last executing test programs: 4.271252806s ago: executing program 0: ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x2a, 0x4, 0x0, 0x0, 0xa8, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x7e, 0x0, 0x9, [0x401, 0x1000, 0x5, 0x0, 0x5, 0x8]}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x0, [{@multicast1, 0x5}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}, {@private, 0x7}]}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@dev}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101, 0x800}, {@broadcast, 0x52b1}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2.258968179s ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000e27b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='ext4_allocate_blocks\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='ext4_allocate_blocks\x00', r2}, 0x10) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) 2.246026741s ago: executing program 0: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406a05044000000000000109022400010000000009040000020300000009210000000122060009058203"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000bc0)={0x2c, &(0x7f00000007c0)=ANY=[@ANYBLOB="40211f"], 0x0, 0x0, 0x0, 0x0}, 0x0) 1.085248302s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) close(r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r3}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r4}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e) 1.056660876s ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r2, &(0x7f0000000040), 0xfea0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfff}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_cpus\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000380), 0x101bf) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000080)={0x0, r3}) 996.520955ms ago: executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_HYPERV_SYNIC2(r2, 0x4068aea3, &(0x7f00000008c0)) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000000090000040", @ANYBLOB="f1ec530caca6fa"]) 985.056917ms ago: executing program 3: mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x5, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0xeea390}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000066c0)="a062030607792c01386f28a428828947de99f79cc542703d923c7cb9d4e1f6fd95fbf2f747ab32f6fb041861fb3f87a88cb85405b4e73c0b6b12c81e42a9f13d82c32b7ddb172bcba1aac5c38f083747ac179f08d4d6d342a87ba8dd9bb7a9680f27433c3357b4f6ac97b19a973592f1ac6e7853a0b15ba42a28efb9cc30b146346b546018966e94976ca28f26a1950dd64c0adbb0c2e09bbd9caa9e7886a2b3d6e2b6d6616b718f1322ea2881ca59ef73948b1bcdc2dd3970e63cbc1043ce42af0ea1f95d17268cbc3ef062c8c31a537e94a20c1c505a6022d5ece7f51bd9c754d8c47cbe80bbb30b2159991a94dd3a25e64aff8a7a17374b5a71e0c7c241cbfd7f084e18a50bea512ada902210a3881ffcd42071ab09c4d80139d8980d6dc5d12c2595ced445caf22f80d8fb1a4c243da47fadb8e28e9c04fea820a8a2f032f5adff8b7d9269e63db68d196bf7f416405e52b6b8abd8bb9d9694b8b5eddae348209963738cd9710bd6c291af1c8eaf0e52d2f2f24bef8c8bc9f77eed40104e07c8ee1b4cb358fc73e2653fef6232b5e9f5d0be26b91a0b7967ed5e3bf10c449424ff4d11951d963677001d9576425d6a9c4503268a407d74854f5e1caacc0ccc463dc56e684db1d80b370da238915579ab82cdbd7d155adf10b96ed71100ea92834e8a4e4f5b7b831bff6fb4febe01bb398ea4065446f277f107aa3cc06e0b7a6e98434bf57744ba9ecb8effe704d7f852e16bc33ac113649f7540b7a7a67cf5493b400ce06e571d485af1732938b79ded4de7dad97a7e1c0be7bd479dc264647bb76503168423e3f6fc95f8ac8ea35e39f476ab54e88286fcf73eead1f794784465592fe4ad112ac63bbc3b3f35b87c40bc5fa6e3ca6cad878f9772a61a23aa00491a9e2442eb90a32af2bd74e99d075bcda20288bfc30f3b00a7e8e1a0b4791573abd65284bbb53e2b7d667239b95b332dd423e4d7c512de559bd53fde5285add9795bda81ec142620e693af9c787a4499dd76ca0d77d9c7c4043e537ec6c1cd0b9a642b12adc782a0e00f6c1ed7379d5fff4c2feb19182db977f657b195e4710ff00f78e35a146119897495b0e1a0068a6606292ee72bf65adcd2cd29b4e59a4b3f82eac77d5254013d03d2fb2511975558906741912d09304f0d4cf08c8f62690c67968c869f75a4025224d8e84baf7a42e01b4ecf7e55d7c45839778c2266880d1bb73e3aad618d1a4f8d5a16914d64d70438a88512649fd4caa90506e5a2d58a33ecaebc9b2e5f8a4fbeca57c829ae02fd2dc146e939c3d295ada7df4a07e74b356c6ffd7a9c546b9eddf7e013cbcb2b57ae0d225249f7e06a415681d9f597a060fd55e39bd56f04b863efeca458a0cbc54b660db50ca40d27a3fda3416860e691cfc780593f06b467700968bb918c32547e378b14b4e0dcd11cb0b2fb36ea70946ac62290184b4eed38b51c322a75367b50f558e063bf363341a17c28ddcbf9ce53da06f26303fd156423a25f686809bc9845a78e0cc3d94e04bc8da85f22a4a8ece2c4ac2c79e54dcc4eabc61e067060ad880377a71fe0c2c0305256e4f3c637575f086e4ae3d7ab5d106fde03d24c47dccba3da23a244c1f50a4f60cd8d71b77390c5ce6d5612fd0260a2f33389b064ae6acac783eca62874232fd3808fb2188151a43de6cebc7e245106183f7d929f1eeff6f972da3e3d967170247925fb0f04bf38e88d06321f9ff9d2c296553d842b69036a2b6de2aad3879aedee723ff00736f7b0dffe6182104105ff0f0b636f5192d6bb5ae7ef950825827d2f3d6285d83aedca3f31474e0ad50ce6290a0e546c30d900e5b4208ecc8b3aca0ba3d110fc3c0a7e004a53e5d0ba1cc1c2bb42c3dbcbb4ceb6674151932ae56f6b03cc34ce450c292fecd2456ddcf42b075e6fd49305fbf265a36f3cff61321dd60f16e844089d659130947672a2d059e04af9ef653e8afec926b5a5d411f60a2a435437095a1df8dc60a616bd1a1ce7b5251ed8f905becffebd635eee8ff0055c40f146f1350a406b853ecb005c6ede4dc270ce6751cff915aa27f5f6b0736da14c9949de599d57868c29cc97ad03bd89502a34b88ad29c8762d0dc24a6df759821882a32e70531cab51fa1752a4fc49cf0706cb24d203174b2940f29ef8b0ce65b40cfde4e0c7310c685cc8de8384e485a951192fa8c36c11f9b88a48caf027dca480caa4fccae70ea6c837eb82f926ad7691c7709f217220d71f6e374fb8522a84c118b5c25f3d56acfb25afbe676fc9e574b6c5a59c00a0bbeeff61fd82a1677f3da9bb596133db491a8f11b945d930c8a67de9ce80025c764d518efcbae25d9194dc96c31ed02c63b1ac976715f7233ffed7cb6e929bbb5afabd34bc37c095acd0abbbdb1ea48e40a30ac99550f0ccca19ecef5acb2604c48fffb53b352d114fac72d6fc019ddec558406668f773fed9476148133c0f9ca4d1fd7e70dd04bfa089dc57e5940f29a5fd33dc79913ff48853794fdaf891d71de94c4a4fed0544e09f2bd578b07003031b8602f08ca8a79fa5ebfd5477f4d4f031c3efe0db273446a99d0cbe21a3cf43f3b82774e4657bb4f9675adbaf71c52953f0b18a61e05a9c770536fbad215848f8238e8730b9085189ea4621780dac500d7d7dc7815b45e232f86592498f1515ac8c50306013524cc5f0a74b67bc85d435d332ce69f00641c86a3e91be84b78ac358f35b18d69679df4197d3be8554417cf44aee6dc623f68ce3388df18168efa1c87c776cbda792f6110b6af178eb8200a91dfb72c1e23b5e5a66b5a3ee3f4c2bba2ccac939dcb036006b86e894093922a95fd70baba9424a3d0327a0f209fe10b39f3cec3f669d301a2834e58fd56f94d622dccf653f08e776c9f3e1b0e5b3cdef133834b93c41c70438d51a0b127262868d49ca91623c3d8b75c2cce0b771b9ac941bb96029e782224a3686a7c0dd164e162ede667e0e5817e7bde85ad3bf30a6a5bdc420f751679be74a02f84aa93b971c3f45a67d155f7ecb1d5284660918dbf102bc16f496fb62a1290e6b88ddaff55740583cba13076afd623276634e0c11663be50766980949095003ef5bc6f90a98bbad436b67928513e70115224f672ca2a24e27bb98bd5288c49ea23d47ef13c5ff28c43ce53ca16a6caeccc1f601226253c4a38a88a93828f6c800547cadbaa6d7ad26db618cccd38a671507cad5ba0065ce2edba81a059b95c36c5d04ab456fd6fd81ec3738ebe546d973c0886a5e7b83dd9c2f58f5d6c19519e67575b3732a486555f8d8c4ae004a62e8d07ab2c8ef74cdb96aa99d75aeb1c25985996f281d71106910a3c3da17de35e04dbe00e2b7b75ec2fed177a7f2d04fbf68bd0b8af682b30911867d4d1497ba060b662f4e97a8e7fd3613015cc34302377497cd08bcdc29f06dae240820d2ccddbf8c95c76a4ba5d3e1b37a62369ce3f79fb74ebd9bc82c3fa3edad4034b6715c2853fa7781c974b5a4e541e8b69bf4bd653fcce4e4340d9409fe9112e4d253a3b7e9d43f4426127b10f2d5d3fcd2193490f7d933e0cc53dae552f2d7c9d77b8f9b27c59105cfae43a0aab314a0820fbb5684bf20986e3be215688b42938d272c4c0edd17bcdc84a514d2483456d6cfb4f5c1218859ee55bfc77da36c9c75734932a12fd03df38232063ed92024f8ee7c21f314129feb10670bb4d6a0ad4fb3dc57a64cfe6509a0770650cdec0efd5e0b1fd29433cf871c9ddbe648319bd481357326ac1eb32b4bef4ad89ab6122e92dc786decac88624a4a3963ae771f8023b9a92e446114764c53d7efc07e3ea77a9daac5cabbe648a223e249db62102ef7b7b6d06df46b6ff913911b89848a47aecc0563fb06b6d77fe1daf4541cf619105ab68e0bcdf7a05af22b0551323bf33dec8167df2b7fac62dc9e286dd3462f488c82ad194f7fd5d3ca72fe9c0c37cdb6d75684326e5cb30319ab333fc70bb197320acda161d2e685e78ac2cb1417223f64742b12a316d590b18a4173b2a105a381baf6f383ec2e81d04860b5cc536475d7c5d05bd6a7db1a5d93930bacba8c1de63707bd24785e19fc1f15ba724660ac00d0f2ebbcd5528b8cbe4f3ca332e8611e937a310fc79d234be6c1cd09d6a5cb06ab36a9d667188144c81f86aaf0851763573b36cc21462ba4f3d6e95d38d1e9b943085661d234ef6d079bc9d84c7447c85baba88263451ba10559e1ce326fee5074b26b54872e690a9a1e589e1c444daa3224b292bf9ec4a604dc512760084084f27386c89a1190b8905f0d720508c0ed69272f396725805480188aa4602a26e833c16aa5079c0577a8203ec0b2b929ef3b410bb427c168b7fefd1be652f06efc61c7a295a5d07a9fd61bd5bfe67ac5f74e485a66c92950a1b460257084ca3a3489943ad450300967234b487fa3def4010f9b715196562ebb0846b7ac3eba47646af6285582b4402f64aa684dff7d9cf81fbe1aa88959f7906f06839389f2ad56efb5029afe1d5ceac99a3e698f49ff0da7db06d7c9e94a8773a13fab93def139667b4dc6b741bd2769da7786acecbe315f9006bb6b72abe5bdc587d8d5aa8f67aaefef68197fd2e7874d9b7da2c3a5618720c12e8fc31db3e334c47abcbf10c6181ec14af4f9e90e19a35360a793b1e9b336e49b3ed67568a860cd4c298f967ba323d315821959629e5b7aaac367e1ddb8a1c5d61500afa69331a4c90861852f533657b28b97a343bc531a11ff634b157a6d859a35f0d2a595375e11a32457575f1d73da033bf5eeda12337b9fdd46bce192d3aaaa240a8c65bf47704d6aa64a9531f9de14a96fc9fe380db35dd5ec52321c67fb4c18abcaf22fbe8f602ed201232251317e1a1b71e1e2c924a92d84685de348eec97fed954b7f6681ddf521b4ee03a1aeb2e446ee2a7f4dfa37b1c53831139fc624c14dcc4d144ccdf758fd9f344b4cdc1df70f6a24fa78cab136c912d1ebffa7053ccbc9b9445762236dca409820f738370117d5c369dfc50fd42277f14eeaf29110aedcd503008c42914d04e219a8b6c01e337d04724919b07157e2275ba6365a9dba5ebc8019bd1aa1b8668023f64cf47e1b49b4fbcfc10d560bb74405c90751504db8100d8a8a1a3ff84d98f1262fbbd6b962f492b9531a7411c08e7e56eb0f838075f754b6a395b6b58a8e4c47eb46bfaba2ac94800a396749d18ba0e6219f8d616ec71a1e60b3bcc24e19d4a20ddbc6a871e6d7efa50a362610598d892a5adecbcfe217534deee3620dfc88c7992ec2e710e083ef0a50c20621405f654804d1af4f24d22b8ca48f26303e6969127a74f0b276a5624c3b84410d4d5ee3c62605876e60a88df2bd6e8db8c7e486fdb452178563e7add6bc126b721b9ef8b12181989b87031573a4010d88e34f15a2344e4808b74c99ad68f0c2aca4e8d504397c03e1328c4b1ec43fd902d206c3cfb63d7541ac57fdbc70b0033f87514286101231fe7e79668c802e1c23d61540cdf13a5e675b736e221ddc29ab747d9c64f6213f51d3c1ded2e2b0efc4e45183d90468f61ec1720f7a0b87947e2c54125cebe6563ee4415d886bbe869d17d36371c942c11db1e13c1dd40ed24cabaf7ee80eae6c4db934e982d9619d753dcd679c5650cd95d21582e31b259043a0d03371cd294f4cc028042c75070c9b534a2d79f164ab9d773295795280d1584ca664b53b263fe2e23534d27b0d85742fae8061e03187795129dd272041c6eb9c10c3406da1f752f4ca697bdbddd74975cd4dbba5687fb30ac4fd5d2579494eac73053a63821a852cf41a80f6668006f7e1c4e30b48d638ebab470c558d42baeed1adc8fc71f73e95f3ca212a4b009b508e89898727f805685e4e7650a2961d62c117d1ee9017236a6bffa0c36ae11bc52d346c83399e43c42cdb9f443aa307109a97ee66ceb7a29eeb2f1a2bb3ee1492229116db07301b2aa4126aee7775daa2d0eab4d206fae11b3c6b565dcc4c7b4dd1cf2abec81150d0629803f6eb221be384b8772fe6d6c4fa98c928a9d0a02e9ff8bb7a2168dbebe140323d93bee8983c496bccf752c372b795a3493624cefb3cfeb4307bd39826cac1ea3f18912deef1b8c8db30bc016990a477bc0a925fb36453a9e21354b2d7e6e3d4ca4dd20f27a8db05429d44b7a485365191dc4ba977a815958faf6434813a9f4046054763dd55dbb7fae892b746e169ae046ae3361a9f75cf622b03f75b1633da864395bd1c3a594fab0b1fb37f088dd1f2776e2b795c78635c2026a8ce7ff40968a1960786049a217dd8872ac0c01f4bafcf2d3d751dd46a5e1bec00540a9ca7afca3ef37575d4a8b1291d05be94913092890a9b4bfff39edbff307e5654896e79228777c0f8ea46c55bfe19e522bf457ab4e6b0167d776dbcd0160598370a12c4a03e4edc82b245a7608797b03d4ed89dfc2a5bf07b9fcb251fb8608553f3b3774818717a9aabe6b2ded811515ba454b390a6065bbc59552f3bfe51d38f139792e1aae60093a7c5770b52a1730feb1049c14a7d5261d644f6b738e22ee72aafa422bd93f61e1ccac0a5ef4726c66f61bb539acb937bd63da82c700c0860be90ce5621ced22b52b63d041266fc258fbfa6641aef22e97804e5138ad2ce4405eaf76bb0acd7fc61b2d6de4aabc5c28a850fcf219cff77c97d3cb6bec0067c171b912d11d82c56cbad56c0032a9657d4cdd1eacaca53f40f5e3fe911127e1cd30781351f180e1413933cee2d46ca0eea31ee01fe4e99a567edd0b10565d47b87c8a48366143e889e52d0ff13c920aea092c2545fa9b7056204fec156549d3c0a997bc1cf4a01338483bf5c69d6958ae038f1c3e3b84baeb2c1f9e064c0750602c34c6c483c316391d975f94f21f6dfe74e92c33228b408a9e2b9abcda33c497abba9c48a63e5c8f1a8d0f4c24d36a44e1601e8a09e8a5c7179bd4c44b17e542dd99cace87aab60a5e53325d544c991b6fa5deffa49fd886332980deeca9229cb2f67f495a7b743153854ed81e1623b12dbd65512d08a5732fee2db3fb455cf6df5a1701a2b8674633c6792162dc86ac76e30da225b0167a7e704ad33ba694f9c902afbeed58eef609874767053f59414d4d3eccbbcdbc7eba997c71f9b1f5139bb020d5dae1db6e2dcfbb51b5371b08bdbc3312b05ee6d8c03c8b5a7d4f23da45f276394f222b1a0bdf4e2603243cdba60ee0530387c88bb457ca9932f2283a4d55bb1195e6d325ed93f714e21908b1baafa467f1cec7fa26e5c384ee6828e77978bd1abd014de549a5e5966f2b2f4ba000f9d77f1abfe3a6c337cdb852c1ec59f61b63d543f3062dd2616a163ed7ca60168b0347b5c5646a678dafb4c502c333a0a48f0341b47f5c5946e42e571db0bfa0682a449ca64e71b5661a842975182399245c6de241512c67ac918d7e0c5cb66565010e881b8333567ca584321ead1c383b099d8bf1c56dac08cb218cde4226ad420d6d6313f9c4884d6394722304fdaa76e61db8c0d54eb1151344c41ce1130272928eecb2f9f0f23c752622374eb1223a80efcf0b937dff7d813d7be0340226c0a7b163741d9aecafcb7ddae5a219323323f621c802be82399e06d2e1cc582e759ffa303c5103f8a44d7129d2853b02e506abda57ad2836d7ff16f95232149fbeb8b62e586d3536bb4ae042ecd9e25d1dee789353071f9c89d4361000c47b763556e8902f1f25cbd8ae71679e03ff27db0ec75eeee3fccafc7fcf22c377ac60d3c61a43cb53abf6162118f2efc86a5ce80e69a02bc1db80018beeef6d567941232e4412a958ed012bf7a832c1eaf68134ecabc4927ad666b3d0f21d4e8d52fa37e0a9751124efed8bf47544299138a6f69d89e295677f12606c79b72451c263fca3eec22bf0c47c641159a0bbfb3b2b03154af533e5c06a149e52adcfae31bfc55f30064a8903c8d3b828d275a937b1e4adffa0597da5e253b50bd71b33f057ffeff0b2a0829b3bf33350fbe67c7c79034f80d69e6a21be495a848d328f416f15966491b218eab390544e39d498258ad80ddae248634c845cbe6f1c1e93e7c2b02075411e075fe936bcc75f4a4e1a3687cb3dbbb61cb31ddfbbc87a1859b3a48fccdd8e5915c8bf4eebe8f7093cef6a7a91c8682915f9908c854c483e90c9643467292884d284134dbaddafdbc74d94a5f9713719d62b4f6b4236803d210181847ca27129fde264156895f4e1822ef78a3b215ef56d7e36d2b94c93f5e931a0d13a3a3030061ce62de595eecf47eae6bf698530145757700df18f66fd7261a12c119d6679663b3c0f99d1705aebe66dc862eb21ccb7360b93f54507149b577abf521113991e06f345e8282fdc18de673e1ca7b188ee34b14f37f86ddcf97fef0b913c33cf8e5d5d33707dbcdbe4b27cef056670252f186735cdd02f6ed6bfe5318a704f00e34ffc4fda9855bf37c51be6a7423e44dd8a98883c8fa82ca37c90d681fb7a0db915576b50e49aff545b99aa3aa6343b814ba0bf64e53b2a1edcae2231bf20d65e4bb4da6dc8382120ede652adfb7c30a46e0ee784cbde74563d83eb8d89a1573fa104fddca9d4833c49dc904bda905426c7dee3e48b596c8ee201bea57fedb1a0649457eaac3c5b5f4519af3adb66f10b861e711cd4034448890e15047c2f8902588268b5645051f3f3968ed8d630e050ccef0d01b61ffeade51e4e72d8fd46bba4c20009396e984c424d174934a67a1930665fbea04c809e7cda0a2cdfd3a14d6b99c3a8d8b3691825830456876f188ff871fc861e4c6a0ca377dc1f0cb0f929f7eb1f5da045d9a588a393312acacca5c5a3b15bb1b488b08fc40ad65ae2c1df187eccd8377525a81d80df57579ae52f775fb2efdd172a41c370300fcc594c2635dcf50e9eb9d34fa8b4bbfd13078422e3a7734a8ae6cc09e39d07c7ee19838f8da4cbafe4162c8f8dc44e284840bd0a5c80bfc657c22e37e0d9a96dda34a51ce616c9ccdc95955cf85d93860da902ab30f11aa333eacc25c47981d8636038761ed4d84fcbb0ca92dd2e07863b9505b451c3c49e36a172527578123049ff2dc2b4e258a3f698