last executing test programs: 5.323779848s ago: executing program 0 (id=7192): bpf$PROG_LOAD(0x5, 0x0, 0x0) ptrace(0x4206, 0x0) tkill(0x0, 0x12) r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10) chdir(0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r0, 0x0, 0x0) fchdir(r6) r7 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80) setxattr$security_evm(&(0x7f0000000280)='./bus\x00', &(0x7f0000000300), &(0x7f0000000580)=ANY=[], 0x1, 0x3) ftruncate(r7, 0x2007ffb) r8 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r9 = fcntl$dupfd(r8, 0x0, r8) ioctl$USBDEVFS_SUBMITURB(r9, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) sendfile(r7, r7, 0x0, 0x1000000201005) 4.014541819s ago: executing program 0 (id=7203): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xa, 0x4, 0x7fe2, 0x1}, 0x50) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=@newsa={0x190, 0x10, 0x713, 0x0, 0x0, {{@in6=@mcast1, @in6=@loopback}, {@in=@private, 0x0, 0x32}, @in6=@loopback, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @algo_auth={0x57, 0x1, {{'xcbc(aes)\x00'}, 0x78, "bd47604b63ab6f1ee0fab0861fd447"}}]}, 0x190}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x2000000000000111, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) request_key(&(0x7f0000000300)='user\x00', &(0x7f0000000480)={'syz', 0x2}, &(0x7f00000004c0)='/:&\x00', 0xfffffffffffffffc) syz_usb_connect(0x0, 0x3f, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000413b88400819151300000000000109022d00010000000009040000026bb22b"], 0x0) 3.246637656s ago: executing program 1 (id=7210): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, 0x0, 0x0, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0, 0x0) 2.844538486s ago: executing program 1 (id=7211): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sendmsg$sock(0xffffffffffffffff, 0x0, 0x40881) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ptrace$getregs(0xbe6b7d150629ff7f, r2, 0x10001, &(0x7f0000000300)=""/184) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000400)={0xa, 0x2, 0xac3, @loopback, 0x9}, 0x1c) setsockopt$inet6_tcp_int(r4, 0x6, 0xa, &(0x7f0000001100)=0x804, 0x4) sendto$inet6(r4, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 2.268208543s ago: executing program 4 (id=7217): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x18) r2 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, @initdev={0xfe, 0x88, '\x00', 0xfe, 0x0}, @private1={0xfc, 0x1, '\x00', 0x4}, 0x0, 0x8000, 0x0, 0x80000}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f0000000640)={'ip6_vti0\x00', r3, 0x0, 0x0, 0x3, 0x0, 0x0, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x6}}) 1.807752659s ago: executing program 1 (id=7218): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000540)=ANY=[@ANYBLOB="0600000004000000ff0100005c00000000000000", @ANYRES32, @ANYBLOB="0400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000feffffff0000000000000000000000000000000000000000b3667e8182f91e7ff4785cfa31bbe4eaf5338f62ebcd24adc250a8ec5b4710d407ac3860d3b4a96ff588148c40fd6bb037c0"], 0x50) 1.791173141s ago: executing program 1 (id=7219): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, 0x0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r6) fspick(0xffffffffffffffff, 0x0, 0x0) 1.756118345s ago: executing program 1 (id=7220): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="84000000", @ANYRES16=0x0, @ANYBLOB="00032dbd7000fbdbdf25190000000c00018008c1a90001000000640001800800030003000000080001"], 0x84}, 0x1, 0x0, 0x0, 0x8004}, 0x240008d4) r3 = socket(0x10, 0x3, 0x0) write(r3, &(0x7f0000000240)="aefc00001a0025f01d85bc04fef7681d020b49ff708800008003280008021000ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae) 1.726523678s ago: executing program 4 (id=7221): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r2, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4008084) mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x189, 0x0) 1.645906065s ago: executing program 4 (id=7223): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r2, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r7, 0x0, 0x0, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r8, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount$fuseblk(&(0x7f00000000c0), &(0x7f0000000100)='./cgroup\x00', &(0x7f0000000140), 0x3818000, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd', @ANYBLOB]) 1.574135683s ago: executing program 4 (id=7226): sendmmsg(0xffffffffffffffff, &(0x7f0000001500)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x3}, 0x80, 0x0}, 0x5b4}], 0x1, 0xc040) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20a00, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f00000c6000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x40, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000088b000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000380)="260f7804640f09660f3880b50080baf80c66b8be19848066efbafc0cb8bff6ef670f20e60fc779e60f06f30fc77200baf80c66b863cc298666efbafc0cec66b9a10300000f32", 0x46}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.518003098s ago: executing program 2 (id=7228): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000100)={0x3ff, 0x4, 0xd3, 0xffff, 0x5, "8dac3a40f3f193d26b5f0c55500a0f4f11e5a5"}) 1.509345749s ago: executing program 2 (id=7229): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00), 0x0, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0, 0x0) 1.491036841s ago: executing program 4 (id=7230): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f0000000000)=@add_del={0x2, &(0x7f00000000c0)='veth1_virt_wifi\x00'}) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r3}, 0x18) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0xfffffffffffffdbc, 0x2, {{0x1, 0xd, 0x0, 0x9, 0x8}, 0x6, 0x1, 0x1, 0x4, 0x8, 0xe, 0x7, 0x1d, 0x3, 0x9, {0xa2d6, 0x200, 0xb, 0x40, 0x2, 0x1ff}}}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xfff1, 0xa}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x1}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) r7 = socket(0x10, 0x3, 0x0) sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0) 1.477416193s ago: executing program 2 (id=7231): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$selinux_policy(0xffffff9c, &(0x7f0000000180), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x40004) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5e114b6e, 0x11, r0, 0x0) 1.469652703s ago: executing program 2 (id=7233): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount$binderfs(0x0, &(0x7f00000001c0)='./binderfs\x00', &(0x7f0000000280), 0x200000, &(0x7f0000000380)=ANY=[@ANYBLOB='max']) 1.359775114s ago: executing program 2 (id=7234): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000a00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="b0000000"], 0x1b0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6(0xa, 0x3, 0x7) sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0xffe0) 912.736879ms ago: executing program 0 (id=7235): prlimit64(0x0, 0xe, &(0x7f0000000240)={0xd1e2, 0x47fffffff}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000001000)=@abs={0x0, 0x0, 0xce27}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18) getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, &(0x7f0000002900)) 563.963104ms ago: executing program 2 (id=7237): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x4000, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000000002) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='fscache_invalidate\x00'}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs={0x0, 0x0, 0xb}, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x4e22, @broadcast}, 0x2, 0x9800}}, 0x2e) ioctl$PPPIOCGL2TPSTATS(r3, 0x80487436, &(0x7f0000000540)="43210098ed") ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffff1000}) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r6, 0x107, 0x14, 0x0, 0x0) r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$sock_linger(r7, 0x1, 0xd, &(0x7f0000000080)={0x20000001, 0x2}, 0x8) close(r7) 485.122822ms ago: executing program 3 (id=7239): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r3, 0x0, 0x0) openat$selinux_policy(0xffffff9c, &(0x7f0000000180), 0x0, 0x0) 418.648918ms ago: executing program 3 (id=7240): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto(r5, 0x0, 0x0, 0x1, 0x0, 0x0) unshare(0x62020680) 307.769109ms ago: executing program 3 (id=7241): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0, 0x0) 239.370076ms ago: executing program 0 (id=7242): sendmmsg(0xffffffffffffffff, &(0x7f0000001500)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x3}, 0x80, 0x0}, 0x5b4}], 0x1, 0xc040) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20a00, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0xfffffea8, {0xf000}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd92ac431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fae33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b3775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f599b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd317069083a5632b5cfc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55da91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a6da5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6a4ee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a6fffffffffffffe3be6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938ec40762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f646ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb3f9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182099b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000088b000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000380)="260f7804640f09660f3880b50080baf80c66b8be19848066efbafc0cb8bff6ef670f20e60fc779e60f06f30fc77200baf80c66b863cc298666efbafc0cec66b9a10300000f32", 0x46}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 238.875676ms ago: executing program 3 (id=7243): r0 = userfaultfd(0x80001) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x400034f, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket$nl_route(0x10, 0x3, 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) 237.796836ms ago: executing program 4 (id=7244): r0 = userfaultfd(0x80001) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket$nl_route(0x10, 0x3, 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000080)={{&(0x7f00003fe000/0x4000)=nil, 0x4000}, 0x1}) 70.888473ms ago: executing program 1 (id=7245): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xa, 0x4, 0x7fe2, 0x1}, 0x50) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=@newsa={0x190, 0x10, 0x713, 0x0, 0x0, {{@in6=@mcast1, @in6=@loopback}, {@in=@private, 0x0, 0x32}, @in6=@loopback, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @algo_auth={0x57, 0x1, {{'xcbc(aes)\x00'}, 0x78, "bd47604b63ab6f1ee0fab0861fd447"}}]}, 0x190}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x2000000000000111, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) request_key(&(0x7f0000000300)='user\x00', &(0x7f0000000480)={'syz', 0x2}, &(0x7f00000004c0)='/:&\x00', 0xfffffffffffffffc) syz_usb_connect(0x0, 0x3f, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000413b88400819151300000000000109022d00010000000009040000026bb22b000904fffffd"], 0x0) 70.065333ms ago: executing program 3 (id=7246): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r4) sendmsg$NL80211_CMD_GET_WIPHY(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000003840)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="210f27bd7000fbdbdf2501000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0xc0c0) 53.831694ms ago: executing program 0 (id=7247): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) write(r4, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac) 14.032959ms ago: executing program 0 (id=7248): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) utimes(&(0x7f0000000180)='./file0\x00', 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={0x0, &(0x7f0000000340)=""/102, 0x90, 0x66, 0x1, 0x8, 0x10000}, 0x28) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, 0x0, &(0x7f0000000040)}, 0x20) accept$unix(r1, &(0x7f0000001200), &(0x7f00000012c0)=0x6e) ptrace$ARCH_SET_CPUID(0x1e, 0x0, 0x1, 0x1012) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@noinit_itable}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x611, &(0x7f0000001740)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/L+Ud8mmLY3zP81zt5z/H+6xfvkPAAAAAAAAB+fBbES8Xmv+X7ox/2ewxvyf0Yg4fwD1b//3v/RhvpBU7Tp4ANVDT3s0G/FWzfm/G3N8x/vy0r+L8wFuJ5evLi6cioj/RMSJGBjKytNVx62cIXzysyNf1qu/cv5f9srqL88FzI/0sL/qRtz5udW5/Z43EPHoXsRLxfm/x/I1m+f/Ze1/UqP9z/L75g7rOPLq/Yv1tm2f/0CzFL6OOF6z/X/e3U4aP59jqtgfmCr3CrZ6+fbn39Wrvzr/m3CKQB1Z+z/SOP+Hksrn9azs7vjZRfrptf5Cve177f8PJh/0RcUgwMdzq6vL0xGDyTtb18/sLmboVnk+HIs8X7L8P/FK4/G/jf5/RR4eioj1HdQ3vM12/X9onyz/5xu3/+Ob2//dL8zcH/++Xv0Xd9T+nym26SfyNcb/oNLW53HsNEHbEi4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvODSiPhXJOnkxnKaTk5GjEbEf2MkXVxaWX3t8tJHN+azbRHjMZCWP+l3rFROyp//P15Rnqkqn46IwxHxRd+hYnny0tLifLtPHgAAAAAAAAAAAAAAAAAAADrEaPGe/8JQ9f3/md/62h0d0HT9+Vf5Dr2nf8/fWRg60ECAltt7/gMvsOyafxf5P9DMWIA2qJ//T54WiloaDtBC+v/Qu/aY//5cAF1A+w+9aodjesPNjgNoB+0/AAAAAAB0lcPHHvySRMT6m4eKr8xgvs1kf+huabsDANrGHF7oXf1L7Y4AaBfX+ECysfRXzZv968/+T5oTEAAAAAAAAAAAAACwxfGj7v+HXtX4/n9z+6GbNbj/v1bye1wAdJH6H/2h7Ydu5xof2K61d/8/AAAAAAAAAAAAAHSA4VvX5hYXF5ZX1l68hbc7I4zdLazPdUQYu1go3I1ovM+z5tQ+EBGd8iYsr2TRtKqu8iM42njKbf69BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbPgnAAD//4wUFuw=") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180900"/16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000340)={'pimreg1\x00', 0x1}) r5 = socket$nl_route(0x10, 0x3, 0x0) connect$netlink(r5, &(0x7f0000000280)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc) sendmsg$nl_route(r5, &(0x7f0000000300)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000021000f0000f901000000000002"], 0x1c}}, 0x8000) 0s ago: executing program 3 (id=7249): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f0000000000)=@add_del={0x2, &(0x7f00000000c0)='veth1_virt_wifi\x00'}) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r3}, 0x18) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r5 = socket(0x400000000010, 0x3, 0x0) r6 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0xfffffffffffffdbc, 0x2, {{0x1, 0xd, 0x0, 0x9, 0x8}, 0x6, 0x1, 0x1, 0x4, 0x8, 0xe, 0x7, 0x1d, 0x3, 0x9, {0xa2d6, 0x200, 0xb, 0x40, 0x2, 0x1ff}}}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0xfff1, 0xa}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x1}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) r8 = socket(0x10, 0x3, 0x0) sendmmsg(r8, &(0x7f0000000000), 0x4000000000001f2, 0x0) kernel console output (not intermixed with test programs): tor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186098f6c9 code=0x7ffc0000 [ 571.417183][ T28] audit: type=1326 audit(1763310340.541:198107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15514 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186098f6c9 code=0x7ffc0000 [ 571.471170][ T8025] EXT4-fs (loop4): unmounting filesystem. [ 571.471972][ T28] audit: type=1326 audit(1763310340.541:198108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15514 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f186098f6c9 code=0x7ffc0000 [ 571.501742][ T28] audit: type=1326 audit(1763310340.551:198109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15514 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186098f6c9 code=0x7ffc0000 [ 571.525450][ T28] audit: type=1326 audit(1763310340.551:198110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15514 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186098f6c9 code=0x7ffc0000 [ 571.555182][ T28] audit: type=1326 audit(1763310340.551:198111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15514 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f186098de17 code=0x7ffc0000 [ 571.806570][ T28] audit: type=1326 audit(1763310340.551:198112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15514 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186098f6c9 code=0x7ffc0000 [ 572.526072][T15559] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5893'. [ 572.833403][T15572] xt_CT: No such helper "pptp" [ 574.662520][T15595] loop1: detected capacity change from 0 to 512 [ 574.987851][T15595] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.5908: casefold flag without casefold feature [ 575.022563][T15595] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.5908: