last executing test programs: 4.804412493s ago: executing program 0: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x8000, &(0x7f0000000180)=ANY=[], 0x6, 0x2be, &(0x7f0000000300)="$eJzs3EtrE1EUwPHT9JWmtMlCFAXpQTe6GdroWgzSghiw1EZ8gDBtJxoyJiUTKhGxduVW/BAuSpfdFbRfoBt3unHjrhvBhV2IkcyjjzSl1Sadtvn/oMxt7j2ZcyeTcO6QyfqDd8/zWcfImmWJRFU6REQ2RBISkUCHv4247R7Z7o1c7f/55eK9h4/upNLp0QnVsdTktaSqDg59fPGqzx+20itriSfrP5Lf186unV//M/ks52jO0UKxrKZOFb+VzSnb0pmckzdUx23LdCzNFRyr5PUXvf6sXZydrahZmBmIzZYsx1GzUNG8VdFyUculippPzVxBDcPQgZhgP5nFiQkz9Z/B001OBi1SKqXMThHp29WTWQwlIQAAEKr6+j9SK+mbV/8vXVot999fHvTr/5WeRvX/9a/ec+2o/6Mi0vL6f3dF1F4OVf/jhKjV/zH//etaeLw07Dao/wEAAAAAAAAAAAAAAAAAAAAAOAk2qtV4tVqNB9vgr1dEoiIS/B92nmgNXv/2tnXjXtegiP12LjOX8bb+gFURscWSYYnLb/d88NXawb2AWpOQT/a8Hz8/l+l0e1JZybnxIxKXRH18tTp2Oz06op6d8d0S2x6flLicaRyfbBjfI1cub4s3JC6fp6Uotsy45/VW/OsR1Vt303Xxfe44AAAAAABOA0M3NVy/G8Ze/V785vq64fUBb3093HB93iUXusKdOwAAAAAA7cKpvMybtm2VTl0jmOFBo4LvMoSSc7DzgwxekGNweCMHSrW+MSQith5278Flo73GyHiTZhr511Pi3PsPv5p3nG8sR/eZacsa3Uf3CQQAAADgqGwV/cEjN8NNCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANnQUPycW9hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+JvAAAA//9JOg68") r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = open(&(0x7f0000000400)='./bus\x00', 0x16543e, 0x0) ftruncate(r1, 0x7fff) r2 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) fcntl$setstatus(r2, 0x4, 0x4400) dup3(r2, r0, 0x0) io_setup(0x6, &(0x7f0000000240)=0x0) r4 = creat(&(0x7f0000000300)='./bus\x00', 0x0) write$binfmt_elf32(r4, &(0x7f00000008c0)=ANY=[], 0x4b0) r5 = open(&(0x7f0000000000)='./bus\x00', 0x16d43e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x37ffffe, 0x11, r5, 0x0) io_submit(r3, 0x3f0a, &(0x7f0000000540)=[&(0x7f00000000c0)={0xf04aef, 0x3d8, 0x4, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}]) syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff) 4.427509511s ago: executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/stat\x00', 0x0, 0x0) readv(r4, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/31, 0x1f}, {&(0x7f0000000380)=""/168, 0xa8}], 0x2) bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040), 0xe) setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) prctl$PR_GET_IO_FLUSHER(0x3a) connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) socket(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffec5, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={0x0}, 0x10) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x52, 0x0, 0x5}]}, 0x10) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='wg0\x00', 0x4) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000b00)=[{{&(0x7f0000000680)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}], 0x1, 0x0) sendmmsg$inet(r6, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)="4a4b1091d520ad6fe99665f97f7d40315878c0cf55a0326945b02d63ab7be97f7a3b51362570a641d0890dcef8a9ca353cad1633ecbd239abaed680353cc2481fdc73111cb4da6874aa61bf0f7b9c34f3bb36739f465d19753bf9cced30bb4b760fb591bcae63058ef44954c9671c88282a207c8294437cebb9a58ed7c7705a6fb641960d368b41acbbc4dd225", 0x8d}, {&(0x7f0000003c80)="d403a5cb79ce4dc0c356ce03b88505a1a92e59335c795a28332b2ec25ed0fbf02766132ec734df99d02540ab0324f859874e6f6f0178cf23c4a519f39341b2a9806ca3ecf04774f335eb3f0c33938fe91512964b99f826369769bec413d4c465d2ef541f5882bfad66b6c936f4731f3791e3bafe28db4a31ab8cde6b26d1e5dab03d593d9e094749b39719d269dd48600c188cc7f1429503c365146934cd876a3b4d0d8fbb0864e86e0de94d7ad0e48990960fb7f2be3226301c36ab12304955c8ab480a50dd1b1d461bf65c0e0b59ab613dc0928b3881bb134863a06fcf0e26f4eca5edb316b32198f29acce745f6a4a3bd817618d7a4dcd1a8c8f0431ab7a2ab0df9d79c40b6796eb2abfe9e2e836e0892800861df8d4ed68f3712c02c25a20b3a86698a2a5eb9dc50b7a3d93847d5541216e57e83fa93034c629abebcde8c898adb4bbb3b3ae8679eb8a3e02a249970e2a3a223e2cb887c0abcce4a9afff778ae326e5f346db6e048165a5485e990d528388d8ef8dab5cc7c9e905c2bd901177919f775db2fb50224ea500713899da349625bc65b6b6d881338ffa3cb6cf81fb6330dab75d3e7bf9c1cdf64f7236e64f0a63a24bf858fbea54b834cf9bd729860be72954a974d60cec48736f50329165257fd4e27c6f1037a06ca93e0bcd66864ffd9df1dd84b1fcf04a88633a28798ca6091c8782568edfade9473f587ae98f71452c60f69a4a3365532e2533ae487ad40a3a60aa269d2b40614f485f1f94c44ff1a4dcdc201ec7dbd95dd1ed03dd9b57c6e393cb2f3d1e21b346365241efd55c181f385d64c8d0c2c5d3f6bb1716af6885c020c570d33ec57548b280ff99d15ae1c7071a28edf4b0d74544f3ca826d1e18ee7ba5da1e20f0b752b507610f7e85600c16d92abda0c28a1b45484614f86e91b6f45fff35a1b177d91b9bc0909473553a23b4fa059c7206c9232b4810ab502cc06d1ab6b507d6130b3285cf65eb810ffbde46cec4687dc3ff76b314f56525ee74edf7c42d93e3aeb591bcfb3676f90f60796707a881d4d6fa8dc41c8eef52cf11b74219bb1343938750e9dded5a65a1c992d619475d7485865587e1845a8af0610f8359ac0dae167632ba9028fcfb79081c228e984c911151f4d3153370dd68a53ce88d64a50262d64ec45c5297fa23085ed5d4ae66baf037a5a0ac7db7fccd9589761a7f555fd7077f60d5c7f64ce259cb986c5c0dfebf5820e96178c1d1e0ffcfebf791e165dcda179f248e2ac3b6cb946733af19ab3e4ae7225ca220dced483bb0095f73da7e75d92e10eec2bd2a557aa2d679213bef8a7b6532decade959356ec4cbaa15966a07912a2d2f3d23620174888cb467d8b6b69cb9321e96469ff798993869e517386bd06c48c96f49d4c27d957e66c48f41fee2b873fdc9ca56517203f88ec11df03b15d4607f2102d766ef5ce037ce139d2f997d02ce7be07fdb1fbd1f3ac05a945223cb1778031b4451a84596698561175c6654bf54e7cd06b747b32c638a93a5f6db2499b836e6b5a82b19a8a64ef8ad600773dd908a106ba8ab554b45c50022f80108a3bff0d192e9c23b04dd4a88dfc3b2db9509bf07742f3e22597ac7f3df7b7408e25b8b376cddbfffacfedcac3bec71b7ccfd5f1b74a96b3a451d0dce174ad3902320e48ec15959088ea1249be6520f044b057487d5b1aeb86153e9674a20b7aff0439aca5acad8fda317b88aeaba433a50ff11cb0b1c5e156b9bbfdd03062cadb01b7496080c8a4374459287cc8df031bccfb28bb919c171f0997e4120fbbbecc2ba331c6c92a1125cc0ae2daf23f096de1581ed09a9125bad5e99fec7c68c8fdbbbdf7a9d63480c03a7160051008373216ad7eb6923cdea1fd5a470ba322c1abb2ee4ddd49c27c23c49b0fa3c8137a4128ee427022ac9c6cbdcdf866ebbfde54983eba6aa98093fca228d1e667b77194d4c6ef6e28a1f5dfcdebfb1eb0a6cb46b65c14f88375827a7228bdd132dacc73ff032168a3a65954afc250911273137e14ba08fa06206b621b0cc104871559a6ca2ecbee759ba01fde39f9413dd606b83afd399248e377478413edfe958b6ce3b0e61a9c65989521bba74852b64ad8b1cfd3a7e8452909807054ea38b762cf6d0bdea4919c40d1f3bb2ec7ae45e6ffe1de8a158e22803035877e9d74fe8d86fa48c52db566dbd72561935414d1ec61b39e3ef7d319f0f14364fb56480bfad71017e7236fd8076e9bf4f6b226dcc3c91b4acaee7b94c51e364e66f9deb9f1785f83b2f46a02050fd66a136515597233491bb8ef286a9fe99f07cb6083800b4c4646a81ca5529798b7d227089468f925168b3488ad0b5c68140d60e515f2b095232c806d0eb848b32b631d3ef51467f76d7e8beb6540e3b98f5d269189b0fc86b5c0b384cb752fce6b1ef094a7af85a5c747fa7a995bfdf486b7f57c5b8f67542b748c963b190ee3f351e5a5e60992ac645cd8785583551f767b0719d1b79897c18af27f08cd5b514d466ee5e075016b44caba272cc9bc15f4dd2cdf363ba0392707709911ca97ced6aa298a1863f2b7339ff572bd8fa8475fc41d4797c9e1dd8e744ff4d929d3acef23a56e11131da2207098bfc7971c609708bdc5c53299bef1c6ec67058a9e6d02585e12a89ad5a4ba265ced159fde0ff2b16c426e834ada4219b64a14d33079798b743439814bb933f02cec9d659d18f8ccf22f4fd68fa693dd2d61575f08a6bf2fa093a6c1b5aee3006652e9227cd3c2cf2b20a9464d5639dd912877c1feb1a1e638d67fee492b31106a4428b82758a04176a8163c745c953570ac707919e9ef95789c47a235b36923f7f218b59b27a1c484b0725a08a5dddd008ec1ba332760078d7a3d5fcc5290bb9112ea7ae8681251dd743f973f2037333055d74c97f60f460b02d5fe76ad72b9406400594eabacc54fb4f6fc24d8d1d0058e17df3b5f9fb28a58105999c57566c9690e69aa389727db182d7e1efc46b21cd981bb423b28355ea4c5a71123d47ffd20d985cac3e480f5c3113621dffd8f540243e166f371961581244ae50e688111896405c483ee64d1bc4024685bd12b138cb4a4d4390dff8f18fc139f9ae15ebb98f62c7d3ee516198f4da84a0532a604c054fe22534dd624408a2b798671f2ccb98317ab8db97d56cc667b2a8f71e93d0fa6b050ef2ac75a1b110f519ad7c9be1da7ccd13de7508a8e9ef84768dff990f6aa5168b69abf0389d4ea51661459b865cfb563b27486a9172b29d6721354305c880a39437702f67513b54d066821bdd9a1d5311ebdf4c266823d429211ff5f8b7d1f3d41fd827b25ce99a89935ba485b117ceeb1ca96dc6c1fb8e15b4067e5d23659cae77ef60dcb8d3ee963b700e939a34dd14718550494d075e0382b45190eeb7154917e1e0b0e2703ed556fe2f20191fc28c6c79eddad4b16187382b885eab337b2b3a793d2e2df5dd688dc79dadb23d1156b31bbb5445b95c29161cdb5b11394897f973338b21a135cf42b8f831a50230e2504aa1892c3c505cba0283cd19cc39125193db1804db2346e8f9ed5da7543c959ac1ce6a9e1a0a5f567f53b157ca073805d97e4314044972a69364c8a1927352b75b5efacc012308b43b5823037ce6715a8bd6d18f5745507928d985914bf62d994edbb0ca19811d23bd8ce2e42cbbf10b426910a08c7f0bbc619e178311846ef168242e", 0xa4a}], 0x2}}], 0x1, 0x0) 3.416122636s ago: executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f0000000240)) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a0006000000000026b900000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmmsg(r4, &(0x7f0000000180), 0x400008a, 0x0) sendmsg$key(r4, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="02090f0902"], 0x10}}, 0x0) 2.48041405s ago: executing program 0: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x480, &(0x7f00000000c0), 0x1, 0x765, &(0x7f0000000800)="$eJzs3c1rHOUfAPDvbJKmv7Q/E0HQegoIGijdmBpbBQ8VDyJYKOjZdtlsQ80mW7Kb0oSAFhG8CCoeBL307Eu9efXlqv+FB2mpmhYrHiQyu7PpNtltN22SRffzgWmf55nZPPPdZ2aeZ/cZdgLoW+PpP7mIQxHxQRIxmpUnETFUTw1GnGhsd2tttZguSayvv/ZbUt/m5tpqMVpekzqQZR6LiO/fjTic21pvdXllrlAulxaz/GRt/vxkdXnlyLn5wmxptrRwbGp6+ujxZ48f27lY//hp5eC1D19+6qsTf73z6JX3f0jiRBzM1rXGsVPGYzx7T4bSt/AOL+10ZT2W9HoHuC/pqTnQOMvjUIzGQD0FAPyXvRUR6wBAn0n0/wDQZ5rfA9xcWy02l95+I7G3rr8YEfsb8TfnNxtrBrM5u/31edCRm0k2M9KYzEwiYmwH6h+PiM++eeOLdIldmocEaOftSxFxZmx86/U/2XLPwnY93cU245vyrn+wd75Nxz/PtRv/5TbGP3HH+KdhuM25ez/uff7nru5ANR2l478XWu5tu9USf2ZsIMv9vz7mG0rOniuX0mvbQxExEUPDaX7qLnVM3Pj7Rqd1reO/3z968/O0/vT/21vkrg4O3/mamUKt8CAxt7p+KeLxwXbxJxvtn7Rp/7TsVJd1vPL8e592WpfGn8bbXLbGv7vWL0c82bb9b9/Rltz1/sTJ+uEw2Two2vj6509G2pUf2dT+6ZLW3/wssBfS9h+5e/xjSev9mtXt1/Hj5dHvOq27d/ztj/99yev19L6s7GKhVlucitiXvLq1/Ojt1zbzze3T+CeeaH/+bz7+11v2If1MeKbL+Aev/frl/ce/u9L4Z7bV/ttPXLk1N9Cp/u7af7qemshKurn+dbuDD/LeAQAAAAAAAAAAAAAAAAAAAAAAAEC3chFxMJJcfiOdy+XzjWd4PxIjuXKlWjt8trK0MBP1Z2WPxVCu+VOXoy2/hzqV/R5+M390U/6ZiHg4Ij4e/l89ny9WyjO9Dh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMgc6PP8/9ctwr/cOANg1+3u9AwDAntP/A0D/0f8DQP/R/wNA/9H/A0D/0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwy06dPJku63+urRbT/MyF5aW5yoUjM6XqXH5+qZgvVhbP52crldlyKV+szN/r75UrlfPTsbB0cbJWqtYmq8srp+crSwu10+fmC7Ol06WhPYkKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALanurwyVyiXS4sSEhISG4leX5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/h3+CQAA///Q6StZ") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000030000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) r4 = eventfd(0x0) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0}) ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4) ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000001140)={0x3, 0x0, [{0x1000, 0x1000, &(0x7f0000001ec0)=""/4096}, {0xf000, 0x3d, &(0x7f0000000380)=""/61}, {0x4000, 0xd6, &(0x7f0000001200)=""/214}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x20000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) 2.329288293s ago: executing program 0: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) write$cgroup_subtree(r2, 0x0, 0x240) 2.308268326s ago: executing program 2: ioctl$VHOST_VDPA_GET_CONFIG(0xffffffffffffffff, 0x8008af73, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) unshare(0x8000400) 2.297740988s ago: executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/stat\x00', 0x0, 0x0) readv(r4, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/31, 0x1f}, {&(0x7f0000000380)=""/168, 0xa8}], 0x2) bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040), 0xe) setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) prctl$PR_GET_IO_FLUSHER(0x3a) connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) socket(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffec5, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={0x0}, 0x10) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x52, 0x0, 0x5}]}, 0x10) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='wg0\x00', 0x4) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000b00)=[{{&(0x7f0000000680)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}], 0x1, 0x0) sendmmsg$inet(r6, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)="4a4b1091d520ad6fe99665f97f7d40315878c0cf55a0326945b02d63ab7be97f7a3b51362570a641d0890dcef8a9ca353cad1633ecbd239abaed680353cc2481fdc73111cb4da6874aa61bf0f7b9c34f3bb36739f465d19753bf9cced30bb4b760fb591bcae63058ef44954c9671c88282a207c8294437cebb9a58ed7c7705a6fb641960d368b41acbbc4dd225", 0x8d}, {&(0x7f0000003c80)="d403a5cb79ce4dc0c356ce03b88505a1a92e59335c795a28332b2ec25ed0fbf02766132ec734df99d02540ab0324f859874e6f6f0178cf23c4a519f39341b2a9806ca3ecf04774f335eb3f0c33938fe91512964b99f826369769bec413d4c465d2ef541f5882bfad66b6c936f4731f3791e3bafe28db4a31ab8cde6b26d1e5dab03d593d9e094749b39719d269dd48600c188cc7f1429503c365146934cd876a3b4d0d8fbb0864e86e0de94d7ad0e48990960fb7f2be3226301c36ab12304955c8ab480a50dd1b1d461bf65c0e0b59ab613dc0928b3881bb134863a06fcf0e26f4eca5edb316b32198f29acce745f6a4a3bd817618d7a4dcd1a8c8f0431ab7a2ab0df9d79c40b6796eb2abfe9e2e836e0892800861df8d4ed68f3712c02c25a20b3a86698a2a5eb9dc50b7a3d93847d5541216e57e83fa93034c629abebcde8c898adb4bbb3b3ae8679eb8a3e02a249970e2a3a223e2cb887c0abcce4a9afff778ae326e5f346db6e048165a5485e990d528388d8ef8dab5cc7c9e905c2bd901177919f775db2fb50224ea500713899da349625bc65b6b6d881338ffa3cb6cf81fb6330dab75d3e7bf9c1cdf64f7236e64f0a63a24bf858fbea54b834cf9bd729860be72954a974d60cec48736f50329165257fd4e27c6f1037a06ca93e0bcd66864ffd9df1dd84b1fcf04a88633a28798ca6091c8782568edfade9473f587ae98f71452c60f69a4a3365532e2533ae487ad40a3a60aa269d2b40614f485f1f94c44ff1a4dcdc201ec7dbd95dd1ed03dd9b57c6e393cb2f3d1e21b346365241efd55c181f385d64c8d0c2c5d3f6bb1716af6885c020c570d33ec57548b280ff99d15ae1c7071a28edf4b0d74544f3ca826d1e18ee7ba5da1e20f0b752b507610f7e85600c16d92abda0c28a1b45484614f86e91b6f45fff35a1b177d91b9bc0909473553a23b4fa059c7206c9232b4810ab502cc06d1ab6b507d6130b3285cf65eb810ffbde46cec4687dc3ff76b314f56525ee74edf7c42d93e3aeb591bcfb3676f90f60796707a881d4d6fa8dc41c8eef52cf11b74219bb1343938750e9dded5a65a1c992d619475d7485865587e1845a8af0610f8359ac0dae167632ba9028fcfb79081c228e984c911151f4d3153370dd68a53ce88d64a50262d64ec45c5297fa23085ed5d4ae66baf037a5a0ac7db7fccd9589761a7f555fd7077f60d5c7f64ce259cb986c5c0dfebf5820e96178c1d1e0ffcfebf791e165dcda179f248e2ac3b6cb946733af19ab3e4ae7225ca220dced483bb0095f73da7e75d92e10eec2bd2a557aa2d679213bef8a7b6532decade959356ec4cbaa15966a07912a2d2f3d23620174888cb467d8b6b69cb9321e96469ff798993869e517386bd06c48c96f49d4c27d957e66c48f41fee2b873fdc9ca56517203f88ec11df03b15d4607f2102d766ef5ce037ce139d2f997d02ce7be07fdb1fbd1f3ac05a945223cb1778031b4451a84596698561175c6654bf54e7cd06b747b32c638a93a5f6db2499b836e6b5a82b19a8a64ef8ad600773dd908a106ba8ab554b45c50022f80108a3bff0d192e9c23b04dd4a88dfc3b2db9509bf07742f3e22597ac7f3df7b7408e25b8b376cddbfffacfedcac3bec71b7ccfd5f1b74a96b3a451d0dce174ad3902320e48ec15959088ea1249be6520f044b057487d5b1aeb86153e9674a20b7aff0439aca5acad8fda317b88aeaba433a50ff11cb0b1c5e156b9bbfdd03062cadb01b7496080c8a4374459287cc8df031bccfb28bb919c171f0997e4120fbbbecc2ba331c6c92a1125cc0ae2daf23f096de1581ed09a9125bad5e99fec7c68c8fdbbbdf7a9d63480c03a7160051008373216ad7eb6923cdea1fd5a470ba322c1abb2ee4ddd49c27c23c49b0fa3c8137a4128ee427022ac9c6cbdcdf866ebbfde54983eba6aa98093fca228d1e667b77194d4c6ef6e28a1f5dfcdebfb1eb0a6cb46b65c14f88375827a7228bdd132dacc73ff032168a3a65954afc250911273137e14ba08fa06206b621b0cc104871559a6ca2ecbee759ba01fde39f9413dd606b83afd399248e377478413edfe958b6ce3b0e61a9c65989521bba74852b64ad8b1cfd3a7e8452909807054ea38b762cf6d0bdea4919c40d1f3bb2ec7ae45e6ffe1de8a158e22803035877e9d74fe8d86fa48c52db566dbd72561935414d1ec61b39e3ef7d319f0f14364fb56480bfad71017e7236fd8076e9bf4f6b226dcc3c91b4acaee7b94c51e364e66f9deb9f1785f83b2f46a02050fd66a136515597233491bb8ef286a9fe99f07cb6083800b4c4646a81ca5529798b7d227089468f925168b3488ad0b5c68140d60e515f2b095232c806d0eb848b32b631d3ef51467f76d7e8beb6540e3b98f5d269189b0fc86b5c0b384cb752fce6b1ef094a7af85a5c747fa7a995bfdf486b7f57c5b8f67542b748c963b190ee3f351e5a5e60992ac645cd8785583551f767b0719d1b79897c18af27f08cd5b514d466ee5e075016b44caba272cc9bc15f4dd2cdf363ba0392707709911ca97ced6aa298a1863f2b7339ff572bd8fa8475fc41d4797c9e1dd8e744ff4d929d3acef23a56e11131da2207098bfc7971c609708bdc5c53299bef1c6ec67058a9e6d02585e12a89ad5a4ba265ced159fde0ff2b16c426e834ada4219b64a14d33079798b743439814bb933f02cec9d659d18f8ccf22f4fd68fa693dd2d61575f08a6bf2fa093a6c1b5aee3006652e9227cd3c2cf2b20a9464d5639dd912877c1feb1a1e638d67fee492b31106a4428b82758a04176a8163c745c953570ac707919e9ef95789c47a235b36923f7f218b59b27a1c484b0725a08a5dddd008ec1ba332760078d7a3d5fcc5290bb9112ea7ae8681251dd743f973f2037333055d74c97f60f460b02d5fe76ad72b9406400594eabacc54fb4f6fc24d8d1d0058e17df3b5f9fb28a58105999c57566c9690e69aa389727db182d7e1efc46b21cd981bb423b28355ea4c5a71123d47ffd20d985cac3e480f5c3113621dffd8f540243e166f371961581244ae50e688111896405c483ee64d1bc4024685bd12b138cb4a4d4390dff8f18fc139f9ae15ebb98f62c7d3ee516198f4da84a0532a604c054fe22534dd624408a2b798671f2ccb98317ab8db97d56cc667b2a8f71e93d0fa6b050ef2ac75a1b110f519ad7c9be1da7ccd13de7508a8e9ef84768dff990f6aa5168b69abf0389d4ea51661459b865cfb563b27486a9172b29d6721354305c880a39437702f67513b54d066821bdd9a1d5311ebdf4c266823d429211ff5f8b7d1f3d41fd827b25ce99a89935ba485b117ceeb1ca96dc6c1fb8e15b4067e5d23659cae77ef60dcb8d3ee963b700e939a34dd14718550494d075e0382b45190eeb7154917e1e0b0e2703ed556fe2f20191fc28c6c79eddad4b16187382b885eab337b2b3a793d2e2df5dd688dc79dadb23d1156b31bbb5445b95c29161cdb5b11394897f973338b21a135cf42b8f831a50230e2504aa1892c3c505cba0283cd19cc39125193db1804db2346e8f9ed5da7543c959ac1ce6a9e1a0a5f567f53b157ca073805d97e4314044972a69364c8a1927352b75b5efacc012308b43b5823037ce6715a8bd6d18f5745507928d985914bf62d994edbb0ca19811d23bd8ce2e42cbbf10b426910a08c7f0bbc619e178311846ef168242e", 