a12ca4705a6fd0ce6bc4f1767b4d9c2e57c9ed1388527964ac96ff5e4cf5ad6fdb6a853b43905df32af8bd788b520fd526cbb95195a1bc00d654cb080acdf67938517a6cdac741d86730358be16465b4e1301f47f6a444c4e8d2980b8bd98a8dcd6617cde0b287e2d1f59167b5c445146fa49728111b8a2729428cabd02facb8fbddbdb2769680f288648d6baac53e0d909335da3e2b4c13ebd41f32820c9f491e9124ca444a0532f60e2816e15a5810baa91f64454aa355f9d362c7d1a461561689d08b1350a216b6f1bda57aae0706b3710a1b8e52a7e3084e600b5ee3dc540bba0c16267d549304a7840659a32e40070715c9bb912792d4a7b84fa06e73b9ddbc2f06c4edc19d25f5a198c7e3fc6226842e6215da5d826fcf5949612889f78e9de39d4e64b86b7033b5717a21f8f2b81c799a3fc0bfe6f5837b252eefa360c91a6148296bd19d50a343d909c1edf5261e70c8dfb2c488940cf236941ad3fd01247e37902a4bbfdd1839f7c92c260a2c494022fac08629303c8e54108d78ae2c94289c7f998ba3b622b48931ee7c17c59f5499d282467a1b8050acc94a0b17b21836c80b69f519b9b077d18e33c027faad562fa09f2cc6120f8cf5ee18cf7db9d729ffbb9de58885713215b7aebb8c98d9fa009be0a9ef3ceccdb2b31968db555b26c5c94e382d06ebf6d356e8caa85def5813dd1596d823924c4fb63dba5bd094cb64f204d1e59d31287715f831a1f0be95d8749f2166ba0b0b6b64a37991be1fe1c1e922835f2da0c074ec9413561d52166576b1c4f1e18f078dc046d1c284964b80217b55c59a474740c3649116b33e927479736bff6005859c7c00598f22cb8eca38af802f4c86836e8330492ac7ef3707890a8ff856dc7786ed769bba75b18484b257b3b022eeb51aa720639f79e6e6bd3d3c9a61f7822abe562867b4693f0b2f61135aaeaa510b31112efeec48d2602c6d4f2ddeeb51bb03ab18c18d8e127a37e22881febca47742b9332d3f2251003b1a46c40eca111d02446466b669568c70971bd33254ca577777f126f86f8a3665f065b645ff261e78e0f532e83a81b99c5de3488de74ca82daa0e4e7404eff911ae955acbb800f9f91b774e472bc14aa92817b6d85877b1861a6ca92c03c83b6f1490068bad8eab1f58c9e91e1029683de2ca45c99966966031ee86d8c9995f0612480e2a6d5396e8ae361d6fd2e24557613a1191f5019d4c8078628013512ea3a59532efffa6cfe4970d28d8c7aa8c866c4275ff2b0b4ef1a7e56854d7ee4bc445713da9349d13e30a4a802cb9db2f10280fd9ea043b5b3480441e8ed2d907eae1259befba9d87a04ce42b0010c70af157b90e0bf72549852fd122edd6cf3475f76852b13b4bf887cf32e25ad34aed7fd5a6e97b307f9b4ff1c07b2b55beef5ef3dd96eeb2a57720c18209d911a55341cee67e6ff577f7acaba01c2c9690b15a3b8aaa5b9d734196467a8c074b2eeeb5ae931ddf3deb15b1a8d603e72125c2e68ad206f2c4252a659f8248ff882a8e54126ebc0c77a46101072272460e683d465279a3695be6b64c9eeb4a576d95fd520be42eab5c95cbace0dfd80e2d67bab9f683a1cc9c006c02f0f90a21a0f51218c628f5608fbf1abc79aa63452bde1002383033578f32980e3779a8edeb226f6d3f9b36d8f07bddd7479b60346a4b4fa883940e3aef8ad8d834dad4405960a4409a6255e8753d0c0ad0960ff3ef48ce93fbe6b165e86eab36fccb8b989f5b54e6ccaa19749ff065a0a732d15c41b9072bbc6f07e1fd5a3df2775874e46b61ed50714e8c403fbed6884ec06f52ab71d2c191fcc56ac0b17ba3c46d2dab3e11c79383bd8867ff14b5fbca73b9ae594b6a09fb73a2e8f15aee59150e8d6d3dad9659025d045bbd1b9ca257c67bb78abe8f7eb9c8b3bc32951c41f7390bacc8c7059a2a9b078ab50413605aec604e4666a6ace765b0e7ab558fe6232f2703d07811e3d0ac5bf9434e87876e99250ee9db6527a8ccb4a3ee3bde738563c9746f941cf2cd7efacdbd2593cafdbe5171864b2982b54dc5a32c86638c0e650a331625033b8dd65851965ae791880349d5cd52548f4422a317f96ed79e7ccf3bd671e6dc70365f521c65206386eb1f99570a544d11b3d36fea285f8a3770ca303a965a0c1d598ebe3696e647be734ccf760d3d47dec75e236d7ac08019b6622a7b9f08bc8f0937ab75e75a047a7386befbd56fc4b2f89c852dadce8df946cb3fafe4eed2678caadf1a913ae32b2c0b8a37984cb700343c5e24609f8c5ddeff5e653837a9332a41c8e21466a13d79224125d5f6a4fef79b5adae7f4ab7d351c55400545edd3c00637bd27164828925e9bb5d79f1f1e6eb3270ab799ae38772f779565d92c47503de695f7aad7ddacda6f6c71e755b3737231b64715bf07849d3466e4f92239f733436ce674389bd16900", 0x2000, &(0x7f0000008b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x90, 0x0, 0x0, {0x100000000404, 0x0, 0xc, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000}}}, 0x0, 0x0, 0x0, 0x0}) readlink(&(0x7f0000000040)='./file0/file0/file0/file0/file0\x00', &(0x7f0000000080)=""/167, 0xa7) read$FUSE(r0, &(0x7f0000008bc0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000280)={0x50, 0x0, r3, {0x7, 0x24}}, 0x50) 967.79246ms ago: executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$sock(r0, &(0x7f0000003780)=[{{&(0x7f0000000080)=@in6={0xa, 0x4e21, 0x0, @mcast1}, 0x8d, 0x0, 0x0, &(0x7f0000003700)=[@mark={{0x14, 0x1, 0x41, 0x7fffffff}}], 0x18}}], 0x1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x60001, 0x0) write$binfmt_elf64(r1, 0x0, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) open(&(0x7f0000000100)='./file0\x00', 0x101bff, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) fcntl$setsig(r3, 0xa, 0x21) fcntl$setlease(r3, 0x400, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) connect$unix(r2, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) 356.652275ms ago: executing program 2: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2010000, &(0x7f0000000200)={[{@rodir}, {@fat=@usefree}, {@iocharset={'iocharset', 0x3d, 'cp865'}}, {@uni_xlate}, {@fat=@showexec}, {@utf8no}, {}, {@shortname_mixed}, {@numtail}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@shortname_winnt}]}, 0x25, 0x336, &(0x7f0000001200)="$eJzs3T1sW9UXAPDjviROI/VvD3+pgsmwIaGqCWKAKVFVpIoMUGTxtWDRlI/YVIqFpTDE9QJiBLEgwcTWAcbOiAEhNgZWioQKiIVulVrxkP1e7OeP0BThlI/fb4iOzj3H976Xq/glSm5eWo/tC4tx8caN67G8XIqF9TPrcbMU1TgWSWQuBwDwb3IzTePXNHPn6vdX9qOlOa8LAJifwfv/KydGifK9XA0AcBQO+f3/UzOzl+a2LABgjqbe/x8cG574Mf/C8HcCAIB/rmeef+HJjc2I87XackTrnU69U4/HR+MbF+O1aMZWnI5K3I7IHhSyp4X+xyfObZ49Xev7sRr1fkenHtHqdurZk8JGMugvx2pUopr3p8P+pN+/OuivRcTl7mD+aJU69cVYyef/biW2Yi0q8f+p/ohzm2fXavkL1Fv7/d2IXizvX0R//aeiEt+8HJeiGRei3zta/95qrXYm3Rzr71wpD+oAAAAAAAAAAAAAAAAAAAAAAGAeTtWGqsPzb9JWt/P2+cmC6tj5OPVsOD8fqJedD5SW90/neTeZPB9o/HyeTn0hjt3TKwcAAAAAAAAAAAAAAAAAAIC/j/buUjSaza2d9u5b28WgW8i88dWnXxyPyZrXk1EmFrKXG6vJc1HoSmLYng7b02SsJg+SiFHxlavDFRdrysOrmGrvB+WpoVK+pkazeeKBHz6a1fXbKJPE1G0ZD0r5/IWh1v+y1B90HRys3aHmWpqmB7XvfTjdFaWIhalP3F8RfHn91fseaZ98dJD5PD/04aGHK89e++CTn7cbzchvTbO5tNO+nf7puZLC/inl97k0YyfMDnqjTG+nvdtIvv3lufvf+3qiOJm9f9Ji5s2D5/psMrOUBf1lHuZKF2ds/tnBi7eGu/fub+bJj9cbV/e+/+mwXYUvEg7qAAAAAAAAAAAAAAAAAACAI1H4W/G78NjT81sRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy90f//LwS9qcxhglvdmB4qb+20D5z8+JFeKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2G/BwAA//9pxHjs") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 310.570912ms ago: executing program 1: r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="75fa00002d3400000000000000000000000018010000202000002020a90aa481207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000064ea4a304000000b7030000000000008500000072000000959339b623990122f6fe8294fb896769e5ce82f2df2889b7c2bc2004db91b53c1d"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r3 = timerfd_create(0x0, 0x0) timerfd_settime(r3, 0x3, &(0x7f0000000200), 0x0) clock_adjtime(0x0, &(0x7f0000000040)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r4}, 0x10) creat(&(0x7f0000000080)='./bus\x00', 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) timerfd_settime(r3, 0x3, &(0x7f0000000140)={{0x0, 0x3938700}, {0x0, r5+10000000}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) readv(r0, &(0x7f0000001380)=[{&(0x7f0000000080)=""/47, 0x2f}], 0x1) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r6 = syz_io_uring_setup(0x18a, &(0x7f0000000440), &(0x7f00006d5000), &(0x7f00000003c0)) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r6, 0x10, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000080)=[{0x0}], 0x0, 0x1}, 0x20) ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f0000000440)) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000178500000083000000bf09000000000000550901000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) 226.891305ms ago: executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]}) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kfree\x00', r2}, 0x10) mknodat$loop(r0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0) r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000040)=ANY=[], 0x1, 0x0, 0x0) linkat(r3, &(0x7f0000001180)='./file1\x00', r3, &(0x7f00000002c0)='./file0\x00', 0x0) creat(&(0x7f0000000080)='./file0\x00', 0x0) 222.294076ms ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="9802"], 0x298) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000005c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}}) r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) listxattr(&(0x7f0000001e80)='./file0\x00', 0x0, 0x0) getdents(r4, 0x0, 0x0) 210.824437ms ago: executing program 1: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000580)='jbd2_handle_stats\x00', r1}, 0x10) syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 174.722533ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0xe03}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='ext4_es_find_extent_range_enter\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='ext4_es_find_extent_range_enter\x00', r2}, 0x10) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) 170.509354ms ago: executing program 2: r0 = fsopen(&(0x7f0000004340)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000000c0)='async\x00', 0x0, r0) 154.577046ms ago: executing program 1: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000079100400000000009500000900000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80) 144.184618ms ago: executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = dup(r0) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000300)={'ip6gre0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private1, @loopback={0xfec0ffff00000000}}}) r4 = socket$unix(0x1, 0x2, 0x0) bind$unix(r4, &(0x7f00000006c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(r4, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 127.85506ms ago: executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f00000000c0), 0xffffffffffffffff) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000083205b870000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r3}, 0x10) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={&(0x7f0000000140)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x4}]}, 0x1c}}, 0x0) 123.623431ms ago: executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$packet(0x11, 0x3, 0x300) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r3, 0x0) dup2(r2, r1) sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 105.834914ms ago: executing program 4: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r3, &(0x7f0000000180), 0x2000) 102.419014ms ago: executing program 2: io_setup(0x7, &(0x7f0000000000)=0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) ioctl$BINDER_WRITE_READ(r2, 0x40046208, 0x0) 54.469992ms ago: executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x0, 0x5, 0x2, 0x4}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x1e, 0x16, &(0x7f0000001740)=ANY=[@ANYBLOB="61106000000000006113380000000000bfa00000000000000700000008ffffffd503010017740040950000000000000069167c0000000000bf67000000000000350607000fff07201706000020190000160300000ee60060bf050000000000007b650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f17540faf80250aa20c669a5e12814cb1cea5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000400c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e273834f2af97787f696649a462e7ee4bcf8b07a10fd7ed6735154beb4000000000000000000000000004000bc00f6746a9709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c1d926a0f6a5480a55c22fe3a5ac00000000000000000000000500002000000000fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e14d90deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b06ff7f0000000000007f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089e0b1c23c0f3cdad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631d22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0af1cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c29984864961a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000c9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000000000000000000000000000000000001386866b311bd144bc32e059658c9f8342c90c1ade31b78072841b8b5a943d62a44cea6b050c42e3c205fad6a23fb43c93da0f49d911877265e6ee443e37397ecf89021e7f579e8d3a74c12b52938d91e9de07fc8eeeb9505f4a9c26266bf5449484ccc1317c747664e9f7478f8200"/1582], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x7, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES64=r4], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]}) r6 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) mknodat$loop(r6, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0) r7 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000040)=ANY=[], 0x1, 0x0, 0x0) linkat(r7, &(0x7f0000001180)='./file1\x00', r7, &(0x7f00000002c0)='./file0\x00', 0x0) creat(&(0x7f0000000080)='./file0\x00', 0x0) 51.323722ms ago: executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@ipv6_getaddrlabel={0x38, 0x1a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFAL_LABEL={0x8}]}, 0x38}}, 0x0) socket$inet6(0xa, 0x80803, 0x88) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(r1, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a00060000000000000500e50000070000001ffeff0001000003f1dc7f7c6e870200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="020a00000200000000ac39a2d0000000"], 0x10}}, 0x0) sendmmsg(r1, &(0x7f0000000180), 0x400008a, 0x0) 41.552104ms ago: executing program 4: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000580)='jbd2_handle_stats\x00', r1}, 0x10) syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 40.684724ms ago: executing program 2: mkdir(&(0x7f0000000040)='./file1\x00', 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r4 = dup(r3) write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18) r5 = getpid() process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r7}, 0x10) io_setup(0x0, &(0x7f0000001000)) openat(r4, &(0x7f0000000000)='./file0\x00', 0x101280, 0x4) write$FUSE_DIRENTPLUS(r4, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_INIT(r4, &(0x7f0000000380)={0x50}, 0x50) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}}) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 33.435345ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0xe03}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='ext4_es_find_extent_range_enter\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='ext4_es_find_extent_range_enter\x00', r2}, 0x10) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) 29.295586ms ago: executing program 4: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000079100400000000009500000900000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80) 21.029987ms ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10) io_setup(0x3, &(0x7f0000000000)) 8.754049ms ago: executing program 0: r0 = fsopen(&(0x7f0000004340)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000000c0)='async\x00', 0x0, r0) 0s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000200000000001200000085000000230000003f0000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) kernel console output (not intermixed with test programs): d oldalloc option [ 167.947358][ T6429] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.2: inline data xattr refers to an external xattr inode [ 167.966366][ T6429] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz-executor.2: couldn't read orphan