couldn't read orphan inode 15 (err -117) [ 575.056579][T15595] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 575.090797][T11519] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 575.571833][T14674] EXT4-fs (loop1): unmounting filesystem. [ 575.600396][T11519] usb 4-1: Using ep0 maxpacket: 32 [ 575.600655][T15606] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5909'. [ 575.606951][T11519] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 575.653053][T11519] usb 4-1: can't read configurations, error -61 [ 575.830382][T11519] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 575.841279][T15611] loop2: detected capacity change from 0 to 128 [ 575.997949][T15611] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 576.073291][T15611] ext4 filesystem being mounted at /533/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 576.120875][ T8336] EXT4-fs (loop2): unmounting filesystem. [ 576.180366][T11519] usb 4-1: Using ep0 maxpacket: 32 [ 576.183097][ T28] kauditd_printk_skb: 6071 callbacks suppressed [ 576.183111][ T28] audit: type=1400 audit(1763310345.621:204184): avc: denied { unmount } for pid=8336 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 576.187589][T11519] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 576.227404][T11519] usb 4-1: can't read configurations, error -61 [ 576.237203][T11519] usb usb4-port1: attempt power cycle [ 576.732066][T11519] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 576.783678][T11519] usb 4-1: Using ep0 maxpacket: 32 [ 576.803771][T11519] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 576.813087][T11519] usb 4-1: can't read configurations, error -61 [ 576.850455][T15660] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5934'. [ 576.985656][T11519] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 577.030774][T11519] usb 4-1: Using ep0 maxpacket: 32 [ 577.037419][T11519] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 577.299986][T11519] usb 4-1: can't read configurations, error -61 [ 577.307460][T11519] usb usb4-port1: unable to enumerate USB device [ 577.371681][T15679] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5943'. [ 577.722512][T15700] loop3: detected capacity change from 0 to 128 [ 577.759473][T15700] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 577.798538][T15700] ext4 filesystem being mounted at /583/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 577.859612][ T7492] EXT4-fs (loop3): unmounting filesystem. [ 577.873125][T15708] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5957'. [ 578.932108][T15728] loop3: detected capacity change from 0 to 512 [ 579.340188][T15742] loop4: detected capacity change from 0 to 128 [ 579.351311][T15742] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 579.370577][T15742] ext4 filesystem being mounted at /584/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 579.428057][T15748] loop2: detected capacity change from 0 to 256 [ 579.434678][T15748] exfat: Deprecated parameter 'utf8' [ 579.440011][T15748] exfat: Deprecated parameter 'utf8' [ 579.453682][T15748] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 579.523009][ T8025] EXT4-fs (loop4): unmounting filesystem. [ 579.794602][T15752] loop4: detected capacity change from 0 to 1024 [ 579.842740][T15752] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 579.915908][T15752] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 579.936341][T15752] ext4 filesystem being mounted at /586/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 580.385338][ T28] audit: type=1326 audit(1763310349.821:204185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x7ffc0000 [ 580.469878][ T28] audit: type=1326 audit(1763310349.851:204186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x7ffc0000 [ 580.551338][ T28] audit: type=1326 audit(1763310349.851:204187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f975d58f6c9 code=0x7ffc0000 [ 580.600130][ T8025] EXT4-fs (loop4): unmounting filesystem. [ 580.648045][ T28] audit: type=1326 audit(1763310349.851:204188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f975d58f703 code=0x7ffc0000 [ 580.730411][ T28] audit: type=1326 audit(1763310350.031:204189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f975d58e17f code=0x7ffc0000 [ 580.776467][ T28] audit: type=1326 audit(1763310350.171:204190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f975d58f757 code=0x7ffc0000 [ 580.868405][T15762] loop1: detected capacity change from 0 to 40427 [ 580.994516][T15762] F2FS-fs (loop1): Found nat_bits in checkpoint [ 580.997388][ T28] audit: type=1326 audit(1763310350.301:204191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f975d58df10 code=0x7ffc0000 [ 581.067069][T15762] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 581.106706][ T28] audit: type=1326 audit(1763310350.301:204192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f975d58f2cb code=0x7ffc0000 [ 581.224174][ T28] audit: type=1326 audit(1763310350.361:204193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f975d58e32a code=0x7ffc0000 [ 581.293416][ T28] audit: type=1326 audit(1763310350.361:204194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f975d58e32a code=0x7ffc0000 [ 581.343331][ T28] audit: type=1326 audit(1763310350.411:204195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f975d58de17 code=0x7ffc0000 [ 581.376990][T15788] loop3: detected capacity change from 0 to 256 [ 581.401872][T15788] FAT-fs (loop3): bogus number of FAT sectors [ 581.414206][T15788] FAT-fs (loop3): Can't find a valid FAT filesystem [ 581.426048][ T28] audit: type=1326 audit(1763310350.421:204196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f975d590e6a code=0x7ffc0000 [ 581.515487][ T28] audit: type=1326 audit(1763310350.511:204197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f975d58df10 code=0x7ffc0000 [ 581.624362][ T28] audit: type=1326 audit(1763310350.511:204198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f975d58e417 code=0x7ffc0000 [ 581.730053][ T28] audit: type=1326 audit(1763310350.511:204199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f975d58df10 code=0x7ffc0000 [ 581.831207][ T28] audit: type=1326 audit(1763310350.511:204200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f975d58f2cb code=0x7ffc0000 [ 581.942523][ T28] audit: type=1326 audit(1763310350.511:204201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f975d58e32a code=0x7ffc0000 [ 582.052131][ T28] audit: type=1326 audit(1763310350.511:204202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15761 comm="syz.1.5980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x7ffc0000 [ 582.257049][T15810] loop2: detected capacity change from 0 to 256 [ 582.263984][T15810] exfat: Deprecated parameter 'utf8' [ 582.269398][T15810] exfat: Deprecated parameter 'utf8' [ 582.279221][T15810] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 583.266091][T15815] netlink: 'syz.1.5998': attribute type 4 has an invalid length. [ 585.378830][T15856] loop4: detected capacity change from 0 to 256 [ 585.423015][T15856] exfat: Deprecated parameter 'utf8' [ 585.451478][T15856] exfat: Deprecated parameter 'utf8' [ 585.489549][T15856] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 587.224099][ T28] kauditd_printk_skb: 14172 callbacks suppressed [ 587.224114][ T28] audit: type=1326 audit(1763310356.661:218375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15885 comm="syz.0.6029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf2418f6c9 code=0x7ffc0000 [ 587.318121][ T28] audit: type=1326 audit(1763310356.691:218376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15885 comm="syz.0.6029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7faf2418f6c9 code=0x7ffc0000 [ 587.361716][ T28] audit: type=1326 audit(1763310356.691:218377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15885 comm="syz.0.6029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7faf2418f703 code=0x7ffc0000 [ 587.385567][ T28] audit: type=1326 audit(1763310356.791:218378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15896 comm="syz.2.6033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f274c98f6c9 code=0x50000 [ 587.410023][ T28] audit: type=1326 audit(1763310356.791:218379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15896 comm="syz.2.6033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f274c98f6c9 code=0x50000 [ 587.433709][ T28] audit: type=1326 audit(1763310356.791:218380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15896 comm="syz.2.6033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f274c98f6c9 code=0x50000 [ 587.481655][ T28] audit: type=1326 audit(1763310356.791:218381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15896 comm="syz.2.6033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f274c98f6c9 code=0x50000 [ 587.514104][T15901] loop3: detected capacity change from 0 to 4096 [ 587.521454][T15886] loop0: detected capacity change from 0 to 40427 [ 587.530089][T15901] EXT4-fs (loop3): Test dummy encryption mode enabled [ 587.538968][T15901] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 587.547854][T15901] System zones: 0-5 [ 587.572052][ T28] audit: type=1326 audit(1763310356.791:218382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15896 comm="syz.2.6033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f274c98f6c9 code=0x50000 [ 587.596018][T15901] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 587.643020][T15900] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 587.652835][T15900] audit: audit_backlog=65 > audit_backlog_limit=64 [ 587.659357][T15900] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 587.699710][ T7492] EXT4-fs (loop3): unmounting filesystem. [ 587.765385][T15886] F2FS-fs (loop0): Found nat_bits in checkpoint [ 587.923544][T15886] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 587.935273][T15918] binder: 15917:15918 ioctl 4018620d 0 returned -22 [ 588.071612][ T335] tipc: Disabling bearer [ 588.076987][ T335] tipc: Left network mode [ 588.194310][T15922] bridge0: port 1(bridge_slave_0) entered blocking state [ 588.210394][T15922] bridge0: port 1(bridge_slave_0) entered disabled state [ 588.284817][T15922] device bridge_slave_0 entered promiscuous mode [ 588.307871][T15922] bridge0: port 2(bridge_slave_1) entered blocking state [ 588.323699][T15922] bridge0: port 2(bridge_slave_1) entered disabled state [ 588.345044][T15922] device bridge_slave_1 entered promiscuous mode [ 588.802927][ T335] device bridge_slave_1 left promiscuous mode [ 588.813360][ T335] bridge0: port 2(bridge_slave_1) entered disabled state [ 588.856310][ T335] device bridge_slave_0 left promiscuous mode [ 588.881433][ T335] bridge0: port 1(bridge_slave_0) entered disabled state [ 588.917819][ T335] device veth1_macvtap left promiscuous mode [ 588.962477][ T335] device veth0_vlan left promiscuous mode [ 589.251246][T15935] loop0: detected capacity change from 0 to 256 [ 589.258056][T15935] FAT-fs (loop0): bogus number of FAT sectors [ 589.264193][T15935] FAT-fs (loop0): Can't find a valid FAT filesystem [ 589.311351][ T340] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 589.373378][T15939] binder: 15937:15939 ioctl c0306201 0 returned -14 [ 589.442308][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 589.461980][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 589.500394][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 589.515269][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 589.529039][T15951] binder: 15950:15951 ioctl 4018620d 0 returned -22 [ 589.535944][ T396] bridge0: port 1(bridge_slave_0) entered blocking state [ 589.542998][ T396] bridge0: port 1(bridge_slave_0) entered forwarding state [ 589.604720][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 589.641509][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 589.670759][ T396] bridge0: port 2(bridge_slave_1) entered blocking state [ 589.677807][ T396] bridge0: port 2(bridge_slave_1) entered forwarding state [ 589.737016][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 589.762255][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 589.791243][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 589.822862][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 589.844991][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 589.903403][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 590.054819][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 590.184468][T15922] device veth0_vlan entered promiscuous mode [ 590.211062][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 590.226207][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 590.243519][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 590.259349][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 590.280216][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 590.294121][T15922] device veth1_macvtap entered promiscuous mode [ 590.326599][T12035] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 590.335853][T12035] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 590.376434][T12035] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 590.398743][T12035] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 590.454284][T15975] binder: 15973:15975 ioctl 4018620d 0 returned -22 [ 590.935766][T15987] bridge0: port 1(bridge_slave_0) entered blocking state [ 590.951058][T15987] bridge0: port 1(bridge_slave_0) entered disabled state [ 590.968705][T15987] device bridge_slave_0 entered promiscuous mode [ 590.983100][T15987] bridge0: port 2(bridge_slave_1) entered blocking state [ 591.004485][T15987] bridge0: port 2(bridge_slave_1) entered disabled state [ 591.013397][T15992] loop2: detected capacity change from 0 to 256 [ 591.031469][T15987] device bridge_slave_1 entered promiscuous mode [ 591.058198][T15992] FAT-fs (loop2): bogus number of FAT sectors [ 591.070358][T11520] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 591.074002][T15992] FAT-fs (loop2): Can't find a valid FAT filesystem [ 591.132908][T15994] loop0: detected capacity change from 0 to 1024 [ 591.184120][T15994] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 591.203756][ T8279] EXT4-fs (loop0): unmounting filesystem. [ 591.260426][T11520] usb 2-1: Using ep0 maxpacket: 8 [ 591.266525][T11520] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 591.288044][T15987] bridge0: port 2(bridge_slave_1) entered blocking state [ 591.295089][T15987] bridge0: port 2(bridge_slave_1) entered forwarding state [ 591.302355][T15987] bridge0: port 1(bridge_slave_0) entered blocking state [ 591.309381][T15987] bridge0: port 1(bridge_slave_0) entered forwarding state [ 591.323613][ T396] bridge0: port 1(bridge_slave_0) entered disabled state [ 591.346764][T11520] usb 2-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 591.356384][ T396] bridge0: port 2(bridge_slave_1) entered disabled state [ 591.371784][T11520] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 591.416462][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 591.424426][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 591.452166][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 591.485210][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 591.493527][ T396] bridge0: port 1(bridge_slave_0) entered blocking state [ 591.500587][ T396] bridge0: port 1(bridge_slave_0) entered forwarding state [ 591.508619][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 591.517352][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 591.530509][ T396] bridge0: port 2(bridge_slave_1) entered blocking state [ 591.537574][ T396] bridge0: port 2(bridge_slave_1) entered forwarding state [ 591.574607][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 591.590683][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 591.607174][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 591.607537][T11520] usb 2-1: string descriptor 0 read error: -71 [ 591.625488][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 591.630197][T11520] hub 2-1:32.0: bad descriptor, ignoring hub [ 591.643769][T11520] hub: probe of 2-1:32.0 failed with error -5 [ 591.650204][T12035] device bridge_slave_1 left promiscuous mode [ 591.656562][T12035] bridge0: port 2(bridge_slave_1) entered disabled state [ 591.667063][T12035] device bridge_slave_0 left promiscuous mode [ 591.673578][T12035] bridge0: port 1(bridge_slave_0) entered disabled state [ 591.688545][T12035] device veth1_macvtap left promiscuous mode [ 