861][ T4351] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 750.832892][ T4351] usb 3-1: Using ep0 maxpacket: 16 [ 750.843822][ T4351] usb 3-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22 [ 750.853052][ T4351] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 750.861105][ T4351] usb 3-1: Product: syz [ 750.865885][ T4351] usb 3-1: Manufacturer: syz [ 750.870538][ T4351] usb 3-1: SerialNumber: syz [ 750.952907][ T4334] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 751.098197][ T4351] usb 3-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state [ 751.116380][ T4351] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 751.127590][ T4351] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0) [ 751.133342][ T4334] usb 7-1: Using ep0 maxpacket: 32 [ 751.138143][ T4351] usb 3-1: media controller created [ 751.147961][ T4334] usb 7-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 751.161618][ T4334] usb 7-1: New USB device strings: Mfr=0, Product=64, SerialNumber=0 [ 751.171084][ T4334] usb 7-1: Product: syz [ 751.178316][ T4351] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 751.219728][ T4351] zl10353_read_register: readreg error (reg=127, ret==-71) [ 751.223963][ T4334] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 751.269869][ T4351] dvb_usb_gl861: probe of 3-1:157.0 failed with error -5 [ 751.300275][ T4351] usb 3-1: USB disconnect, device number 41 [ 752.787550][ T4334] gspca_nw80x: reg_w err -110 [ 752.792393][ T4334] nw80x: probe of 7-1:3.0 failed with error -110 [ 752.868410][ T6670] usb 2-1: USB disconnect, device number 36 [ 753.388905][ T9654] fuse: Unknown parameter 'grou00000000000000000000' [ 753.590695][ T9659] loop1: detected capacity change from 0 to 16 [ 753.603242][ T26] kauditd_printk_skb: 30 callbacks suppressed [ 753.603266][ T26] audit: type=1107 audit(1769946559.945:688): pid=9648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 753.623798][ T9660] loop2: detected capacity change from 0 to 8 [ 753.638969][ T9660] SQUASHFS error: lzo decompression failed, data probably corrupt [ 753.646999][ T9660] SQUASHFS error: Failed to read block 0x91: -5 [ 753.653373][ T9660] SQUASHFS error: Unable to read metadata cache entry [8f] [ 753.661421][ T9660] SQUASHFS error: Unable to read inode 0x11f [ 753.671662][ T9659] erofs: (device loop1): mounted with root inode @ nid 36. [ 753.943528][ T9659] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 753.953596][ T9659] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 753.964024][ T9659] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 753.973856][ T9659] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 753.983894][ T9659] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 754.014984][ T6670] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 754.028209][ T4334] usb 7-1: USB disconnect, device number 13 [ 754.048011][ T26] audit: type=1326 audit(1769946560.385:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9665 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 754.141152][ T26] audit: type=1326 audit(1769946560.385:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9665 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 754.252759][ T26] audit: type=1326 audit(1769946560.385:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9665 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 754.297298][ T6670] usb 5-1: Using ep0 maxpacket: 32 [ 754.314670][ T6670] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 754.335712][ T6670] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 754.353924][ T6670] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 754.362184][ T6670] usb 5-1: Product: syz [ 754.385276][ T6670] usb 5-1: Manufacturer: syz [ 754.387258][ T26] audit: type=1326 audit(1769946560.385:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9665 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 754.389987][ T6670] usb 5-1: SerialNumber: syz [ 754.465840][ T26] audit: type=1326 audit(1769946560.385:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9665 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 754.489831][ T6670] usb 5-1: config 0 descriptor?? [ 754.504043][ T9657] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 754.520145][ T6670] hub 5-1:0.0: bad descriptor, ignoring hub [ 754.539128][ T6670] hub: probe of 5-1:0.0 failed with error -5 [ 754.545481][ T26] audit: type=1326 audit(1769946560.385:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9665 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 754.594796][ T26] audit: type=1326 audit(1769946560.385:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9665 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 754.668647][ T26] audit: type=1326 audit(1769946560.385:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9665 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 754.700631][ T26] audit: type=1326 audit(1769946560.385:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9665 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8ce99aeb9 code=0x7ffc0000 [ 754.863410][ T6670] usb 5-1: USB disconnect, device number 50 [ 755.378053][ T4351] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 755.496929][ T9686] fuse: Unknown parameter 'grou00000000000000000000' [ 755.588567][ T4351] usb 7-1: Using ep0 maxpacket: 8 [ 755.596196][ T4351] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 755.612790][ T4351] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 755.628768][ T4351] usb 7-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 755.642445][ T4351] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 755.656997][ T4351] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 757.193247][ T4351] usbtmc 7-1:16.0: bulk endpoints not found [ 757.289658][ T9694] loop1: detected capacity change from 0 to 16 [ 757.318662][ T9694] erofs: (device loop1): mounted with root inode @ nid 36. [ 757.567288][ T9694] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 757.577256][ T9694] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 757.587304][ T9694] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 757.597119][ T9694] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 