inode 12 (err -117) [ 167.980532][ T6429] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,max_dir_size_kb=0x0000000000001c2e,nouser_xattr,usrquota,prjquota,resgid=0x0000000000000000,oldalloc,resgid=0x0000000000000000,nodiscard,,errors=continue. Quota mode: writeback. [ 168.101836][ T6439] device pim6reg1 entered promiscuous mode [ 168.245102][ T6445] xt_limit: Overflow, try lower: 184549376/256 [ 168.252161][ T30] kauditd_printk_skb: 89 callbacks suppressed [ 168.252175][ T30] audit: type=1400 audit(1718703753.684:818): avc: denied { mount } for pid=6444 comm="syz-executor.2" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 168.298531][ T6447] device syzkaller0 entered promiscuous mode [ 168.641482][ T6463] device pim6reg1 entered promiscuous mode [ 168.659045][ T336] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 168.699115][ T311] usb 5-1: string descriptor 0 read error: -71 [ 168.719064][ T311] uclogic 0003:256C:006D.0021: failed retrieving string descriptor #200: -71 [ 168.727694][ T311] uclogic 0003:256C:006D.0021: failed retrieving pen parameters: -71 [ 168.728899][ T6469] syz-executor.0[6469] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 168.735704][ T6469] syz-executor.0[6469] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 168.735719][ T311] uclogic 0003:256C:006D.0021: failed probing pen v2 parameters: -71 [ 168.766904][ T311] uclogic 0003:256C:006D.0021: failed probing parameters: -71 [ 168.774303][ T311] uclogic: probe of 0003:256C:006D.0021 failed with error -71 [ 168.781413][ T6469] loop0: detected capacity change from 0 to 256 [ 168.783069][ T311] usb 5-1: USB disconnect, device number 13 [ 168.819634][ T6469] FAT-fs (loop0): Unrecognized mount option "18446744073709551615ÿÿÿÿ01777777777777777777777ÿ" or missing value [ 168.831423][ T1140] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 168.842262][ T1140] asix: probe of 2-1:0.0 failed with error -71 [ 168.849255][ T1140] usb 2-1: USB disconnect, device number 14 [ 169.039252][ T336] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 169.050485][ T336] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 169.060118][ T336] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 169.070707][ T336] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.102592][ T336] usb 3-1: config 0 descriptor?? [ 169.264627][ T6492] device pim6reg1 entered promiscuous mode [ 169.418481][ T6508] loop1: detected capacity change from 0 to 512 [ 169.450320][ T6508] EXT4-fs (loop1): quotafile must be on filesystem root [ 169.474348][ T6500] loop4: detected capacity change from 0 to 40427 [ 169.529835][ T6500] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 169.537391][ T6500] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 169.548518][ T6500] F2FS-fs (loop4): invalid crc value [ 169.578802][ T6500] F2FS-fs (loop4): Found nat_bits in checkpoint [ 169.609568][ T6500] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 169.616431][ T6500] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 169.634254][ T5736] attempt to access beyond end of device [ 169.634254][ T5736] loop4: rw=2049, want=45104, limit=40427 [ 170.159878][ T336] usb 3-1: string descriptor 0 read error: -71 [ 170.179081][ T336] uclogic 0003:256C:006D.0022: failed retrieving string descriptor #200: -71 [ 170.187899][ T336] uclogic 0003:256C:006D.0022: failed retrieving pen parameters: -71 [ 170.196448][ T336] uclogic 0003:256C:006D.0022: failed probing pen v2 parameters: -71 [ 170.204745][ T336] uclogic 0003:256C:006D.0022: failed probing parameters: -71 [ 170.212205][ T336] uclogic: probe of 0003:256C:006D.0022 failed with error -71 [ 170.219135][ T1140] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 170.220482][ T336] usb 3-1: USB disconnect, device number 13 [ 170.299583][ T30] audit: type=1326 audit(1718703755.734:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6557 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 170.326913][ T30] audit: type=1326 audit(1718703755.734:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6557 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 170.350885][ T30] audit: type=1326 audit(1718703755.734:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6557 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 170.390537][ T30] audit: type=1326 audit(1718703755.734:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6557 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 170.414445][ T30] audit: type=1326 audit(1718703755.734:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6557 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 170.463930][ T6570] loop1: detected capacity change from 0 to 512 [ 170.490203][ T6570] EXT4-fs (loop1): Test dummy encryption mode enabled [ 170.497278][ T6570] EXT4-fs (loop1): Test dummy encryption mode enabled [ 170.503937][ T6570] EXT4-fs (loop1): Ignoring removed nobh option [ 170.510070][ T6570] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 170.521337][ T6570] EXT4-fs (loop1): 1 truncate cleaned up [ 170.526798][ T6570] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,test_dummy_encryption,nobh,minixdf,errors=remount-ro,quota,. Quota mode: writeback. [ 170.554700][ T6570] EXT4-fs error (device loop1): ext4_search_dir:1548: inode #2: block 13: comm syz-executor.1: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=16, rec_len=0, size=1024 fake=0 [ 170.574709][ T6570] EXT4-fs (loop1): Remounting filesystem read-only [ 170.589115][ T1140] usb 4-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 170.598055][ T1140] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.606490][ T1140] usb 4-1: config 0 descriptor?? [ 170.624087][ T6578] xt_limit: Overflow, try lower: 184549376/256 [ 170.670648][ T6586] loop2: detected capacity change from 0 to 512 [ 170.746892][ T6589] loop1: detected capacity change from 0 to 256 [ 170.776941][ T6584] loop0: detected capacity change from 0 to 512 [ 170.814484][ T6584] EXT4-fs (loop0): Mount option "nouser_xattr" will be removed by 3.5 [ 170.814484][ T6584] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 170.814484][ T6584] [ 170.833421][ T6584] EXT4-fs (loop0): Ignoring removed oldalloc option [ 170.848156][ T6584] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.0: inline data xattr refers to an external xattr inode [ 170.866667][ T6584] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 12 (err -117) [ 170.870620][ T6586] EXT4-fs error (device loop2): ext4_quota_enable:6362: comm syz-executor.2: Bad quota inum: 2, type: 2 [ 170.885592][ T6584] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,max_dir_size_kb=0x0000000000001c2e,nouser_xattr,usrquota,prjquota,resgid=0x0000000000000000,oldalloc,resgid=0x0000000000000000,nodiscard,,errors=continue. Quota mode: writeback. [ 170.892923][ T6586] EXT4-fs warning (device loop2): ext4_enable_quotas:6410: Failed to enable quota tracking (type=2, err=-117, ino=2). Please run e2fsck to fix. [ 170.930833][ T6586] EXT4-fs (loop2): mount failed [ 171.040079][ T6611] loop4: detected capacity change from 0 to 512 [ 171.060085][ T6611] EXT4-fs (loop4): Test dummy encryption mode enabled [ 171.067047][ T6611] EXT4-fs (loop4): Test dummy encryption mode enabled [ 171.073797][ T6611] EXT4-fs (loop4): Ignoring removed nobh option [ 171.080014][ T6611] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 171.091563][ T6611] EXT4-fs (loop4): 1 truncate cleaned up [ 171.097196][ T6611] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,test_dummy_encryption,nobh,minixdf,errors=remount-ro,quota,. Quota mode: writeback. [ 171.116581][ T6611] EXT4-fs error (device loop4): ext4_search_dir:1548: inode #2: block 13: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=16, rec_len=0, size=1024 fake=0 [ 171.147687][ T6611] EXT4-fs (loop4): Remounting filesystem read-only [ 171.475712][ T6622] loop4: detected capacity change from 0 to 512 [ 171.496057][ T6622] EXT4-fs (loop4): Mount option "nouser_xattr" will be removed by 3.5 [ 171.496057][ T6622] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 171.496057][ T6622] [ 171.519096][ T6622] EXT4-fs (loop4): Ignoring removed oldalloc option [ 171.532449][ T6622] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.4: inline data xattr refers to an external xattr inode [ 171.547746][ T6622] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz-executor.4: couldn't read orphan inode 12 (err -117) [ 171.560243][ T6622] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,max_dir_size_kb=0x0000000000001c2e,nouser_xattr,usrquota,prjquota,resgid=0x0000000000000000,oldalloc,resgid=0x0000000000000000,nodiscard,,errors=continue. Quota mode: writeback. [ 171.711573][ T30] audit: type=1326 audit(1718703757.144:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6650 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 171.735359][ T30] audit: type=1326 audit(1718703757.144:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6650 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 171.759445][ T30] audit: type=1326 audit(1718703757.144:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6650 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 171.800034][ T30] audit: type=1326 audit(1718703757.164:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6650 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 171.834350][ T6653] overlayfs: failed to resolve './file0': -2 [ 171.978100][ T1140] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32 [ 171.996141][ T1140] asix: probe of 4-1:0.0 failed with error -32 [ 172.012897][ T1140] usb 4-1: USB disconnect, device number 17 [ 172.157511][ T6666] loop1: detected capacity change from 0 to 256 [ 172.443611][ T6670] loop0: detected capacity change from 0 to 512 [ 172.500928][ T6670] EXT4-fs (loop0): Mount option "nouser_xattr" will be removed by 3.5 [ 172.500928][ T6670] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 172.500928][ T6670] [ 172.519176][ T6670] EXT4-fs (loop0): Ignoring removed oldalloc option [ 172.543151][ T6670] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.0: inline data xattr refers to an external xattr inode [ 172.561582][ T6670] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 12 (err -117) [ 172.579140][ T6670] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,max_dir_size_kb=0x0000000000001c2e,nouser_xattr,usrquota,prjquota,resgid=0x0000000000000000,oldalloc,resgid=0x0000000000000000,nodiscard,,errors=continue. Quota mode: writeback. [ 172.691830][ T6675] loop4: detected capacity change from 0 to 40427 [ 172.733037][ T6675] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 172.740958][ T6675] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 172.754397][ T6675] F2FS-fs (loop4): invalid crc value [ 172.934417][ T6675] F2FS-fs (loop4): Found nat_bits in checkpoint [ 172.966744][ T6675] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 172.973735][ T6675] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 173.037500][ T6701] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22 [ 173.049335][ T6701] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev sda1, type ext4) errno=-22 [ 173.581513][ T6710] overlayfs: failed to resolve './file0': -2 [ 173.625772][ T6712] overlayfs: failed to resolve './file1': -2 [ 173.662652][ T6721] syz-executor.3[6721] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 173.662723][ T6721] syz-executor.3[6721] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 173.797044][ T6727] loop3: detected capacity change from 0 to 256 [ 173.923815][ T816] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 173.941436][ T816] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 174.004583][ T311] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 174.369098][ T311] usb 1-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 174.378014][ T311] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.386206][ T311] usb 1-1: config 0 descriptor?? [ 174.612297][ T6749] syz-executor.3[6749] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 174.612345][ T6749] syz-executor.3[6749] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 174.919030][ T20] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 174.969066][ T1140] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 174.987335][ T6774] syz-executor.4[6774] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 174.987385][ T6774] syz-executor.4[6774] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 175.419140][ T1140] usb 4-1: Using ep0 maxpacket: 32 [ 175.459123][ T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 175.469948][ T20] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 175.482621][ T20] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 175.491492][ T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.499717][ T20] usb 3-1: config 0 descriptor?? [ 175.549130][ T1140] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 175.559903][ T1140] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 175.568678][ T1140] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.576942][ T1140] usb 4-1: config 0 descriptor?? [ 175.609081][ T311] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 175.618879][ T311] asix: probe of 1-1:0.0 failed with error -71 [ 175.625347][ T1140] hub 4-1:0.0: USB hub found [ 175.630354][ T311] usb 1-1: USB disconnect, device number 12 [ 175.829103][ T1140] hub 4-1:0.0: 1 port detected [ 175.979915][ T20] plantronics 0003:047F:FFFF.0023: No inputs registered, leaving [ 175.988246][ T20] plantronics 0003:047F:FFFF.0023: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 176.178807][ T6807] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22 [ 176.192287][ T6807] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev sda1, type ext4) errno=-22 [ 176.218214][ T6800] loop0: detected capacity change from 0 to 40427 [ 176.250154][ T6800] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 176.257734][ T6800] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 176.267363][ T6800] F2FS-fs (loop0): invalid crc value [ 176.274178][ T6800] F2FS-fs (loop0): Found nat_bits in checkpoint [ 176.308540][ T6800] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 176.315491][ T6800] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 176.954662][ T30] kauditd_printk_skb: 21 callbacks suppressed [ 176.954675][ T30] audit: type=1400 audit(1718703762.384:849): avc: denied { setattr } for pid=6832 comm="syz-executor.1" name="file0" dev="9p" ino=7016996764471618667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1 [ 177.023641][ T1627] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 177.033065][ T1627] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 177.309083][ T1140] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 177.329749][ T20] usb 4-1: USB disconnect, device number 18 [ 177.819104][ T1140] usb 2-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 177.828102][ T1140] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.836367][ T1140] usb 2-1: config 0 descriptor?? [ 177.959471][ T6] usb 3-1: USB disconnect, device number 14 [ 178.077765][ T6886] lo: Caught tx_queue_len zero misconfig [ 178.359158][ T6] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 178.579084][ T553] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 178.719112][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 178.729955][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 178.739531][ T6] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 178.748346][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.756731][ T6] usb 3-1: config 0 descriptor?? [ 178.939073][ T553] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 178.949976][ T1140] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 178.964412][ T1140] asix: probe of 2-1:0.0 failed with error -71 [ 178.965096][ T30] audit: type=1400 audit(1718703764.394:850): avc: denied { read } for pid=6896 comm="syz-executor.3" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 178.970784][ T553] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 178.995022][ T30] audit: type=1400 audit(1718703764.394:851): avc: denied { open } for pid=6896 comm="syz-executor.3" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 178.995053][ T30] audit: type=1400 audit(1718703764.394:852): avc: denied { ioctl } for pid=6896 comm="syz-executor.3" path="/dev/loop-control" dev="devtmpfs" ino=111 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 179.061317][ T1140] usb 2-1: USB disconnect, device number 15 [ 179.067569][ T553] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 179.076960][ T553] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.085802][ T553] usb 1-1: config 0 descriptor?? [ 179.104980][ T30] audit: type=1400 audit(1718703764.534:853): avc: denied { connect } for pid=6904 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 179.124990][ T30] audit: type=1400 audit(1718703764.534:854): avc: denied { shutdown } for pid=6904 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 179.155015][ T6907] loop3: detected capacity change from 0 to 2048 [ 179.183891][ T30] audit: type=1400 audit(1718703764.614:855): avc: denied { getopt } for pid=6910 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 179.203704][ T30] audit: type=1400 audit(1718703764.614:856): avc: denied { write } for pid=6910 comm="syz-executor.4" path="socket:[45255]" dev="sockfs" ino=45255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 179.203922][ T6911] loop4: detected capacity change from 0 to 256 [ 179.229315][ T6907] EXT4-fs (loop3): Ignoring removed oldalloc option [ 179.239067][ T30] audit: type=1400 audit(1718703764.614:857): avc: denied { nlmsg_read } for pid=6910 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 179.270632][ T6907] EXT4-fs (loop3): mounted filesystem without journal. Opts: oldalloc,nodelalloc,,errors=continue. Quota mode: none. [ 179.285624][ T6907] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 234: padding at end of block bitmap is not set [ 179.310499][ T6911] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 179.582486][ T553] plantronics 0003:047F:FFFF.0025: No inputs registered, leaving [ 179.599057][ T553] plantronics 0003:047F:FFFF.0025: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 179.746974][ T6934] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 180.819706][ T6] uclogic 0003:256C:006D.0024: v1 buttonpad probing failed: -71 [ 180.827714][ T6] uclogic 0003:256C:006D.0024: failed probing parameters: -71 [ 180.841950][ T6] uclogic: probe of 0003:256C:006D.0024 failed with error -71 [ 180.856736][ T6942] loop4: detected capacity change from 0 to 40427 [ 180.857949][ T6] usb 3-1: USB disconnect, device number 15 [ 180.899812][ T6942] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 180.907399][ T6942] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 180.916367][ T6942] F2FS-fs (loop4): invalid crc value [ 180.923001][ T6942] F2FS-fs (loop4): Found nat_bits in checkpoint [ 180.950909][ T6942] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 180.957820][ T6942] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 181.349051][ T553] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 181.357167][ T6982] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 181.449556][ T45] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 181.458536][ T45] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 181.800730][ T7000] loop4: detected capacity change from 0 to 256 [ 181.819066][ T553] usb 2-1: Using ep0 maxpacket: 32 [ 181.824836][ T7000] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 181.939104][ T553] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.949871][ T20] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 181.957219][ T553] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 181.966765][ T553] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 181.979665][ T553] usb 2-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 181.988572][ T553] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.996922][ T553] usb 2-1: config 0 descriptor?? [ 182.199050][ T20] usb 4-1: Using ep0 maxpacket: 16 [ 182.287545][ T7007] syz-executor.2[7007] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 182.287597][ T7007] syz-executor.2[7007] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 182.299246][ T6] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 182.323579][ T7007] syz-executor.2[7007] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 182.323629][ T7007] syz-executor.2[7007] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 182.399089][ T20] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 182.421399][ T20] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 182.431066][ T20] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 182.440673][ T20] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 182.450188][ T20] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 182.459816][ T20] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 182.479986][ T553] ntrig 0003:1B96:000A.0026: unknown main item tag 0x0 [ 182.486677][ T553] ntrig 0003:1B96:000A.0026: unknown main item tag 0x0 [ 182.493434][ T553] ntrig 0003:1B96:000A.0026: unknown main item tag 0x0 [ 182.500136][ T553] ntrig 0003:1B96:000A.0026: unknown main item tag 0x0 [ 182.506724][ T553] ntrig 0003:1B96:000A.0026: unknown main item tag 0x0 [ 182.515586][ T553] ntrig 0003:1B96:000A.0026: hidraw1: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.1-1/input0 [ 182.532139][ T7015] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 182.629166][ T20] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 182.638410][ T20] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 182.646496][ T20] usb 4-1: Product: syz [ 182.650467][ T20] usb 4-1: Manufacturer: syz [ 182.655027][ T20] usb 4-1: SerialNumber: syz [ 182.679191][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 182.689938][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 182.700514][ T553] usb 2-1: USB disconnect, device number 16 [ 182.706546][ T6] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 182.716178][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.724712][ T6] usb 5-1: config 0 descriptor?? [ 182.929061][ T6900] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 182.939111][ T20] cdc_ncm 4-1:1.0: bind() failure [ 182.944459][ T20] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 182.951130][ T20] cdc_ncm 4-1:1.1: bind() failure [ 182.956428][ T20] usb 4-1: USB disconnect, device number 19 [ 183.354115][ T7031] fscrypt: key with description 'fscrypt:0000111122223333' has invalid payload [ 183.363447][ T7031] fscrypt: key with description 'fscrypt:0000111122223333' has invalid payload [ 183.468584][ T6900] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 183.479410][ T6900] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 183.485764][ T7033] syz-executor.3[7033] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 183.488248][ T6900] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.488342][ T7033] syz-executor.3[7033] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 183.500495][ T6900] usb 3-1: config 0 descriptor?? [ 183.529180][ T7033] syz-executor.3[7033] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 183.529230][ T7033] syz-executor.3[7033] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 183.753203][ T7051] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.3'. [ 183.774389][ T7051] input: syz1 as /devices/virtual/input/input23 [ 183.781051][ T7051] input: failed to attach handler leds to device input23, error: -6 [ 183.999681][ T6900] keytouch 0003:0926:3333.0028: fixing up Keytouch IEC report descriptor [ 184.008826][ T6900] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0028/input/input24 [ 184.069581][ T39] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 184.090741][ T6900] keytouch 0003:0926:3333.0028: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 184.159087][ T6] uclogic 0003:256C:006D.0027: v1 buttonpad probing failed: -71 [ 184.166592][ T6] uclogic 0003:256C:006D.0027: failed probing parameters: -71 [ 184.173900][ T6] uclogic: probe of 0003:256C:006D.0027 failed with error -71 [ 184.181744][ T6] usb 5-1: USB disconnect, device number 14 [ 184.189433][ T7065] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 184.309037][ T39] usb 4-1: Using ep0 maxpacket: 16 [ 184.519130][ T39] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 184.529867][ T39] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 184.539417][ T39] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 184.548905][ T39] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 184.558483][ T39] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 184.567968][ T39] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 184.688507][ T7077] loop4: detected capacity change from 0 to 512 [ 184.730104][ T7077] EXT4-fs (loop4): quotafile must be on filesystem root [ 184.749096][ T39] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 184.757991][ T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 184.765804][ T39] usb 4-1: Product: syz [ 184.769793][ T39] usb 4-1: Manufacturer: syz [ 184.774161][ T39] usb 4-1: SerialNumber: syz [ 185.010350][ T328] usb 3-1: USB disconnect, device number 16 [ 185.109322][ T39] cdc_ncm 4-1:1.0: bind() failure [ 185.115045][ T39] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 185.121862][ T39] cdc_ncm 4-1:1.1: bind() failure [ 185.127557][ T39] usb 4-1: USB disconnect, device number 20 [ 185.676416][ T7107] loop3: detected capacity change from 0 to 512 [ 185.700000][ T7107] EXT4-fs (loop3): quotafile must be on filesystem root [ 185.929141][ T5564] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 186.369104][ T5564] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 186.379856][ T5564] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 186.388645][ T5564] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.396910][ T5564] usb 3-1: config 0 descriptor?? [ 186.494394][ T7111] loop4: detected capacity change from 0 to 40427 [ 186.536417][ T7111] F2FS-fs (loop4): Invalid gid value -1 [ 186.828819][ T7115] loop4: detected capacity change from 0 to 512 [ 186.919522][ T5564] keytouch 0003:0926:3333.0029: fixing up Keytouch IEC report descriptor [ 186.928598][ T5564] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0029/input/input25 [ 187.021336][ T5564] keytouch 0003:0926:3333.0029: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 187.314379][ T7121] ªªªªªª: renamed from vlan0 [ 187.536774][ T7140] loop3: detected capacity change from 0 to 40427 [ 187.575037][ T7142] overlayfs: failed to resolve './file0': -2 [ 187.673684][ T7140] F2FS-fs (loop3): Invalid gid value -1 [ 187.994696][ T7144] loop3: detected capacity change from 0 to 512 [ 188.026647][ T5564] usb 3-1: USB disconnect, device number 17 [ 188.350059][ T7161] IPv4: Oversized IP packet from 127.202.26.0 [ 188.369609][ T30] audit: type=1107 audit(1718703773.804:858): pid=7162 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 188.457940][ T30] audit: type=1326 audit(1718703773.884:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7153 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f87238e6f29 code=0x0 [ 188.689759][ T30] audit: type=1107 audit(1718703774.124:860): pid=7192 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 188.749893][ T7211] mmap: syz-executor.4 (7211) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 188.989047][ T5564] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 189.359088][ T5564] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 189.369824][ T5564] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 189.378629][ T5564] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.386956][ T5564] usb 2-1: config 0 descriptor?? [ 189.879489][ T5564] keytouch 0003:0926:3333.002A: fixing up Keytouch IEC report descriptor [ 189.888410][ T5564] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.002A/input/input26 [ 189.970271][ T5564] keytouch 0003:0926:3333.002A: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 190.401339][ T7224] syz-executor.4[7224] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 190.401438][ T7224] syz-executor.4[7224] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 190.409627][ T7228] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 190.473294][ T7237] IPv4: Oversized IP packet from 127.202.26.0 [ 190.495043][ T7243] binder: 7242:7243 ioctl c0306201 20000040 returned -14 [ 190.565635][ T7263] syz-executor.4[7263] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 190.565696][ T7263] syz-executor.4[7263] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 190.647579][ T7274] binder: 7269:7274 ioctl c0306201 20000040 returned -14 [ 190.647710][ T7273] loop3: detected capacity change from 0 to 128 [ 190.691236][ T7273] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 190.705014][ T7273] ext4 filesystem being mounted at /root/syzkaller-testdir4155152027/syzkaller.RQG2PP/207/mnt supports timestamps until 2038 (0x7fffffff) [ 190.783046][ T7294] syz-executor.2[7294] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 190.783117][ T7294] syz-executor.2[7294] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 190.806416][ T7300] binder: 7299:7300 ioctl c0306201 20000040 returned -14 [ 190.846935][ T7303] syz-executor.3[7303] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 190.847041][ T7303] syz-executor.3[7303] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 190.895096][ T6] usb 2-1: USB disconnect, device number 17 [ 190.925265][ T7314] syz-executor.3[7314] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 190.925333][ T7314] syz-executor.3[7314] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 190.952758][ T7314] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=58742 sclass=netlink_route_socket pid=7314 comm=syz-executor.3 [ 190.978458][ T30] audit: type=1326 audit(1718703776.379:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 191.005791][ T30] audit: type=1326 audit(1718703776.388:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7313 