0xa4a}], 0x2}}], 0x1, 0x0) 2.243234536s ago: executing program 0: r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="00220f000000079b4d394881"], 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000d40), 0x0, 0x0) ioctl$HIDIOCGUCODE(r1, 0xc018480d, &(0x7f0000000000)={0x1, 0x100}) 1.356334502s ago: executing program 2: prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet(0x2, 0x801, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x2000077d, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x0) pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) splice(r3, 0x0, r4, 0x0, 0x7ffff000, 0x0) getsockopt$netlink(r4, 0x10e, 0x3, &(0x7f0000000580)=""/230, &(0x7f0000000100)=0xe6) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000140)) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000120000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r8, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) 949.600895ms ago: executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) writev(r0, &(0x7f0000000280)=[{&(0x7f0000000440)="89e7ee2c7cdad9b4b47380c986dd", 0xe}], 0x1) 863.806968ms ago: executing program 3: r0 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f00000002c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) syz_emit_ethernet(0xfdef, &(0x7f0000000440)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x88, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @parameter_prob={0xc, 0x0, 0x0, 0x0, 0x0, 0x3, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast1, @multicast2}}}}}}, 0x0) 851.30696ms ago: executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xad}]}, &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80) 831.424823ms ago: executing program 3: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) 813.840005ms ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) close(r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2}, 0x0, 0x0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r2, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'veth0_to_batadv\x00', 0x0}) setsockopt$packet_int(r4, 0x107, 0x14, &(0x7f0000000200)=0x5, 0x4) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4) sendto$packet(r4, &(0x7f00000000c0)="3f040e03f007120006001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xb318, 0x0, &(0x7f0000000540)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14) 801.198657ms ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xfb, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='ext4_alloc_da_blocks\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080)) 780.005071ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r6 = dup(r5) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000008c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"]) ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd25479024a676b21b3adc5e463c9effbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953584db11b7f89ec68098eafa48cebd6882a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56f335e2373b2cde5600db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8b03fe4798e5750d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 697.884173ms ago: executing program 1: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=@framed={{}, [@printk={@s}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001940)={0x20, r4, 0x1, 0x0, 0x0, {0x21}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}]}, 0x20}}, 0x0) 636.384972ms ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r3}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r4, &(0x7f0000000200), 0x43400) 615.296156ms ago: executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0xa, 0x0, 0xa, 0x2}, 0x10}}, 0x0) 606.310267ms ago: executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) pipe2(0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6daa00000000000071101f00000000009500000000000000"], &(0x7f0000000480)='syzkaller\x00'}, 0x80) 505.841813ms ago: executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000180)={0x1f, 0xffff, 0x3}, 0x6) write(r4, &(0x7f0000000000)="38000300010003", 0x7) 487.836186ms ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xfb, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='ext4_alloc_da_blocks\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080)) 463.574169ms ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='ext4_discard_preallocations\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='ext4_discard_preallocations\x00', r2}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) 413.046287ms ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r4, &(0x7f00000006c0)=ANY=[@ANYBLOB="b8"], 0xb8) write$FUSE_INIT(r4, &(0x7f0000000240)={0x50}, 0x50) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) r5 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0) symlinkat(&(0x7f0000000040)='./file0\x00', r5, &(0x7f0000000080)='./file0\x00') 409.717817ms ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$cgroup2(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000480), 0x0, &(0x7f0000000040)={[], [{@defcontext={'defcontext', 0x3d, 'system_u'}}]}) 380.924812ms ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r6 = dup(r5) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000008c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"]) ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd25479024a676b21b3adc5e463c9effbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953584db11b7f89ec68098eafa48cebd6882a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56f335e2373b2cde5600db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8b03fe4798e5750d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 218.675866ms ago: executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) 75.226269ms ago: executing program 4: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=@framed={{}, [@printk={@s}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001940)={0x20, r4, 0x1, 0x0, 0x0, {0x21}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}]}, 0x20}}, 0x0) 60.765741ms ago: executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x11d, 0x11d, 0x2, [@datasec={0x0, 0x4, 0x0, 0xf, 0x1, [{}, {}, {}, {}], "fa"}, @typedef, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}]}, @func, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}]}, @union={0x0, 0x4, 0x0, 0x5, 0x0, 0x0, [{}, {}, {}, {}]}, @enum={0x0, 0x3, 0x0, 0x6, 0x4, [{}, {}, {0x0, 0x4}]}]}}, 0x0, 0x13a}, 0x20) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'batadv_slave_1\x00'}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000180)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000640)=0x1) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x4547, 0x4) bind$inet(r0, &(0x7f0000000640)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) kernel console output (not intermixed with test programs): dge_slave_0 entered promiscuous mode [ 487.903658][T14051] bridge0: port 2(bridge_slave_1) entered blocking state [ 487.910656][T14051] bridge0: port 2(bridge_slave_1) entered disabled state [ 487.918320][T14051] device bridge_slave_1 entered promiscuous mode [ 488.017210][ T357] usb 5-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b [ 488.030467][ T357] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 488.038457][ T357] usb 5-1: Product: syz [ 488.042465][ T357] usb 5-1: Manufacturer: syz [ 488.046901][ T357] usb 5-1: SerialNumber: syz [ 488.063683][ T357] usb 5-1: config 0 descriptor?? [ 488.079670][T14051] bridge0: port 2(bridge_slave_1) entered blocking state [ 488.086638][T14051] bridge0: port 2(bridge_slave_1) entered forwarding state [ 488.093739][T14051] bridge0: port 1(bridge_slave_0) entered blocking state [ 488.100516][T14051] bridge0: port 1(bridge_slave_0) entered forwarding state [ 488.180374][ T7531] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 488.188222][ T7531] bridge0: port 1(bridge_slave_0) entered disabled state [ 488.195291][ T7531] bridge0: port 2(bridge_slave_1) entered disabled state [ 488.225109][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 488.234429][ T333] bridge0: port 1(bridge_slave_0) entered blocking state [ 488.241298][ T333] bridge0: port 1(bridge_slave_0) entered forwarding state [ 488.248673][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 488.256639][ T30] audit: type=1326 audit(2000000171.857:16831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f354baf80a9 code=0x7fc00000 [ 488.256938][ T333] bridge0: port 2(bridge_slave_1) entered blocking state [ 488.287364][ T333] bridge0: port 2(bridge_slave_1) entered forwarding state [ 488.294656][ T60] usb 3-1: USB disconnect, device number 62 [ 488.295701][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 488.308677][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 488.339698][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 488.352360][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 488.368952][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 488.384153][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 488.401379][T14051] device veth0_vlan entered promiscuous mode [ 488.429372][ T7531] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 488.438991][T14051] device veth1_macvtap entered promiscuous mode [ 488.456422][ T7531] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 488.479066][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 488.538181][ T469] device bridge_slave_1 left promiscuous mode [ 488.545255][ T469] bridge0: port 2(bridge_slave_1) entered disabled state [ 488.556962][ T469] device bridge_slave_0 left promiscuous mode [ 488.567272][ T357] usb 5-1: MIDIStreaming interface descriptor not found [ 488.571424][ T469] bridge0: port 1(bridge_slave_0) entered disabled state [ 488.587630][ T357] usb 5-1: USB disconnect, device number 60 [ 488.594744][ T469] device veth1_macvtap left promiscuous mode [ 488.607757][ T469] device veth0_vlan left promiscuous mode [ 488.898833][ T30] audit: type=1326 audit(2000000172.507:16832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f354baf80a9 code=0x7fc00000 [ 488.951561][ T30] audit: type=1326 audit(2000000172.507:16833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f354baf80a9 code=0x7fc00000 [ 489.002479][ T30] audit: type=1326 audit(2000000172.507:16834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f354baf80a9 code=0x7fc00000 [ 489.056773][ T30] audit: type=1326 audit(2000000172.507:16835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f354baf80a9 code=0x7fc00000 [ 489.102687][ T30] audit: type=1326 audit(2000000172.507:16836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f354baf80a9 code=0x7fc00000 [ 489.144836][T14062] loop1: detected capacity change from 0 to 65536 [ 489.151257][ T30] audit: type=1326 audit(2000000172.507:16837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f354baf80a9 code=0x7fc00000 [ 489.176896][ T30] audit: type=1326 audit(2000000172.507:16838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f354baf80a9 code=0x7fc00000 [ 489.201503][ T30] audit: type=1326 audit(2000000172.507:16839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f354baf80a9 code=0x7fc00000 [ 489.234541][ T30] audit: type=1326 audit(2000000172.507:16840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14057 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f354baf80a9 code=0x7fc00000 [ 489.301584][T14087] loop0: detected capacity change from 0 to 256 [ 489.361059][T14087] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 489.607154][T14095] loop1: detected capacity change from 0 to 40427 [ 489.669188][T14091] loop4: detected capacity change from 0 to 40427 [ 489.675555][T14095] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 489.683138][T14095] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 489.718062][T14095] F2FS-fs (loop1): Found nat_bits in checkpoint [ 489.728495][T14091] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 489.746198][T14091] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 489.754589][T14095] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 489.765366][T14091] F2FS-fs (loop4): invalid crc value [ 489.775175][T14091] F2FS-fs (loop4): Found nat_bits in checkpoint [ 489.781428][T14095] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 489.788311][T14095] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 489.849490][T14091] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 489.861748][T14091] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 490.214678][ T7531] usb 3-1: new high-speed USB device number 63 using dummy_hcd [ 490.457482][ T7531] usb 3-1: Using ep0 maxpacket: 16 [ 490.737241][ T7531] usb 3-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b [ 490.746102][ T7531] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 490.768767][T14131] loop1: detected capacity change from 0 to 256 [ 490.774861][ T7531] usb 3-1: Product: syz [ 490.781592][ T7531] usb 3-1: Manufacturer: syz [ 490.786000][ T7531] usb 3-1: SerialNumber: syz [ 490.791783][ T7531] usb 3-1: config 0 descriptor?? [ 490.830557][T14131] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 491.567308][ T7531] usb 3-1: MIDIStreaming interface descriptor not found [ 491.578061][ T7531] usb 3-1: USB disconnect, device number 63 [ 491.737359][ T20] usb 2-1: new high-speed USB device number 54 using dummy_hcd [ 492.107199][ T20] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18 [ 492.277177][ T20] usb 2-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 492.288232][ T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 492.296026][ T20] usb 2-1: Product: syz [ 492.305424][ T20] usb 2-1: Manufacturer: syz [ 492.309857][ T20] usb 2-1: SerialNumber: syz [ 492.319511][ T20] usb 2-1: config 0 descriptor?? [ 492.337169][T14145] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 492.579292][ T20] usb 2-1: USB disconnect, device number 54 [ 493.407138][ T357] usb 3-1: new high-speed USB device number 64 using dummy_hcd [ 493.572567][T14179] loop1: detected capacity change from 0 to 131072 [ 493.634438][T14179] F2FS-fs (loop1): invalid crc value [ 493.641422][T14179] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589465964773) [ 493.657178][ T357] usb 3-1: Using ep0 maxpacket: 8 [ 493.683753][T14179] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 493.837221][ T357] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 493.937297][ T357] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 493.952583][ T357] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 493.961154][ T357] usb 3-1: SerialNumber: syz [ 493.967322][ T357] usb 3-1: config 0 descriptor?? [ 493.987688][T14191] : renamed from pim6reg1 [ 494.007701][ T357] usb 3-1: Found UVC 0.00 device (05ac:8501) [ 494.014531][ T357] usb 3-1: No valid video chain found. [ 494.208523][ T357] usb 3-1: USB disconnect, device number 64 [ 495.564547][ T30] kauditd_printk_skb: 60 callbacks suppressed [ 495.564562][ T30] audit: type=1326 audit(2000000179.167:16901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14230 