591.695495][T11520] usb 2-1: USB disconnect, device number 11 [ 591.710144][T12035] device veth0_vlan left promiscuous mode [ 591.804664][T15987] device veth0_vlan entered promiscuous mode [ 591.820770][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 591.829420][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 591.849591][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 591.859476][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 591.879764][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 591.889731][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 591.917630][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 591.926349][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 591.935873][T15987] device veth1_macvtap entered promiscuous mode [ 591.946732][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 591.955556][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 591.964101][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 591.981665][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 591.998366][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 592.236923][ T28] kauditd_printk_skb: 8787 callbacks suppressed [ 592.236939][ T28] audit: type=1326 audit(1763310361.671:227166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16020 comm="syz.4.6063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x50000 [ 592.300792][ T28] audit: type=1326 audit(1763310361.671:227167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16020 comm="syz.4.6063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x50000 [ 592.410395][ T28] audit: type=1326 audit(1763310361.671:227168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16020 comm="syz.4.6063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x50000 [ 592.489050][ T28] audit: type=1326 audit(1763310361.671:227169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16020 comm="syz.4.6063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x50000 [ 592.530530][T11520] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 592.648299][ T28] audit: type=1326 audit(1763310361.671:227170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16020 comm="syz.4.6063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x50000 [ 592.715682][ T28] audit: type=1326 audit(1763310361.671:227171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16020 comm="syz.4.6063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x50000 [ 592.739466][ T28] audit: type=1326 audit(1763310361.671:227172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16020 comm="syz.4.6063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x50000 [ 592.763147][ T28] audit: type=1326 audit(1763310361.671:227173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16020 comm="syz.4.6063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x50000 [ 592.786880][ T28] audit: type=1326 audit(1763310361.671:227174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16020 comm="syz.4.6063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x50000 [ 592.812374][T11520] usb 2-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255 [ 592.825284][ T28] audit: type=1326 audit(1763310361.671:227175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16020 comm="syz.4.6063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x50000 [ 593.107671][T11520] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 593.117854][T11520] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 593.136047][T11520] usb 2-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 593.176049][T11520] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 593.189260][T11520] usb 2-1: config 0 descriptor?? [ 593.195453][T11520] usb-storage 2-1:0.0: USB Mass Storage device detected [ 593.204800][T11520] usb-storage 2-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 593.565500][T16052] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6085'. [ 593.799898][T16056] loop2: detected capacity change from 0 to 1024 [ 593.847960][T16056] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 593.857768][T16056] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 593.869926][T16056] EXT4-fs error (device loop2): ext4_get_journal_inode:5724: inode #5: comm syz.2.6087: unexpected bad inode w/o EXT4_IGET_BAD [ 593.884017][T16056] EXT4-fs (loop2): no journal found [ 593.889275][T16056] EXT4-fs (loop2): can't get journal size [ 593.897990][T16056] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 594.683184][ T8336] EXT4-fs (loop2): unmounting filesystem. [ 595.015992][T16079] loop3: detected capacity change from 0 to 1024 [ 595.049729][T16079] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 595.118434][T16079] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 595.159269][ T336] usb 2-1: USB disconnect, device number 12 [ 595.186096][T16079] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 595.467949][T16101] loop0: detected capacity change from 0 to 1024 [ 595.490977][T16101] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 595.500870][T16101] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 595.512624][T16101] EXT4-fs error (device loop0): ext4_get_journal_inode:5724: inode #5: comm syz.0.6102: unexpected bad inode w/o EXT4_IGET_BAD [ 595.527221][T16101] EXT4-fs (loop0): no journal found [ 595.532527][T16101] EXT4-fs (loop0): can't get journal size [ 595.700850][T16101] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 596.197042][T15922] EXT4-fs (loop3): unmounting filesystem. [ 596.359207][ T8279] EXT4-fs (loop0): unmounting filesystem. [ 596.547202][T16112] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6104'. [ 596.791070][T16114] bridge0: port 1(bridge_slave_0) entered blocking state [ 596.814446][T16114] bridge0: port 1(bridge_slave_0) entered disabled state [ 596.837048][T16114] device bridge_slave_0 entered promiscuous mode [ 596.863661][T16114] bridge0: port 2(bridge_slave_1) entered blocking state [ 596.891692][T16114] bridge0: port 2(bridge_slave_1) entered disabled state [ 596.899227][T16114] device bridge_slave_1 entered promiscuous mode [ 597.130284][T16114] bridge0: port 2(bridge_slave_1) entered blocking state [ 597.137369][T16114] bridge0: port 2(bridge_slave_1) entered forwarding state [ 597.144664][T16114] bridge0: port 1(bridge_slave_0) entered blocking state [ 597.151717][T16114] bridge0: port 1(bridge_slave_0) entered forwarding state [ 597.361058][ T396] device bridge_slave_1 left promiscuous mode [ 597.381871][ T396] bridge0: port 2(bridge_slave_1) entered disabled state [ 597.410788][ T396] device bridge_slave_0 left promiscuous mode [ 597.420114][ T396] bridge0: port 1(bridge_slave_0) entered disabled state [ 597.441446][ T396] device veth1_macvtap left promiscuous mode [ 597.447495][ T396] device veth0_vlan left promiscuous mode [ 597.453272][T11520] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 597.607551][T16147] netlink: 92 bytes leftover after parsing attributes in process `syz.2.6115'. [ 597.616685][T12035] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 597.624612][T12035] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 597.633022][T16147] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6115'. [ 597.642574][T16147] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6115'. [ 597.642665][T12035] bridge0: port 2(bridge_slave_1) entered disabled state [ 597.652126][T16147] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6115'. [ 597.659646][T11520] usb 5-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255 [ 597.698593][T11520] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 597.719157][T15476] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 597.727615][T15476] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 597.739082][T15476] bridge0: port 2(bridge_slave_1) entered blocking state [ 597.740451][T11520] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 597.746155][T15476] bridge0: port 2(bridge_slave_1) entered forwarding state [ 597.768638][T15476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 597.776922][T15476] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 597.785269][T15476] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 597.793669][T15476] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 597.806257][T15476] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 597.810480][T11520] usb 5-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 597.814913][T15476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 597.835123][T15476] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 597.843280][T15476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 597.851522][T15476] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 597.859088][T15476] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 597.866368][T11520] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 597.875307][T16114] device veth0_vlan entered promiscuous mode [ 597.891416][T11520] usb 5-1: config 0 descriptor?? [ 597.897717][T11520] usb-storage 5-1:0.0: USB Mass Storage device detected [ 597.909679][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 597.922397][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 597.940990][T11520] usb-storage 5-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 597.951802][T16114] device veth1_macvtap entered promiscuous mode [ 597.966200][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 597.980607][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 597.994189][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 598.010989][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 598.029407][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 598.050698][ T447] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 598.064847][T16157] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6120'. [ 598.272618][ T447] usb 2-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255 [ 598.570713][ T447] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 598.580922][ T447] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 598.613297][ T447] usb 2-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 598.630980][ T447] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 598.648188][ T447] usb 2-1: config 0 descriptor?? [ 598.655484][ T447] usb-storage 2-1:0.0: USB Mass Storage device detected [ 598.663347][ T447] usb-storage 2-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 598.735204][T16168] loop2: detected capacity change from 0 to 4096 [ 598.742468][T16168] EXT4-fs (loop2): Test dummy encryption mode enabled [ 598.765632][T16168] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 598.773988][T16168] System zones: 0-5 [ 598.778704][T16168] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 598.826867][ T8336] EXT4-fs (loop2): unmounting filesystem. [ 598.846149][T16172] loop2: detected capacity change from 0 to 128 [ 598.855096][T16172] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 598.864750][T16172] ext4 filesystem being mounted at /577/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 598.882152][ T8336] EXT4-fs (loop2): unmounting filesystem. [ 599.284048][ T28] kauditd_printk_skb: 5790 callbacks suppressed [ 599.284063][ T28] audit: type=1400 audit(1763310368.721:232966): avc: denied { create } for pid=16211 comm="syz.3.6142" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 599.317518][T16212] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 599.327509][T16212] FAT-fs (loop7): unable to read boot sector [ 599.336728][ T28] audit: type=1400 audit(1763310368.751:232967): avc: denied { mounton } for pid=16211 comm="syz.3.6142" path="/21/file0" dev="tmpfs" ino=143 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 599.391780][ T28] audit: type=1400 audit(1763310368.781:232968): avc: denied { unlink } for pid=15922 comm="syz-executor" name="file0" dev="tmpfs" ino=143 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 599.751309][T16262] loop2: detected capacity change from 0 to 512 [ 599.775095][T16262] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.6166: casefold flag without casefold feature [ 599.788135][T16262] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.6166: couldn't read orphan inode 15 (err -117) [ 599.800864][T16262] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 599.984669][T16268] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6168'. [ 600.008180][T16270] loop0: detected capacity change from 0 to 512 [ 600.023253][ T412] usb 5-1: USB disconnect, device number 20 [ 600.053298][T16270] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 600.064302][T16270] ext4 filesystem being mounted at /28/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 600.096340][T16114] EXT4-fs (loop0): unmounting filesystem. [ 600.218166][T16288] netlink: 48 bytes leftover after parsing attributes in process `syz.4.6177'. [ 600.479612][T14750] usb 2-1: USB disconnect, device number 13 [ 600.558653][T16301] netlink: 'syz.4.6182': attribute type 4 has an invalid length. [ 600.605072][ T8336] EXT4-fs (loop2): unmounting filesystem. [ 600.726871][T16335] loop3: detected capacity change from 0 to 512 [ 600.738030][T16335] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.6198: casefold flag without casefold feature [ 600.751150][T16335] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.6198: couldn't read orphan inode 15 (err -117) [ 600.763262][T16335] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 601.546862][T16382] loop1: detected capacity change from 0 to 1024 [ 601.971716][T16382] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 601.981620][T16382] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 602.470656][T16382] EXT4-fs error (device loop1): ext4_get_journal_inode:5724: inode #5: comm syz.1.6215: unexpected bad inode w/o EXT4_IGET_BAD [ 602.486469][T16382] EXT4-fs (loop1): no journal found [ 602.491721][T16382] EXT4-fs (loop1): can't get journal size [ 602.518574][T15922] EXT4-fs (loop3): unmounting filesystem. [ 602.609715][T16382] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 604.561056][T14674] EXT4-fs (loop1): unmounting filesystem. [ 604.619787][T16405] loop3: detected capacity change from 0 to 128 [ 604.690259][T16405] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 604.707167][T16405] ext4 filesystem being mounted at /39/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 604.759141][T15922] EXT4-fs (loop3): unmounting filesystem. [ 604.828341][T16422] loop3: detected capacity change from 0 to 512 [ 604.850999][T16422] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.6231: casefold flag without casefold feature [ 605.091258][T16431] loop0: detected capacity change from 0 to 256 [ 605.097924][T16431] exfat: Deprecated parameter 'utf8' [ 605.103320][T16431] exfat: Deprecated parameter 'utf8' [ 605.142481][T16431] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 605.221881][T16434] loop4: detected capacity change from 0 to 1024 [ 605.378634][T16434] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 605.388494][T16434] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 605.513060][T16434] EXT4-fs error (device loop4): ext4_get_journal_inode:5724: inode #5: comm syz.4.6234: unexpected bad inode w/o EXT4_IGET_BAD [ 605.590981][T16434] EXT4-fs (loop4): no journal found [ 605.596295][T16434] EXT4-fs (loop4): can't get journal size [ 605.611228][T16422] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.6231: couldn't read orphan inode 15 (err -117) [ 605.642964][T16434] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 606.811745][T15987] EXT4-fs (loop4): unmounting filesystem. [ 606.847029][T16422] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 606.848547][T16440] netlink: 48 bytes leftover after parsing attributes in process `syz.1.6235'. [ 607.013466][T16451] loop1: detected capacity change from 0 to 128 [ 607.322107][T15922] EXT4-fs (loop3): unmounting filesystem. [ 607.351482][T16451] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 607.367439][T16451] ext4 filesystem being mounted at /116/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 607.446059][T14674] EXT4-fs (loop1): unmounting filesystem. [ 607.615821][T16470] loop0: detected capacity change from 0 to 1024 [ 607.625332][T16470] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 607.635145][T16470] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 607.646871][T16470] EXT4-fs error (device loop0): ext4_get_journal_inode:5724: inode #5: comm syz.0.6247: unexpected bad inode w/o EXT4_IGET_BAD [ 607.662293][T16470] EXT4-fs (loop0): no journal found [ 607.667550][T16470] EXT4-fs (loop0): can't get journal size [ 607.797508][T16470] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 608.167583][T16475] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6251'. [ 608.354608][ T28] audit: type=1326 audit(1763310377.791:232969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.6252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 608.409803][ T28] audit: type=1326 audit(1763310377.821:232970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.6252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 608.463626][ T28] audit: type=1326 audit(1763310377.821:232971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.6252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 608.493493][ T28] audit: type=1326 audit(1763310377.821:232972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.6252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 608.517127][ T28] audit: type=1326 audit(1763310377.821:232973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.6252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 608.577611][ T28] audit: type=1326 audit(1763310377.821:232974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.6252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 608.612618][T16114] EXT4-fs (loop0): unmounting filesystem. [ 608.626520][T15476] tipc: Left network mode [ 608.773827][ T28] audit: type=1326 audit(1763310377.821:232975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.6252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 608.804559][T16478] bridge0: port 1(bridge_slave_0) entered blocking state [ 608.810378][ T28] audit: type=1326 audit(1763310377.821:232976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.6252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 608.817859][T16478] bridge0: port 1(bridge_slave_0) entered disabled state [ 608.835083][ T28] audit: type=1326 audit(1763310377.821:232977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.6252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 608.866327][ T28] audit: type=1326 audit(1763310377.821:232978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.6252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 608.874531][T16478] device bridge_slave_0 entered promiscuous mode [ 608.928306][T16478] bridge0: port 2(bridge_slave_1) entered blocking state [ 608.943608][T16478] bridge0: port 2(bridge_slave_1) entered disabled state [ 608.958710][T16478] device bridge_slave_1 entered promiscuous mode [ 609.125248][T16501] netlink: 92 bytes leftover after parsing attributes in process `syz.3.6259'. [ 609.134700][T16501] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6259'. [ 609.146383][T16501] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6259'. [ 609.157049][T16501] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6259'. [ 609.234787][T16478] bridge0: port 2(bridge_slave_1) entered blocking state [ 609.241886][T16478] bridge0: port 2(bridge_slave_1) entered forwarding state [ 609.249182][T16478] bridge0: port 1(bridge_slave_0) entered blocking state [ 609.256231][T16478] bridge0: port 1(bridge_slave_0) entered forwarding state [ 609.278502][T16512] loop3: detected capacity change from 0 to 1024 [ 609.574245][T16512] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 609.587091][ T4353] bridge0: port 1(bridge_slave_0) entered disabled state [ 609.601835][ T4353] bridge0: port 2(bridge_slave_1) entered disabled state [ 609.650842][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 609.658487][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 609.666467][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 609.675508][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 609.684124][ T4353] bridge0: port 1(bridge_slave_0) entered blocking state [ 609.691180][ T4353] bridge0: port 1(bridge_slave_0) entered forwarding state [ 609.698947][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 609.708418][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 609.716937][ T4353] bridge0: port 2(bridge_slave_1) entered blocking state [ 609.724004][ T4353] bridge0: port 2(bridge_slave_1) entered forwarding state [ 609.735104][T15476] device bridge_slave_1 left promiscuous mode [ 609.741400][T15476] bridge0: port 2(bridge_slave_1) entered disabled state [ 609.749003][T15476] device bridge_slave_0 left promiscuous mode [ 609.755440][T15476] bridge0: port 1(bridge_slave_0) entered disabled state [ 609.764652][T15476] device veth1_macvtap left promiscuous mode [ 609.770868][T15476] device veth0_vlan left promiscuous mode [ 609.851346][T16512] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 609.870134][T16512] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 609.955832][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 609.969872][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 610.136425][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 610.181423][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 610.228170][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 610.237682][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 610.246658][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 610.264303][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 610.272711][T16478] device veth0_vlan entered promiscuous mode [ 610.289357][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 610.306041][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 610.336903][T16478] device veth1_macvtap entered promiscuous mode [ 610.361958][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 610.380564][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 610.404791][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 610.412733][T15922] EXT4-fs (loop3): unmounting filesystem. [ 610.521976][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 610.576256][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 610.886157][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 610.941169][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 611.776357][T16605] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6294'. [ 612.221191][T16614] loop3: detected capacity change from 0 to 128 [ 612.321208][T16614] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 612.590705][T16614] ext4 filesystem being mounted at /64/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 612.676756][T15922] EXT4-fs (loop3): unmounting filesystem. [ 613.315600][T16646] loop4: detected capacity change from 0 to 512 [ 613.360421][ T28] kauditd_printk_skb: 9537 callbacks suppressed [ 613.360434][ T28] audit: type=1326 audit(1763310382.801:242516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16616 comm="syz.1.6304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 613.397899][T16646] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 613.418768][T16646] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 613.434837][ T28] audit: type=1326 audit(1763310382.831:242517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16616 comm="syz.1.6304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 613.601076][ T28] audit: type=1326 audit(1763310382.831:242518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16616 comm="syz.1.6304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 613.690800][ T28] audit: type=1326 audit(1763310382.831:242519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16616 comm="syz.1.6304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 613.751798][ T28] audit: type=1326 audit(1763310382.831:242520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16616 comm="syz.1.6304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 613.837921][ T28] audit: type=1326 audit(1763310382.831:242521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16616 comm="syz.1.6304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 613.852253][T16658] loop0: detected capacity change from 0 to 4096 [ 613.903836][T16658] EXT4-fs (loop0): Test dummy encryption mode enabled [ 613.942549][ T28] audit: type=1326 audit(1763310382.831:242522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16616 comm="syz.1.6304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 613.966965][T16658] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 613.996400][T16658] System zones: 0-5 [ 614.018243][T16658] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 614.060400][ T28] audit: type=1326 audit(1763310382.831:242523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16616 comm="syz.1.6304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 614.083934][ T28] audit: type=1326 audit(1763310382.831:242524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16616 comm="syz.1.6304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 614.107470][ T28] audit: type=1326 audit(1763310382.831:242525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16616 comm="syz.1.6304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 614.204879][T16114] EXT4-fs (loop0): unmounting filesystem. [ 614.346266][T16676] loop3: detected capacity change from 0 to 1024 [ 614.356000][T16676] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 614.392022][T16676] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 614.414686][T16676] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 614.541206][T15987] EXT4-fs (loop4): unmounting filesystem. [ 615.015912][T16697] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6331'. [ 615.317768][T15922] EXT4-fs (loop3): unmounting filesystem. [ 615.367203][T16704] loop3: detected capacity change from 0 to 128 [ 615.393971][T16704] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 615.410151][T16704] ext4 filesystem being mounted at /75/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 615.493782][T15922] EXT4-fs (loop3): unmounting filesystem. [ 615.898904][T16715] netlink: 92 bytes leftover after parsing attributes in process `syz.2.6339'. [ 615.908587][T16715] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6339'. [ 615.917615][T16715] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6339'. [ 615.937967][T16715] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6339'. [ 616.007499][T16726] loop2: detected capacity change from 0 to 1024 [ 616.034133][T16726] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 616.081049][T16726] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 616.108887][T16726] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 616.443824][T16749] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6349'. [ 616.907140][T16478] EXT4-fs (loop2): unmounting filesystem. [ 617.452608][T16773] loop2: detected capacity change from 0 to 256 [ 617.485283][T16773] FAT-fs (loop2): bogus number of FAT sectors [ 617.820507][T16773] FAT-fs (loop2): Can't find a valid FAT filesystem [ 618.292539][T16787] loop3: detected capacity change from 0 to 1024 [ 618.329634][T16787] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 618.416284][T16787] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 618.430789][T16787] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 618.770576][T16797] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6369'. [ 619.055760][T16799] netlink: 'syz.1.6371': attribute type 4 has an invalid length. [ 619.186407][T15922] EXT4-fs (loop3): unmounting filesystem. [ 619.196348][T16805] loop4: detected capacity change from 0 to 512 [ 619.227163][T16805] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 619.242224][T16805] ext4 filesystem being mounted at /62/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 619.426789][T15987] EXT4-fs (loop4): unmounting filesystem. [ 620.125216][ T412] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 620.170108][T16852] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6388'. [ 620.329042][T16855] syz.1.6391[16855] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 620.329106][T16855] syz.1.6391[16855] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 620.461479][ T412] usb 5-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255 [ 620.501968][ T412] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 620.519343][ T412] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 620.546700][ T412] usb 5-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 620.565133][ T412] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 620.584025][ T412] usb 5-1: config 0 descriptor?? [ 620.596772][ T412] usb-storage 5-1:0.0: USB Mass Storage device detected [ 620.610896][ T412] usb-storage 5-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 621.354626][ T28] kauditd_printk_skb: 2520 callbacks suppressed [ 621.354641][ T28] audit: type=1326 audit(1763310390.791:245046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16883 comm="syz.2.6405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f107e78f6c9 code=0x7ffc0000 [ 621.431995][ T28] audit: type=1326 audit(1763310390.791:245047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16883 comm="syz.2.6405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f107e78f6c9 code=0x7ffc0000 [ 621.446440][T16887] loop0: detected capacity change from 0 to 4096 [ 621.464129][T16887] EXT4-fs (loop0): Test dummy encryption mode enabled [ 621.472135][T16887] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 621.486873][T16887] System zones: 0-5 [ 621.491508][T16887] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 621.539667][T16114] EXT4-fs (loop0): unmounting filesystem. [ 621.550073][ T28] audit: type=1326 audit(1763310390.821:245048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16883 comm="syz.2.6405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f107e78f6c9 code=0x7ffc0000 [ 621.609798][ T28] audit: type=1326 audit(1763310390.821:245049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16883 comm="syz.2.6405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f107e78f703 code=0x7ffc0000 [ 621.659865][ T28] audit: type=1326 audit(1763310391.081:245050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16883 comm="syz.2.6405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f107e78e17f code=0x7ffc0000 [ 621.717418][T16884] loop2: detected capacity change from 0 to 40427 [ 621.751192][T16884] F2FS-fs (loop2): Found nat_bits in checkpoint [ 621.779354][ T28] audit: type=1326 audit(1763310391.151:245051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16883 comm="syz.2.6405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f107e78f757 code=0x7ffc0000 [ 622.200291][T16911] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6412'. [ 622.299531][T16884] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 622.390456][ T28] audit: type=1326 audit(1763310391.151:245052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16883 comm="syz.2.6405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f107e78df10 code=0x7ffc0000 [ 622.414285][ T28] audit: type=1326 audit(1763310391.151:245053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16883 comm="syz.2.6405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f107e78f2cb code=0x7ffc0000 [ 622.438134][ T28] audit: type=1326 audit(1763310391.161:245054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16883 comm="syz.2.6405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f107e78e32a code=0x7ffc0000 [ 622.462334][ T28] audit: type=1326 audit(1763310391.161:245055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16883 comm="syz.2.6405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f107e78e32a code=0x7ffc0000 [ 622.563848][T11520] usb 5-1: USB disconnect, device number 21 [ 623.615033][T16950] fuseblk: Bad value for 'fd' [ 624.127304][T16960] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6428'. [ 624.905453][T16993] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6443'. [ 625.439868][T17032] netlink: 536 bytes leftover after parsing attributes in process `syz.0.6461'. [ 625.449072][T17032] netlink: 124 bytes leftover after parsing attributes in process `syz.0.6461'. [ 626.590229][T17057] netlink: 76 bytes leftover after parsing attributes in process `syz.2.6468'. [ 626.900483][ T28] kauditd_printk_skb: 32 callbacks suppressed [ 626.900499][ T28] audit: type=1326 audit(1763310396.341:245088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17052 comm="syz.3.6470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfa218f6c9 code=0x50000 [ 626.988771][ T28] audit: type=1326 