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 191.029997][ T30] audit: type=1326 audit(1718703776.388:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 191.053926][ T30] audit: type=1326 audit(1718703776.388:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 191.077916][ T30] audit: type=1326 audit(1718703776.388:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 191.101916][ T30] audit: type=1326 audit(1718703776.388:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 191.125788][ T30] audit: type=1326 audit(1718703776.388:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 191.151663][ T7324] binder: 7323:7324 ioctl c0306201 20000040 returned -14 [ 191.230601][ T328] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 191.495575][ T6947] plantronics 0003:047F:FFFF.0025: timeout initializing reports [ 191.552779][ T5564] usb 1-1: USB disconnect, device number 13 [ 191.600706][ T7352] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=58742 sclass=netlink_route_socket pid=7352 comm=syz-executor.0 [ 191.690293][ T328] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 191.699834][ T328] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 191.904085][ T328] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 191.913041][ T328] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 191.921027][ T328] usb 5-1: Product: syz [ 191.925019][ T328] usb 5-1: Manufacturer: syz [ 191.929457][ T328] usb 5-1: SerialNumber: syz [ 191.934358][ T328] usb 5-1: config 0 descriptor?? [ 191.978888][ T20] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 192.033167][ T7395] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=58742 sclass=netlink_route_socket pid=7395 comm=syz-executor.1 [ 192.096530][ T5564] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 192.241192][ T7318] loop4: detected capacity change from 0 to 512 [ 192.310534][ T7406] overlayfs: failed to resolve './file0': -2 [ 192.455211][ T7318] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 192.468628][ T7318] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz-executor.4: invalid indirect mapped block 83886080 (level 1) [ 192.483122][ T7318] EXT4-fs (loop4): 1 orphan inode deleted [ 192.488684][ T7318] EXT4-fs (loop4): 1 truncate cleaned up [ 192.494308][ T7318] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 192.513661][ T328] snd-usb-audio: probe of 5-1:0.0 failed with error -12 [ 192.520879][ T328] usb 5-1: USB disconnect, device number 15 [ 192.556229][ T5564] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 192.566866][ T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 192.566904][ T20] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 192.566925][ T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.567666][ T20] usb 3-1: config 0 descriptor?? [ 192.577613][ T5564] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 192.611800][ T5564] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 192.620691][ T5564] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.630592][ T5564] usb 1-1: config 0 descriptor?? [ 193.113196][ T7426] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=58742 sclass=netlink_route_socket pid=7426 comm=syz-executor.4 [ 193.123355][ T20] keytouch 0003:0926:3333.002B: fixing up Keytouch IEC report descriptor [ 193.135627][ T20] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.002B/input/input27 [ 193.155525][ T5564] plantronics 0003:047F:FFFF.002C: No inputs registered, leaving [ 193.163844][ T5564] plantronics 0003:047F:FFFF.002C: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 193.222438][ T20] keytouch 0003:0926:3333.002B: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 193.355281][ T7445] loop4: detected capacity change from 0 to 512 [ 193.391589][ T7445] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 193.402835][ T7445] ext4 filesystem being mounted at /root/syzkaller-testdir228245443/syzkaller.SEKgv9/156/file1 supports timestamps until 2038 (0x7fffffff) [ 193.785547][ T5564] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 193.810629][ T7454] overlayfs: failed to resolve './file0': -2 [ 194.143682][ T39] usb 3-1: USB disconnect, device number 18 [ 194.245310][ T5564] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 194.254871][ T5564] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 194.256131][ T7460] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=58742 sclass=netlink_route_socket pid=7460 comm=syz-executor.1 [ 194.283143][ T30] kauditd_printk_skb: 51 callbacks suppressed [ 194.283158][ T30] audit: type=1326 audit(1718703779.466:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7459 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 194.313219][ T30] audit: type=1326 audit(1718703779.466:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7459 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 194.337017][ T30] audit: type=1326 audit(1718703779.466:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7459 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 194.360746][ T30] audit: type=1326 audit(1718703779.466:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7459 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 194.384441][ T30] audit: type=1326 audit(1718703779.466:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7459 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 194.408436][ T30] audit: type=1326 audit(1718703779.466:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7459 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 194.432262][ T30] audit: type=1326 audit(1718703779.466:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7459 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 194.456267][ T5564] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 194.465513][ T5564] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.473370][ T5564] usb 5-1: Product: syz [ 194.477334][ T5564] usb 5-1: Manufacturer: syz [ 194.481804][ T30] audit: type=1326 audit(1718703779.466:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7459 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 194.505678][ T5564] usb 5-1: SerialNumber: syz [ 194.510657][ T5564] usb 5-1: config 0 descriptor?? [ 194.619781][ T30] audit: type=1400 audit(1718703779.784:927): avc: denied { connect } for pid=7475 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 194.647984][ T30] audit: type=1326 audit(1718703779.803:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7477 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 194.830441][ T7449] loop4: detected capacity change from 0 to 512 [ 194.881586][ T7449] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 194.940811][ T7498] overlayfs: failed to resolve './file0': -2 [ 195.107858][ T6900] usb 1-1: USB disconnect, device number 14 [ 195.136900][ T7449] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz-executor.4: invalid indirect mapped block 83886080 (level 1) [ 195.154377][ T7506] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22 [ 195.166028][ T7449] EXT4-fs (loop4): 1 orphan inode deleted [ 195.175368][ T7449] EXT4-fs (loop4): 1 truncate cleaned up [ 195.176171][ T7506] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 195.180900][ T7449] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 195.239745][ T5564] snd-usb-audio: probe of 5-1:0.0 failed with error -12 [ 195.250956][ T5564] usb 5-1: USB disconnect, device number 16 [ 195.356358][ T7518] loop3: detected capacity change from 0 to 512 [ 195.411089][ T7512] overlayfs: failed to resolve './file0': -2 [ 195.434653][ T7518] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 195.445695][ T7518] ext4 filesystem being mounted at /root/syzkaller-testdir4155152027/syzkaller.RQG2PP/236/file1 supports timestamps until 2038 (0x7fffffff) [ 195.543994][ T7534] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22 [ 195.556286][ T7534] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 195.916974][ T7541] device pim6reg1 entered promiscuous mode [ 196.051509][ T7554] loop3: detected capacity change from 0 to 128 [ 196.057756][ T20] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 196.097385][ T7554] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 196.108074][ T7554] ext4 filesystem being mounted at /root/syzkaller-testdir4155152027/syzkaller.RQG2PP/243/mnt supports timestamps until 2038 (0x7fffffff) [ 196.123480][ T7560] loop2: detected capacity change from 0 to 512 [ 196.161124][ T7560] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 196.172976][ T7560] ext4 filesystem being mounted at /root/syzkaller-testdir1321892766/syzkaller.28230l/226/file1 supports timestamps until 2038 (0x7fffffff) [ 196.237363][ T7570] device pim6reg1 entered promiscuous mode [ 196.252756][ T7572] loop2: detected capacity change from 0 to 1024 [ 196.277837][ T7572] EXT4-fs (loop2): required journal recovery suppressed and not mounted read-only [ 196.468994][ T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.479922][ T20] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 196.496098][ T20] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 196.505018][ T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.513507][ T20] usb 2-1: config 0 descriptor?? [ 196.908070][ T7592] loop4: detected capacity change from 0 to 128 [ 196.920489][ T7592] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 196.930975][ T7592] ext4 filesystem being mounted at /root/syzkaller-testdir228245443/syzkaller.SEKgv9/160/mnt supports timestamps until 2038 (0x7fffffff) [ 197.036359][ T20] plantronics 0003:047F:FFFF.002D: No inputs registered, leaving [ 197.044673][ T20] plantronics 0003:047F:FFFF.002D: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 197.207932][ T7601] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22 [ 197.219798][ T7601] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 197.257705][ T7605] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 197.268985][ T7605] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7605 comm=syz-executor.3 [ 197.281652][ T5564] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 197.306344][ T7609] loop3: detected capacity change from 0 to 512 [ 197.336554][ T7609] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback. [ 197.352525][ T7609] ext4 filesystem being mounted at /root/syzkaller-testdir4155152027/syzkaller.RQG2PP/254/bus supports timestamps until 2038 (0x7fffffff) [ 197.415750][ T7613] loop3: detected capacity change from 0 to 512 [ 197.464158][ T7613] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 197.474345][ T7613] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #15: comm syz-executor.3: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 197.492638][ T7613] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 197.504847][ T7613] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 197.515423][ T7613] ext2 filesystem being mounted at /root/syzkaller-testdir4155152027/syzkaller.RQG2PP/255/file0 supports timestamps until 2038 (0x7fffffff) [ 197.535071][ T7613] overlayfs: upper fs needs to support d_type. [ 197.538031][ T5564] usb 5-1: Using ep0 maxpacket: 32 [ 197.545331][ T7613] overlayfs: upper fs needs to support d_type. [ 197.587047][ T7624] loop3: detected capacity change from 0 to 1024 [ 197.624520][ T7624] EXT4-fs (loop3): required journal recovery suppressed and not mounted read-only [ 197.676979][ T5564] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.687940][ T5564] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.697601][ T5564] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 197.710306][ T5564] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 197.719216][ T5564] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.727597][ T5564] usb 5-1: config 0 descriptor?? [ 198.062868][ T7632] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22 [ 198.072914][ T7632] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 198.244189][ T5564] ntrig 0003:1B96:000A.002E: unknown main item tag 0x0 [ 198.250908][ T5564] ntrig 0003:1B96:000A.002E: unknown main item tag 0x0 [ 198.257643][ T5564] ntrig 0003:1B96:000A.002E: unknown main item tag 0x0 [ 198.264254][ T5564] ntrig 0003:1B96:000A.002E: unknown main item tag 0x0 [ 198.271221][ T5564] ntrig 0003:1B96:000A.002E: unknown main item tag 0x0 [ 198.278414][ T5564] ntrig 0003:1B96:000A.002E: hidraw1: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0 [ 198.484225][ T5564] usb 5-1: USB disconnect, device number 17 [ 198.503966][ T7651] loop3: detected capacity change from 0 to 512 [ 198.522302][ T7651] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 198.531940][ T7651] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #15: comm syz-executor.3: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 198.550338][ T7651] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 198.562564][ T7651] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 198.577614][ T7651] ext2 filesystem being mounted at /root/syzkaller-testdir4155152027/syzkaller.RQG2PP/258/file0 supports timestamps until 2038 (0x7fffffff) [ 198.596896][ T7651] overlayfs: upper fs needs to support d_type. [ 198.606204][ T7651] overlayfs: upper fs needs to support d_type. [ 199.419508][ T5564] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 199.557448][ T7678] loop3: detected capacity change from 0 to 1024 [ 199.602259][ T7678] EXT4-fs (loop3): required journal recovery suppressed and not mounted read-only [ 199.804485][ T5564] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 199.815261][ T5564] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 199.824027][ T5564] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.832450][ T5564] usb 3-1: config 0 descriptor?? [ 200.350114][ T5564] keytouch 0003:0926:3333.002F: fixing up Keytouch IEC report descriptor [ 200.359090][ T5564] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.002F/input/input28 [ 200.397979][ T7689] IPv6: sit2: Disabled Multicast RS [ 200.436757][ T5564] keytouch 0003:0926:3333.002F: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 200.717357][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 200.717372][ T30] audit: type=1326 audit(1718703785.481:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7703 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x0 [ 201.412176][ T6] usb 3-1: USB disconnect, device number 19 [ 201.908493][ T30] audit: type=1326 audit(1718703786.594:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7734 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efc69f4df29 code=0x0 [ 202.006249][ T7742] device ip_vti0 entered promiscuous mode [ 202.012057][ T7742] device vlan0 entered promiscuous mode [ 202.018794][ T7742] device ip_vti0 left promiscuous mode [ 202.138286][ T7771] device ip_vti0 entered promiscuous mode [ 202.143840][ T7771] device vlan0 entered promiscuous mode [ 202.149727][ T7771] device ip_vti0 left promiscuous mode [ 202.391522][ T39] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 202.521746][ T7822] input: syz1 as /devices/virtual/input/input29 [ 202.629601][ T30] audit: type=1326 