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1b413e80a9 code=0x0 [ 495.632961][T14217] loop2: detected capacity change from 0 to 131072 [ 495.669284][ T30] audit: type=1326 audit(2000000179.277:16902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14230 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1b413e80a9 code=0x0 [ 495.699671][T14217] F2FS-fs (loop2): invalid crc value [ 495.722154][T14217] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589465964773) [ 495.775464][T14217] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 495.977135][ T20] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 496.327146][ T20] usb 4-1: Using ep0 maxpacket: 16 [ 496.447241][ T20] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 496.529136][T14266] loop1: detected capacity change from 0 to 40427 [ 496.547186][ T20] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 496.556157][ T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 496.564002][ T20] usb 4-1: SerialNumber: syz [ 496.568574][T14266] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 496.576412][T14266] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 496.585570][T14266] F2FS-fs (loop1): invalid crc value [ 496.592206][T14266] F2FS-fs (loop1): Found nat_bits in checkpoint [ 496.630595][T14266] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 496.637543][T14266] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 497.003863][ T20] usb 4-1: USB disconnect, device number 41 [ 497.035188][ T469] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 497.044557][ T469] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 497.447114][ T7531] usb 2-1: new high-speed USB device number 55 using dummy_hcd [ 497.807161][ T7531] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 497.827105][ T7531] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 497.838133][ T7531] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 497.857116][ T7531] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 497.876235][ T7531] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 497.886725][ T7531] usb 2-1: config 0 descriptor?? [ 497.907184][T14282] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 498.368064][ T7531] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0 [ 498.386230][ T7531] plantronics 0003:047F:FFFF.0059: No inputs registered, leaving [ 498.395312][ T7531] plantronics 0003:047F:FFFF.0059: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 498.577146][ T60] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 498.637770][ T357] usb 2-1: USB disconnect, device number 55 [ 498.684399][T14298] loop2: detected capacity change from 0 to 131072 [ 498.719153][T14298] F2FS-fs (loop2): invalid crc value [ 498.725858][T14298] F2FS-fs (loop2): Found nat_bits in checkpoint [ 498.761667][T14298] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 498.977192][ T60] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18 [ 499.147183][ T60] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 499.160021][ T30] audit: type=1326 audit(2000000182.767:16903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b413e80a9 code=0x7ffc0000 [ 499.186212][ T60] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 499.221951][ T60] usb 4-1: Product: syz [ 499.248127][ T60] usb 4-1: Manufacturer: syz [ 499.252656][ T60] usb 4-1: SerialNumber: syz [ 499.268521][ T30] audit: type=1326 audit(2000000182.767:16904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f1b413e80a9 code=0x7ffc0000 [ 499.330116][ T60] usb 4-1: config 0 descriptor?? [ 499.353464][ T30] audit: type=1326 audit(2000000182.767:16905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b413e80a9 code=0x7ffc0000 [ 499.430262][T14302] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 499.438215][ T30] audit: type=1326 audit(2000000182.787:16906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b413e80a9 code=0x7ffc0000 [ 499.552349][ T357] usb 3-1: new high-speed USB device number 65 using dummy_hcd [ 499.709592][ T60] usb 4-1: USB disconnect, device number 42 [ 499.797188][ T357] usb 3-1: Using ep0 maxpacket: 16 [ 499.917214][ T357] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 500.017448][ T357] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 500.032735][ T357] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 500.060192][ T357] usb 3-1: SerialNumber: syz [ 500.271425][ T30] audit: type=1326 audit(2000000183.877:16907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14338 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa2841a20a9 code=0x0 [ 500.300634][ T357] usb 3-1: USB disconnect, device number 65 [ 500.450124][T14335] loop0: detected capacity change from 0 to 131072 [ 500.509156][T14335] F2FS-fs (loop0): invalid crc value [ 500.532113][T14335] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589465964773) [ 500.569535][T14335] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 500.867177][ T357] usb 2-1: new high-speed USB device number 56 using dummy_hcd [ 500.894932][T14361] device syzkaller0 entered promiscuous mode [ 501.087223][ T1353] usb 3-1: new high-speed USB device number 66 using dummy_hcd [ 501.267198][ T357] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 501.287103][ T357] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 501.296748][ T357] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 501.305781][ T357] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.314294][ T357] usb 2-1: config 0 descriptor?? [ 501.457233][ T1353] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 501.468221][ T60] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 501.475588][ T1353] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 501.486646][ T1353] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 501.499638][ T1353] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 501.508535][ T1353] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.519508][ T1353] usb 3-1: config 0 descriptor?? [ 501.557363][T14353] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 501.877228][ T60] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18 [ 501.887651][T14351] UDC core: couldn't find an available UDC or it's busy: -16 [ 501.894899][T14351] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 501.917425][ T357] hid (null): bogus close delimiter [ 502.018106][ T1353] plantronics 0003:047F:FFFF.005B: unknown main item tag 0x0 [ 502.025670][ T1353] plantronics 0003:047F:FFFF.005B: No inputs registered, leaving [ 502.034393][ T1353] plantronics 0003:047F:FFFF.005B: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 502.057187][ T60] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 502.066344][ T60] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 502.074301][ T60] usb 4-1: Product: syz [ 502.078307][ T60] usb 4-1: Manufacturer: syz [ 502.082717][ T60] usb 4-1: SerialNumber: syz [ 502.087975][ T60] usb 4-1: config 0 descriptor?? [ 502.107224][T14367] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 502.137199][ T357] usb 2-1: language id specifier not provided by device, defaulting to English [ 502.297819][ T1353] usb 3-1: USB disconnect, device number 66 [ 502.339059][ T60] usb 4-1: USB disconnect, device number 43 [ 502.827184][ T357] uclogic 0003:256C:006D.005A: failed retrieving string descriptor #100: -71 [ 502.850946][ T357] uclogic 0003:256C:006D.005A: failed retrieving pen parameters: -71 [ 502.863702][ T357] uclogic 0003:256C:006D.005A: failed probing pen v1 parameters: -71 [ 502.871885][ T357] uclogic 0003:256C:006D.005A: failed probing parameters: -71 [ 502.879207][ T357] uclogic: probe of 0003:256C:006D.005A failed with error -71 [ 502.887424][ T357] usb 2-1: USB disconnect, device number 56 [ 502.919503][ T30] audit: type=1326 audit(2000000186.527:16908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14393 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa2841a20a9 code=0x0 [ 503.127117][ T330] usb 3-1: new high-speed USB device number 67 using dummy_hcd [ 503.367113][ T330] usb 3-1: Using ep0 maxpacket: 8 [ 503.487178][ T330] usb 3-1: config 0 has no interfaces? [ 503.494782][ T330] usb 3-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00 [ 503.520157][ T330] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 503.536302][ T330] usb 3-1: config 0 descriptor?? [ 503.779381][ T7531] usb 3-1: USB disconnect, device number 67 [ 503.805163][ T30] audit: type=1400 audit(2000000187.407:16909): avc: denied { read } for pid=14400 comm="syz-executor.3" name="usbmon0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 503.857496][ T30] audit: type=1400 audit(2000000187.407:16910): avc: denied { open } for pid=14400 comm="syz-executor.3" path="/dev/usbmon0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 503.858711][T14403] syz-executor.3[14403] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 503.894007][T14403] syz-executor.3[14403] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 504.317130][ T7531] usb 2-1: new high-speed USB device number 57 using dummy_hcd [ 504.577115][ T7531] usb 2-1: Using ep0 maxpacket: 16 [ 504.582110][ T330] usb 3-1: new high-speed USB device number 68 using dummy_hcd [ 504.867291][ T7531] usb 2-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b [ 504.876261][ T7531] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 504.884152][ T7531] usb 2-1: Product: syz [ 504.888140][ T7531] usb 2-1: Manufacturer: syz [ 504.892472][ T7531] usb 2-1: SerialNumber: syz [ 504.897647][ T7531] usb 2-1: config 0 descriptor?? [ 504.947182][ T330] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 504.958304][ T330] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 504.969375][ T330] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 504.982133][ T330] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 504.990893][ T330] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 504.999574][ T330] usb 3-1: config 0 descriptor?? [ 505.017179][T14414] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 505.147127][ T20] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 505.350709][T14424] loop0: detected capacity change from 0 to 1024 [ 505.388608][T14424] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 505.397235][ T7531] usb 2-1: MIDIStreaming interface descriptor not found [ 505.405794][ T7531] usb 2-1: USB disconnect, device number 57 [ 505.415989][T14424] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodiscard,bsddf,acl,nomblk_io_submit,debug_want_extra_isize=0x0000000000000080,jqfmt=vfsv1,nodelalloc,auto_da_alloc,norecovery,,errors=continue. Quota mode: none. [ 505.442743][T14424] EXT4-fs (loop0): can't enable nombcache during remount [ 505.478053][ T330] plantronics 0003:047F:FFFF.005C: unknown main item tag 0x0 [ 505.485541][ T330] plantronics 0003:047F:FFFF.005C: No inputs registered, leaving [ 505.499389][ T330] plantronics 0003:047F:FFFF.005C: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 505.511769][ T20] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18 [ 505.677160][ T20] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 505.696157][ T20] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 505.714106][ T20] usb 4-1: Product: syz [ 505.718118][ T20] usb 4-1: Manufacturer: syz [ 505.722505][ T20] usb 4-1: SerialNumber: syz [ 505.737790][ T20] usb 4-1: config 0 descriptor?? [ 505.757742][ T7531] usb 3-1: USB disconnect, device number 68 [ 505.769046][T14420] raw-gadget.3 gadget: fail, usb_ep_enable returned -22 [ 506.008947][ T20] usb 4-1: USB disconnect, device number 44 [ 506.317111][ T357] usb 2-1: new high-speed USB device number 58 using dummy_hcd [ 507.017256][ T357] usb 2-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 1.00 [ 507.026120][ T357] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 507.037216][ T357] usb 2-1: Product: syz [ 507.045175][ T357] usb 2-1: Manufacturer: syz [ 507.054180][ T357] usb 2-1: SerialNumber: syz [ 507.065546][ T357] usb 2-1: config 0 descriptor?? [ 507.107739][ T357] usb-storage 2-1:0.0: USB Mass Storage device detected [ 507.240404][T14463] loop2: detected capacity change from 0 to 512 [ 507.303474][T14463] EXT4-fs (loop2): orphan cleanup on readonly fs [ 507.313475][ T357] usb 2-1: USB disconnect, device number 58 [ 507.324489][T14463] EXT4-fs (loop2): 1 orphan inode deleted [ 507.347236][T14463] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 507.964508][T14467] loop2: detected capacity change from 0 to 131072 [ 508.017998][T14467] F2FS-fs (loop2): Invalid log sectors per block(3) log sectorsize(12) [ 508.026203][T14467] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 508.043831][T14467] F2FS-fs (loop2): Found nat_bits in checkpoint [ 508.080665][ T30] audit: type=1326 audit(2000000191.687:16911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14476 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1b413e80a9 code=0x0 [ 508.120007][T14467] F2FS-fs (loop2): recover fsync data on readonly fs [ 508.136949][T14467] F2FS-fs (loop2): Try to recover 1th superblock, ret: -30 [ 508.144055][T14467] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 508.164778][ T30] audit: type=1400 audit(2000000191.767:16912): avc: denied { read } for pid=14465 comm="syz-executor.2" name="file1" dev="loop2" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 508.200281][ T30] audit: type=1326 audit(2000000191.797:16913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14476 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1b413e80a9 code=0x0 [ 508.513862][T14486] loop2: detected capacity change from 0 to 512 [ 508.549095][T14486] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 508.562156][T14486] ext4 filesystem being mounted at /root/syzkaller-testdir2337908136/syzkaller.agJAr4/203/file0 supports timestamps until 2038 (0x7fffffff) [ 508.666017][ T30] audit: type=1326 audit(2000000192.267:16914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14493 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a08fe10a9 code=0x7ffc0000 [ 508.700473][ T30] audit: type=1326 audit(2000000192.267:16915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14493 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a08fe10a9 code=0x7ffc0000 [ 508.755923][ T30] audit: type=1326 audit(2000000192.277:16916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14493 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f2a08fe10a9 code=0x7ffc0000 [ 508.779984][ T30] audit: type=1326 audit(2000000192.277:16917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14493 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a08fe10a9 code=0x7ffc0000 [ 508.804359][ T30] audit: type=1326 audit(2000000192.277:16918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14493 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a08fe10a9 code=0x7ffc0000 [ 508.853583][T14500] loop2: detected capacity change from 0 to 512 [ 508.922082][T14500] EXT4-fs (loop2): orphan cleanup on readonly fs [ 508.938670][T14503] device pim6reg1 entered promiscuous mode [ 508.946889][T14500] EXT4-fs (loop2): 1 orphan inode deleted [ 508.964862][T14500] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 509.010145][T14509] loop1: detected capacity change from 0 to 512 [ 509.028353][T14509] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 509.056187][T14509] EXT4-fs (loop1): 1 truncate cleaned up [ 509.062720][T14509] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 509.349491][T14518] loop1: detected capacity change from 0 to 256 [ 509.422317][T14518] FAT-fs (loop1): Directory bread(block 64) failed [ 509.428996][T14518] FAT-fs (loop1): Directory bread(block 65) failed [ 509.435396][T14518] FAT-fs (loop1): Directory bread(block 66) failed [ 509.441979][T14518] FAT-fs (loop1): Directory bread(block 67) failed [ 509.449985][T14518] FAT-fs (loop1): Directory bread(block 68) failed [ 509.456420][T14518] FAT-fs (loop1): Directory bread(block 69) failed [ 509.462759][T14518] FAT-fs (loop1): Directory bread(block 70) failed [ 509.469098][T14518] FAT-fs (loop1): Directory bread(block 71) failed [ 509.475489][T14518] FAT-fs (loop1): Directory bread(block 72) failed [ 509.481857][T14518] FAT-fs (loop1): Directory bread(block 73) failed [ 509.519130][T14524] incfs: Options parsing error. -22 [ 509.524315][T14524] incfs: mount failed -22 [ 509.602934][T14531] device