757.608414][ T9694] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 757.639401][ T6670] usb 5-1: new full-speed USB device number 51 using dummy_hcd [ 757.925078][ T6670] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 757.954241][ T6670] usb 5-1: config 0 has no interface number 0 [ 757.971135][ T6670] usb 5-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 757.991359][ T6670] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 758.023574][ T6670] usb 5-1: config 0 descriptor?? [ 758.051849][ T6670] usb 5-1: selecting invalid altsetting 1 [ 758.057907][ T6670] dvb_ttusb_budget: ttusb_init_controller: error [ 758.067956][ T6670] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 758.086624][ T9705] device syzkaller1 entered promiscuous mode [ 758.195764][ T6670] DVB: Unable to find symbol cx22700_attach() [ 758.386067][ T6670] DVB: Unable to find symbol tda10046_attach() [ 758.392310][ T6670] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 758.504161][ T6670] usb 5-1: USB disconnect, device number 51 [ 759.362259][ T6664] usb 7-1: USB disconnect, device number 14 [ 759.426899][ T26] kauditd_printk_skb: 64 callbacks suppressed [ 759.426915][ T26] audit: type=1326 audit(1769946565.765:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9702 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 759.496039][ T26] audit: type=1326 audit(1769946565.805:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9702 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 759.500389][ T9721] fuse: Unknown parameter 'grou00000000000000000000' [ 759.569842][ T26] audit: type=1326 audit(1769946565.805:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9702 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 759.761067][ T26] audit: type=1326 audit(1769946565.805:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9702 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 761.002834][ T26] audit: type=1326 audit(1769946565.805:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9702 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 761.031103][ T9732] loop4: detected capacity change from 0 to 16 [ 761.063072][ T9732] erofs: (device loop4): mounted with root inode @ nid 36. [ 761.132902][ T26] audit: type=1326 audit(1769946565.805:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9702 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 761.330224][ T9732] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 761.340852][ T9732] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 761.351099][ T9732] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 761.360948][ T9732] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 761.370976][ T9732] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 761.678594][ T9741] loop2: detected capacity change from 0 to 8 [ 761.698192][ T26] audit: type=1107 audit(1769946568.015:768): pid=9715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 761.724985][ T9741] SQUASHFS error: lzo decompression failed, data probably corrupt [ 761.733366][ T9741] SQUASHFS error: Failed to read block 0x91: -5 [ 761.739708][ T9741] SQUASHFS error: Unable to read metadata cache entry [8f] [ 761.747469][ T9741] SQUASHFS error: Unable to read inode 0x11f [ 763.983376][ T9757] fuse: Unknown parameter 'group_i00000000000000000000' [ 764.092783][ T2167] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 764.158691][ T26] audit: type=1326 audit(1769946570.495:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9760 comm="syz.6.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 764.237327][ T26] audit: type=1326 audit(1769946570.505:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9760 comm="syz.6.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 764.262967][ T2167] usb 2-1: device descriptor read/64, error -71 [ 764.307276][ T26] audit: type=1326 audit(1769946570.515:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9760 comm="syz.6.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 764.535239][ T2167] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 764.617337][ T9765] loop4: detected capacity change from 0 to 16 [ 764.695394][ T26] kauditd_printk_skb: 39 callbacks suppressed [ 764.695410][ T26] audit: type=1326 audit(1769946571.035:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9760 comm="syz.6.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 764.737194][ T2167] usb 2-1: device descriptor read/64, error -71 [ 764.987290][ T9768] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1395'. [ 764.996510][ T9768] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1395'. [ 765.162894][ T2167] usb usb2-port1: attempt power cycle [ 765.182004][ T26] audit: type=1326 audit(1769946571.035:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9760 comm="syz.6.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 766.323331][ T26] audit: type=1326 audit(1769946571.075:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9760 comm="syz.6.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 766.366259][ T26] audit: type=1326 audit(1769946571.075:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9760 comm="syz.6.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 766.622885][ T2167] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 766.665589][ T2167] usb 2-1: device descriptor read/8, error -71 [ 766.963435][ T2167] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 767.034626][ T2167] usb 2-1: device descriptor read/8, error -71 [ 767.232602][ T2167] usb usb2-port1: unable to enumerate USB device [ 767.383621][ T26] audit: type=1326 audit(1769946571.075:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9760 comm="syz.6.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 767.501176][ T26] audit: type=1326 audit(1769946571.095:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9760 comm="syz.6.