audit(1718703787.277:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7842 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efc69f4df29 code=0x0 [ 202.657660][ T7847] input: syz1 as /devices/virtual/input/input30 [ 202.776578][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 202.787794][ T39] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 202.796799][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.961812][ T39] usb 3-1: config 0 descriptor?? [ 203.471734][ T39] keytouch 0003:0926:3333.0030: fixing up Keytouch IEC report descriptor [ 203.480753][ T39] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0030/input/input31 [ 203.558944][ T39] keytouch 0003:0926:3333.0030: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 203.597969][ T7871] IPv6: sit2: Disabled Multicast RS [ 203.628222][ T7877] input: syz1 as /devices/virtual/input/input32 [ 203.760261][ T30] audit: type=1326 audit(1718703788.324:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7888 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x0 [ 204.048702][ T30] audit: type=1326 audit(1718703788.511:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7886 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87238e6f29 code=0x7ffc0000 [ 204.123383][ T30] audit: type=1326 audit(1718703788.511:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7886 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87238e6f29 code=0x7ffc0000 [ 204.147251][ T30] audit: type=1326 audit(1718703788.521:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7886 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87238e6f29 code=0x7ffc0000 [ 204.172641][ T30] audit: type=1326 audit(1718703788.521:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7886 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87238e6f29 code=0x7ffc0000 [ 204.196393][ T30] audit: type=1326 audit(1718703788.521:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7886 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87238e6f29 code=0x7ffc0000 [ 204.221115][ T30] audit: type=1326 audit(1718703788.530:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7886 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f87238e6f29 code=0x7ffc0000 [ 204.480333][ T20] usb 3-1: USB disconnect, device number 20 [ 204.670705][ T7906] input: syz1 as /devices/virtual/input/input33 [ 204.700445][ T7912] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 204.709830][ T7912] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 204.788046][ T7916] loop3: detected capacity change from 0 to 512 [ 204.840104][ T7916] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 204.854540][ T7916] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 204.868016][ T7916] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 204.893071][ T7916] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 204.906341][ T7916] EXT4-fs (loop3): 1 orphan inode deleted [ 204.911921][ T7916] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_ioprio=0x0000000000000007,debug_want_extra_isize=0x000000000000005c,minixdf,nodelalloc,grpquota,usrjquota=,,errors=continue. Quota mode: writeback. [ 205.032138][ T39] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 205.417019][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 205.426480][ T39] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 205.598796][ T39] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 205.612617][ T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.620712][ T39] usb 5-1: Product: syz [ 205.624915][ T39] usb 5-1: Manufacturer: syz [ 205.629387][ T39] usb 5-1: SerialNumber: syz [ 205.634223][ T39] usb 5-1: config 0 descriptor?? [ 205.664990][ T7927] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 205.918694][ T7915] loop4: detected capacity change from 0 to 512 [ 205.983963][ T7915] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 205.995597][ T7915] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz-executor.4: invalid indirect mapped block 83886080 (level 1) [ 206.012775][ T7915] EXT4-fs (loop4): 1 orphan inode deleted [ 206.018447][ T7915] EXT4-fs (loop4): 1 truncate cleaned up [ 206.023870][ T7915] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 206.058560][ T39] snd-usb-audio: probe of 5-1:0.0 failed with error -12 [ 206.065799][ T39] usb 5-1: USB disconnect, device number 18 [ 206.229534][ T30] kauditd_printk_skb: 16 callbacks suppressed [ 206.229570][ T30] audit: type=1326 audit(1718703790.569:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 206.260758][ T30] audit: type=1326 audit(1718703790.569:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 206.284486][ T30] audit: type=1326 audit(1718703790.578:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 206.308154][ T30] audit: type=1326 audit(1718703790.578:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 206.331749][ T30] audit: type=1326 audit(1718703790.578:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 206.355322][ T30] audit: type=1326 audit(1718703790.597:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 206.378931][ T30] audit: type=1326 audit(1718703790.597:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 206.402757][ T30] audit: type=1326 audit(1718703790.597:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 206.426474][ T30] audit: type=1326 audit(1718703790.597:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 206.450114][ T30] audit: type=1326 audit(1718703790.597:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b678ccf29 code=0x7ffc0000 [ 207.101293][ T7955] loop2: detected capacity change from 0 to 512 [ 207.138236][ T7955] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode # [ 207.152156][ T7955] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117 [ 207.164849][ T7955] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode # [ 207.179171][ T7955] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117 [ 207.192263][ T7955] EXT4-fs (loop2): 1 orphan inode deleted [ 207.197829][ T7955] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_ioprio=0x0000000000000007,debug_want_extra_isize=0x000000000000005c,minixdf,nodelalloc,grpquota,usrjquota=,,errors=continue. Quota mode: writeback. [ 207.245065][ T39] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 207.610190][ T7962] loop3: detected capacity change from 0 to 40427 [ 207.640668][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 207.651671][ T39] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 207.660519][ T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.668941][ T39] usb 5-1: config 0 descriptor?? [ 207.669201][ T7962] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 207.681308][ T7962] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 207.690211][ T7962] F2FS-fs (loop3): invalid crc value [ 207.696611][ T7962] F2FS-fs (loop3): Found nat_bits in checkpoint [ 207.719311][ T7962] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 207.726217][ T7962] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 208.008385][ T7968] overlayfs: missing 'lowerdir' [ 208.314596][ T39] keytouch 0003:0926:3333.0031: fixing up Keytouch IEC report descriptor [ 208.323681][ T39] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0031/input/input34 [ 208.400981][ T39] keytouch 0003:0926:3333.0031: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0 [ 208.456995][ T45] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 208.465717][ T45] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 208.506550][ T5564] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 208.517423][ T7626] plantronics 0003:047F:FFFF.002D: timeout initializing reports [ 208.539244][ T20] usb 2-1: USB disconnect, device number 18 [ 208.963675][ T5564] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 32 [ 208.984993][ T5564] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 209.084114][ T5564] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 209.093187][ T5564] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 209.102924][ T5564] usb 3-1: SerialNumber: syz [ 209.190838][ T7978] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 209.319556][ T328] usb 5-1: USB disconnect, device number 19 [ 209.421049][ T7978] loop2: detected capacity change from 0 to 512 [ 209.482685][ T7978] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2925: inode #16: comm syz-executor.2: corrupted xattr block 8 [ 209.495455][ T7978] EXT4-fs warning (device loop2): ext4_evict_inode:303: xattr delete (err -117) [ 209.504599][ T7978] EXT4-fs (loop2): 1 orphan inode deleted [ 209.510226][ T7978] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 209.521112][ T7978] ext4 filesystem being mounted at /root/syzkaller-testdir1321892766/syzkaller.28230l/251/bus supports timestamps until 2038 (0x7fffffff) [ 209.542549][ T7978] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 210.037281][ T5564] cdc_ether 3-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 210.464049][ T5564] usb 3-1: USB disconnect, device number 21 [ 210.476866][ T5564] cdc_ether 3-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device [ 210.481687][ T8015] loop3: detected capacity change from 0 to 40427 [ 210.517029][ T8015] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 210.524634][ T8015] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 210.534460][ T8015] F2FS-fs (loop3): invalid crc value [ 210.541061][ T8015] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669) [ 210.586572][ T8015] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 210.593558][ T8015] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 211.371614][ T6] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 211.458990][ T8053] device pim6reg1 entered promiscuous mode [ 211.842098][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.852870][ T6] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 211.861645][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.885491][ T6] usb 5-1: config 0 descriptor?? [ 212.036723][ T8077] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 212.434429][ T30] kauditd_printk_skb: 50 callbacks suppressed [ 212.494785][ T30] audit: type=1326 audit(1718703796.284:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 212.679701][ T30] audit: type=1326 audit(1718703796.284:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 212.703710][ T30] audit: type=1326 audit(1718703796.294:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 212.729380][ T30] audit: type=1326 audit(1718703796.294:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 212.753373][ T30] audit: type=1326 audit(1718703796.294:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 212.762081][ T6] keytouch 0003:0926:3333.0032: fixing up Keytouch IEC report descriptor [ 212.778403][ T30] audit: type=1326 audit(1718703796.312:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 212.786629][ T6] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0032/input/input35 [ 212.809208][ T30] audit: type=1326 audit(1718703796.312:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 212.844010][ T30] audit: type=1326 audit(1718703796.312:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 212.868022][ T30] audit: type=1326 audit(1718703796.312:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 212.891889][ T30] audit: type=1326 audit(1718703796.312:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 212.918024][ T6] keytouch 0003:0926:3333.0032: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0 [ 212.979643][ T8099] IPv6: sit1: Disabled Multicast RS [ 213.809738][ T20] usb 5-1: USB disconnect, device number 20 [ 213.835991][ T8131] IPv6: sit1: Disabled Multicast RS [ 214.247569][ T8161] fuse: Unknown parameter 'GPL' [ 215.297748][ T8196] fuse: Unknown parameter 'GPL' [ 215.689378][ T8201] IPv6: sit2: Disabled Multicast RS [ 215.711133][ T8209] bpf_get_probe_write_proto: 18 callbacks suppressed [ 215.711145][ T8209] syz-executor.2[8209] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 215.717788][ T8209] syz-executor.2[8209] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 215.761615][ T8209] syz-executor.2[8209] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 215.774113][ T8209] syz-executor.2[8209] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 216.955350][ T8253] loop2: detected capacity change from 0 to 256 [ 216.982812][ T8255] geneve1: tun_chr_ioctl cmd 1074025681 [ 217.088326][ T8260] IPv6: sit1: Disabled Multicast RS [ 218.245288][ T30] kauditd_printk_skb: 25 callbacks suppressed [ 218.245303][ T30] audit: type=1326 audit(1718703801.869:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8298 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7b678ccf29 code=0x0 [ 218.862558][ T8325] syz-executor.3[8325] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 218.862629][ T8325] syz-executor.3[8325] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 218.907063][ T3507] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 219.916256][ T8337] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.923114][ T8337] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.930503][ T8337] device bridge_slave_0 entered promiscuous mode [ 219.937410][ T8337] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.944254][ T8337] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.952259][ T8337] device bridge_slave_1 entered promiscuous mode [ 219.999099][ T8337] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.005935][ T8337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.013061][ T8337] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.019833][ T8337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.031095][ T3507] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 220.040694][ T3507] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 220.046481][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 220.058465][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.066238][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.081453][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 220.089562][ T5564] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.096408][ T5564] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.107617][ T1140] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 220.116150][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.123046][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.143098][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 220.162408][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 220.181326][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 220.193860][ T8337] device veth0_vlan entered promiscuous mode [ 220.202525][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 220.210863][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 220.219046][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 220.232696][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 220.240555][ T3507] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 220.250190][ T3507] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.251648][ T8337] device veth1_macvtap entered