pim6reg1 entered promiscuous mode [ 509.671460][T14533] syz-executor.1[14533] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 509.671542][T14533] syz-executor.1[14533] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 509.837115][ T7531] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 509.865953][T14537] overlayfs: failed to resolve './file0': -2 [ 510.227389][ T7531] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 510.317109][ T60] usb 3-1: new high-speed USB device number 69 using dummy_hcd [ 510.437199][ T7531] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 510.453187][ T7531] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 510.468712][ T7531] usb 4-1: Product: syz [ 510.477049][ T7531] usb 4-1: Manufacturer: syz [ 510.486869][ T7531] usb 4-1: SerialNumber: syz [ 510.496340][ T7531] usb 4-1: config 0 descriptor?? [ 510.677174][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 510.696752][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 510.723774][ T60] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 510.756509][ T60] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 510.779034][ T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 510.787531][ T7531] snd-usb-audio: probe of 4-1:0.0 failed with error -2 [ 510.794846][ T7531] usb 4-1: USB disconnect, device number 45 [ 510.800928][ T60] usb 3-1: config 0 descriptor?? [ 511.057121][ T20] usb 2-1: new high-speed USB device number 59 using dummy_hcd [ 511.210332][T14556] loop0: detected capacity change from 0 to 512 [ 511.248766][T14556] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 511.261151][T14556] ext4 filesystem being mounted at /root/syzkaller-testdir2011043667/syzkaller.rpOMsQ/231/file0 supports timestamps until 2038 (0x7fffffff) [ 511.278058][ T60] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0 [ 511.285276][ T60] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0 [ 511.310657][ T60] plantronics 0003:047F:FFFF.005D: No inputs registered, leaving [ 511.328839][ T60] plantronics 0003:047F:FFFF.005D: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 511.347140][ T20] usb 2-1: Using ep0 maxpacket: 16 [ 511.385919][T14564] loop0: detected capacity change from 0 to 256 [ 511.442195][T14564] FAT-fs (loop0): Directory bread(block 64) failed [ 511.457159][T14564] FAT-fs (loop0): Directory bread(block 65) failed [ 511.463529][T14564] FAT-fs (loop0): Directory bread(block 66) failed [ 511.469965][ T20] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 511.497156][T14564] FAT-fs (loop0): Directory bread(block 67) failed [ 511.507226][T14564] FAT-fs (loop0): Directory bread(block 68) failed [ 511.513780][T14564] FAT-fs (loop0): Directory bread(block 69) failed [ 511.523901][T14564] FAT-fs (loop0): Directory bread(block 70) failed [ 511.533966][T14564] FAT-fs (loop0): Directory bread(block 71) failed [ 511.540331][T14564] FAT-fs (loop0): Directory bread(block 72) failed [ 511.547704][T14564] FAT-fs (loop0): Directory bread(block 73) failed [ 511.556972][ T330] usb 3-1: USB disconnect, device number 69 [ 511.587180][ T20] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 511.599370][ T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 511.617216][ T20] usb 2-1: SerialNumber: syz [ 511.657732][ T20] cdc_acm 2-1:1.0: skipping garbage [ 511.858294][ T60] usb 2-1: USB disconnect, device number 59 [ 512.222595][T14572] bridge0: port 1(bridge_slave_0) entered blocking state [ 512.229587][T14572] bridge0: port 1(bridge_slave_0) entered disabled state [ 512.237021][T14572] device bridge_slave_0 entered promiscuous mode [ 512.244178][T14572] bridge0: port 2(bridge_slave_1) entered blocking state [ 512.251549][T14572] bridge0: port 2(bridge_slave_1) entered disabled state [ 512.259387][T14572] device bridge_slave_1 entered promiscuous mode [ 512.351530][T14572] bridge0: port 2(bridge_slave_1) entered blocking state [ 512.358416][T14572] bridge0: port 2(bridge_slave_1) entered forwarding state [ 512.365511][T14572] bridge0: port 1(bridge_slave_0) entered blocking state [ 512.372291][T14572] bridge0: port 1(bridge_slave_0) entered forwarding state [ 512.430122][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 512.439587][ T330] bridge0: port 1(bridge_slave_0) entered disabled state [ 512.497732][ T330] bridge0: port 2(bridge_slave_1) entered disabled state [ 512.718136][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 512.726390][ T330] bridge0: port 1(bridge_slave_0) entered blocking state [ 512.734935][ T330] bridge0: port 1(bridge_slave_0) entered forwarding state [ 512.757286][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 512.765480][ T330] bridge0: port 2(bridge_slave_1) entered blocking state [ 512.772337][ T330] bridge0: port 2(bridge_slave_1) entered forwarding state [ 512.787234][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 512.805329][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 512.817893][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 512.829134][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 512.837373][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 512.844704][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 512.856699][T14572] device veth0_vlan entered promiscuous mode [ 512.869256][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 512.879306][T14572] device veth1_macvtap entered promiscuous mode [ 512.890503][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 512.904471][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 513.039778][T14588] loop2: detected capacity change from 0 to 256 [ 513.118394][ T469] device bridge_slave_1 left promiscuous mode [ 513.125528][ T469] bridge0: port 2(bridge_slave_1) entered disabled state [ 513.139823][ T469] device veth1_macvtap left promiscuous mode [ 513.150815][ T469] device veth0_vlan left promiscuous mode [ 513.697249][ T357] usb 2-1: new high-speed USB device number 60 using dummy_hcd [ 513.958124][T14597] loop2: detected capacity change from 0 to 1024 [ 513.998073][T14597] EXT4-fs (loop2): Ignoring removed orlov option [ 514.004250][T14597] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 514.019004][T14597] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 514.084491][T14572] EXT4-fs error (device loop2): ext4_free_inode:355: comm syz-executor.2: bit already cleared for inode 11 [ 514.096760][T14572] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 514.097189][ T357] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 514.106447][T14572] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 514.124594][T14572] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 514.134001][T14572] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 514.136037][ T357] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 514.152026][ T357] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 514.165001][T14572] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 514.167177][ T20] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 514.173513][ T357] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10 [ 514.189820][T14572] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 514.198303][ T357] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 514.208693][ T357] usb 2-1: config 0 descriptor?? [ 514.213730][T14572] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 514.330111][ T469] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 514.338951][ T469] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 514.408688][T14607] loop2: detected capacity change from 0 to 256 [ 514.428405][T14607] exfat: Deprecated parameter 'namecase' [ 514.433904][T14607] exfat: Deprecated parameter 'utf8' [ 514.442552][T14607] exfat: Deprecated parameter 'namecase' [ 514.451675][T14607] exfat: Deprecated parameter 'utf8' [ 514.459073][T14607] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0x01284b2f, utbl_chksum : 0xe619d30d) [ 514.492151][ T469] tipc: Left network mode [ 514.552996][ T30] audit: type=1400 audit(2000000198.157:16919): avc: denied { rmdir } for pid=14572 comm="syz-executor.2" name="file0" dev="loop2" ino=1049068 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 514.577236][ T20] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 514.597105][ T20] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 514.616098][ T20] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 514.688051][ T357] prodikeys 0003:041E:2801.005E: unknown main item tag 0x0 [ 514.695226][ T357] prodikeys 0003:041E:2801.005E: unknown main item tag 0x0 [ 514.705049][ T357] prodikeys 0003:041E:2801.005E: unknown main item tag 0x0 [ 514.726845][ T357] prodikeys 0003:041E:2801.005E: unknown main item tag 0x0 [ 514.734051][ T357] prodikeys 0003:041E:2801.005E: unknown main item tag 0x0 [ 514.744082][T14609] bridge0: port 1(bridge_slave_0) entered blocking state [ 514.751276][T14609] bridge0: port 1(bridge_slave_0) entered disabled state [ 514.758680][T14609] device bridge_slave_0 entered promiscuous mode [ 514.765825][T14609] bridge0: port 2(bridge_slave_1) entered blocking state [ 514.772860][T14609] bridge0: port 2(bridge_slave_1) entered disabled state [ 514.780579][T14609] device bridge_slave_1 entered promiscuous mode [ 514.781567][ T357] prodikeys 0003:041E:2801.005E: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.1-1/input0 [ 514.827241][ T20] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 514.840192][ T20] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 514.849510][ T20] usb 4-1: Product: syz [ 514.853499][ T20] usb 4-1: Manufacturer: syz [ 514.857976][ T20] usb 4-1: SerialNumber: syz [ 514.907678][ T20] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found [ 514.911093][T14619] loop0: detected capacity change from 0 to 256 [ 514.920407][ T20] cdc_ncm 4-1:1.0: bind() failure [ 514.928479][ T357] usb 2-1: USB disconnect, device number 60 [ 514.959160][T14609] bridge0: port 2(bridge_slave_1) entered blocking state [ 514.966018][T14609] bridge0: port 2(bridge_slave_1) entered forwarding state [ 514.973171][T14609] bridge0: port 1(bridge_slave_0) entered blocking state [ 514.980022][T14609] bridge0: port 1(bridge_slave_0) entered forwarding state [ 515.007888][T14619] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 515.039781][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 515.047875][T14619] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 515.058892][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 515.117836][ T20] usb 4-1: USB disconnect, device number 46 [ 515.127300][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 515.151758][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 515.167579][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 515.174867][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 515.184869][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 515.193736][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 515.200593][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 515.207856][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 515.229660][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 515.255385][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 515.279230][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 515.300823][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 515.325088][ T469] device bridge_slave_1 left promiscuous mode [ 515.333405][ T469] bridge0: port 2(bridge_slave_1) entered disabled state [ 515.354230][ T469] device bridge_slave_0 left promiscuous mode [ 515.371194][ T469] bridge0: port 1(bridge_slave_0) entered disabled state [ 515.399387][ T469] device veth1_macvtap left promiscuous mode [ 515.420724][ T469] device veth0_vlan left promiscuous mode [ 515.641677][T14609] device veth0_vlan entered promiscuous mode [ 515.649069][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 515.657010][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 515.683135][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 515.708490][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 515.723340][T14609] device veth1_macvtap entered promiscuous mode [ 515.749992][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 515.761409][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 515.790814][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 515.819625][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 515.834303][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 515.903340][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 515.921686][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 516.246480][T14636] loop4: detected capacity change from 0 to 1024 [ 516.292766][T14636] EXT4-fs (loop4): Ignoring removed orlov option [ 516.307162][T14636] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 516.343890][T14636] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 516.396497][ T30] audit: type=1326 audit(2000000199.997:16920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd14318b0a9 code=0x7ffc0000 [ 516.457428][ T30] audit: type=1326 audit(2000000199.997:16921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd14318b0a9 code=0x7ffc0000 [ 516.481607][ T30] audit: type=1326 audit(2000000200.027:16922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd14318b0a9 code=0x7ffc0000 [ 516.507932][ T30] audit: type=1326 audit(2000000200.027:16923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd14318b0a9 code=0x7ffc0000 [ 516.534644][T14652] loop2: detected capacity change from 0 to 512 [ 516.541115][ T30] audit: type=1326 audit(2000000200.027:16924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd14318b0a9 code=0x7ffc0000 [ 516.568877][ T30] audit: type=1326 audit(2000000200.027:16925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd14318b0a9 code=0x7ffc0000 [ 516.593405][ T30] audit: type=1326 audit(2000000200.027:16926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd14318b0a9 code=0x7ffc0000 [ 516.622381][T14609] EXT4-fs error (device loop4): ext4_free_inode:355: comm syz-executor.4: bit already cleared for inode 11 [ 516.635184][T14609] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 516.644347][ T30] audit: type=1326 audit(2000000200.027:16927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd14318b0a9 code=0x7ffc0000 [ 516.686627][T14652] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz-executor.2: casefold flag without casefold feature [ 516.716917][T14652] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.2: missing EA_INODE flag [ 516.721069][ T30] audit: type=1326 audit(2000000200.027:16928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14643 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd14318b0a9 code=0x7ffc0000 [ 516.750461][T14652] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 2 err=-117 [ 516.757338][T14609] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 516.765226][T14652] EXT4-fs (loop2): 1 orphan inode deleted [ 516.779015][T14652] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 516.797653][T14609] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 516.819412][T14609] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 516.847684][T14609] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 516.863791][T14624] loop1: detected capacity change from 0 to 131072 [ 516.865123][T14662] loop2: detected capacity change from 0 to 256 [ 516.870498][T14609] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 516.889805][T14609] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 516.918560][T14624] F2FS-fs (loop1): Invalid log sectors per block(3) log sectorsize(12) [ 516.929333][T14624] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 516.946304][T14624] F2FS-fs (loop1): Found nat_bits in checkpoint [ 516.967917][T14673] loop4: detected capacity change from 0 to 256 [ 516.988983][T14624] F2FS-fs (loop1): recover fsync data on readonly fs [ 516.995841][T14624] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30 [ 517.003290][T14624] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 517.004038][T14673] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 517.037733][T14673] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 517.197108][ T342] usb 3-1: new high-speed USB device number 70 using dummy_hcd [ 517.437135][ T342] usb 3-1: Using ep0 maxpacket: 8 [ 517.468760][T14687] loop1: detected capacity change from 0 to 1024 [ 