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 770.479626][ T9810] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1408'. [ 770.490118][ T9810] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1408'. [ 771.117482][ T2167] usb 5-1: new full-speed USB device number 52 using dummy_hcd [ 771.634362][ T2167] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 772.640139][ T2167] usb 5-1: config 0 has no interface number 0 [ 772.692906][ T2167] usb 5-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 772.702035][ T2167] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 772.748154][ T2167] usb 5-1: config 0 descriptor?? [ 772.769925][ T2167] usb 5-1: selecting invalid altsetting 1 [ 772.786193][ T2167] dvb_ttusb_budget: ttusb_init_controller: error [ 773.777805][ T2167] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 774.289049][ T2167] DVB: Unable to find symbol cx22700_attach() [ 774.532413][ T2167] DVB: Unable to find symbol tda10046_attach() [ 774.542757][ T2167] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 774.589531][ T2167] usb 5-1: USB disconnect, device number 52 [ 774.813639][ T9849] netlink: 'syz.6.1420': attribute type 4 has an invalid length. [ 774.821617][ T9849] netlink: 1601 bytes leftover after parsing attributes in process `syz.6.1420'. [ 775.482115][ T6664] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 777.005226][ T6664] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 777.036058][ T6664] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 777.078702][ T6664] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 777.137954][ T6664] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 777.145023][ T26] audit: type=1326 audit(1769946583.475:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.6.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 777.170559][ T6664] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 777.382523][ T6664] usb 2-1: invalid MIDI out EP 0 [ 779.654645][ T26] audit: type=1326 audit(1769946583.525:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.6.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 779.778209][ T26] audit: type=1326 audit(1769946583.525:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.6.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 779.849322][ T26] audit: type=1326 audit(1769946583.525:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.6.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 779.874570][ T26] audit: type=1326 audit(1769946583.525:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.6.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 779.913050][ T26] audit: type=1326 audit(1769946583.525:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.6.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 779.916371][ T6664] snd-usb-audio: probe of 2-1:27.0 failed with error -22 [ 779.996987][ T26] audit: type=1326 audit(1769946583.525:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.6.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 780.044659][ T6664] usb 2-1: USB disconnect, device number 41 [ 780.069657][ T7954] udevd[7954]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 780.117486][ T26] audit: type=1326 audit(1769946583.535:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.6.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 780.227897][ T26] audit: type=1326 audit(1769946583.535:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.6.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 780.315734][ T26] audit: type=1326 audit(1769946583.535:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.6.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 780.599999][ T9890] netlink: 'syz.6.1433': attribute type 4 has an invalid length. [ 780.607910][ T9890] netlink: 1601 bytes leftover after parsing attributes in process `syz.6.1433'. [ 782.715243][ T26] kauditd_printk_skb: 35 callbacks suppressed [ 782.715261][ T26] audit: type=1107 audit(1769946589.055:862): pid=9883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 782.801623][ T26] audit: type=1326 audit(1769946589.115:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="syz.6.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 782.883629][ T26] audit: type=1326 audit(1769946589.125:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="syz.6.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 782.990653][ T26] audit: type=1326 audit(1769946589.125:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="syz.6.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 783.893261][ T26] audit: type=1326 audit(1769946589.125:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="syz.6.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 784.008308][ T26] audit: type=1326 audit(1769946589.135:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="syz.6.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 784.142816][ T26] audit: type=1326 audit(1769946589.135:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="syz.6.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 785.551393][ T26] audit: type=1326 audit(1769946589.135:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="syz.6.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 785.574457][ T26] audit: type=1326 audit(1769946589.135:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="syz.6.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 785.627249][ T26] audit: type=1326 audit(1769946589.135:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="syz.6.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 787.052818][ T7373] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 787.242846][ T7373] usb 7-1: Using ep0 maxpacket: 32 [ 787.249474][ T9927] binder: 9926:9927 ioctl c0306201 0 returned -14 [ 787.261832][ T7373] usb 7-1: config 0 interface 0 has no altsetting 0 [ 787.295126][ T7373] usb 7-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 787.345263][ T7373] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 787.361064][ T7373] usb 7-1: Product: syz [ 787.365943][ T7373] usb 7-1: Manufacturer: syz [ 787.370592][ T7373] usb 7-1: SerialNumber: syz [ 787.402551][ T7373] usb 7-1: config 0 descriptor?? [ 788.584028][ T7373] gs_usb 7-1:0.0: Configuring for 1 interfaces [ 788.724400][ T9945] netlink: 'syz.1.1445': attribute type 4 has an invalid length. [ 788.732546][ T9945] netlink: 1601 bytes leftover after parsing attributes in process `syz.1.1445'. [ 789.684193][ T26] kauditd_printk_skb: 35 callbacks suppressed [ 789.684206][ T26] audit: type=1326 audit(1769946596.025:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.1.