promiscuous mode [ 220.258062][ T3507] usb 5-1: Product: syz [ 220.268717][ T3507] usb 5-1: Manufacturer: syz [ 220.273193][ T3507] usb 5-1: SerialNumber: syz [ 220.280546][ T3507] usb 5-1: config 0 descriptor?? [ 220.286768][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 220.295537][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 220.320696][ T816] device veth1_macvtap left promiscuous mode [ 220.359593][ T8354] loop2: detected capacity change from 0 to 256 [ 220.405689][ T8354] exfat: Deprecated parameter 'utf8' [ 220.411183][ T8354] exfat: Deprecated parameter 'utf8' [ 220.423858][ T8354] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 220.612363][ T8359] loop4: detected capacity change from 0 to 512 [ 220.816643][ T8359] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 220.828196][ T8359] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz-executor.4: invalid indirect mapped block 83886080 (level 1) [ 220.843065][ T8359] EXT4-fs (loop4): 1 orphan inode deleted [ 220.848657][ T8359] EXT4-fs (loop4): 1 truncate cleaned up [ 220.854089][ T8359] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 220.874060][ T8364] loop3: detected capacity change from 0 to 256 [ 220.886495][ T3507] snd-usb-audio: probe of 5-1:0.0 failed with error -12 [ 220.894154][ T3507] usb 5-1: USB disconnect, device number 21 [ 220.922139][ T30] audit: type=1326 audit(1718703804.385:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8363 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x0 [ 221.516514][ T8372] loop2: detected capacity change from 0 to 40427 [ 221.583412][ T8372] F2FS-fs (loop2): invalid crc value [ 221.613626][ T30] audit: type=1400 audit(1718703805.030:1067): avc: denied { create } for pid=8382 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 221.639934][ T8372] F2FS-fs (loop2): Found nat_bits in checkpoint [ 221.653436][ T30] audit: type=1400 audit(1718703805.049:1068): avc: denied { write } for pid=8382 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 221.706988][ T30] audit: type=1400 audit(1718703805.049:1069): avc: denied { mount } for pid=8382 comm="syz-executor.4" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 221.747947][ T30] audit: type=1400 audit(1718703805.049:1070): avc: denied { mounton } for pid=8382 comm="syz-executor.4" path="/root/syzkaller-testdir228245443/syzkaller.SEKgv9/204/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1 [ 221.795135][ T8372] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 221.798618][ T30] audit: type=1400 audit(1718703805.152:1071): avc: denied { unmount } for pid=5736 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 222.026395][ T30] audit: type=1400 audit(1718703805.274:1072): avc: denied { create } for pid=8388 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1 [ 222.052045][ T8401] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 222.117399][ T8408] attempt to access beyond end of device [ 222.117399][ T8408] loop2: rw=1, want=53456, limit=40427 [ 222.285041][ T8337] attempt to access beyond end of device [ 222.285041][ T8337] loop2: rw=2049, want=45104, limit=40427 [ 222.442077][ T8436] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 222.687430][ T8454] loop4: detected capacity change from 0 to 2048 [ 222.715313][ T8454] Alternate GPT is invalid, using primary GPT. [ 222.721375][ T8454] loop4: p1 p2 p3 [ 223.499597][ T8483] loop4: detected capacity change from 0 to 40427 [ 223.527888][ T8483] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 223.535481][ T8483] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 223.546273][ T8483] F2FS-fs (loop4): Found nat_bits in checkpoint [ 223.581749][ T8483] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 223.588674][ T8483] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 223.607640][ T8483] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix. [ 223.616435][ T8483] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix. [ 223.625501][ T8483] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix. [ 223.634292][ T8483] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix. [ 223.642896][ T8483] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix. [ 223.651874][ T8483] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix. [ 223.660959][ T8483] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix. [ 223.661918][ T30] audit: type=1400 audit(1718703806.939:1073): avc: denied { write } for pid=8496 comm="syz-executor.2" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 223.669737][ T8483] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix. [ 223.710025][ T30] audit: type=1326 audit(1718703806.995:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8496 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3695fb4f29 code=0x0 [ 223.786066][ T8499] loop4: detected capacity change from 0 to 2048 [ 223.869879][ T8499] Alternate GPT is invalid, using primary GPT. [ 223.875927][ T8499] loop4: p1 p2 p3 [ 224.192294][ T20] kernel read not supported for file syzkaller-testdir228245443/syzkaller.SEKgv9/225/file0 (pid: 20 comm: kworker/0:1) [ 224.209309][ T30] audit: type=1326 audit(1718703807.453:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8532 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 224.238924][ T30] audit: type=1326 audit(1718703807.453:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8532 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 224.262935][ T30] audit: type=1326 audit(1718703807.481:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8532 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 224.291191][ T30] audit: type=1326 audit(1718703807.481:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8532 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 224.315115][ T30] audit: type=1326 audit(1718703807.481:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8532 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 224.339016][ T30] audit: type=1326 audit(1718703807.509:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8532 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbed55ff29 code=0x7ffc0000 [ 224.362877][ T30] audit: type=1326 audit(1718703807.509:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8532 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdbed55d6a7 code=0x7ffc0000 [ 224.386962][ T30] audit: type=1326 audit(1718703807.509:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8532 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdbed523379 code=0x7ffc0000 [ 224.772568][ T8591] geneve1: tun_chr_ioctl cmd 1074025681 [ 225.028084][ T8602] EXT4-fs (sda1): Unrecognized mount option "./file0" or missing value [ 225.098503][ T20] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 225.506901][ T8616] geneve1: tun_chr_ioctl cmd 1074025681 [ 225.543307][ T8618] loop4: detected capacity change from 0 to 128 [ 225.591258][ T8618] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 225.605982][ T8618] attempt to access beyond end of device [ 225.605982][ T8618] loop4: rw=2049, want=145, limit=128 [ 225.616727][ T8618] Buffer I/O error on dev loop4, logical block 144, lost async page write [ 225.625279][ T8618] attempt to access beyond end of device [ 225.625279][ T8618] loop4: rw=2049, want=185, limit=128 [ 225.639429][ T1627] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 225.654348][ T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 225.663956][ T20] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 225.685428][ T8628] EXT4-fs (sda1): Unrecognized mount option "./file0" or missing value [ 225.796010][ T8626] loop4: detected capacity change from 0 to 40427 [ 225.836143][ T20] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 225.836941][ T8626] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 225.845111][ T20] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.852843][ T8626] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 225.860593][ T20] usb 3-1: Product: syz [ 225.869569][ T8626] F2FS-fs (loop4): invalid crc value [ 225.872427][ T20] usb 3-1: Manufacturer: syz [ 225.879055][ T8626] F2FS-fs (loop4): Found nat_bits in checkpoint [ 225.882211][ T20] usb 3-1: SerialNumber: syz [ 225.893101][ T20] usb 3-1: config 0 descriptor?? [ 225.909358][ T8626] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 225.916306][ T8626] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 226.723337][ T8668] loop2: detected capacity change from 0 to 512 [ 226.786945][ T8668] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 226.798539][ T8668] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz-executor.2: invalid indirect mapped block 83886080 (level 1) [ 226.813166][ T8668] EXT4-fs (loop2): 1 orphan inode deleted [ 226.818744][ T8668] EXT4-fs (loop2): 1 truncate cleaned up [ 226.824342][ T8668] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 226.873173][ T20] snd-usb-audio: probe of 3-1:0.0 failed with error -12 [ 226.882451][ T20] usb 3-1: USB disconnect, device number 22 [ 227.207848][ T8678] loop4: detected capacity change from 0 to 40427 [ 227.247885][ T8678] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 227.255398][ T8678] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 227.264463][ T8678] F2FS-fs (loop4): invalid crc value [ 227.271028][ T8678] F2FS-fs (loop4): Found nat_bits in checkpoint [ 227.293897][ T8678] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 227.300791][ T8678] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 227.677113][ T8706] loop2: detected capacity change from 0 to 256 [ 227.804651][ T5736] attempt to access beyond end of device [ 227.804651][ T5736] loop4: rw=2049, want=45104, limit=40427 [ 229.201877][ T8768] geneve1: tun_chr_ioctl cmd 1074025681 [ 229.424078][ T8786] loop4: detected capacity change from 0 to 128 [ 229.484561][ T8786] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 229.496511][ T8786] FAT-fs (loop4): bogus number of FAT sectors [ 229.502463][ T8786] FAT-fs (loop4): Can't find a valid FAT filesystem [ 229.633964][ T30] kauditd_printk_skb: 110 callbacks suppressed [ 229.633979][ T30] audit: type=1326 audit(1718703812.532:1193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8773 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87238e6f29 code=0x7fc00000 [ 230.125833][ T30] audit: type=1326 audit(1718703812.991:1194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8773 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87238e6f29 code=0x7fc00000 [ 230.239184][ T8816] fuse: Bad value for 'fd' [ 230.497131][ T39] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 230.924799][ T39] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 230.935550][ T39] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 231.354928][ T39] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 231.363853][ T39] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.371610][ T39] usb 3-1: Product: syz [ 231.375607][ T39] usb 3-1: Manufacturer: syz [ 231.380056][ T39] usb 3-1: SerialNumber: syz [ 231.436019][ T8829] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.444157][ T8829] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.451555][ T8829] device bridge_slave_0 entered promiscuous mode [ 231.458554][ T8829] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.466175][ T8829] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.477918][ T8829] device bridge_slave_1 entered promiscuous mode [ 231.533577][ T8829] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.540515][ T8829] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.547658][ T8829] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.554494][ T8829] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.751209][ T1140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 231.759082][ T1140] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.766197][ T1140] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.775539][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 231.783562][ T336] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.790409][ T336] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.804419][ T1140] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 231.812427][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.819255][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.834623][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 231.842722][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 231.850590][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 231.863764][ T3507] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 231.871588][ T3507] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 231.878807][ T3507] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 231.886999][ T8829] device veth0_vlan entered promiscuous mode [ 231.897419][ T3507] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 231.908571][ T8829] device veth1_macvtap entered promiscuous mode [ 231.920795][ T3507] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 231.943855][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 231.994876][ T1627] device bridge_slave_1 left promiscuous mode [ 232.000932][ T1627] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.009212][ T1627] device bridge_slave_0 left promiscuous mode [ 232.015288][ T1627] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.023202][ T1627] device veth1_macvtap left promiscuous mode [ 232.029278][ T1627] device veth0_vlan left promiscuous mode [ 232.146203][ T30] audit: type=1326 audit(2000000000.692:1195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8862 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7fc00000 [ 232.396979][ T8889] syz-executor.4[8889] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 232.397041][ T8889] syz-executor.4[8889] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 232.699422][ T39] cdc_ncm 3-1:1.0: bind() failure [ 232.731524][ T39] cdc_ncm: probe of 3-1:1.1 failed with error -71 [ 232.752912][ T39] cdc_mbim: probe of 3-1:1.1 failed with error -71 [ 232.760075][ T39] usb 3-1: USB disconnect, device number 23 [ 232.871980][ T30] audit: type=1326 audit(2000000001.375:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8862 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7fc00000 [ 232.904379][ T8908] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8908 comm=syz-executor.1 [ 233.280960][ T8941] syz-executor.0[8941] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 233.281035][ T8941] syz-executor.0[8941] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 233.661757][ T20] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 233.703111][ T30] audit: type=1326 audit(2000000002.142:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3695fb4f29 code=0x7ffc0000 [ 233.731906][ T30] audit: type=1326 audit(2000000002.142:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3695fb4f29 code=0x7ffc0000 [ 233.756421][ T30] audit: type=1326 audit(2000000002.170:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3695fb4f29 code=0x7ffc0000 [ 233.789190][ T30] audit: type=1326 