517.521870][T14687] EXT4-fs (loop1): Ignoring removed orlov option [ 517.530293][T14687] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 517.557225][ T342] usb 3-1: config 135 has an invalid interface number: 230 but max is 0 [ 517.568736][ T342] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 517.585124][T14687] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 517.587564][ T342] usb 3-1: config 135 has no interface number 0 [ 517.660702][ T342] usb 3-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 517.697657][T11993] EXT4-fs error (device loop1): ext4_free_inode:355: comm syz-executor.1: bit already cleared for inode 11 [ 517.709656][T11993] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem [ 517.718485][T11993] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem [ 517.727321][T11993] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem [ 517.736149][T11993] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem [ 517.746002][T11993] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem [ 517.754958][T11993] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem [ 517.764089][T11993] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem [ 517.827230][ T342] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 517.836501][ T342] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 517.849362][ T342] usb 3-1: Product: syz [ 517.853421][ T342] usb 3-1: Manufacturer: syz [ 517.867157][ T342] usb 3-1: SerialNumber: syz [ 517.992048][T14709] loop1: detected capacity change from 0 to 1024 [ 518.076764][T14709] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,noinit_itable,,errors=continue. Quota mode: none. [ 518.138309][ T342] usb 3-1: USB disconnect, device number 70 [ 518.186975][T14724] loop1: detected capacity change from 0 to 128 [ 518.267109][ T20] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 518.342969][T14720] loop4: detected capacity change from 0 to 40427 [ 518.405120][T14720] F2FS-fs (loop4): invalid crc value [ 518.581456][T14720] F2FS-fs (loop4): Found nat_bits in checkpoint [ 518.636735][T14720] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 518.643574][T14720] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 518.717130][ T20] usb 4-1: Using ep0 maxpacket: 16 [ 519.137350][ T20] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 519.158700][T14741] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 519.207653][T14609] attempt to access beyond end of device [ 519.207653][T14609] loop4: rw=2049, want=45128, limit=40427 [ 519.247174][ T20] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 519.260550][ T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 519.288157][ T20] usb 4-1: SerialNumber: syz [ 519.357479][ T20] cdc_acm 4-1:1.0: skipping garbage [ 519.496848][T14751] loop1: detected capacity change from 0 to 256 [ 519.559005][T14753] loop4: detected capacity change from 0 to 512 [ 519.568141][ T20] usb 4-1: USB disconnect, device number 47 [ 519.862820][T14753] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.4: inline data xattr refers to an external xattr inode [ 519.925375][T14753] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz-executor.4: couldn't read orphan inode 12 (err -117) [ 520.014434][T14753] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,max_dir_size_kb=0x0000000000001c2e,min_batch_time=0x00000000000005c9,resuid=0x0000000000000000,prjquota,debug_want_extra_isize=0x0000000000000008,block_validity,resgid=0x00000000000000,errors=continue. Quota mode: writeback. [ 520.194625][T14770] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 520.397464][T14789] loop2: detected capacity change from 0 to 512 [ 520.431620][T14789] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 520.468771][T14789] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 520.483521][T14789] EXT4-fs (loop2): 1 truncate cleaned up [ 520.490170][T14789] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodelalloc,block_validity,sysvgroups,,errors=continue. Quota mode: writeback. [ 520.537122][ T7531] usb 5-1: new high-speed USB device number 61 using dummy_hcd [ 520.570399][T14790] bridge0: port 1(bridge_slave_0) entered blocking state [ 520.577997][T14790] bridge0: port 1(bridge_slave_0) entered disabled state [ 520.585370][T14790] device bridge_slave_0 entered promiscuous mode [ 520.592629][T14790] bridge0: port 2(bridge_slave_1) entered blocking state [ 520.599487][T14790] bridge0: port 2(bridge_slave_1) entered disabled state [ 520.607131][T14790] device bridge_slave_1 entered promiscuous mode [ 520.688190][T14799] 9pnet: Insufficient options for proto=fd [ 520.944384][T14790] bridge0: port 2(bridge_slave_1) entered blocking state [ 520.951276][T14790] bridge0: port 2(bridge_slave_1) entered forwarding state [ 520.958405][T14790] bridge0: port 1(bridge_slave_0) entered blocking state [ 520.965380][T14790] bridge0: port 1(bridge_slave_0) entered forwarding state [ 520.977139][ T20] usb 2-1: new high-speed USB device number 61 using dummy_hcd [ 520.992608][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 521.001036][ T357] bridge0: port 1(bridge_slave_0) entered disabled state [ 521.010916][ T357] bridge0: port 2(bridge_slave_1) entered disabled state [ 521.027434][ T7531] usb 5-1: Using ep0 maxpacket: 32 [ 521.043646][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 521.051773][ T330] bridge0: port 1(bridge_slave_0) entered blocking state [ 521.058637][ T330] bridge0: port 1(bridge_slave_0) entered forwarding state [ 521.066342][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 521.074565][ T330] bridge0: port 2(bridge_slave_1) entered blocking state [ 521.081616][ T330] bridge0: port 2(bridge_slave_1) entered forwarding state [ 521.089882][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 521.110062][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 521.118551][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 521.131203][T14790] device veth0_vlan entered promiscuous mode [ 521.138933][ T9325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 521.146737][ T9325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 521.154164][ T9325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 521.167266][ T7531] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 521.182319][T14790] device veth1_macvtap entered promiscuous mode [ 521.188455][ T7531] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 521.199330][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 521.207122][ T7531] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 521.218983][ T7531] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 521.225942][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 521.227455][ T7531] usb 5-1: config 0 descriptor?? [ 521.239515][ T20] usb 2-1: Using ep0 maxpacket: 16 [ 521.251042][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 521.277358][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 521.285535][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 521.307900][ T469] device bridge_slave_1 left promiscuous mode [ 521.313934][ T469] bridge0: port 2(bridge_slave_1) entered disabled state [ 521.321681][ T469] device bridge_slave_0 left promiscuous mode [ 521.330785][T14805] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14805 comm=syz-executor.3 [ 521.343713][ T469] bridge0: port 1(bridge_slave_0) entered disabled state [ 521.351899][ T469] device veth1_macvtap left promiscuous mode [ 521.359201][ T469] device veth0_vlan left promiscuous mode [ 521.505875][T14817] loop2: detected capacity change from 0 to 256 [ 521.537253][ T20] usb 2-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b [ 521.547336][ T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 521.555308][ T20] usb 2-1: Product: syz [ 521.559717][ T20] usb 2-1: Manufacturer: syz [ 521.564118][ T20] usb 2-1: SerialNumber: syz [ 521.570573][ T20] usb 2-1: config 0 descriptor?? [ 522.595844][T14833] device pim6reg1 entered promiscuous mode [ 522.927195][ T20] usb 2-1: MIDIStreaming interface descriptor not found [ 522.948361][ T20] usb 2-1: USB disconnect, device number 61 [ 522.986840][T14838] loop2: detected capacity change from 0 to 512 [ 523.048136][T14838] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 523.107267][T14838] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 523.125067][T14838] EXT4-fs (loop2): 1 truncate cleaned up [ 523.130854][T14838] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodelalloc,block_validity,sysvgroups,,errors=continue. Quota mode: writeback. [ 523.334224][T14843] 9pnet: Insufficient options for proto=fd [ 523.547680][T14846] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14846 comm=syz-executor.1 [ 523.766148][ T30] kauditd_printk_skb: 16 callbacks suppressed [ 523.766284][ T30] audit: type=1326 audit(2000000207.337:16945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14845 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c15fec0a9 code=0x7ffc0000 [ 523.873434][ T30] audit: type=1326 audit(2000000207.337:16946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14845 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c15fec0a9 code=0x7ffc0000 [ 523.899152][ T30] audit: type=1326 audit(2000000207.337:16947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14845 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f9c15fec0a9 code=0x7ffc0000 [ 523.935550][ T30] audit: type=1326 audit(2000000207.337:16948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14845 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c15fec0a9 code=0x7ffc0000 [ 523.975808][ T30] audit: type=1326 audit(2000000207.337:16949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14845 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c15fec0a9 code=0x7ffc0000 [ 524.000240][ T30] audit: type=1326 audit(2000000207.337:16950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14845 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f9c15fec0a9 code=0x7ffc0000 [ 524.024579][ T30] audit: type=1326 audit(2000000207.337:16951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14845 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c15fec0a9 code=0x7ffc0000 [ 524.049214][ T30] audit: type=1326 audit(2000000207.347:16952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14845 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c15fec0a9 code=0x7ffc0000 [ 524.073697][ T30] audit: type=1326 audit(2000000207.347:16953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14845 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9c15fec0a9 code=0x7ffc0000 [ 524.121769][ T30] audit: type=1326 audit(2000000207.347:16954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14845 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c15fec0a9 code=0x7ffc0000 [ 524.175191][ T20] usb 5-1: USB disconnect, device number 61 [ 524.273923][T14876] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14876 comm=syz-executor.4 [ 524.439725][T14888] loop4: detected capacity change from 0 to 512 [ 524.486636][T14892] device pim6reg1 entered promiscuous mode [ 524.489523][T14882] loop0: detected capacity change from 0 to 40427 [ 524.507564][ T333] usb 3-1: new high-speed USB device number 71 using dummy_hcd [ 524.508159][T14888] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 524.529323][T14888] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 524.545767][T14882] F2FS-fs (loop0): invalid crc value [ 524.551640][T14888] EXT4-fs (loop4): 1 truncate cleaned up [ 524.557230][T14888] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodelalloc,block_validity,sysvgroups,,errors=continue. Quota mode: writeback. [ 524.578105][T14882] F2FS-fs (loop0): Found nat_bits in checkpoint [ 524.668678][T14882] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 524.675527][T14882] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 524.711261][T11289] attempt to access beyond end of device [ 524.711261][T11289] loop0: rw=524288, want=45072, limit=40427 [ 524.787717][T14904] 9pnet: Insufficient options for proto=fd [ 524.807425][T11289] attempt to access beyond end of device [ 524.807425][T11289] loop0: rw=0, want=45072, limit=40427 [ 525.042979][ T469] attempt to access beyond end of device [ 525.042979][ T469] loop0: rw=2049, want=45120, limit=40427 [ 525.057125][ T333] usb 3-1: Using ep0 maxpacket: 16 [ 525.068353][T14908] loop1: detected capacity change from 0 to 512 [ 525.113915][T14908] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 525.145289][T14908] ext4 filesystem being mounted at /root/syzkaller-testdir1235522320/syzkaller.VY8UT7/204/file0 supports timestamps until 2038 (0x7fffffff) [ 525.169127][T14908] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 525.187666][T14908] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28 [ 525.225237][T14908] EXT4-fs (loop1): This should not happen!! Data will be lost [ 525.225237][T14908] [ 525.266885][T14908] EXT4-fs (loop1): Total free blocks count 0 [ 525.307159][T14908] EXT4-fs (loop1): Free/Dirty block details [ 525.316144][T14908] EXT4-fs (loop1): free_blocks=65280 [ 525.325820][T14908] EXT4-fs (loop1): dirty_blocks=32 [ 525.330774][T14908] EXT4-fs (loop1): Block reservation details [ 525.345218][T14908] EXT4-fs (loop1): i_reserved_data_blocks=32 [ 525.357565][ T333] usb 3-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b [ 525.390283][T14911] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 31 with error 28 [ 525.417311][ T333] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 525.417718][T14911] EXT4-fs (loop1): This should not happen!! Data will be lost [ 525.417718][T14911] [ 525.434692][ T333] usb 3-1: Product: syz [ 525.447235][ T333] usb 3-1: Manufacturer: syz [ 525.457142][ T333] usb 3-1: SerialNumber: syz [ 525.468005][ T333] usb 3-1: config 0 descriptor?? [ 525.502157][T14916] loop4: detected capacity change from 0 to 128 [ 525.599802][T14917] bridge0: port 1(bridge_slave_0) entered blocking state [ 525.606675][T14917] bridge0: port 1(bridge_slave_0) entered disabled state [ 525.692722][T14917] device bridge_slave_0 entered promiscuous mode [ 525.710130][T14917] bridge0: port 2(bridge_slave_1) entered blocking state [ 525.719125][T14917] bridge0: port 2(bridge_slave_1) entered disabled state [ 525.726450][T14917] device bridge_slave_1 entered promiscuous mode [ 525.778042][ T469] device bridge_slave_1 left promiscuous mode [ 525.784544][ T469] bridge0: port 2(bridge_slave_1) entered disabled state [ 525.925966][ T469] device bridge_slave_0 left promiscuous mode [ 525.950343][ T469] bridge0: port 1(bridge_slave_0) entered disabled state [ 526.007272][ T333] usb 3-1: MIDIStreaming interface descriptor not found [ 526.011559][ T357] usb 2-1: new full-speed USB device number 62 using dummy_hcd [ 526.018080][ T333] usb 3-1: USB disconnect, device number 71 [ 526.027277][ T469] device veth1_macvtap left promiscuous mode [ 526.033125][ T469] device veth0_vlan left promiscuous mode [ 526.276950][T14917] bridge0: port 2(bridge_slave_1) entered blocking state [ 526.283853][T14917] bridge0: port 2(bridge_slave_1) entered forwarding state [ 526.290965][T14917] bridge0: port 1(bridge_slave_0) entered blocking state [ 526.297812][T14917] bridge0: port 1(bridge_slave_0) entered forwarding state [ 526.346970][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 526.355405][ T333] bridge0: port 1(bridge_slave_0) entered disabled state [ 526.363014][ T333] bridge0: port 2(bridge_slave_1) entered disabled state [ 526.417348][ T357] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 526.433645][T14934] overlayfs: failed to resolve './file2': -2 [ 526.504068][ T357] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 526.584431][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 526.592801][ T333] bridge0: port 1(bridge_slave_0) entered blocking state [ 526.599664][ T333] bridge0: port 1(bridge_slave_0) entered forwarding state [ 526.602762][ T357] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 526.607210][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 526.627726][ T333] bridge0: port 2(bridge_slave_1) entered blocking state [ 526.634568][ T333] bridge0: port 2(bridge_slave_1) entered forwarding state [ 526.672218][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 526.680518][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 526.688479][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 