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 789.780397][ T26] audit: type=1326 audit(1769946596.055:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.1.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 789.945252][ T26] audit: type=1326 audit(1769946596.085:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.1.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 790.187155][ T26] audit: type=1326 audit(1769946596.085:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.1.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 790.220632][ T9952] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1451'. [ 790.229751][ T9952] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1451'. [ 790.345219][ T26] audit: type=1326 audit(1769946596.085:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.1.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 790.432473][ T26] audit: type=1326 audit(1769946596.095:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.1.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 790.565318][ T26] audit: type=1326 audit(1769946596.095:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.1.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 790.751636][ T26] audit: type=1326 audit(1769946596.095:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.1.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 790.818186][ T26] audit: type=1326 audit(1769946596.095:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.1.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 790.929783][ T26] audit: type=1326 audit(1769946596.095:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.1.1450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c8f9aeb9 code=0x7ffc0000 [ 791.021317][ T7373] usb 7-1: USB disconnect, device number 15 [ 792.072869][ T7373] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 792.167809][ T9975] binder: 9974:9975 ioctl c0306201 0 returned -14 [ 792.274821][ T7373] usb 7-1: Using ep0 maxpacket: 8 [ 792.282140][ T7373] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 792.343233][ T7373] usb 7-1: config 179 has no interface number 0 [ 792.357867][ T7373] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 792.414995][ T7373] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 792.465926][ T7373] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 792.498143][ T7373] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 792.542400][ T7373] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 792.627391][ T7373] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 792.715017][ T7373] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 792.827472][ T9969] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 793.682996][ T9969] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 793.723244][ T9969] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 795.471130][T10003] netlink: 'syz.0.1460': attribute type 4 has an invalid length. [ 795.479297][T10003] netlink: 1601 bytes leftover after parsing attributes in process `syz.0.1460'. [ 795.971391][ T6670] usb 7-1: USB disconnect, device number 16 [ 796.027567][T10005] loop4: detected capacity change from 0 to 8 [ 796.181299][ C0] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 796.266595][T10005] SQUASHFS error: lzo decompression failed, data probably corrupt [ 796.326390][T10005] SQUASHFS error: Failed to read block 0x91: -5 [ 796.367904][T10005] SQUASHFS error: Unable to read metadata cache entry [8f] [ 796.421299][T10005] SQUASHFS error: Unable to read inode 0x11f [ 796.876806][T10015] wlan1 speed is unknown, defaulting to 1000 [ 798.883087][ T6670] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 799.052777][ T6670] usb 2-1: device descriptor read/64, error -71 [ 799.131604][T10031] loop6: detected capacity change from 0 to 256 [ 800.065750][ T6670] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 800.232778][ T6670] usb 2-1: device descriptor read/64, error -71 [ 800.353149][ T6670] usb usb2-port1: attempt power cycle [ 800.624384][T10043] fuse: Bad value for 'user_id' [ 800.878243][ T6670] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 800.994114][T10050] netlink: 'syz.6.1472': attribute type 4 has an invalid length. [ 801.001948][T10050] netlink: 1601 bytes leftover after parsing attributes in process `syz.6.1472'. [ 801.345924][ T6670] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 801.408641][ T6670] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 801.494985][ T6670] usb 2-1: Product: syz [ 801.527488][ T6670] usb 2-1: Manufacturer: syz [ 801.549997][ T6670] usb 2-1: SerialNumber: syz [ 802.223768][ T6670] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 802.334967][ T4365] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 803.182172][ T4365] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 803.285150][ T4365] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 803.329759][ T4365] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 803.420350][ T4365] usb 5-1: config 0 descriptor?? [ 803.453291][ T4365] pwc: Askey VC010 type 2 USB webcam detected. [ 803.987448][T10073] Invalid ELF header magic: != ELF [ 804.634690][ T6670] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -32 [ 804.646456][ T4365] pwc: recv_control_msg error -32 req 02 val 2b00 [ 804.675244][ T4365] pwc: recv_control_msg error -32 req 02 val 2700 [ 804.756361][ T4365] pwc: recv_control_msg error -32 req 02 val 2c00 [ 804.790009][ T4365] pwc: recv_control_msg error -32 req 04 val 1000 [ 804.824299][ T4365] pwc: recv_control_msg error -32 req 04 val 1300 [ 804.833979][ T4365] pwc: recv_control_msg error -32 req 04 val 1400 [ 804.852804][ T4365] pwc: recv_control_msg error -32 req 02 val 2000 [ 804.872062][ T4365] pwc: recv_control_msg error -32 req 02 val 2100 [ 804.893825][ T4365] pwc: recv_control_msg error -32 req 04 val 1500 [ 804.917424][ T4365] pwc: recv_control_msg error -32 req 02 val 2500 [ 804.939171][ T4365] pwc: recv_control_msg error -32 req 02 val 2400 [ 804.946922][ T6670] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000040. ret = -71 [ 