audit(1763310396.341:245089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17052 comm="syz.3.6470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfa218f6c9 code=0x50000 [ 627.013223][ T28] audit: type=1326 audit(1763310396.341:245090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17052 comm="syz.3.6470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfa218f6c9 code=0x50000 [ 627.037197][ T28] audit: type=1326 audit(1763310396.341:245091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17052 comm="syz.3.6470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfa218f6c9 code=0x50000 [ 627.066438][ T28] audit: type=1326 audit(1763310396.341:245092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17052 comm="syz.3.6470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfa218f6c9 code=0x50000 [ 627.290923][ T28] audit: type=1326 audit(1763310396.341:245093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17052 comm="syz.3.6470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfa218f6c9 code=0x50000 [ 627.322704][ T28] audit: type=1326 audit(1763310396.341:245094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17052 comm="syz.3.6470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfa218f6c9 code=0x50000 [ 627.430366][ T28] audit: type=1326 audit(1763310396.341:245095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17052 comm="syz.3.6470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfa218f6c9 code=0x50000 [ 627.559537][ T28] audit: type=1326 audit(1763310396.341:245096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17052 comm="syz.3.6470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfa218f6c9 code=0x50000 [ 627.692426][ T28] audit: type=1326 audit(1763310396.341:245097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17052 comm="syz.3.6470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfa218f6c9 code=0x50000 [ 628.005745][T17089] netlink: 92 bytes leftover after parsing attributes in process `syz.0.6483'. [ 628.298627][T17089] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6483'. [ 628.336363][T17089] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6483'. [ 628.359116][T17089] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6483'. [ 628.579045][T17098] loop0: detected capacity change from 0 to 1024 [ 628.592639][T17098] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 628.602503][T17098] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 628.690501][T17098] EXT4-fs error (device loop0): ext4_get_journal_inode:5724: inode #5: comm syz.0.6485: unexpected bad inode w/o EXT4_IGET_BAD [ 628.772267][T17098] EXT4-fs (loop0): no journal found [ 628.777600][T17098] EXT4-fs (loop0): can't get journal size [ 629.705816][T17098] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 629.855175][T16114] EXT4-fs (loop0): unmounting filesystem. [ 630.147346][T17124] netlink: 92 bytes leftover after parsing attributes in process `syz.0.6495'. [ 630.156449][T17124] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6495'. [ 630.165432][T17124] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6495'. [ 630.378506][T17128] loop0: detected capacity change from 0 to 256 [ 630.827344][T17140] loop1: detected capacity change from 0 to 512 [ 630.894057][T17140] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 630.907390][T17140] ext4 filesystem being mounted at /161/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 630.929910][T14674] EXT4-fs (loop1): unmounting filesystem. [ 631.329828][T17155] __nla_validate_parse: 1 callbacks suppressed [ 631.329901][T17155] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6508'. [ 631.525134][T17165] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6509'. [ 632.256686][T17177] netlink: 'syz.1.6515': attribute type 4 has an invalid length. [ 632.375915][T17179] loop0: detected capacity change from 0 to 1024 [ 632.468059][T17179] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 632.477905][T17179] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 632.491295][T17179] EXT4-fs error (device loop0): ext4_get_journal_inode:5724: inode #5: comm syz.0.6514: unexpected bad inode w/o EXT4_IGET_BAD [ 632.507872][T17179] EXT4-fs (loop0): no journal found [ 632.513154][T17179] EXT4-fs (loop0): can't get journal size [ 632.524116][T17179] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 633.001204][T17184] fuseblk: Bad value for 'fd' [ 633.339637][T16114] EXT4-fs (loop0): unmounting filesystem. [ 633.813971][T17195] loop4: detected capacity change from 0 to 4096 [ 633.841270][T17195] EXT4-fs (loop4): Test dummy encryption mode enabled [ 633.864731][T17195] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 633.881198][T17195] System zones: 0-5 [ 633.898957][T17195] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 634.069303][T17211] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6525'. [ 634.222330][T15987] EXT4-fs (loop4): unmounting filesystem. [ 634.342673][ T28] kauditd_printk_skb: 2582 callbacks suppressed [ 634.342691][ T28] audit: type=1326 audit(1763310403.771:247680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.3.6536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfa218f6c9 code=0x7ffc0000 [ 634.417036][ T28] audit: type=1326 audit(1763310403.781:247681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.3.6536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fbfa218f6c9 code=0x7ffc0000 [ 634.496831][ T28] audit: type=1326 audit(1763310403.781:247682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.3.6536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbfa218f703 code=0x7ffc0000 [ 634.726723][T17239] loop4: detected capacity change from 0 to 1024 [ 634.802907][ T28] audit: type=1400 audit(1763310403.851:247683): avc: denied { getopt } for pid=17232 comm="syz.1.6538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 634.824277][T17239] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 634.834072][T17239] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 634.847493][T17239] EXT4-fs error (device loop4): ext4_get_journal_inode:5724: inode #5: comm syz.4.6539: unexpected bad inode w/o EXT4_IGET_BAD [ 634.863309][T17239] EXT4-fs (loop4): no journal found [ 634.868542][T17239] EXT4-fs (loop4): can't get journal size [ 634.944534][ T28] audit: type=1326 audit(1763310403.881:247684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.3.6536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbfa218e17f code=0x7ffc0000 [ 634.989348][T17239] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 635.389507][ T28] audit: type=1326 audit(1763310404.821:247685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.3.6536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fbfa218f757 code=0x7ffc0000 [ 635.418007][T17231] loop3: detected capacity change from 0 to 40427 [ 635.440809][ T28] audit: type=1326 audit(1763310404.851:247686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.3.6536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbfa218df10 code=0x7ffc0000 [ 635.465483][T15987] EXT4-fs (loop4): unmounting filesystem. [ 635.485768][T17231] F2FS-fs (loop3): Found nat_bits in checkpoint [ 635.504919][ T28] audit: type=1326 audit(1763310404.851:247687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.3.6536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbfa218f2cb code=0x7ffc0000 [ 635.543793][ T28] audit: type=1326 audit(1763310404.871:247688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.3.6536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbfa218e32a code=0x7ffc0000 [ 635.567514][ T28] audit: type=1326 audit(1763310404.871:247689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17230 comm="syz.3.6536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbfa218e32a code=0x7ffc0000 [ 635.593226][T17255] fuseblk: Bad value for 'fd' [ 635.626039][T17231] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 635.627584][T17262] loop2: detected capacity change from 0 to 512 [ 635.678344][T17262] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 635.697448][T17262] ext4 filesystem being mounted at /37/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 635.716974][T16478] EXT4-fs (loop2): unmounting filesystem. [ 635.905180][T17289] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6551'. [ 636.408270][T17290] loop3: detected capacity change from 0 to 1024 [ 636.453889][T17290] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 636.463855][T17290] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 636.478255][T17290] EXT4-fs error (device loop3): ext4_get_journal_inode:5724: inode #5: comm syz.3.6553: unexpected bad inode w/o EXT4_IGET_BAD [ 636.493906][T17290] EXT4-fs (loop3): no journal found [ 636.499165][T17290] EXT4-fs (loop3): can't get journal size [ 636.529716][T17290] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 636.767455][T17295] fuseblk: Bad value for 'fd' [ 637.331094][T15922] EXT4-fs (loop3): unmounting filesystem. [ 637.571726][T17327] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6568'. [ 638.071865][T17333] syz.2.6569[17333] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 638.072253][T17333] syz.2.6569[17333] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 638.713965][T17343] loop4: detected capacity change from 0 to 1024 [ 638.734041][T17343] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 638.744288][T17343] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 638.756958][T17343] EXT4-fs error (device loop4): ext4_get_journal_inode:5724: inode #5: comm syz.4.6576: unexpected bad inode w/o EXT4_IGET_BAD [ 638.773389][T17343] EXT4-fs (loop4): no journal found [ 638.778642][T17343] EXT4-fs (loop4): can't get journal size [ 638.876254][T17343] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 639.315517][T17349] netlink: 48 bytes leftover after parsing attributes in process `syz.2.6580'. [ 639.332070][T17347] loop0: detected capacity change from 0 to 4096 [ 639.408560][T17347] EXT4-fs (loop0): Test dummy encryption mode enabled [ 639.435208][T17347] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 639.458600][T17347] System zones: 0-5 [ 639.475017][T17347] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 639.535116][T15987] EXT4-fs (loop4): unmounting filesystem. [ 639.620285][T16114] EXT4-fs (loop0): unmounting filesystem. [ 639.720958][T17357] netlink: 'syz.2.6583': attribute type 4 has an invalid length. [ 639.817263][T17366] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6585'. [ 640.094840][T17371] loop4: detected capacity change from 0 to 512 [ 640.152011][T17371] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 640.161697][T17371] ext4 filesystem being mounted at /95/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 640.197890][T15987] EXT4-fs (loop4): unmounting filesystem. [ 640.247723][T17373] loop2: detected capacity change from 0 to 256 [ 640.260778][T17373] exfat: Deprecated parameter 'utf8' [ 640.330128][T17373] exfat: Deprecated parameter 'utf8' [ 640.358752][T17373] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 640.809187][T17392] fuseblk: Bad value for 'fd' [ 641.143868][T17398] netlink: 'syz.3.6598': attribute type 4 has an invalid length. [ 641.783688][T17413] loop0: detected capacity change from 0 to 256 [ 641.790476][T17413] FAT-fs (loop0): bogus number of FAT sectors [ 641.796568][T17413] FAT-fs (loop0): Can't find a valid FAT filesystem [ 642.832653][T17435] netlink: 48 bytes leftover after parsing attributes in process `syz.4.6612'. [ 642.879489][ T28] kauditd_printk_skb: 14 callbacks suppressed [ 642.879504][ T28] audit: type=1326 audit(1763310412.311:247704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17436 comm="syz.4.6613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x7ffc0000 [ 642.909381][ T28] audit: type=1326 audit(1763310412.311:247705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17436 comm="syz.4.6613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x7ffc0000 [ 642.937969][ T28] audit: type=1326 audit(1763310412.311:247706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17436 comm="syz.4.6613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fdab898f6c9 code=0x7ffc0000 [ 642.961840][ T28] audit: type=1326 audit(1763310412.311:247707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17436 comm="syz.4.6613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdab898f703 code=0x7ffc0000 [ 642.985508][ T28] audit: type=1326 audit(1763310412.391:247708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17436 comm="syz.4.6613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdab898e17f code=0x7ffc0000 [ 643.017557][T17437] loop4: detected capacity change from 0 to 40427 [ 643.024647][T10118] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 643.059133][T17437] F2FS-fs (loop4): Found nat_bits in checkpoint [ 643.067333][ T28] audit: type=1326 audit(1763310412.451:247709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17436 comm="syz.4.6613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fdab898f757 code=0x7ffc0000 [ 643.123654][ T28] audit: type=1326 audit(1763310412.451:247710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17436 comm="syz.4.6613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdab898df10 code=0x7ffc0000 [ 643.147889][ T28] audit: type=1326 audit(1763310412.451:247711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17436 comm="syz.4.6613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdab898f2cb code=0x7ffc0000 [ 643.171911][T17437] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 643.610406][T10118] usb 1-1: Using ep0 maxpacket: 32 [ 643.621113][T10118] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 643.629926][T10118] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 643.642430][ T28] audit: type=1326 audit(1763310412.471:247712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17436 comm="syz.4.6613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdab898e32a code=0x7ffc0000 [ 643.667090][T10118] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 643.677139][T10118] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 643.688666][ T28] audit: type=1326 audit(1763310412.471:247713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17436 comm="syz.4.6613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdab898e32a code=0x7ffc0000 [ 643.713638][T10118] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 643.722999][T10118] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 643.731272][T10118] usb 1-1: Product: syz [ 643.750371][T10118] usb 1-1: Manufacturer: syz [ 643.755087][T10118] usb 1-1: SerialNumber: syz [ 643.968424][T10118] usb 1-1: 2:1 : format type 0 is detected, processed as PCM [ 643.981071][T10118] usb 1-1: 2:1 : invalid channels 0 [ 644.018058][T10118] usb 1-1: USB disconnect, device number 15 [ 644.635164][T17468] loop1: detected capacity change from 0 to 256 [ 644.690597][T17468] FAT-fs (loop1): bogus number of FAT sectors [ 644.696789][T17468] FAT-fs (loop1): Can't find a valid FAT filesystem [ 644.806970][ T340] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 647.209290][T17513] loop3: detected capacity change from 0 to 256 [ 647.219196][T17513] FAT-fs (loop3): bogus number of FAT sectors [ 647.225363][T17513] FAT-fs (loop3): Can't find a valid FAT filesystem [ 647.268066][ T340] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 648.394302][T17524] netlink: 'syz.3.6643': attribute type 4 has an invalid length. [ 648.877017][T17554] netlink: 'syz.2.6655': attribute type 4 has an invalid length. [ 649.798473][T17570] loop4: detected capacity change from 0 to 128 [ 649.814171][T17569] loop3: detected capacity change from 0 to 512 [ 649.829218][T17576] loop2: detected capacity change from 0 to 512 [ 649.835817][T17570] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 649.914794][T17579] netlink: 76 bytes leftover after parsing attributes in process `syz.1.6660'. [ 650.272402][T17580] loop0: detected capacity change from 0 to 4096 [ 650.285508][T17580] EXT4-fs: Ignoring removed mblk_io_submit option [ 650.347094][T17580] EXT4-fs (loop0): Test dummy encryption mode enabled [ 650.727266][T17570] ext4 filesystem being mounted at /109/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 650.788339][T17580] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 650.836285][T17569] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 650.890043][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 650.890065][ T28] audit: type=1400 audit(1763310420.321:247726): avc: denied { name_bind } for pid=17583 comm="syz.1.6666" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 651.002003][T17569] ext4 filesystem being mounted at /152/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 651.024581][T17576] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 651.043043][T15987] EXT4-fs (loop4): unmounting filesystem. [ 651.049725][T17576] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 651.156262][T15922] EXT4-fs (loop3): unmounting filesystem. [ 651.909134][T16114] EXT4-fs (loop0): unmounting filesystem. [ 651.932635][T17592] netlink: 536 bytes leftover after parsing attributes in process `syz.4.6667'. [ 651.946098][T16478] EXT4-fs (loop2): unmounting filesystem. [ 651.980123][T17601] netlink: 'syz.0.6669': attribute type 4 has an invalid length. [ 651.996868][T17592] netlink: 124 bytes leftover after parsing attributes in process `syz.4.6667'. [ 652.061893][T17610] netlink: 76 bytes leftover after parsing attributes in process `syz.4.6675'. [ 652.159790][ T28] audit: type=1326 audit(1763310421.591:247727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17618 comm="syz.4.6679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x7ffc0000 [ 652.186006][T17619] SELinux: Context system_u:object_r:restorecond_var_run_t:s0 is not valid (left unmapped). [ 652.233131][ T28] audit: type=1326 audit(1763310421.621:247728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17618 comm="syz.4.6679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x7ffc0000 [ 652.285505][ T28] audit: type=1326 audit(1763310421.621:247729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17618 comm="syz.4.6679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdab898f6c9 code=0x7ffc0000 [ 652.873213][T17627] loop3: detected capacity change from 0 to 4096 [ 652.887132][T17627] EXT4-fs: Ignoring removed mblk_io_submit option [ 653.122498][T17627] EXT4-fs (loop3): Test dummy encryption mode enabled [ 653.206231][ T28] audit: type=1326 audit(1763310421.621:247730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17618 comm="syz.4.6679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x7ffc0000 [ 653.414901][T17627] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 653.596602][T17633] loop4: detected capacity change from 0 to 512 [ 653.663775][ T28] audit: type=1326 audit(1763310421.621:247731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17618 comm="syz.4.6679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdab898f6c9 code=0x7ffc0000 [ 653.768451][ T28] audit: type=1326 audit(1763310421.621:247732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17618 comm="syz.4.6679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x7ffc0000 [ 653.857446][T17633] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 653.876800][T17633] ext4 filesystem being mounted at /114/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 653.888571][T15922] EXT4-fs (loop3): unmounting filesystem. [ 653.892187][ T28] audit: type=1326 audit(1763310421.621:247733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17618 comm="syz.4.6679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7fdab898f6c9 code=0x7ffc0000 [ 654.010801][ T28] audit: type=1400 audit(1763310421.641:247734): avc: denied { relabelto } for pid=17618 comm="syz.4.6679" name="file1" dev="tmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:restorecond_var_run_t:s0" [ 654.083030][ T28] audit: type=1400 audit(1763310421.641:247735): avc: denied { associate } for pid=17618 comm="syz.4.6679" name="file1" dev="tmpfs" ino=691 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:restorecond_var_run_t:s0" [ 654.327564][T17649] netlink: 536 bytes leftover after parsing attributes in process `syz.1.6688'. [ 654.345940][T17649] netlink: 124 bytes leftover after parsing attributes in process `syz.1.6688'. [ 654.510856][T17653] netlink: 76 bytes leftover after parsing attributes in process `syz.1.6690'. [ 655.010192][T17660] netlink: 76 bytes leftover after parsing attributes in process `syz.3.6691'. [ 655.258683][T15987] EXT4-fs (loop4): unmounting filesystem. [ 655.313998][T17668] loop1: detected capacity change from 0 to 512 [ 655.355398][T17668] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 655.369924][T17668] ext4 filesystem being mounted at /198/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 655.413011][T14674] EXT4-fs (loop1): unmounting filesystem. [ 655.484528][T17685] loop1: detected capacity change from 0 to 512 [ 655.533276][T17685] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 655.544791][T17685] ext4 filesystem being mounted at /201/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 655.621946][T17663] loop0: detected capacity change from 0 to 40427 [ 655.653017][T17663] F2FS-fs (loop0): Found nat_bits in checkpoint [ 655.697745][T17700] netlink: 48 bytes leftover after parsing attributes in process `syz.4.6708'. [ 655.714017][T17663] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 655.901060][T17715] netlink: 152 bytes leftover after parsing attributes in process `syz.0.6714'. [ 656.046829][ T28] kauditd_printk_skb: 57 callbacks suppressed [ 656.046843][ T28] audit: type=1326 audit(1763310425.481:247793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17727 comm="syz.4.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab898f6c9 code=0x7ffc0000 [ 656.143552][ T28] audit: type=1326 audit(1763310425.521:247794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17727 comm="syz.4.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fdab898f6c9 code=0x7ffc0000 [ 656.345792][T17739] netlink: 76 bytes leftover after parsing attributes in process `syz.2.6723'. [ 656.381816][ T28] audit: type=1326 audit(1763310425.521:247795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17727 comm="syz.4.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdab898f703 code=0x7ffc0000 [ 656.595356][ T28] audit: type=1326 audit(1763310426.031:247796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17727 comm="syz.4.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdab898e17f code=0x7ffc0000 [ 656.679378][ T28] audit: type=1326 audit(1763310426.111:247797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17727 comm="syz.4.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fdab898f757 code=0x7ffc0000 [ 656.704498][T17728] loop4: detected capacity change from 0 to 40427 [ 656.717942][ T28] audit: type=1326 audit(1763310426.141:247798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17727 comm="syz.4.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdab898df10 code=0x7ffc0000 [ 656.742613][ T28] audit: type=1326 audit(1763310426.141:247799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17727 comm="syz.4.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdab898f2cb code=0x7ffc0000 [ 656.767179][ T28] audit: type=1326 audit(1763310426.151:247800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17727 comm="syz.4.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdab898e32a code=0x7ffc0000 [ 656.797954][ T28] audit: type=1326 audit(1763310426.151:247801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17727 comm="syz.4.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdab898e32a code=0x7ffc0000 [ 656.798118][T14674] EXT4-fs (loop1): unmounting filesystem. [ 656.822899][T17728] F2FS-fs (loop4): Found nat_bits in checkpoint [ 656.834425][ T28] audit: type=1326 audit(1763310426.151:247802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17727 comm="syz.4.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fdab898de17 code=0x7ffc0000 [ 656.902952][T17728] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 656.931494][T17749] loop3: detected capacity change from 0 to 128 [ 656.951849][T17749] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 656.962432][T17753] netlink: 152 bytes leftover after parsing attributes in process `syz.1.6728'. [ 656.973657][T17749] ext4 filesystem being mounted at /166/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 657.011337][T15922] EXT4-fs (loop3): unmounting filesystem. [ 657.141921][T17772] netlink: 536 bytes leftover after parsing attributes in process `syz.1.6738'. [ 657.144138][T17774] netlink: 48 bytes leftover after parsing attributes in process `syz.4.6729'. [ 657.180657][T17772] netlink: 124 bytes leftover after parsing attributes in process `syz.1.6738'. [ 657.197618][T17778] netlink: 92 bytes leftover after parsing attributes in process `syz.3.6741'. [ 657.230734][T17778] netlink: 56 bytes leftover after parsing attributes in process `syz.3.6741'. [ 657.618938][T17802] loop3: detected capacity change from 0 to 512 [ 657.654631][T17802] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.6749: casefold flag without casefold feature [ 657.680302][T17802] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.6749: couldn't read orphan inode 15 (err -117) [ 657.695603][T17802] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 658.502245][T15922] EXT4-fs (loop3): unmounting filesystem. [ 658.640427][T10118] usb 3-1: new full-speed USB device number 19 using dummy_hcd [ 659.068426][T17883] loop1: detected capacity change from 0 to 512 [ 659.151114][T10118] usb 3-1: unable to get BOS descriptor or descriptor too short [ 659.159223][T10118] usb 3-1: not running at top speed; connect to a high speed hub [ 659.168412][T17883] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 659.177434][T17883] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 659.188392][T10118] usb 3-1: config 251 has an invalid interface number: 156 but max is 0 [ 659.196881][T10118] usb 3-1: config 251 has no interface number 0 [ 659.203247][T10118] usb 3-1: config 251 interface 156 has no altsetting 0 [ 659.211697][T10118] usb 3-1: New USB device found, idVendor=103d, idProduct=0101, bcdDevice=5b.c8 [ 659.220875][T10118] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 659.228952][T10118] usb 3-1: Product: syz [ 659.233360][T10118] usb 3-1: Manufacturer: syz [ 659.238008][T10118] usb 3-1: SerialNumber: syz [ 659.584295][T10118] usb 3-1: unknown interface protocol 0x2c, assuming v1 [ 659.591311][T10118] usb 3-1: cannot find UAC_HEADER [ 659.597813][T10118] snd-usb-audio: probe of 3-1:251.156 failed with error -22 [ 659.606037][T10118] usb 3-1: USB disconnect, device number 19 [ 659.619636][ T340] udevd[340]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:251.156/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 659.890859][T14674] EXT4-fs (loop1): unmounting filesystem. [ 660.038109][T17904] __nla_validate_parse: 12 callbacks suppressed [ 660.038128][T17904] netlink: 76 bytes leftover after parsing attributes in process `syz.1.6791'. [ 660.273652][T17907] loop2: detected capacity change from 0 to 512 [ 660.273919][T17908] netlink: 536 bytes leftover after parsing attributes in process `syz.4.6795'. [ 660.291416][T17908] netlink: 124 bytes leftover after parsing attributes in process `syz.4.6795'. [ 660.307795][T17907] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.6794: casefold flag without casefold feature [ 660.324423][T17907] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.6794: couldn't read orphan inode 15 (err -117) [ 660.351256][T17907] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 660.922447][T17921] netlink: 76 bytes leftover after parsing attributes in process `syz.0.6798'. [ 661.154582][T16478] EXT4-fs (loop2): unmounting filesystem. [ 661.242871][T17929] loop1: detected capacity change from 0 to 512 [ 661.281492][T17929] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 661.436560][T17929] ext4 filesystem being mounted at /221/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 661.516675][T14674] EXT4-fs (loop1): unmounting filesystem. [ 661.660344][ T39] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 661.855705][T17952] loop0: detected capacity change from 0 to 1024 [ 661.881177][T17952] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 661.891010][T17952] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 662.024330][ T39] usb 3-1: device descriptor read/64, error -71 [ 662.062403][T17952] EXT4-fs error (device loop0): ext4_get_journal_inode:5724: inode #5: comm syz.0.6805: unexpected bad inode w/o EXT4_IGET_BAD [ 662.668426][T17952] EXT4-fs (loop0): no journal found [ 662.673708][T17952] EXT4-fs (loop0): can't get journal size [ 662.696830][T17952] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 663.247331][T16114] EXT4-fs (loop0): unmounting filesystem. [ 663.290582][T17964] loop0: detected capacity change from 0 to 512 [ 663.332087][T17964] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 663.341475][T17964] ext4 filesystem being mounted at /167/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 663.374507][T16114] EXT4-fs (loop0): unmounting filesystem. [ 663.510439][ T39] usb 3-1: device descriptor read/64, error -71 [ 663.550414][T17973] netlink: 76 bytes leftover after parsing attributes in process `syz.0.6816'. [ 663.780420][ T39] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 663.940500][ T39] usb 3-1: device descriptor read/64, error -71 [ 664.223734][ T39] usb 3-1: device descriptor read/64, error -71 [ 664.370041][ T39] usb usb3-port1: attempt power cycle [ 665.321522][T18002] loop3: detected capacity change from 0 to 512 [ 665.383619][T18002] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 665.397829][T18002] ext4 filesystem being mounted at /186/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 665.461400][T15922] EXT4-fs (loop3): unmounting filesystem. [ 666.529323][T18032] fuseblk: Bad value for 'fd' [ 666.813340][T18042] loop0: detected capacity change from 0 to 512 [ 667.098478][T18042] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 667.256215][T18042] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 667.271677][T18042] EXT4-fs (loop0): 1 truncate cleaned up [ 667.277383][T18042] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 667.669412][T16114] EXT4-fs (loop0): unmounting filesystem. [ 667.762168][T18052] loop0: detected capacity change from 0 to 512 [ 667.823154][T18052] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 667.840417][T18052] ext4 filesystem being mounted at /178/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 667.908401][T16114] EXT4-fs (loop0): unmounting filesystem. [ 668.096892][T18064] fuseblk: Bad value for 'fd' [ 668.416032][T18073] netlink: 'syz.1.6853': attribute type 4 has an invalid length. [ 668.579400][T18077] loop3: detected capacity change from 0 to 4096 [ 668.624247][T18077] EXT4-fs (loop3): Test dummy encryption mode enabled [ 668.644514][T18077] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 668.662428][T18077] System zones: 0-5 [ 668.667242][T18077] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 668.737498][T18093] loop4: detected capacity change from 0 to 4096 [ 668.744217][T18093] EXT4-fs: Ignoring removed mblk_io_submit option [ 668.752634][T18093] EXT4-fs (loop4): Test dummy encryption mode enabled [ 668.912910][T18093] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 669.577498][T18100] netlink: 'syz.2.6863': attribute type 16 has an invalid length. [ 669.621804][T15922] EXT4-fs (loop3): unmounting filesystem. [ 669.673282][T15987] EXT4-fs (loop4): unmounting filesystem. [ 669.680101][T18100] netlink: 64122 bytes leftover after parsing attributes in process `syz.2.6863'. [ 669.820289][T18108] loop1: detected capacity change from 0 to 256 [ 669.890895][T18108] FAT-fs (loop1): bogus number of FAT sectors [ 669.897057][T18108] FAT-fs (loop1): Can't find a valid FAT filesystem [ 670.373230][T18114] loop4: detected capacity change from 0 to 256 [ 670.497811][T18114] exfat: Deprecated parameter 'utf8' [ 670.592020][T18114] exfat: Deprecated parameter 'utf8' [ 670.666036][ T340] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 670.687958][T18114] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 671.216248][T18142] loop0: detected capacity change from 0 to 4096 [ 671.248770][T18142] EXT4-fs (loop0): Test dummy encryption mode enabled [ 671.330043][T18146] netlink: 76 bytes leftover after parsing attributes in process `syz.3.6880'. [ 671.438262][T18142] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 671.472580][T18142] System zones: 0-5 [ 671.544004][T18142] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 671.636489][T16114] EXT4-fs (loop0): unmounting filesystem. [ 672.441751][T18173] loop3: detected capacity