526.696409][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 526.717190][ T357] usb 2-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 526.730650][T14917] device veth0_vlan entered promiscuous mode [ 526.736519][ T357] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 526.749586][ T357] usb 2-1: SerialNumber: syz [ 526.756712][T14917] device veth1_macvtap entered promiscuous mode [ 526.766774][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 526.775925][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 526.784652][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 526.792222][T14927] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 526.799350][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 526.806871][T14927] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 526.816246][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 526.824500][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 526.832600][ T357] hub 2-1:1.0: bad descriptor, ignoring hub [ 526.838708][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 526.845918][ T357] hub: probe of 2-1:1.0 failed with error -5 [ 526.868507][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 526.882427][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 526.896771][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 526.905371][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 526.913579][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 526.921716][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 526.955418][T14948] x_tables: duplicate underflow at hook 2 [ 527.005036][T14946] loop2: detected capacity change from 0 to 40427 [ 527.032974][T14927] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 527.040076][T14927] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 527.049929][T14946] F2FS-fs (loop2): invalid crc value [ 527.056615][T14946] F2FS-fs (loop2): Found nat_bits in checkpoint [ 527.203763][T14946] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 527.224807][T14946] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 527.375869][T14960] device syzkaller0 entered promiscuous mode [ 527.404177][T14572] attempt to access beyond end of device [ 527.404177][T14572] loop2: rw=524288, want=45072, limit=40427 [ 527.466672][T14572] attempt to access beyond end of device [ 527.466672][T14572] loop2: rw=0, want=45072, limit=40427 [ 527.484228][ T357] cdc_ether 2-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.1-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 527.665276][ T469] attempt to access beyond end of device [ 527.665276][ T469] loop2: rw=2049, want=45120, limit=40427 [ 528.121553][T14966] loop0: detected capacity change from 0 to 40427 [ 528.148258][T14966] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 528.167332][T14966] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 528.176594][T14966] F2FS-fs (loop0): invalid crc value [ 528.203145][T14966] F2FS-fs (loop0): Found nat_bits in checkpoint [ 528.265084][T14988] loop4: detected capacity change from 0 to 512 [ 528.277555][T14966] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 528.284412][T14966] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 528.292773][ T469] device bridge_slave_1 left promiscuous mode [ 528.299999][ T469] bridge0: port 2(bridge_slave_1) entered disabled state [ 528.311499][T14966] attempt to access beyond end of device [ 528.311499][T14966] loop0: rw=2049, want=45208, limit=40427 [ 528.322834][ T469] device bridge_slave_0 left promiscuous mode [ 528.329414][ T469] bridge0: port 1(bridge_slave_0) entered disabled state [ 528.337876][ T469] device veth1_macvtap left promiscuous mode [ 528.344110][ T469] device veth0_vlan left promiscuous mode [ 528.363278][T14988] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 528.387261][T14988] ext4 filesystem being mounted at /root/syzkaller-testdir1144399346/syzkaller.Jti2SU/30/file0 supports timestamps until 2038 (0x7fffffff) [ 528.416509][T14988] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 528.431139][ T342] usb 4-1: new high-speed USB device number 48 using dummy_hcd [ 528.439233][T14988] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28 [ 528.467988][T14988] EXT4-fs (loop4): This should not happen!! Data will be lost [ 528.467988][T14988] [ 528.501014][T14988] EXT4-fs (loop4): Total free blocks count 0 [ 528.522687][T14988] EXT4-fs (loop4): Free/Dirty block details [ 528.536629][T14988] EXT4-fs (loop4): free_blocks=65280 [ 528.548406][T14988] EXT4-fs (loop4): dirty_blocks=32 [ 528.568912][T14988] EXT4-fs (loop4): Block reservation details [ 528.577120][T14988] EXT4-fs (loop4): i_reserved_data_blocks=32 [ 528.587726][T14993] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 31 with error 28 [ 528.624470][T14997] loop0: detected capacity change from 0 to 256 [ 528.627226][T14993] EXT4-fs (loop4): This should not happen!! Data will be lost [ 528.627226][T14993] [ 528.651357][T14984] bridge0: port 1(bridge_slave_0) entered blocking state [ 528.674519][T14984] bridge0: port 1(bridge_slave_0) entered disabled state [ 528.677159][ T342] usb 4-1: Using ep0 maxpacket: 16 [ 528.682317][T14984] device bridge_slave_0 entered promiscuous mode [ 528.694793][T14984] bridge0: port 2(bridge_slave_1) entered blocking state [ 528.702153][T14984] bridge0: port 2(bridge_slave_1) entered disabled state [ 528.709522][T14984] device bridge_slave_1 entered promiscuous mode [ 528.732836][T15002] tmpfs: Unknown parameter 'r' [ 528.765474][T15004] loop0: detected capacity change from 0 to 256 [ 528.853802][ T30] kauditd_printk_skb: 89 callbacks suppressed [ 528.853818][ T30] audit: type=1326 audit(2000000212.457:17044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15005 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbccb1640a9 code=0x7ffc0000 [ 528.867892][T15004] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 528.905875][ T30] audit: type=1326 audit(2000000212.487:17045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15005 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbccb1640a9 code=0x7ffc0000 [ 528.916370][T14984] bridge0: port 2(bridge_slave_1) entered blocking state [ 528.936705][T14984] bridge0: port 2(bridge_slave_1) entered forwarding state [ 528.943880][T14984] bridge0: port 1(bridge_slave_0) entered blocking state [ 528.950742][T14984] bridge0: port 1(bridge_slave_0) entered forwarding state [ 528.961107][ T30] audit: type=1326 audit(2000000212.507:17046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15005 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbccb1640a9 code=0x7ffc0000 [ 528.985703][T15004] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 528.985752][ T30] audit: type=1326 audit(2000000212.507:17047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15005 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbccb1640a9 code=0x7ffc0000 [ 529.018399][ T342] usb 4-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b [ 529.022300][ T30] audit: type=1326 audit(2000000212.537:17048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15005 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbccb1640a9 code=0x7ffc0000 [ 529.054033][ T342] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 529.067028][ T30] audit: type=1326 audit(2000000212.547:17049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15005 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbccb1640a9 code=0x7ffc0000 [ 529.091706][ T342] usb 4-1: Product: syz [ 529.093460][ T30] audit: type=1326 audit(2000000212.547:17050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15005 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbccb161827 code=0x7ffc0000 [ 529.107142][ T342] usb 4-1: Manufacturer: syz [ 529.140099][ T30] audit: type=1326 audit(2000000212.547:17051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15005 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbccb1274e9 code=0x7ffc0000 [ 529.177345][ T7531] usb 2-1: USB disconnect, device number 62 [ 529.194991][ T7531] cdc_ether 2-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.1-1, CDC Ethernet Device [ 529.196245][T14984] device veth0_vlan entered promiscuous mode [ 529.210569][ T342] usb 4-1: SerialNumber: syz [ 529.216231][ T342] usb 4-1: config 0 descriptor?? [ 529.222724][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 529.227318][ T30] audit: type=1326 audit(2000000212.547:17052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15005 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbccb161827 code=0x7ffc0000 [ 529.237883][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 529.287132][ T30] audit: type=1326 audit(2000000212.547:17053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15005 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbccb1274e9 code=0x7ffc0000 [ 529.598002][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 529.606008][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 529.627601][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 529.635940][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 529.636916][T15008] loop1: detected capacity change from 0 to 40427 [ 529.643787][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 529.667462][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 529.674809][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 529.686077][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 529.709821][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 529.728198][T15008] F2FS-fs (loop1): Found nat_bits in checkpoint [ 529.728321][T14984] device veth1_macvtap entered promiscuous mode [ 529.776846][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 529.785187][T10333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 529.803974][T15008] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 529.818819][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 529.827587][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 529.828473][T15007] attempt to access beyond end of device [ 529.828473][T15007] loop1: rw=10241, want=53256, limit=40427 [ 529.846997][T15008] attempt to access beyond end of device [ 529.846997][T15008] loop1: rw=2049, want=53256, limit=40427 [ 529.857270][ T342] usb 4-1: MIDIStreaming interface descriptor not found [ 529.870335][T15021] loop2: detected capacity change from 0 to 128 [ 529.877112][ T9325] usb 5-1: new high-speed USB device number 62 using dummy_hcd [ 529.878345][ T342] usb 4-1: USB disconnect, device number 48 [ 529.884816][T11993] attempt to access beyond end of device [ 529.884816][T11993] loop1: rw=2049, want=45104, limit=40427 [ 530.266719][T15027] loop1: detected capacity change from 0 to 256 [ 530.364087][T15023] loop0: detected capacity change from 0 to 40427 [ 530.407996][T15023] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(262146) root(3) [ 530.408074][T15031] loop1: detected capacity change from 0 to 512 [ 530.421058][T15023] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 530.433449][T15023] F2FS-fs (loop0): Found nat_bits in checkpoint [ 530.467881][T15031] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 530.478827][ T9325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 530.489828][ T9325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 530.500874][T15031] ext4 filesystem being mounted at /root/syzkaller-testdir1235522320/syzkaller.VY8UT7/210/file0 supports timestamps until 2038 (0x7fffffff) [ 530.515423][T15023] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 530.515440][ T9325] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 530.523357][T15023] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 530.554469][T15031] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 530.568815][ T9325] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 530.569031][T15031] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28 [ 530.569178][T14917] attempt to access beyond end of device [ 530.569178][T14917] loop0: rw=2049, want=45104, limit=40427 [ 530.577957][T15031] EXT4-fs (loop1): This should not happen!! Data will be lost [ 530.577957][T15031] [ 530.603451][T15031] EXT4-fs (loop1): Total free blocks count 0 [ 530.619121][T15031] EXT4-fs (loop1): Free/Dirty block details [ 530.624971][T15031] EXT4-fs (loop1): free_blocks=65280 [ 530.630210][T15031] EXT4-fs (loop1): dirty_blocks=32 [ 530.635163][T15031] EXT4-fs (loop1): Block reservation details [ 530.641049][T15031] EXT4-fs (loop1): i_reserved_data_blocks=32 [ 530.645155][ T9325] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 530.655114][T15039] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 31 with error 28 [ 530.698170][ T9325] usb 5-1: config 0 descriptor?? [ 530.717919][T15015] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 530.724724][T15039] EXT4-fs (loop1): This should not happen!! Data will be lost [ 530.724724][T15039] [ 530.767998][T15038] tmpfs: Unknown parameter 'r' [ 530.849080][T15054] loop1: detected capacity change from 0 to 128 [ 530.870422][T15056] loop2: detected capacity change from 0 to 256 [ 531.187650][T15062] xt_NFQUEUE: number of queues (17952) out of range (got 83484) [ 531.217280][T15066] device syzkaller0 entered promiscuous mode [ 531.292018][T15068] loop1: detected capacity change from 0 to 128 [ 531.378131][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.387712][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.396801][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.405529][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.412977][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.420992][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.433591][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.447470][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.462025][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.464856][T10333] usb 3-1: new high-speed USB device number 72 using dummy_hcd [ 531.489828][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.497528][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.505573][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.513645][ T9325] plantronics 0003:047F:FFFF.005F: unknown main item tag 0x0 [ 531.522346][ T9325] plantronics 0003:047F:FFFF.005F: No inputs registered, leaving [ 531.539846][ T9325] plantronics 0003:047F:FFFF.005F: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 531.837032][ T9325] usb 5-1: USB disconnect, device number 62 [ 531.857174][T10333] usb 3-1: Using ep0 maxpacket: 16 [ 531.872241][T15076] tmpfs: Unknown parameter 'r' [ 532.137494][T10333] usb 3-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b [ 532.184721][T10333] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 532.192873][T10333] usb 3-1: Product: syz [ 532.196985][T10333] usb 3-1: Manufacturer: syz [ 532.201530][T10333] usb 3-1: SerialNumber: syz [ 532.206689][T10333] usb 3-1: config 0 descriptor?? [ 532.217196][ T7531] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 532.239786][T15088] loop1: detected capacity change from 0 to 256 [ 532.837167][ T7531] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 532.857188][ T7531] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 532.859963][T15107] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.4'. [ 532.875170][T10333] usb 3-1: MIDIStreaming interface descriptor not found [ 532.876072][ T7531] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 532.886353][T10333] usb 3-1: USB disconnect, device number 72 [ 532.900888][T15107] device gretap0 entered promiscuous mode [ 532.911281][T15107] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'. [ 532.922952][T15107] 0XD: renamed from gretap0 [ 532.928603][T15107] device 30XD left promiscuous mode [ 532.934819][T15107] A link change request failed with some changes committed already. Interface 30XD may have been left with an inconsistent configuration, please check. [ 533.135397][ T7531] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 533.145312][ T7531] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 533.154265][ T7531] usb 4-1: Product: syz [ 533.369546][ T7531] usb 4-1: Manufacturer: syz [ 533.373977][ T7531] usb 4-1: SerialNumber: syz [ 533.411022][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 533.427571][ T7531] usb 4-1: selecting invalid altsetting 1 [ 533.707167][ T342] usb 2-1: new high-speed USB device number 