804.974729][ T4365] pwc: recv_control_msg error -32 req 02 val 2600 [ 804.981378][ T6670] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -71 [ 805.018833][ T4365] pwc: recv_control_msg error -32 req 02 val 2900 [ 805.026006][ T6670] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001004. ret = -71 [ 805.041937][ T4365] pwc: recv_control_msg error -32 req 02 val 2800 [ 805.063583][ T4365] pwc: recv_control_msg error -32 req 04 val 1100 [ 805.071762][ T6670] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -71 [ 805.123321][ T4365] pwc: Registered as video103. [ 805.142803][ T6670] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001020. ret = -71 [ 805.163229][ T4365] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input10 [ 805.195541][ T6670] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001028. ret = -71 [ 805.238706][ T6670] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001030. ret = -71 [ 805.283081][ T6670] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001018. ret = -71 [ 805.339524][ T4365] usb 5-1: USB disconnect, device number 53 [ 805.346779][ T6670] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 805.391591][ T6670] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 805.423887][ T6670] lan78xx: probe of 2-1:1.0 failed with error -71 [ 805.430863][T10087] fuse: Bad value for 'user_id' [ 805.473333][ T6670] usb 2-1: USB disconnect, device number 44 [ 806.983326][ T4351] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 807.128369][ T6664] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 808.129294][ T4351] usb 7-1: device descriptor read/64, error -71 [ 808.674097][ T6664] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 808.873088][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.879574][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 808.912710][ T6664] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 808.952729][ T4351] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 808.972739][ T6664] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 809.041726][ T6664] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 809.102707][ T6664] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 809.132808][ T4351] usb 7-1: device descriptor read/64, error -71 [ 809.190005][ T6664] usb 5-1: string descriptor 0 read error: -71 [ 809.217348][ T6664] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 809.257431][ T4351] usb usb7-port1: attempt power cycle [ 809.312961][ T6664] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 809.362879][ T6664] usb 5-1: can't set config #1, error -71 [ 809.404541][ T6664] usb 5-1: USB disconnect, device number 54 [ 809.506678][T10122] fuse: Bad value for 'user_id' [ 811.242766][ T6664] usb 5-1: new full-speed USB device number 55 using dummy_hcd [ 811.435927][ T6664] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 813.268539][T10136] Invalid ELF header magic: != ELF [ 813.362723][ T6664] usb 5-1: config 0 has no interface number 0 [ 813.368997][ T6664] usb 5-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 813.400255][ T6664] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 813.470539][ T6664] usb 5-1: config 0 descriptor?? [ 813.509350][ T6664] usb 5-1: can't set config #0, error -71 [ 813.529813][ T6664] usb 5-1: USB disconnect, device number 55 [ 815.460287][T10159] fuse: Bad value for 'fd' [ 820.169140][T10178] Invalid ELF header magic: != ELF [ 820.447818][T10182] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1518'. [ 822.763102][ T125] usb 5-1: new high-speed USB device number 56 using dummy_hcd [ 822.922895][ T125] usb 5-1: device descriptor read/64, error -71 [ 823.192800][ T125] usb 5-1: new high-speed USB device number 57 using dummy_hcd [ 824.152734][ T125] usb 5-1: device descriptor read/64, error -71 [ 824.830042][ T125] usb usb5-port1: attempt power cycle [ 825.806718][T10214] Invalid ELF header magic: != ELF [ 826.596478][T10226] netlink: 'syz.4.1533': attribute type 4 has an invalid length. [ 826.604595][T10226] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.1533'. [ 827.917455][T10240] loop1: detected capacity change from 0 to 8 [ 827.928707][ T26] kauditd_printk_skb: 44 callbacks suppressed [ 827.928744][ T26] audit: type=1107 audit(1769946634.245:961): pid=10231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 828.200834][T10240] SQUASHFS error: lzo decompression failed, data probably corrupt [ 828.209638][T10240] SQUASHFS error: Failed to read block 0x91: -5 [ 828.216207][T10240] SQUASHFS error: Unable to read metadata cache entry [8f] [ 828.223522][T10240] SQUASHFS error: Unable to read inode 0x11f [ 828.763976][ T7953] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 829.010982][ T4351] usb 5-1: new high-speed USB device number 59 using dummy_hcd [ 829.444129][ T4351] usb 5-1: device descriptor read/64, error -71 [ 829.723293][ T4351] usb 5-1: new high-speed USB device number 60 using dummy_hcd [ 829.837589][T10249] loop1: detected capacity change from 0 to 16 [ 829.838818][ T7953] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 829.856794][ T7953] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 829.866937][ T7953] Buffer I/O error on dev loop1, logical block 0, async page read [ 829.878279][T10249] erofs: (device loop1): mounted with root inode @ nid 36. [ 829.922779][ T4351] usb 5-1: device descriptor read/64, error -71 [ 830.071061][ T4351] usb usb5-port1: attempt power cycle [ 830.184622][T10253] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 830.194783][T10253] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 830.204817][T10253] erofs: (device loop1): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 830.214657][T10253] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 830.224776][T10253] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 830.572796][ T4351] usb 5-1: new high-speed USB device number 61 using dummy_hcd [ 831.904611][ T4351] usb 5-1: device descriptor read/8, error -71 [ 835.253416][T10268] Invalid ELF header magic: != ELF [ 835.675571][T10280] netlink: 'syz.0.1547': attribute type 4 has an invalid length. [ 835.683819][T10280] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.1547'. [ 