change from 0 to 1024 [ 672.502917][T18173] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 672.512781][T18173] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 672.535920][T18173] EXT4-fs error (device loop3): ext4_get_journal_inode:5724: inode #5: comm syz.3.6890: unexpected bad inode w/o EXT4_IGET_BAD [ 672.570829][T18173] EXT4-fs (loop3): no journal found [ 672.576110][T18173] EXT4-fs (loop3): can't get journal size [ 672.714154][T18173] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 673.332186][T15922] EXT4-fs (loop3): unmounting filesystem. [ 673.382794][T18184] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6895'. [ 673.621417][T18188] loop4: detected capacity change from 0 to 4096 [ 673.639992][T18188] EXT4-fs (loop4): Test dummy encryption mode enabled [ 673.669431][T18188] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 673.685127][T18188] System zones: 0-5 [ 673.696790][T18188] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 673.788708][T15987] EXT4-fs (loop4): unmounting filesystem. [ 673.910380][T11520] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 674.029218][T18217] loop4: detected capacity change from 0 to 512 [ 674.981072][T18219] loop2: detected capacity change from 0 to 1024 [ 675.073701][T18217] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 675.177827][T18219] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 675.187775][T18219] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 675.306951][T18219] EXT4-fs error (device loop2): ext4_get_journal_inode:5724: inode #5: comm syz.2.6907: unexpected bad inode w/o EXT4_IGET_BAD [ 675.568529][T11520] usb 2-1: Using ep0 maxpacket: 8 [ 675.709401][T18219] EXT4-fs (loop2): no journal found [ 675.714764][T18219] EXT4-fs (loop2): can't get journal size [ 676.516008][T18217] EXT4-fs (loop4): 1 truncate cleaned up [ 676.521785][T18217] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 676.813099][T15987] EXT4-fs (loop4): unmounting filesystem. [ 676.843453][T18219] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 677.062911][T11520] usb 2-1: device descriptor read/all, error -71 [ 677.078464][T16478] EXT4-fs (loop2): unmounting filesystem. [ 677.166166][T18234] netlink: 112 bytes leftover after parsing attributes in process `syz.1.6914'. [ 677.192834][T18243] syz.3.6913[18243] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 677.192908][T18243] syz.3.6913[18243] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 677.229394][T18248] netlink: 'syz.1.6920': attribute type 4 has an invalid length. [ 677.739268][T18254] netlink: 76 bytes leftover after parsing attributes in process `syz.4.6919'. [ 677.781418][T18256] netlink: 76 bytes leftover after parsing attributes in process `syz.2.6923'. [ 678.032728][T18258] loop3: detected capacity change from 0 to 512 [ 678.046494][T18258] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 678.070914][T18258] EXT4-fs (loop3): 1 truncate cleaned up [ 678.080443][T11520] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 678.088243][T18258] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 678.133916][T15922] EXT4-fs (loop3): unmounting filesystem. [ 678.238631][T18275] netlink: 48 bytes leftover after parsing attributes in process `syz.3.6932'. [ 678.268433][T18277] netlink: 'syz.2.6933': attribute type 4 has an invalid length. [ 678.280396][T11520] usb 2-1: Using ep0 maxpacket: 8 [ 678.286590][T11520] usb 2-1: config 32 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 678.375054][T11520] usb 2-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 678.384217][T11520] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 678.631322][T11520] usb 2-1: string descriptor 0 read error: -71 [ 678.642932][T11520] hub 2-1:32.0: bad descriptor, ignoring hub [ 678.648930][T11520] hub: probe of 2-1:32.0 failed with error -5 [ 678.711247][T11520] usb 2-1: USB disconnect, device number 15 [ 678.971536][T18303] netlink: 'syz.0.6946': attribute type 4 has an invalid length. [ 679.063247][ T28] kauditd_printk_skb: 10 callbacks suppressed [ 679.063262][ T28] audit: type=1400 audit(1763310448.501:247813): avc: denied { read } for pid=18312 comm="syz.0.6950" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 679.223911][T18321] netlink: 'syz.1.6954': attribute type 16 has an invalid length. [ 679.233300][T18321] netlink: 64122 bytes leftover after parsing attributes in process `syz.1.6954'. [ 679.837210][T18350] netlink: 48 bytes leftover after parsing attributes in process `syz.3.6962'. [ 680.294099][T18371] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6975'. [ 680.610177][T18380] loop2: detected capacity change from 0 to 4096 [ 680.623982][T18380] EXT4-fs (loop2): Test dummy encryption mode enabled [ 680.723419][T18382] overlayfs: missing 'lowerdir' [ 680.878182][T18380] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 680.889483][T18380] System zones: 0-5 [ 680.903434][T18380] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 680.997204][T16478] EXT4-fs (loop2): unmounting filesystem. [ 681.063644][T18392] netlink: 48 bytes leftover after parsing attributes in process `syz.2.6983'. [ 681.862652][T18416] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6993'. [ 682.460183][T18438] loop4: detected capacity change from 0 to 4096 [ 682.490581][T18438] EXT4-fs (loop4): Test dummy encryption mode enabled [ 682.571513][T18438] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 682.579655][T18438] System zones: 0-5 [ 682.608426][T18438] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 682.701998][T18450] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7007'. [ 682.843034][ T28] audit: type=1326 audit(1763310452.281:247814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 682.880409][ T28] audit: type=1326 audit(1763310452.301:247815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 682.904284][ T28] audit: type=1326 audit(1763310452.301:247816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 682.928208][ T28] audit: type=1326 audit(1763310452.301:247817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 682.951076][T15987] EXT4-fs (loop4): unmounting filesystem. [ 682.952176][ T28] audit: type=1326 audit(1763310452.301:247818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 682.981115][ T28] audit: type=1326 audit(1763310452.301:247819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 683.004685][ T28] audit: type=1326 audit(1763310452.301:247820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 683.028178][ T28] audit: type=1326 audit(1763310452.301:247821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 683.052257][ T28] audit: type=1326 audit(1763310452.301:247822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 683.224456][T18466] loop3: detected capacity change from 0 to 512 [ 683.266143][T18466] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 683.277207][T18466] ext4 filesystem being mounted at /231/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 683.396269][T15922] EXT4-fs (loop3): unmounting filesystem. [ 683.495307][T18482] loop0: detected capacity change from 0 to 512 [ 683.571286][T18480] fuseblk: Bad value for 'fd' [ 683.581763][T18482] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 683.671368][T18482] EXT4-fs (loop0): 1 truncate cleaned up [ 683.677117][T18482] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 684.071073][ T28] kauditd_printk_skb: 1548 callbacks suppressed [ 684.071100][ T28] audit: type=1326 audit(1763310453.501:249371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 684.309023][T16114] EXT4-fs (loop0): unmounting filesystem. [ 684.420137][T18500] loop2: detected capacity change from 0 to 256 [ 684.426754][T18500] exfat: Deprecated parameter 'utf8' [ 684.432106][T18500] exfat: Deprecated parameter 'utf8' [ 684.449396][T18501] netlink: 92 bytes leftover after parsing attributes in process `syz.3.7026'. [ 684.466722][T18500] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 684.493766][ T28] audit: type=1326 audit(1763310453.551:249372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 684.614569][ T28] audit: type=1326 audit(1763310453.681:249373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 684.666895][T18505] loop4: detected capacity change from 0 to 4096 [ 684.704077][T18505] EXT4-fs (loop4): Test dummy encryption mode enabled [ 684.797157][ T28] audit: type=1326 audit(1763310453.681:249374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 684.800771][T18505] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 684.820711][ T28] audit: type=1326 audit(1763310453.681:249375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 684.848898][T18505] System zones: [ 684.879955][ T28] audit: type=1326 audit(1763310453.681:249376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 684.898341][T18505] 0-5 [ 684.907347][ T28] audit: type=1326 audit(1763310453.681:249377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 684.912196][T18505] [ 684.933437][ T28] audit: type=1326 audit(1763310453.681:249378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 684.959648][ T28] audit: type=1326 audit(1763310453.681:249379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 685.017576][T18516] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7031'. [ 685.072674][T18505] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 685.163947][ T28] audit: type=1326 audit(1763310453.681:249380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.7004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d58f6c9 code=0x50000 [ 685.236977][T18518] fuseblk: Bad value for 'fd' [ 685.277485][T15987] EXT4-fs (loop4): unmounting filesystem. [ 685.514845][T18532] syz.2.7038[18532] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 685.514916][T18532] syz.2.7038[18532] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 685.653191][T18541] netlink: 'syz.3.7041': attribute type 16 has an invalid length. [ 685.691338][T18541] netlink: 64122 bytes leftover after parsing attributes in process `syz.3.7041'. [ 685.716498][T18542] loop4: detected capacity change from 0 to 512 [ 685.764953][T18553] netlink: 92 bytes leftover after parsing attributes in process `syz.3.7047'. [ 685.785887][T18542] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 685.804174][T18542] ext4 filesystem being mounted at /178/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 685.861386][T15987] EXT4-fs (loop4): unmounting filesystem. [ 685.875650][T18558] loop1: detected capacity change from 0 to 4096 [ 685.905851][T18558] EXT4-fs (loop1): Test dummy encryption mode enabled [ 685.918770][T18558] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 685.947891][T18558] System zones: 0-5 [ 685.958372][T18558] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 686.139711][T14674] EXT4-fs (loop1): unmounting filesystem. [ 686.342299][T18582] netlink: 76 bytes leftover after parsing attributes in process `syz.1.7057'. [ 686.732629][T18591] netlink: 92 bytes leftover after parsing attributes in process `syz.2.7063'. [ 687.127591][T18601] loop1: detected capacity change from 0 to 512 [ 687.174163][T18601] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 687.273293][T18609] binder: Bad value for 'max' [ 687.387844][T18601] loop1: detected capacity change from 0 to 40427 [ 687.399372][T18601] F2FS-fs (loop1): invalid crc value [ 687.441476][T18601] F2FS-fs (loop1): Found nat_bits in checkpoint [ 687.474160][T18601] F2FS-fs (loop1): Start checkpoint disabled! [ 687.501047][T18601] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 687.691578][T18623] overlayfs: failed to resolve './file0': -2 [ 688.025325][ T4353] kworker/u4:8: attempt to access beyond end of device [ 688.025325][ T4353] loop1: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 688.044363][T18603] loop3: detected capacity change from 0 to 40427 [ 688.144338][T18603] F2FS-fs (loop3): Found nat_bits in checkpoint [ 688.240824][T18636] syz.4.7080[18636] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 688.240896][T18636] syz.4.7080[18636] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 688.316858][T18603] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 689.506234][T18653] loop1: detected capacity change from 0 to 256 [ 689.531237][T18653] FAT-fs (loop1): bogus number of FAT sectors [ 689.537356][T18653] FAT-fs (loop1): Can't find a valid FAT filesystem [ 689.547770][ T28] kauditd_printk_skb: 10332 callbacks suppressed [ 689.547841][ T28] audit: type=1326 audit(1763310458.181:259713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.0.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ed8f6c9 code=0x50000 [ 689.658539][T18651] loop2: detected capacity change from 0 to 1024 [ 689.874997][T18651] EXT4-fs: Ignoring removed orlov option [ 689.882739][T18651] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 689.934173][T18661] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7088'. [ 689.948777][ T28] audit: type=1326 audit(1763310458.181:259714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.0.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ed8f6c9 code=0x50000 [ 690.025394][T18664] syz.4.7089[18664] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 690.025467][T18664] syz.4.7089[18664] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 690.056273][T11520] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 690.071635][ T28] audit: type=1326 audit(1763310458.181:259715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.0.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ed8f6c9 code=0x50000 [ 690.176914][T16478] EXT4-fs (loop2): unmounting filesystem. [ 690.223633][ T28] audit: type=1326 audit(1763310458.181:259716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.0.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ed8f6c9 code=0x50000 [ 690.251412][T11520] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 690.280743][ T28] audit: type=1326 audit(1763310458.181:259717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.0.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ed8f6c9 code=0x50000 [ 690.317697][T11520] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 690.326983][ T28] audit: type=1326 audit(1763310458.181:259718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.0.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ed8f6c9 code=0x50000 [ 690.337101][T11520] usb 4-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 690.351358][ T28] audit: type=1326 audit(1763310458.181:259719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.0.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ed8f6c9 code=0x50000 [ 690.380378][T11520] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 690.384156][ T28] audit: type=1326 audit(1763310458.181:259720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.0.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ed8f6c9 code=0x50000 [ 690.483778][T11520] usb 4-1: config 0 descriptor?? [ 690.670415][ T28] audit: type=1326 audit(1763310458.181:259721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.0.