63 using dummy_hcd [ 533.877198][ T7531] cdc_ncm 4-1:1.0: failed GET_NTB_PARAMETERS [ 533.895115][ T7531] cdc_ncm 4-1:1.0: bind() failure [ 533.906996][ T30] kauditd_printk_skb: 215 callbacks suppressed [ 533.907010][ T30] audit: type=1400 audit(2000000217.507:17269): avc: denied { ioctl } for pid=15125 comm="syz-executor.4" path="/dev/usbmon0" dev="devtmpfs" ino=135 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 533.942011][ T7531] usb 4-1: USB disconnect, device number 49 [ 533.970199][T15132] loop4: detected capacity change from 0 to 512 [ 534.007864][T15132] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 534.024823][T15138] loop0: detected capacity change from 0 to 128 [ 534.032490][T15132] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.4: corrupted in-inode xattr [ 534.045296][T15132] EXT4-fs (loop4): Remounting filesystem read-only [ 534.051712][T15132] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 534.064046][T15132] EXT4-fs (loop4): mounted filesystem without journal. Opts: prjquota,noload,errors=remount-ro,resgid=0x000000000000ee00,min_batch_time=0x0000000000000005,usrjquota=,nombcache,noquota,grpquota,norecovery,. Quota mode: writeback. [ 534.097229][ T342] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 534.108244][ T342] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 534.119165][ T342] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 534.137502][ T342] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 534.154493][ T342] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 534.171036][T15132] loop4: detected capacity change from 0 to 512 [ 534.179482][ T342] usb 2-1: config 0 descriptor?? [ 534.185256][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 534.197309][T15119] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 534.209862][T15132] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz-executor.4: casefold flag without casefold feature [ 534.223674][T15132] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.4: casefold flag without casefold feature [ 534.247331][T15132] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.4: ea_inode with extended attributes [ 534.265557][T15132] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 12 err=-117 [ 534.289623][T15132] EXT4-fs (loop4): 1 orphan inode deleted [ 534.304240][T15132] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,nobarrier,,errors=continue. Quota mode: none. [ 534.550232][T15151] loop0: detected capacity change from 0 to 40427 [ 534.877177][T15172] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.2'. [ 535.254055][T15151] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 535.267853][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.286100][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.294938][T15151] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 535.328827][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.374861][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.382216][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.389559][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.396781][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.437200][ T333] usb 4-1: new full-speed USB device number 50 using dummy_hcd [ 535.437546][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.453727][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.461945][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.465706][T15151] F2FS-fs (loop0): Found nat_bits in checkpoint [ 535.475979][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.493339][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.500831][ T342] plantronics 0003:047F:FFFF.0060: unknown main item tag 0x0 [ 535.508502][ T342] plantronics 0003:047F:FFFF.0060: No inputs registered, leaving [ 535.516093][T15151] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 535.525854][T15151] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 535.672722][T15151] attempt to access beyond end of device [ 535.672722][T15151] loop0: rw=2049, want=45112, limit=40427 [ 535.728543][T15151] attempt to access beyond end of device [ 535.728543][T15151] loop0: rw=2049, want=45120, limit=40427 [ 535.785187][ T342] plantronics 0003:047F:FFFF.0060: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 535.800127][ T342] usb 2-1: USB disconnect, device number 63 [ 535.857290][ T333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 535.888514][ T333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64 [ 535.912753][ T333] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 535.929786][ T333] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 535.938900][ T333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 535.948056][ T333] usb 4-1: config 0 descriptor?? [ 535.962730][T15194] xt_NFQUEUE: number of queues (17952) out of range (got 83484) [ 535.970652][T15164] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 536.071945][T15204] syz-executor.2[15204] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 536.072021][T15204] syz-executor.2[15204] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 536.073480][T15207] loop0: detected capacity change from 0 to 256 [ 536.113505][T15208] device syzkaller0 entered promiscuous mode [ 536.343564][T15227] kvm: pic: non byte read [ 536.374516][T15238] loop1: detected capacity change from 0 to 256 [ 536.374882][T15236] loop4: detected capacity change from 0 to 512 [ 536.424735][T15244] loop0: detected capacity change from 0 to 512 [ 536.431787][T15236] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 536.441615][ T333] plantronics 0003:047F:FFFF.0061: unknown main item tag 0x0 [ 536.448925][ T333] plantronics 0003:047F:FFFF.0061: unknown main item tag 0x0 [ 536.456114][ T333] plantronics 0003:047F:FFFF.0061: unknown main item tag 0x0 [ 536.463418][ T333] plantronics 0003:047F:FFFF.0061: unknown main item tag 0x0 [ 536.468463][T15236] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 536.476048][ T333] plantronics 0003:047F:FFFF.0061: unknown main item tag 0x0 [ 536.492261][ T333] plantronics 0003:047F:FFFF.0061: unknown main item tag 0x0 [ 536.499480][ T333] plantronics 0003:047F:FFFF.0061: unknown main item tag 0x0 [ 536.505302][T15236] EXT4-fs (loop4): 1 truncate cleaned up [ 536.506775][ T333] plantronics 0003:047F:FFFF.0061: unknown main item tag 0x0 [ 536.512178][T15236] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodelalloc,block_validity,sysvgroups,,errors=continue. Quota mode: writeback. [ 536.534028][ T333] plantronics 0003:047F:FFFF.0061: No inputs registered, leaving [ 536.548576][T15244] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 536.560592][ T333] plantronics 0003:047F:FFFF.0061: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 536.573120][T15244] ext4 filesystem being mounted at /root/syzkaller-testdir2859683807/syzkaller.q2StEi/24/file1 supports timestamps until 2038 (0x7fffffff) [ 536.655697][T15244] EXT4-fs error (device loop0): ext4_map_blocks:716: inode #18: block 44: comm syz-executor.0: lblock 0 mapped to illegal pblock 44 (length 4) [ 536.704929][T15244] EXT4-fs error (device loop0): __ext4_get_inode_loc:4340: comm syz-executor.0: Invalid inode table block 2136265764 in block_group 0 [ 536.737343][T15244] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 536.756874][T15244] EXT4-fs error (device loop0): ext4_alloc_file_blocks:4509: inode #18: comm syz-executor.0: mark_inode_dirty error [ 536.782250][T14917] EXT4-fs error (device loop0): ext4_map_blocks:602: inode #2: block 3: comm syz-executor.0: lblock 0 mapped to illegal pblock 3 (length 1) [ 536.806687][T14917] EXT4-fs warning (device loop0): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor.0: error -117 reading directory block [ 536.833822][ T8] EXT4-fs error (device loop0): __ext4_get_inode_loc:4340: comm kworker/u4:0: Invalid inode table block 2136265764 in block_group 0 [ 536.855881][T14917] EXT4-fs error (device loop0): __ext4_get_inode_loc:4340: comm syz-executor.0: Invalid inode table block 2136265764 in block_group 0 [ 536.870222][T14917] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 536.879858][T14917] EXT4-fs error (device loop0): ext4_quota_off:6464: inode #3: comm syz-executor.0: mark_inode_dirty error [ 536.891266][ T333] usb 2-1: new high-speed USB device number 64 using dummy_hcd [ 536.899231][T14917] EXT4-fs error (device loop0): __ext4_get_inode_loc:4340: comm syz-executor.0: Invalid inode table block 2136265764 in block_group 0 [ 537.233359][T15256] bridge0: port 1(bridge_slave_0) entered blocking state [ 537.246729][T15256] bridge0: port 1(bridge_slave_0) entered disabled state [ 537.257531][ T333] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 537.260556][T15256] device bridge_slave_0 entered promiscuous mode [ 537.278368][ T333] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 537.283861][T15256] bridge0: port 2(bridge_slave_1) entered blocking state [ 537.294876][ T333] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 537.303895][ T333] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 537.312589][ T333] usb 2-1: config 0 descriptor?? [ 537.314585][T15256] bridge0: port 2(bridge_slave_1) entered disabled state [ 537.332129][T15256] device bridge_slave_1 entered promiscuous mode [ 537.433543][T15256] bridge0: port 2(bridge_slave_1) entered blocking state [ 537.440504][T15256] bridge0: port 2(bridge_slave_1) entered forwarding state [ 537.447628][T15256] bridge0: port 1(bridge_slave_0) entered blocking state [ 537.454370][T15256] bridge0: port 1(bridge_slave_0) entered forwarding state [ 537.458724][T15267] kvm: pic: non byte read [ 537.482483][ T7531] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 537.491140][ T7531] bridge0: port 1(bridge_slave_0) entered disabled state [ 537.498620][ T7531] bridge0: port 2(bridge_slave_1) entered disabled state [ 537.517265][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 537.525393][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 537.533304][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 537.540912][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 537.553215][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 537.560087][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 537.581070][T15270] loop2: detected capacity change from 0 to 512 [ 537.601460][ T7531] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 537.611230][ T7531] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 537.620259][T15270] EXT4-fs (loop2): error: journal path ./file0 is not a block device [ 537.635954][T15256] device veth0_vlan entered promiscuous mode [ 537.642605][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 537.650783][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 537.658459][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 537.668186][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 537.677061][ T8] device bridge_slave_1 left promiscuous mode [ 537.683259][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 537.691093][ T8] device bridge_slave_0 left promiscuous mode [ 537.705597][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 537.716369][ T8] device veth1_macvtap left promiscuous mode [ 537.727189][T15274] loop2: detected capacity change from 0 to 1024 [ 537.733455][ T8] device veth0_vlan left promiscuous mode [ 537.744181][T15277] syz-executor.4[15277] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 537.744252][T15277] syz-executor.4[15277] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 537.810378][T15274] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #3: comm syz-executor.2: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 537.848751][T15274] EXT4-fs error (device loop2): ext4_quota_enable:6369: comm syz-executor.2: Bad quota inode: 3, type: 0 [ 537.860386][T15274] EXT4-fs warning (device loop2): ext4_enable_quotas:6410: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 537.875561][T15274] EXT4-fs (loop2): mount failed [ 537.893075][T15256] device veth1_macvtap entered promiscuous mode [ 537.900922][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 537.917019][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 537.925993][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 538.266865][ T342] usb 5-1: new high-speed USB device number 63 using dummy_hcd [ 538.477173][ T333] uclogic 0003:256C:006D.0062: interface is invalid, ignoring [ 538.484863][T15291] loop2: detected capacity change from 0 to 40427 [ 538.507147][ T342] usb 5-1: Using ep0 maxpacket: 32 [ 538.567449][ T6949] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm syz-executor.3: Invalid inode table block 2136265764 in block_group 0 [ 538.582421][T15291] F2FS-fs (loop2): Found nat_bits in checkpoint [ 538.586297][ T6949] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 538.616220][ T6949] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #20: comm syz-executor.3: mark_inode_dirty error [ 538.627906][ T342] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 538.628932][ T6949] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm syz-executor.3: Invalid inode table block 2136265764 in block_group 0 [ 538.639101][ T342] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 538.652585][T15291] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 538.671409][ T6949] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 538.681859][ T333] usb 2-1: USB disconnect, device number 64 [ 538.686571][ T342] usb 5-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00 [ 538.688836][ T6949] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #20: comm syz-executor.3: mark_inode_dirty error [ 538.696809][ T342] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 538.709863][ T6949] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz-executor.3: Invalid block bitmap block 252425430 in block_group 0 [ 538.730471][ T20] usb 4-1: USB disconnect, device number 50 [ 538.730573][ T342] usb 5-1: config 0 descriptor?? [ 538.743683][ T6949] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm syz-executor.3: Invalid inode table block 2136265764 in block_group 0 [ 538.748784][T15290] attempt to access beyond end of device [ 538.748784][T15290] loop2: rw=10241, want=53256, limit=40427 [ 538.757734][ T6949] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 538.768563][T15279] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 538.778261][ T6949] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #20: comm syz-executor.3: mark_inode_dirty error [ 538.784812][T15291] attempt to access beyond end of device [ 538.784812][T15291] loop2: rw=2049, want=53256, limit=40427 [ 538.823058][T14984] attempt to access beyond end of device [ 538.823058][T14984] loop2: rw=2049, want=45104, limit=40427 [ 538.830551][ T6949] EXT4-fs warning (device loop3): ext4_evict_inode:286: couldn't mark inode dirty (err -117) [ 539.000664][T15319] loop0: detected capacity change from 0 to 40427 [ 539.047939][T15319] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 539.055490][T15319] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 539.066132][T15319] F2FS-fs (loop0): Found nat_bits in checkpoint [ 539.096505][T15319] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 539.105735][T15319] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 539.129775][T15319] attempt to access beyond end of device [ 539.129775][T15319] loop0: rw=2049, want=45112, limit=40427 [ 539.141398][T15319] attempt to access beyond end of device [ 539.141398][T15319] loop0: rw=2049, want=45120, limit=40427 [ 539.207129][ T60] usb 3-1: new high-speed USB device number 73 using dummy_hcd [ 539.237997][ T342] hid-led 0003:1294:1320.0063: unbalanced delimiter at end of report description [ 539.249105][ T342] hid-led: probe of 0003:1294:1320.0063 failed with error -22 [ 539.379183][ T8] device bridge_slave_1 left promiscuous mode [ 539.386661][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 539.395529][ T8] device bridge_slave_0 left promiscuous mode [ 539.402199][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 539.412123][ T8] device veth1_macvtap left promiscuous mode [ 539.422011][ T8] device veth0_vlan left promiscuous mode [ 539.481505][ T333] usb 5-1: USB disconnect, device number 63 [ 539.487188][ T60] usb 3-1: Using ep0 maxpacket: 8 [ 539.527291][T10333] usb 2-1: new high-speed USB device number 65 using