843.632787][ T125] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 844.572751][T10331] Invalid ELF header magic: != ELF [ 844.700179][T10336] fuse: Bad value for 'fd' [ 844.753508][ T125] usb 7-1: no configurations [ 844.758217][ T125] usb 7-1: can't read configurations, error -22 [ 844.942796][ T125] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 845.143526][ T125] usb 7-1: no configurations [ 845.155547][ T125] usb 7-1: can't read configurations, error -22 [ 845.212856][ T125] usb usb7-port1: attempt power cycle [ 845.232689][ T4334] usb 5-1: new high-speed USB device number 63 using dummy_hcd [ 845.334875][T10341] wlan1 speed is unknown, defaulting to 1000 [ 846.612692][ T4334] usb 5-1: Using ep0 maxpacket: 32 [ 846.645794][ T4334] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 846.672707][ T4334] usb 5-1: config 0 interface 0 altsetting 128 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 846.696231][ T4334] usb 5-1: config 0 interface 0 has no altsetting 0 [ 846.709631][ T26] audit: type=1326 audit(1769946653.045:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 846.744427][ T4334] usb 5-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 846.766405][ T4334] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 846.782896][ T26] audit: type=1326 audit(1769946653.045:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 846.832682][ T26] audit: type=1326 audit(1769946653.075:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 846.867877][ T4334] usb 5-1: config 0 descriptor?? [ 846.889794][ T4334] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 846.987872][ T26] audit: type=1326 audit(1769946653.075:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 847.027319][ T26] audit: type=1326 audit(1769946653.075:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 847.054061][ T26] audit: type=1326 audit(1769946653.075:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 847.135264][ T26] audit: type=1326 audit(1769946653.075:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 847.207484][ T26] audit: type=1326 audit(1769946653.075:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 847.272517][ T26] audit: type=1326 audit(1769946653.075:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 847.295901][ T26] audit: type=1326 audit(1769946653.075:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10343 comm="syz.6.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb759aeb9 code=0x7ffc0000 [ 849.073837][T10351] netlink: 'syz.2.1561': attribute type 4 has an invalid length. [ 849.081801][T10351] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.1561'. [ 849.882996][ T4365] usb 5-1: USB disconnect, device number 63 [ 849.952879][T10359] loop2: detected capacity change from 0 to 256 [ 852.431063][T10370] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1569'. [ 852.441498][T10370] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1569'. [ 853.146724][T10372] loop2: detected capacity change from 0 to 256 [ 857.714542][T10402] netlink: 'syz.4.1577': attribute type 4 has an invalid length. [ 857.722437][T10402] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.1577'. [ 858.507671][T10410] loop6: detected capacity change from 0 to 16 [ 859.513649][T10412] loop4: detected capacity change from 0 to 16 [ 859.635808][T10410] erofs: (device loop6): mounted with root inode @ nid 36. [ 859.807706][T10417] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1581'. [ 859.817019][T10417] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1581'. [ 860.508619][T10421] erofs: (device loop6): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 860.518626][T10421] erofs: (device loop6): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 860.528636][T10421] erofs: (device loop6): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 860.538481][T10421] erofs: (device loop6): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 860.548452][T10421] erofs: (device loop6): z_erofs_read_folio: failed to read, err [-117] [ 861.179050][T10420] loop4: detected capacity change from 0 to 256 [ 863.737462][ T26] kauditd_printk_skb: 41 callbacks suppressed [ 863.737479][ T26] audit: type=1326 audit(1769946670.075:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10434 comm="syz.2.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 863.919256][ T26] audit: type=1326 audit(1769946670.125:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10434 comm="syz.2.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 864.084108][ T26] audit: type=1326 audit(1769946670.125:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10434 comm="syz.2.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 864.112703][ T26] audit: type=1326 audit(1769946670.125:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10434 comm="syz.2.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 864.392843][T10438] Invalid ELF header magic: != ELF [ 864.850353][ T26] audit: type=1326 audit(1769946670.175:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10434 comm="syz.2.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 864.931060][ T26] audit: type=1326 audit(1769946670.175:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10434 comm="syz.2.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 865.017909][ T26] audit: type=1326 audit(1769946670.175:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10434 comm="syz.2.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 865.101632][ T26] audit: type=1326 audit(1769946670.175:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10434 comm="syz.2.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 865.165307][ T26] audit: type=1326 audit(1769946670.185:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10434 comm="syz.2.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 865.238255][ T26] audit: type=1326 audit(1769946670.185:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10434 comm="syz.2.