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ed8f6c9 code=0x50000 [ 690.705966][ T28] audit: type=1326 audit(1763310458.181:259722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18570 comm="syz.0.7054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ed8f6c9 code=0x50000 [ 691.771231][ T336] usb 4-1: USB disconnect, device number 23 [ 691.811411][T18723] netlink: 'syz.3.7114': attribute type 4 has an invalid length. [ 691.981825][T18727] syz.3.7115[18727] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 691.981935][T18727] syz.3.7115[18727] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 692.968678][T18750] loop3: detected capacity change from 0 to 4096 [ 692.986935][T18750] EXT4-fs: Ignoring removed mblk_io_submit option [ 692.994239][T18750] EXT4-fs (loop3): Test dummy encryption mode enabled [ 693.005358][T18750] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 693.015671][T18752] netlink: 'syz.1.7127': attribute type 16 has an invalid length. [ 693.028105][T15922] EXT4-fs (loop3): unmounting filesystem. [ 693.036757][T18752] netlink: 64122 bytes leftover after parsing attributes in process `syz.1.7127'. [ 693.066380][T18756] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7128'. [ 693.110231][T18753] loop2: detected capacity change from 0 to 4096 [ 693.148849][T18753] EXT4-fs (loop2): Test dummy encryption mode enabled [ 693.181770][T18753] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 693.215909][T18753] System zones: 0-5 [ 693.220758][T18753] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 693.309721][T18773] loop0: detected capacity change from 0 to 512 [ 693.361465][T18773] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 693.504056][T18773] EXT4-fs (loop0): 1 truncate cleaned up [ 693.509792][T18773] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 694.147358][T16114] EXT4-fs (loop0): unmounting filesystem. [ 694.156433][T16478] EXT4-fs (loop2): unmounting filesystem. [ 694.244204][T18791] loop4: detected capacity change from 0 to 4096 [ 694.250896][T18791] EXT4-fs: Ignoring removed mblk_io_submit option [ 694.401922][T18788] syz.0.7136[18788] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 694.401998][T18788] syz.0.7136[18788] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 694.931528][T18791] EXT4-fs (loop4): Test dummy encryption mode enabled [ 694.963061][T18800] netlink: 'syz.0.7142': attribute type 16 has an invalid length. [ 694.970982][T18800] netlink: 64122 bytes leftover after parsing attributes in process `syz.0.7142'. [ 695.007612][T18791] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 695.051748][T15987] EXT4-fs (loop4): unmounting filesystem. [ 695.230369][ T336] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 695.390390][ T336] usb 2-1: device descriptor read/64, error -71 [ 695.570310][T18814] loop3: detected capacity change from 0 to 512 [ 695.587139][T18814] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 695.703727][T18814] EXT4-fs (loop3): 1 truncate cleaned up [ 695.709491][T18814] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 696.401005][T15922] EXT4-fs (loop3): unmounting filesystem. [ 696.433309][T18818] loop0: detected capacity change from 0 to 4096 [ 696.444524][T18818] EXT4-fs (loop0): Test dummy encryption mode enabled [ 696.452090][T18818] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 696.460259][T18818] System zones: 0-5 [ 696.464331][ T336] usb 2-1: device descriptor read/64, error -71 [ 696.471536][T18818] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 696.558585][T16114] EXT4-fs (loop0): unmounting filesystem. [ 696.662311][T18823] syz.0.7152[18823] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 696.662380][T18823] syz.0.7152[18823] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 696.723298][T18829] netlink: 'syz.2.7154': attribute type 4 has an invalid length. [ 696.780473][ T336] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 696.912748][T18838] loop0: detected capacity change from 0 to 256 [ 696.920500][T18838] FAT-fs (loop0): bogus number of FAT sectors [ 696.926616][T18838] FAT-fs (loop0): Can't find a valid FAT filesystem [ 697.340840][ T340] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 697.627075][ T336] usb 2-1: device descriptor read/64, error -71 [ 697.822660][T18858] netlink: 112 bytes leftover after parsing attributes in process `syz.2.7163'. [ 697.842465][T18859] netlink: 'syz.0.7165': attribute type 4 has an invalid length. [ 698.251628][T18883] loop0: detected capacity change from 0 to 256 [ 698.302493][T18883] FAT-fs (loop0): bogus number of FAT sectors [ 698.308661][T18883] FAT-fs (loop0): Can't find a valid FAT filesystem [ 699.066575][T18885] netlink: 'syz.0.7177': attribute type 16 has an invalid length. [ 699.101220][T18885] netlink: 64122 bytes leftover after parsing attributes in process `syz.0.7177'. [ 699.310779][T18898] netlink: 536 bytes leftover after parsing attributes in process `syz.3.7176'. [ 699.330084][T18898] netlink: 124 bytes leftover after parsing attributes in process `syz.3.7176'. [ 699.631597][T18911] loop0: detected capacity change from 0 to 256 [ 699.641928][T18911] FAT-fs (loop0): bogus number of FAT sectors [ 699.648050][T18911] FAT-fs (loop0): Can't find a valid FAT filesystem [ 700.002405][ T340] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 700.351870][T18920] netlink: 'syz.1.7189': attribute type 4 has an invalid length. [ 700.951731][T18935] netlink: 92 bytes leftover after parsing attributes in process `syz.2.7195'. [ 702.210373][ T412] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 702.399746][T18966] netlink: 92 bytes leftover after parsing attributes in process `syz.2.7206'. [ 702.401400][ T412] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 702.463358][ T412] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 702.528441][ T412] usb 1-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 702.566433][ T412] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 702.602211][ T412] usb 1-1: config 0 descriptor?? [ 702.624551][ T412] usb-storage 1-1:0.0: USB Mass Storage device detected [ 702.681768][ T412] usb-storage 1-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 702.729756][T18975] loop2: detected capacity change from 0 to 4096 [ 702.781393][T18975] EXT4-fs (loop2): Test dummy encryption mode enabled [ 702.808861][T18975] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 702.818346][T18975] System zones: 0-5 [ 702.839171][T18975] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 702.973364][T16478] EXT4-fs (loop2): unmounting filesystem. [ 703.102898][T18985] syz.2.7212[18985] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 703.102974][T18985] syz.2.7212[18985] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 703.274007][T18991] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7213'. [ 704.192529][T19012] fuseblk: Bad value for 'fd' [ 704.203532][T19013] netlink: 'syz.2.7225': attribute type 4 has an invalid length. [ 704.379597][T19030] binder: Bad value for 'max' [ 704.756498][T19033] netlink: 76 bytes leftover after parsing attributes in process `syz.4.7230'. [ 704.879921][ T703] usb 1-1: USB disconnect, device number 16 [ 705.087003][T19040] syz.0.7235[19040] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 705.087081][T19040] syz.0.7235[19040] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 705.273729][T19044] loop2: detected capacity change from 0 to 512 [ 705.460693][T19044] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 705.476863][T19044] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 705.762178][T19067] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7246'. [ 706.100441][T19076] loop0: detected capacity change from 0 to 1024 [ 706.208821][T19076] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 706.218922][T19076] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 706.245455][T15476] ================================================================== [ 706.253544][T15476] BUG: KASAN: use-after-free in l2tp_session_delete+0x27/0x4e0 [ 706.261099][T15476] Write of size 8 at addr ffff88812d7f1808 by task kworker/u4:12/15476 [ 706.269327][T15476] [ 706.271642][T15476] CPU: 1 PID: 15476 Comm: kworker/u4:12 Not tainted syzkaller #0 [ 706.279352][T15476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 706.289400][T15476] Workqueue: l2tp l2tp_tunnel_del_work [ 706.294874][T15476] Call Trace: [ 706.298149][T15476] [ 706.301070][T15476] __dump_stack+0x21/0x24 [ 706.305397][T15476] dump_stack_lvl+0xee/0x150 [ 706.309982][T15476] ? __cfi_dump_stack_lvl+0x8/0x8 [ 706.314999][T15476] ? l2tp_session_delete+0x27/0x4e0 [ 706.320191][T15476] print_address_description+0x71/0x200 [ 706.325728][T15476] print_report+0x4a/0x60 [ 706.330048][T15476] kasan_report+0x122/0x150 [ 706.334554][T15476] ? l2tp_session_delete+0x27/0x4e0 [ 706.337113][T19076] EXT4-fs error (device loop0): ext4_get_journal_inode:5724: inode #5: comm syz.0.7248: unexpected bad inode w/o EXT4_IGET_BAD [ 706.339748][T15476] kasan_check_range+0x280/0x290 [ 706.355168][T19076] EXT4-fs (loop0): no journal found [ 706.357758][T15476] __kasan_check_write+0x14/0x20 [ 706.363007][T19076] EXT4-fs (loop0): can't get journal size [ 706.367859][T15476] l2tp_session_delete+0x27/0x4e0 [ 706.367883][T15476] l2tp_tunnel_del_work+0x201/0x420 [ 706.383761][T15476] process_one_work+0x71f/0xc40 [ 706.388600][T15476] worker_thread+0xa29/0x11f0 [ 706.393257][T15476] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 706.398700][T15476] kthread+0x281/0x320 [ 706.402749][T15476] ? __cfi_worker_thread+0x10/0x10 [ 706.407840][T15476] ? __cfi_kthread+0x10/0x10 [ 706.412408][T15476] ret_from_fork+0x1f/0x30 [ 706.416805][T15476] [ 706.419801][T15476] [ 706.422113][T15476] Allocated by task 19063: [ 706.426501][T15476] kasan_set_track+0x4b/0x70 [ 706.431070][T15476] kasan_save_alloc_info+0x25/0x30 [ 706.436162][T15476] __kasan_kmalloc+0x95/0xb0 [ 706.440731][T15476] __kmalloc+0xb1/0x1e0 [ 706.444868][T15476] l2tp_session_create+0x38/0xbe0 [ 706.449869][T15476] pppol2tp_connect+0xb35/0x1570 [ 706.454795][T15476] __sys_connect+0x398/0x420 [ 706.459363][T15476] __x64_sys_connect+0x7a/0x90 [ 706.464103][T15476] x64_sys_call+0x88d/0x9a0 [ 706.468589][T15476] do_syscall_64+0x4c/0xa0 [ 706.472984][T15476] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 706.478857][T15476] [ 706.481160][T15476] Freed by task 19075: [ 706.485199][T15476] kasan_set_track+0x4b/0x70 [ 706.489767][T15476] kasan_save_free_info+0x31/0x50 [ 706.494770][T15476] ____kasan_slab_free+0x132/0x180 [ 706.499863][T15476] __kasan_slab_free+0x11/0x20 [ 706.504604][T15476] slab_free_freelist_hook+0xc2/0x190 [ 706.509959][T15476] __kmem_cache_free+0xb7/0x1b0 [ 706.514788][T15476] kfree+0x6f/0xf0 [ 706.518491][T15476] l2tp_session_dec_refcount+0xaf/0x1a0 [ 706.524014][T15476] pppol2tp_session_destruct+0xb1/0xf0 [ 706.529454][T15476] __sk_destruct+0x64/0x600 [ 706.533937][T15476] __sk_free+0x313/0x410 [ 706.538165][T15476] sk_free+0x54/0x90 [ 706.542055][T15476] pppol2tp_put_sk+0x7a/0xb0 [ 706.546638][T15476] rcu_do_batch+0x515/0xb90 [ 706.551124][T15476] rcu_core+0x5a5/0xe70 [ 706.555266][T15476] rcu_core_si+0x9/0x10 [ 706.559406][T15476] handle_softirqs+0x1d7/0x600 [ 706.564153][T15476] __irq_exit_rcu+0x52/0xf0 [ 706.568636][T15476] irq_exit_rcu+0x9/0x10 [ 706.572859][T15476] sysvec_apic_timer_interrupt+0xa9/0xc0 [ 706.578493][T15476] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 706.584457][T15476] [ 706.586759][T15476] Last potentially related work creation: [ 706.592446][T15476] kasan_save_stack+0x3a/0x60 [ 706.597127][T15476] __kasan_record_aux_stack+0xb6/0xc0 [ 706.602481][T15476] kasan_record_aux_stack_noalloc+0xb/0x10 [ 706.608279][T15476] call_rcu+0xd4/0xf90 [ 706.612327][T15476] pppol2tp_release+0x208/0x2d0 [ 706.617157][T15476] sock_close+0xf1/0x290 [ 706.621386][T15476] __fput+0x1fc/0x8f0 [ 706.625347][T15476] ____fput+0x15/0x20 [ 706.629307][T15476] task_work_run+0x1db/0x240 [ 706.633877][T15476] exit_to_user_mode_loop+0x9b/0xb0 [ 706.639060][T15476] exit_to_user_mode_prepare+0x87/0xd0 [ 706.644504][T15476] syscall_exit_to_user_mode+0x1a/0x30 [ 706.649943][T15476] do_syscall_64+0x58/0xa0 [ 706.654340][T15476] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 706.660214][T15476] [ 706.662515][T15476] The buggy address belongs to the object at ffff88812d7f1800 [ 706.662515][T15476] which belongs to the cache kmalloc-512 of size 512 [ 706.676542][T15476] The buggy address is located 8 bytes inside of [ 706.676542][T15476] 512-byte region [ffff88812d7f1800, ffff88812d7f1a00) [ 706.689622][T15476] [ 706.691923][T15476] The buggy address belongs to the physical page: [ 706.698307][T15476] page:ffffea0004b5fc00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12d7f0 [ 706.708533][T15476] head:ffffea0004b5fc00 order:2 compound_mapcount:0 compound_pincount:0 [ 706.716919][T15476] flags: 0x4000000000010200(slab|head|zone=1) [ 706.722982][T15476] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100042f00 [ 706.731554][T15476] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 706.740127][T15476] page dumped because: kasan: bad access detected [ 706.746521][T15476] page_owner tracks the page as allocated [ 706.752219][T15476] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x152a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 1864, tgid 1864 (kworker/u4:7), ts 300845462575, free_ts 293527972650 [ 706.773140][T15476] post_alloc_hook+0x1f5/0x210 [ 706.777904][T15476] prep_new_page+0x1c/0x110 [ 706.782392][T15476] get_page_from_freelist+0x2c7b/0x2cf0 [ 706.787920][T15476] __alloc_pages+0x1c3/0x450 [ 706.792491][T15476] alloc_slab_page+0x6e/0xf0 [ 706.797064][T15476] new_slab+0x98/0x3d0 [ 706.801115][T15476] ___slab_alloc+0x6bd/0xb20 [ 706.805683][T15476] __slab_alloc+0x5e/0xa0 [ 706.809993][T15476] __kmem_cache_alloc_node+0x203/0x2c0 [ 706.815435][T15476] __kmalloc+0xa1/0x1e0 [ 706.819573][T15476] fib6_info_alloc+0x34/0xe0 [ 706.824146][T15476] ip6_route_info_create+0x526/0x1510 [ 706.829504][T15476] ip6_route_add+0x27/0x130 [ 706.833989][T15476] addrconf_add_linklocal+0x3d4/0x620 [ 706.839342][T15476] addrconf_addr_gen+0x48e/0x5a0 [ 706.844345][T15476] addrconf_init_auto_addrs+0x84b/0xb80 [ 706.849865][T15476] page last free stack trace: [ 706.854514][T15476] free_unref_page_prepare+0x742/0x750 [ 706.859952][T15476] free_unref_page+0x8f/0x530 [ 706.864609][T15476] __free_pages+0x67/0x100 [ 706.869008][T15476] __vunmap+0x9af/0xb70 [ 706.873138][T15476] vfree+0x61/0x90 [ 706.876840][T15476] kcov_close+0x2b/0x50 [ 706.880998][T15476] __fput+0x1fc/0x8f0 [ 706.884959][T15476] ____fput+0x15/0x20 [ 706.888919][T15476] task_work_run+0x1db/0x240 [ 706.893488][T15476] do_exit+0xa25/0x2650 [ 706.897628][T15476] do_group_exit+0x210/0x2d0 [ 706.902283][T15476] get_signal+0x13b5/0x1520 [ 706.906768][T15476] arch_do_signal_or_restart+0xb0/0x1030 [ 706.912379][T15476] exit_to_user_mode_loop+0x7a/0xb0 [ 706.917559][T15476] exit_to_user_mode_prepare+0x87/0xd0 [ 706.922996][T15476] syscall_exit_to_user_mode+0x1a/0x30 [ 706.928437][T15476] [ 706.930738][T15476] Memory state around the buggy address: [ 706.936343][T15476] ffff88812d7f1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 706.944382][T15476] ffff88812d7f1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 706.952418][T15476] >ffff88812d7f1800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 706.960457][T15476] ^ [ 706.964760][T15476] ffff88812d7f1880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 706.972798][T15476] ffff88812d7f1900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 706.980833][T15476] ================================================================== [ 707.006746][T19078] netlink: 76 bytes leftover after parsing attributes in process `syz.3.7249'. [ 707.022062][T16478] EXT4-fs (loop2): unmounting filesystem. [ 707.035652][T19076] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 707.252233][ T28] kauditd_printk_skb: 44 callbacks suppressed [ 707.252248][ T28] audit: type=1400 audit(1763310476.691:259767): avc: denied { read } for pid=85 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 707.355590][ T28] audit: type=1400 audit(1763310476.691:259768): avc: denied { search } for pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 707.454689][ T28] audit: type=1400 audit(1763310476.691:259769): avc: denied { write } for pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 707.575392][ T28] audit: type=1400 audit(1763310476.691:259770): avc: denied { add_name } for pid=85 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 707.834890][T16114] EXT4-fs (loop0): unmounting filesystem. [ 707.841594][ T28] audit: type=1400 audit(1763310476.691:259771): avc: denied { create } for pid=85 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 707.863666][ T28] audit: type=1400 audit(1763310476.691:259772): avc: denied { append open } for pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 707.887856][ T28] audit: type=1400 audit(1763310476.691:259773): avc: denied { getattr } for pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 707.960367][T15476] Disabling lock debugging due to kernel taint [ 708.100380][ T412] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 708.281409][ T412] usb 2-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255 [ 708.293876][ T412] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 708.304026][ T412] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 708.316976][ T412] usb 2-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 708.326011][ T412] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 708.335052][ T412] usb 2-1: config 0 descriptor?? [ 708.340748][ T412] usb-storage 2-1:0.0: USB Mass Storage device detected [ 708.348236][ T412] usb-storage 2-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 710.427237][ T39] usb 2-1: USB disconnect, device number 18