dummy_hcd [ 539.627279][ T60] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 539.636686][ T60] usb 3-1: config 1 has no interface number 1 [ 539.642820][ T60] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 539.656060][ T60] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 539.737165][ T357] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 539.787177][T10333] usb 2-1: Using ep0 maxpacket: 32 [ 539.827291][ T60] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 539.836276][ T60] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 539.844080][ T60] usb 3-1: Product: syz [ 539.848121][ T60] usb 3-1: Manufacturer: syz [ 539.852474][ T60] usb 3-1: SerialNumber: syz [ 539.907195][T10333] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 539.917975][T10333] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 539.927486][T10333] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 539.936275][T10333] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 539.944709][T10333] usb 2-1: config 0 descriptor?? [ 539.987472][T10333] hub 2-1:0.0: USB hub found [ 540.107201][ T357] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 540.118001][ T357] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 540.127142][T15342] loop4: detected capacity change from 0 to 2048 [ 540.127577][ T357] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 540.142734][ T357] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 540.151278][ T357] usb 4-1: config 0 descriptor?? [ 540.168775][T15342] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 540.177248][ T60] usb 3-1: 2:1 : format type 0 is detected, processed as PCM [ 540.186296][ T60] usb 3-1: 2:1 : sample bitwidth 108 in over sample bytes 3 [ 540.194225][ T60] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 540.200162][ T60] usb 3-1: 2:1 : invalid channels 0 [ 540.236280][T10333] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 540.245382][ T60] usb 3-1: USB disconnect, device number 73 [ 540.657206][T10333] usbhid 2-1:0.0: can't add hid device: -71 [ 540.662978][T10333] usbhid: probe of 2-1:0.0 failed with error -71 [ 540.686415][ T30] audit: type=1400 audit(2000000224.287:17270): avc: denied { unmount } for pid=15356 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=filesystem permissive=1 [ 540.708357][T10333] usb 2-1: USB disconnect, device number 65 [ 540.718043][ T357] hid (null): bogus close delimiter [ 540.719913][T15359] loop2: detected capacity change from 0 to 128 [ 540.942197][T15361] tipc: Started in network mode [ 540.947061][T15361] tipc: Node identity ac1414aa, cluster identity 4711 [ 540.954183][T15361] tipc: New replicast peer: 100.1.1.1 [ 540.960030][T15361] tipc: Enabled bearer , priority 10 [ 541.063004][ T357] usb 4-1: language id specifier not provided by device, defaulting to English [ 541.106914][T15365] loop4: detected capacity change from 0 to 256 [ 541.537448][ T357] uclogic 0003:256C:006D.0064: interface is invalid, ignoring [ 541.770329][ T333] usb 4-1: USB disconnect, device number 51 [ 541.834367][T15382] kvm: pic: non byte read [ 542.077212][ T331] tipc: Node number set to 2886997162 [ 542.097357][ T20] usb 2-1: new high-speed USB device number 66 using dummy_hcd [ 542.147210][ T330] usb 3-1: new high-speed USB device number 74 using dummy_hcd [ 542.373291][T15399] incfs_lookup_dentry err:-5 [ 542.379427][T15399] incfs: Can't find or create .index dir in ./file0 [ 542.386114][T15399] incfs: mount failed -5 [ 542.387175][ T20] usb 2-1: Using ep0 maxpacket: 8 [ 542.397249][ T330] usb 3-1: Using ep0 maxpacket: 32 [ 542.527208][ T20] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 542.538283][ T20] usb 2-1: config 1 has no interface number 1 [ 542.547282][ T330] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 542.558023][ T20] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 542.570615][ T330] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 542.580232][ T20] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 542.590931][ T330] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 542.599735][ T330] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 542.611814][ T330] usb 3-1: config 0 descriptor?? [ 542.657485][ T330] hub 3-1:0.0: USB hub found [ 542.797248][ T20] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 542.806157][ T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 542.814092][ T20] usb 2-1: Product: syz [ 542.818049][ T20] usb 2-1: Manufacturer: syz [ 542.822459][ T20] usb 2-1: SerialNumber: syz [ 542.877248][ T330] hub 3-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 542.964253][T15405] loop4: detected capacity change from 0 to 128 [ 543.337450][ T20] usb 2-1: 2:1 : format type 0 is detected, processed as PCM [ 543.344781][ T20] usb 2-1: 2:1 : sample bitwidth 108 in over sample bytes 3 [ 543.352090][ T20] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 543.358022][ T330] usbhid 3-1:0.0: can't add hid device: -71 [ 543.363716][ T330] usbhid: probe of 3-1:0.0 failed with error -71 [ 543.370094][ T20] usb 2-1: 2:1 : invalid channels 0 [ 543.397712][ T330] usb 3-1: USB disconnect, device number 74 [ 543.405199][ T20] usb 2-1: USB disconnect, device number 66 [ 543.659007][T15414] loop3: detected capacity change from 0 to 131072 [ 543.699147][T15414] F2FS-fs (loop3): invalid crc value [ 543.708786][T15414] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 543.736445][T15414] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b [ 544.584554][T15434] loop2: detected capacity change from 0 to 256 [ 544.694724][T15434] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 544.931405][T15447] loop1: detected capacity change from 0 to 512 [ 545.021931][T15447] EXT4-fs (loop1): 1 truncate cleaned up [ 545.028537][T15455] loop3: detected capacity change from 0 to 16 [ 545.029978][T15447] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000c32,nolazytime,jqfmt=vfsold,acl,nodiscard,errors=continue,usrjquota=,,errors=continue. Quota mode: none. [ 545.078305][T15455] erofs: (device loop3): mounted with root inode @ nid 36. [ 545.237104][ T333] usb 3-1: new high-speed USB device number 75 using dummy_hcd [ 545.378127][T15462] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.1: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0 [ 545.428762][T15462] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 545.487104][ T333] usb 3-1: Using ep0 maxpacket: 32 [ 545.584727][T15470] netlink: 160 bytes leftover after parsing attributes in process `syz-executor.0'. [ 545.594252][T15470] netlink: 160 bytes leftover after parsing attributes in process `syz-executor.0'. [ 545.604807][T15470] netlink: 160 bytes leftover after parsing attributes in process `syz-executor.0'. [ 545.617289][ T333] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 545.628137][ T333] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 545.637917][ T333] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 545.646804][ T333] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 545.655274][ T333] usb 3-1: config 0 descriptor?? [ 545.697623][ T333] hub 3-1:0.0: USB hub found [ 545.747139][ T20] usb 5-1: new high-speed USB device number 64 using dummy_hcd [ 545.831999][T15468] loop3: detected capacity change from 0 to 131072 [ 545.865481][T15472] loop1: detected capacity change from 0 to 2048 [ 545.873103][T15468] F2FS-fs (loop3): invalid crc value [ 545.879835][T15468] F2FS-fs (loop3): Found nat_bits in checkpoint [ 545.903915][T15472] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 545.907255][ T333] hub 3-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 545.914487][T15468] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 545.961005][T15472] syz-executor.1[15472] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 545.961089][T15472] syz-executor.1[15472] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 546.007208][ T20] usb 5-1: Using ep0 maxpacket: 32 [ 546.049738][T15481] loop1: detected capacity change from 0 to 1024 [ 546.067633][T15481] EXT4-fs (loop1): Test dummy encryption mode enabled [ 546.074386][T15481] EXT4-fs (loop1): Ignoring removed orlov option [ 546.083301][T15481] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 546.177274][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 546.193950][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 546.205106][ T333] usbhid 3-1:0.0: can't add hid device: -71 [ 546.211623][ T333] usbhid: probe of 3-1:0.0 failed with error -71 [ 546.218532][ T20] usb 5-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00 [ 546.227647][ T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 546.245836][ T20] usb 5-1: config 0 descriptor?? [ 546.251427][ T333] usb 3-1: USB disconnect, device number 75 [ 546.287186][T15466] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 546.432387][T15484] loop3: detected capacity change from 0 to 131072 [ 546.477982][T15484] F2FS-fs (loop3): Wrong segment_count / block_count (65567 > 16384) [ 546.485917][T15484] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 546.496465][T15484] F2FS-fs (loop3): Found nat_bits in checkpoint [ 546.519109][T15484] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 546.525999][T15484] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 546.748384][ T20] hid-led 0003:1294:1320.0065: unbalanced delimiter at end of report description [ 546.758007][ T20] hid-led: probe of 0003:1294:1320.0065 failed with error -22 [ 546.979842][ T20] usb 5-1: USB disconnect, device number 64 [ 547.437180][ T357] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 548.107206][ T357] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 548.118204][ T357] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 548.129099][ T357] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 548.141782][ T357] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 548.150609][ T357] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 548.158972][ T357] usb 4-1: config 0 descriptor?? [ 548.177179][T15520] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 548.180386][T15538] loop1: detected capacity change from 0 to 128 [ 548.352874][T15539] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 548.741935][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.777533][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.789037][T15561] loop2: detected capacity change from 0 to 128 [ 548.795228][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.802691][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.810924][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.816420][T15564] loop0: detected capacity change from 0 to 128 [ 548.818368][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.831453][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.852229][T15564] attempt to access beyond end of device [ 548.852229][T15564] loop0: rw=2049, want=162, limit=128 [ 548.863095][T15564] Buffer I/O error on dev loop0, logical block 161, lost async page write [ 548.871604][T15564] attempt to access beyond end of device [ 548.871604][T15564] loop0: rw=2049, want=163, limit=128 [ 548.882325][T15564] Buffer I/O error on dev loop0, logical block 162, lost async page write [ 548.882395][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.897942][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.905127][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.908073][T15564] attempt to access beyond end of device [ 548.908073][T15564] loop0: rw=2049, want=164, limit=128 [ 548.912537][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.923200][T15564] Buffer I/O error on dev loop0, logical block 163, lost async page write [ 548.930262][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.946271][ T357] plantronics 0003:047F:FFFF.0066: unknown main item tag 0x0 [ 548.953652][ T357] plantronics 0003:047F:FFFF.0066: No inputs registered, leaving [ 548.961854][ T357] plantronics 0003:047F:FFFF.0066: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 548.975085][ T357] usb 4-1: USB disconnect, device number 52 [ 549.056928][T15567] tipc: Enabling of bearer rejected, already enabled [ 549.153137][ T8] attempt to access beyond end of device [ 549.153137][ T8] loop0: rw=1, want=162, limit=128 [ 549.216505][ T8] Buffer I/O error on dev loop0, logical block 161, lost async page write [ 549.232736][ T8] attempt to access beyond end of device [ 549.232736][ T8] loop0: rw=1, want=163, limit=128 [ 549.243482][ T8] Buffer I/O error on dev loop0, logical block 162, lost async page write [ 549.251905][ T8] attempt to access beyond end of device [ 549.251905][ T8] loop0: rw=1, want=164, limit=128 [ 549.262821][ T8] Buffer I/O error on dev loop0, logical block 163, lost async page write [ 549.766185][T15588] loop2: detected capacity change from 0 to 256 [ 549.790500][T15588] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 549.857217][ T7531] usb 5-1: new high-speed USB device number 65 using dummy_hcd [ 549.977016][T15594] 9p: Unknown access argument ᭀ.LaH(05 -몠:M<ʖKVdH vVZ3m!(pYd}/5Чځܓc>89Ro.4ah-\ 6Zfm_y~HA, priority 10 [ 550.977620][ T357] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 551.007206][ T357] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 551.059812][ T357] usb 4-1: New USB device found, idVendor=0810, idProduct=0002, bcdDevice= 0.00 [ 551.069033][ T357] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 551.112859][ T7531] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 551.121876][ T7531] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 551.128706][ T357] usb 4-1: config 0 descriptor?? [ 551.133187][ T7531] usb 5-1: Product: syz [ 551.138895][ T7531] usb 5-1: Manufacturer: syz [ 551.143612][ T7531] usb 5-1: SerialNumber: syz [ 551.147425][T15623] loop0: detected capacity change from 0 to 2048 [ 551.188275][T15623] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 551.230764][T15623] syz-executor.0[15623] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 551.230843][T15623] syz-executor.0[15623] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 551.376644][T15631] 9p: Unknown access argument ᭀ.LaH(05 -몠:M<ʖKVdH vVZ3m!(pYd}/5Чځܓc>89Ro.4ah-\ 6Zfm_y~HA 2033/05/18 03:37:17 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 553.668162][T14984] dump_stack_lvl+0x151/0x1b7 [ 553.672682][T14984] ? io_uring_drop_tctx_refs+0x190/0x190 [ 553.678147][T14984] ? panic+0x751/0x751 [ 553.682053][T14984] print_address_description+0x87/0x3b0 [ 553.687435][T14984] kasan_report+0x179/0x1c0 [ 553.691775][T14984] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 553.697240][T14984] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 553.702708][T14984] __asan_report_load4_noabort+0x14/0x20 [ 553.708174][T14984] ext4_xattr_delete_inode+0xcd0/0xce0 [ 553.713471][T14984] ? sb_end_intwrite+0x120/0x120 [ 553.718330][T14984] ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0 [ 553.724233][T14984] ? ext4_journal_check_start+0x16c/0x230 [ 553.729787][T14984] ? __kasan_check_read+0x11/0x20 [ 553.734645][T14984] ? ext4_inode_is_fast_symlink+0x295/0x3d0 [ 553.740460][T14984] ? ext4_evict_inode+0xb8d/0x14e0 [ 553.745408][T14984] ext4_evict_inode+0xea1/0x14e0 [ 553.750182][T14984] ? _raw_spin_unlock+0x4d/0x70 [ 553.754871][T14984] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 553.760600][T14984] ? _raw_spin_unlock+0x4d/0x70 [ 553.765284][T14984] ? inode_io_list_del+0x18b/0x1a0 [ 553.770230][T14984] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 553.775959][T14984] evict+0x2a3/0x630 [ 553.779695][T14984] iput+0x63b/0x7e0 [ 553.783338][T14984] vfs_rmdir+0x359/0x470 [ 553.787604][T14984] do_rmdir+0x3ab/0x630 [ 553.791756][T14984] ? d_delete_notify+0x160/0x160 [ 553.796535][T14984] __x64_sys_unlinkat+0xdf/0xf0 [ 553.801217][T14984] do_syscall_64+0x3d/0xb0 [ 553.805468][T14984] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 553.811197][T14984] RIP: 0033:0x7f8bc6bab887 [ 553.815539][T14984] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 553.834979][T14984] RSP: 002b:00007fff40bebf68 EFLAGS: 00000207 ORIG_RAX: 0000000000000107 [ 553.843222][T14984] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f8bc6bab887 [ 553.851035][T14984] RDX: 0000000000000200 RSI: 00007fff40bed110 RDI: 00000000ffffff9c [ 553.858845][T14984] RBP: 00007f8bc6c086c6 R08: 0000000000000000 R09: 0000000000000000 [ 553.866835][T14984] R10: 000000