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 866.546816][ T4270] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 866.558332][ T4270] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 866.599629][ T4270] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 866.608378][ T4270] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 866.766326][ T4270] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 866.782830][ T4270] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 867.631095][T10445] netlink: 'syz.4.1591': attribute type 4 has an invalid length. [ 867.649344][T10445] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.1591'. [ 869.571464][ T7407] Bluetooth: hci1: command 0x0409 tx timeout [ 869.869117][ T1110] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 869.930699][T10452] wlan1 speed is unknown, defaulting to 1000 [ 870.086400][ T1110] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 870.088577][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.113721][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.540363][ T1110] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 871.484629][ T1110] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 871.517874][T10472] loop6: detected capacity change from 0 to 256 [ 871.603562][ T7407] Bluetooth: hci1: command 0x041b tx timeout [ 873.239171][T10452] chnl_net:caif_netlink_parms(): no params data found [ 873.723027][ T7407] Bluetooth: hci1: command 0x040f tx timeout [ 874.249952][T10493] loop2: detected capacity change from 0 to 16 [ 874.354792][T10358] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 875.680549][T10497] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1595'. [ 875.689628][T10497] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1595'. [ 875.772876][ T4283] Bluetooth: hci1: command 0x0419 tx timeout [ 875.983926][ T26] kauditd_printk_skb: 60 callbacks suppressed [ 875.983943][ T26] audit: type=1326 audit(1769946682.325:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.2.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 877.232835][ T26] audit: type=1326 audit(1769946682.365:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.2.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 877.371351][ T26] audit: type=1326 audit(1769946682.385:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.2.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 877.419072][ T26] audit: type=1326 audit(1769946682.385:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.2.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 877.578741][ T26] audit: type=1326 audit(1769946682.385:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.2.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 877.622381][ T26] audit: type=1326 audit(1769946682.385:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.2.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 878.662714][ T26] audit: type=1326 audit(1769946682.385:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.2.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 878.665961][T10452] bridge0: port 1(bridge_slave_0) entered blocking state [ 878.778527][ T26] audit: type=1326 audit(1769946682.405:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.2.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 878.825918][ T26] audit: type=1326 audit(1769946682.405:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.2.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 878.878068][T10452] bridge0: port 1(bridge_slave_0) entered disabled state [ 878.924029][T10452] device bridge_slave_0 entered promiscuous mode [ 878.947936][ T26] audit: type=1326 audit(1769946682.405:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.2.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f294b79aeb9 code=0x7ffc0000 [ 880.523219][T10452] bridge0: port 2(bridge_slave_1) entered blocking state [ 880.565636][T10452] bridge0: port 2(bridge_slave_1) entered disabled state [ 880.742515][T10452] device bridge_slave_1 entered promiscuous mode [ 881.821421][T10452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 881.866554][T10452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 882.909952][T10452] team0: Port device team_slave_0 added [ 883.127072][T10452] team0: Port device team_slave_1 added [ 883.263026][T10452] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 883.290497][T10452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 883.357868][T10452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 886.672159][T10452] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 886.699441][T10452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 886.819456][T10452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 886.863626][T10548] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1611'. [ 886.872778][T10548] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1611'. [ 887.270550][T10452] device hsr_slave_0 entered promiscuous mode [ 887.320828][T10452] device hsr_slave_1 entered promiscuous mode [ 887.852661][T10561] Invalid ELF header magic: != ELF [ 888.832860][T10452] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 888.850758][T10452] Cannot create hsr debugfs directory [ 889.547602][ T4334] wlan1 speed is unknown, defaulting to 1000 [ 889.583839][ T4334] ================================================================== [ 889.591982][ T4334] BUG: KASAN: use-after-free in siw_query_port+0x358/0x450 [ 889.599244][ T4334] Read of size 4 at addr ffff88802e0180e0 by task kworker/0:6/4334 [ 889.607261][ T4334] [ 889.609642][ T4334] CPU: 0 PID: 4334 Comm: kworker/0:6 Not tainted syzkaller #0 [ 889.617225][ T4334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 889.627320][ T4334] Workqueue: infiniband ib_cache_event_task [ 889.633269][ T4334] Call Trace: [ 889.636577][ T4334] [ 889.639527][ T4334] dump_stack_lvl+0x188/0x24e [ 889.644329][ T4334] ? __lock_acquire+0x7d10/0x7d10 [ 889.649432][ T4334] ? show_regs_print_info+0x12/0x12 [ 889.654664][ T4334] ? load_image+0x400/0x400 [ 889.659192][ T4334] ? __virt_addr_valid+0x465/0x540 [ 889.664423][ T4334] ? siw_query_port+0x358/0x450 [ 889.669300][ T4334] print_report+0xa8/0x210 [ 889.673825][ T4334] kasan_report+0x10b/0x140 [ 889.678359][ T4334] ? siw_query_port+0x358/0x450 [ 889.683239][ T4334] siw_query_port+0x358/0x450 [ 889.687996][ T4334] ib_cache_update+0x1bf/0x9c0 [ 889.692900][ T4334] ? ib_cache_setup_one+0x5d0/0x5d0 [ 889.698142][ T4334] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 889.704177][ T4334] ? read_lock_is_recursive+0x10/0x10 [ 889.709590][ T4334] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 889.715514][ T4334] ? _raw_spin_unlock+0x40/0x40 [ 889.720391][ T4334] ib_cache_event_task+0xd4/0x1c0 [ 889.725448][ T4334] ? process_one_work+0x7b0/0x1160 [ 889.730582][ T4334] process_one_work+0x8a2/0x1160 [ 889.735553][ T4334] ? worker_detach_from_pool+0x240/0x240 [ 889.741213][ T4334] ? _raw_spin_lock_irq+0xb7/0xf0 [ 889.746422][ T4334] ? _raw_spin_lock_irqsave+0x100/0x100 [ 889.752030][ T4334] ? kthread_data+0x4b/0xc0 [ 889.756754][ T4334] worker_thread+0xaa2/0x1270 [ 889.761479][ T4334] ? __kthread_parkme+0x162/0x1c0 [ 889.766548][ T4334] kthread+0x29d/0x330 [ 889.770651][ T4334] ? worker_clr_flags+0x1a0/0x1a0 [ 889.775718][ T4334] ? kthread_blkcg+0xd0/0xd0 [ 889.780347][ T4334] ret_from_fork+0x1f/0x30 [ 889.784819][ T4334] [ 889.787856][ T4334] [ 889.790202][ T4334] The buggy address belongs to the physical page: [ 889.796640][ T4334] page:ffffea0000b80600 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2e018 [ 889.806822][ T4334] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 889.813972][ T4334] raw: 00fff00000000000 ffff8880b8e413f0 ffff8880b8e413f0 0000000000000000 [ 889.822603][ T4334] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 889.831205][ T4334] page dumped because: kasan: bad access detected [ 889.837718][ T4334] page_owner tracks the page as freed [ 889.843128][ T4334] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x546dc0(GFP_USER|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_COMP|__GFP_ZERO|__GFP_ACCOUNT), pid 4274, tgid 4274 (syz-executor), ts 87523722338, free_ts 889574417026 [ 889.865142][ T4334] post_alloc_hook+0x173/0x1a0 [ 889.869948][ T4334] get_page_from_freelist+0x1a1e/0x1ab0 [ 889.875524][ T4334] __alloc_pages+0x1ec/0x4f0 [ 889.880140][ T4334] __kmalloc_large_node+0x8c/0x1e0 [ 889.885283][ T4334] __kmalloc_node+0x10e/0x240 [ 889.889988][ T4334] kvmalloc_node+0x6c/0x180 [ 889.894535][ T4334] alloc_netdev_mqs+0x84/0xf00 [ 889.899326][ T4334] ieee80211_if_add+0xc07/0x1590 [ 889.904291][ T4334] ieee80211_register_hw+0x2e34/0x39f0 [ 889.909777][ T4334] mac80211_hwsim_new_radio+0x28c2/0x4c40 [ 889.915528][ T4334] hwsim_new_radio_nl+0xafa/0xce0 [ 889.920670][ T4334] genl_family_rcv_msg_doit+0x22a/0x330 [ 889.926254][ T4334] genl_rcv_msg+0x604/0x790 [ 889.930789][ T4334] netlink_rcv_skb+0x1fb/0x450 [ 889.935582][ T4334] genl_rcv+0x24/0x40 [ 889.939690][ T4334] netlink_unicast+0x74d/0x8d0 [ 889.944501][ T4334] page last free stack trace: [ 889.949193][ T4334] free_unref_page_prepare+0x8b4/0x9a0 [ 889.954689][ T4334] free_unref_page+0x2e/0x3f0 [ 889.959410][ T4334] free_large_kmalloc+0xfd/0x190 [ 889.964378][ T4334] device_release+0x92/0x1c0 [ 889.969010][ T4334] kobject_put+0x21d/0x460 [ 889.973470][ T4334] netdev_run_todo+0xcb3/0xdb0 [ 889.978268][ T4334] ieee80211_unregister_hw+0xfc/0x290 [ 889.983667][ T4334] mac80211_hwsim_del_radio+0x285/0x480 [ 889.989365][ T4334] hwsim_exit_net+0x589/0x650 [ 889.994082][ T4334] cleanup_net+0x706/0xba0 [ 889.998545][ T4334] process_one_work+0x8a2/0x1160 [ 890.003613][ T4334] worker_thread+0xaa2/0x1270 [ 890.008326][ T4334] kthread+0x29d/0x330 [ 890.012450][ T4334] ret_from_fork+0x1f/0x30 [ 890.017008][ T4334] [ 890.019442][ T4334] Memory state around the buggy address: [ 890.025091][ T4334] ffff88802e017f80: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc [ 890.033170][ T4334] ffff88802e018000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 890.041253][ T4334] >ffff88802e018080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 890.049502][ T4334] ^ [ 890.056707][ T4334] ffff88802e018100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 890.064804][ T4334] ffff88802e018180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 890.072903][ T4334] ================================================================== [ 891.171558][ T4334] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 891.178824][ T4334] CPU: 0 PID: 4334 Comm: kworker/0:6 Not tainted syzkaller #0 [ 891.186323][ T4334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 891.196512][ T4334] Workqueue: infiniband ib_cache_event_task [ 891.202458][ T4334] Call Trace: [ 891.205782][ T4334] [ 891.208742][ T4334] dump_stack_lvl+0x188/0x24e [ 891.213469][ T4334] ? memcpy+0x3c/0x60 [ 891.217489][ T4334] ? show_regs_print_info+0x12/0x12 [ 891.222809][ T4334] ? load_image+0x400/0x400 [ 891.227436][ T4334] panic+0x2e5/0x730 [ 891.231385][ T4334] ? bpf_jit_dump+0xd0/0xd0 [ 891.235933][ T4334] ? _raw_spin_unlock_irqrestore+0x10d/0x120 [ 891.241955][ T4334] ? _raw_spin_unlock+0x40/0x40 [ 891.246848][ T4334] ? print_memory_metadata+0x314/0x400 [ 891.252364][ T4334] check_panic_on_warn+0x80/0xa0 [ 891.257344][ T4334] ? siw_query_port+0x358/0x450 [ 891.262244][ T4334] end_report+0x66/0x110 [ 891.266540][ T4334] kasan_report+0x118/0x140 [ 891.271116][ T4334] ? siw_query_port+0x358/0x450 [ 891.276022][ T4334] siw_query_port+0x358/0x450 [ 891.280754][ T4334] ib_cache_update+0x1bf/0x9c0 [ 891.285566][ T4334] ? ib_cache_setup_one+0x5d0/0x5d0 [ 891.290807][ T4334] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 891.296865][ T4334] ? read_lock_is_recursive+0x10/0x10 [ 891.302426][ T4334] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 891.308363][ T4334] ? _raw_spin_unlock+0x40/0x40 [ 891.313269][ T4334] ib_cache_event_task+0xd4/0x1c0 [ 891.318352][ T4334] ? process_one_work+0x7b0/0x1160 [ 891.323583][ T4334] process_one_work+0x8a2/0x1160 [ 891.328581][ T4334] ? worker_detach_from_pool+0x240/0x240 [ 891.334259][ T4334] ? _raw_spin_lock_irq+0xb7/0xf0 [ 891.339356][ T4334] ? _raw_spin_lock_irqsave+0x100/0x100 [ 891.344935][ T4334] ? kthread_data+0x4b/0xc0 [ 891.349484][ T4334] worker_thread+0xaa2/0x1270 [ 891.354205][ T4334] ? __kthread_parkme+0x162/0x1c0 [ 891.359261][ T4334] kthread+0x29d/0x330 [ 891.363358][ T4334] ? worker_clr_flags+0x1a0/0x1a0 [ 891.368407][ T4334] ? kthread_blkcg+0xd0/0xd0 [ 891.373057][ T4334] ret_from_fork+0x1f/0x30 [ 891.377506][ T4334] [ 891.381122][ T4334] Kernel Offset: disabled [ 891.385549][ T4334] Rebooting in 86400 seconds..