audit(2000000002.226:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3695fb4f29 code=0x7ffc0000 [ 233.813358][ T30] audit: type=1326 audit(2000000002.226:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3695fb4f29 code=0x7ffc0000 [ 233.845081][ T30] audit: type=1326 audit(2000000002.254:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3695fb4f29 code=0x7ffc0000 [ 233.910280][ T8980] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 234.314158][ T20] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 234.341154][ T20] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 234.496847][ T9006] kvm [9005]: vcpu0, guest rIP: 0x20e disabled perfctr wrmsr: 0xc1 data 0x800 [ 234.507544][ T9006] kvm [9005]: vcpu0, guest rIP: 0x20e ignored wrmsr: 0x11e data 0x0 [ 234.517176][ T20] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 234.537032][ T20] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.544972][ T20] usb 5-1: Product: syz [ 234.559570][ T20] usb 5-1: Manufacturer: syz [ 234.564096][ T20] usb 5-1: SerialNumber: syz [ 234.608899][ T9012] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 234.668189][ T39] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 234.755530][ T9028] loop2: detected capacity change from 0 to 1024 [ 234.786563][ T9036] fuse: Bad value for 'fd' [ 234.809799][ T9028] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,noquota,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,noquota,min_batch_time=0x0000000000000008,delalloc,user_xattr,quota,,errors=continue. Quota mode: writeback. [ 235.340031][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 235.349595][ T39] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 235.543146][ T39] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 235.552071][ T39] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.559873][ T39] usb 1-1: Product: syz [ 235.563823][ T39] usb 1-1: Manufacturer: syz [ 235.568256][ T39] usb 1-1: SerialNumber: syz [ 235.573209][ T39] usb 1-1: config 0 descriptor?? [ 235.603420][ T9047] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 235.842464][ T20] cdc_ncm 5-1:1.0: bind() failure [ 235.861628][ T30] kauditd_printk_skb: 170 callbacks suppressed [ 235.861642][ T30] audit: type=1326 audit(2000000004.162:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9066 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3695fb4f29 code=0x7ffc0000 [ 235.863830][ T20] cdc_ncm: probe of 5-1:1.1 failed with error -71 [ 235.872335][ T9067] loop2: detected capacity change from 0 to 512 [ 235.904732][ T30] audit: type=1326 audit(2000000004.171:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9066 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3695fb4f29 code=0x7ffc0000 [ 235.946883][ T30] audit: type=1326 audit(2000000004.171:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9066 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3695fb4f29 code=0x7ffc0000 [ 235.970802][ T20] cdc_mbim: probe of 5-1:1.1 failed with error -71 [ 235.972059][ T20] usb 5-1: USB disconnect, device number 22 [ 235.977842][ T30] audit: type=1326 audit(2000000004.171:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9066 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3695fb4f29 code=0x7ffc0000 [ 236.007762][ T30] audit: type=1326 audit(2000000004.171:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9066 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3695fb4f63 code=0x7ffc0000 [ 236.038516][ T30] audit: type=1326 audit(2000000004.171:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9066 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3695fb3c6f code=0x7ffc0000 [ 236.063603][ T39] snd-usb-audio: probe of 1-1:0.0 failed with error -12 [ 236.080765][ T9067] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #3: comm syz-executor.2: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 0, max 32768(4), depth 0(0) [ 236.099359][ T39] usb 1-1: USB disconnect, device number 15 [ 236.107798][ T9067] EXT4-fs error (device loop2): ext4_quota_enable:6369: comm syz-executor.2: Bad quota inode: 3, type: 0 [ 236.121130][ T30] audit: type=1326 audit(2000000004.171:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9066 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3695fb4fb7 code=0x7ffc0000 [ 236.145472][ T9067] EXT4-fs warning (device loop2): ext4_enable_quotas:6410: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 236.160619][ T9067] EXT4-fs (loop2): mount failed [ 236.165366][ T30] audit: type=1326 audit(2000000004.171:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9066 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3695fb3b20 code=0x7ffc0000 [ 236.189326][ T30] audit: type=1326 audit(2000000004.171:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9066 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3695fb4c8b code=0x7ffc0000 [ 236.213743][ T30] audit: type=1326 audit(2000000004.274:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9066 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3695fb3e1a code=0x7ffc0000 [ 236.309681][ T9083] Illegal XDP return value 1388264213, expect packet loss! [ 236.939829][ T9109] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 237.098061][ T9129] xt_bpf: check failed: parse error [ 237.521506][ T9154] loop2: detected capacity change from 0 to 128 [ 237.529930][ T9156] xt_bpf: check failed: parse error [ 237.543184][ T9154] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 237.554965][ T9154] ext4 filesystem being mounted at /root/syzkaller-testdir922583491/syzkaller.xymrBh/56/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 237.563601][ T20] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 237.661440][ T9152] loop4: detected capacity change from 0 to 40427 [ 237.728571][ T9152] F2FS-fs (loop4): invalid crc value [ 237.737047][ T9152] F2FS-fs (loop4): Found nat_bits in checkpoint [ 237.789030][ T9152] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 238.667004][ T9175] attempt to access beyond end of device [ 238.667004][ T9175] loop4: rw=10241, want=45104, limit=40427 [ 238.679325][ T9175] attempt to access beyond end of device [ 238.679325][ T9175] loop4: rw=2049, want=45112, limit=40427 [ 238.694068][ T9175] overlayfs: failed to resolve './file1': -2 [ 238.955932][ T5736] attempt to access beyond end of device [ 238.955932][ T5736] loop4: rw=2049, want=45128, limit=40427 [ 238.986958][ T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 238.987078][ T9184] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9184 comm=syz-executor.1 [ 238.999153][ T20] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 239.189172][ T9198] ÿÿÿÿ: Can't open blockdev [ 239.220819][ T20] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 239.229859][ T20] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.237731][ T20] usb 1-1: Product: syz [ 239.241738][ T20] usb 1-1: Manufacturer: syz [ 239.260594][ T20] usb 1-1: SerialNumber: syz [ 239.265828][ T20] usb 1-1: config 0 descriptor?? [ 239.615643][ T9208] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 239.625879][ T9208] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.632949][ T9208] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.649690][ T20] snd-usb-audio: probe of 1-1:0.0 failed with error -12 [ 239.657440][ T20] usb 1-1: USB disconnect, device number 16 [ 239.841254][ T9241] xt_bpf: check failed: parse error [ 239.941588][ T9236] kvm [9235]: vcpu0, guest rIP: 0x20e disabled perfctr wrmsr: 0xc1 data 0x800 [ 239.952090][ T9251] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 239.962525][ T9236] kvm [9235]: vcpu0, guest rIP: 0x20e ignored wrmsr: 0x11e data 0x0 [ 240.085069][ T9269] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 240.599799][ T336] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 240.813865][ T9309] syz-executor.3[9309] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 240.814145][ T9309] syz-executor.3[9309] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 240.867109][ T336] usb 3-1: Using ep0 maxpacket: 8 [ 241.016977][ T336] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 241.028127][ T336] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 241.037815][ T336] usb 3-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00 [ 241.047126][ T336] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 241.055786][ T336] usb 3-1: config 0 descriptor?? [ 241.316225][ T9340] syz-executor.4[9340] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 241.316306][ T9340] syz-executor.4[9340] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 241.735252][ T9370] loop4: detected capacity change from 0 to 256 [ 241.781796][ T9364] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 241.791170][ T9364] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.798176][ T9364] bridge0: port 1(bridge_slave_0) entered disabled state [ 241.820996][ T9370] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001023f, chksum : 0x0e440cfe, utbl_chksum : 0xe619d30d) [ 241.863498][ T336] hid-led 0003:04D8:F372.0033: hidraw0: USB HID v0.00 Device [HID 04d8:f372] on usb-dummy_hcd.2-1/input0 [ 241.885341][ T9378] syz-executor.3[9378] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 241.885424][ T9378] syz-executor.3[9378] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 241.896335][ T336] hid-led 0003:04D8:F372.0033: Greynut Luxafor initialized [ 242.027331][ T9384] fuse: Bad value for 'fd' [ 242.096055][ T1140] usb 3-1: USB disconnect, device number 24 [ 242.102833][ T20] leds luxafor0:blue:led5: Setting an LED's brightness failed (-38) [ 242.117257][ T20] leds luxafor0:green:led5: Setting an LED's brightness failed (-38) [ 242.128794][ T9398] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 242.146639][ T20] leds luxafor0:red:led5: Setting an LED's brightness failed (-38) [ 242.156030][ T20] leds luxafor0:blue:led4: Setting an LED's brightness failed (-38) [ 242.164249][ T311] leds luxafor0:green:led4: Setting an LED's brightness failed (-38) [ 242.193137][ T311] leds luxafor0:red:led4: Setting an LED's brightness failed (-38) [ 242.214703][ T9409] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 242.227596][ T20] leds luxafor0:blue:led3: Setting an LED's brightness failed (-38) [ 242.236279][ T6900] leds luxafor0:green:led3: Setting an LED's brightness failed (-38) [ 242.244588][ T6900] leds luxafor0:red:led3: Setting an LED's brightness failed (-38) [ 242.270761][ T6900] leds luxafor0:blue:led2: Setting an LED's brightness failed (-38) [ 242.304128][ T6900] leds luxafor0:green:led2: Setting an LED's brightness failed (-38) [ 242.314315][ T6900] leds luxafor0:red:led2: Setting an LED's brightness failed (-38) [ 242.342311][ T311] leds luxafor0:blue:led1: Setting an LED's brightness failed (-38) [ 242.359299][ T311] leds luxafor0:green:led1: Setting an LED's brightness failed (-38) [ 242.370910][ T311] leds luxafor0:red:led1: Setting an LED's brightness failed (-38) [ 242.396766][ T311] leds luxafor0:blue:led0: Setting an LED's brightness failed (-38) [ 242.408984][ T311] leds luxafor0:green:led0: Setting an LED's brightness failed (-38) [ 242.417195][ T9428] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 242.431861][ T311] leds luxafor0:red:led0: Setting an LED's brightness failed (-38) [ 243.146513][ T9462] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 243.220220][ T9476] syz-executor.4[9476] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 243.220267][ T9476] syz-executor.4[9476] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 243.251431][ T30] kauditd_printk_skb: 17 callbacks suppressed [ 243.251446][ T30] audit: type=1326 audit(2000000011.084:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9477 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 243.309999][ T30] audit: type=1326 audit(2000000011.084:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9477 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 243.334247][ T30] audit: type=1326 audit(2000000011.093:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9477 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 243.334278][ T30] audit: type=1326 audit(2000000011.093:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9477 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 243.334300][ T30] audit: type=1326 audit(2000000011.093:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9477 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 243.334324][ T30] audit: type=1326 audit(2000000011.093:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9477 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 243.334346][ T30] audit: type=1326 audit(2000000011.093:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9477 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 243.334368][ T30] audit: type=1326 audit(2000000011.093:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9477 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 243.334391][ T30] audit: type=1326 audit(2000000011.093:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9477 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 243.334408][ T30] audit: type=1326 audit(2000000011.093:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9477 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8a3683f29 code=0x7ffc0000 [ 243.584813][ T9495] input: syz0 as /devices/virtual/input/input36 [ 243.625641][ T9501] syz-executor.1[9501] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 243.625717][ T9501] syz-executor.1[9501] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 244.120916][ T9530] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 244.351391][ T9563] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 244.425155][ T9568] loop4: detected capacity change from 0 to 512 [ 244.457821][ T9570] input: syz0 as /devices/virtual/input/input37 [ 244.494291][ T9568] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 244.505276][ T9568] ext4 filesystem being mounted at /root/syzkaller-testdir228245443/syzkaller.SEKgv9/309/bus supports timestamps until 2038 (0x7fffffff) [ 244.609854][ T9589] input: syz0 as /devices/virtual/input/input38 [ 244.801571][ T5564] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 245.824445][ T9625] loop4: detected capacity change from 0 to 1024 [ 245.851883][ T9625] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback. [ 245.987962][ T5564] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 245.999019][ T5564] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 246.008555][ T5564] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 246.017457][ T5564] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 246.025856][ T5564] usb 3-1: config 0 descriptor?? [ 246.068295][ T9644] input: syz0 as /devices/virtual/input/input39 [ 246.329625][ T9653] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 246.555727][ T5564] isku 0003:1E7D:319C.0034: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.2-1/input0 [ 246.578461][ T9671] input: syz0 as /devices/virtual/input/input40 [ 246.778997][ T5564] isku 0003:1E7D:319C.0034: couldn't init struct isku_device [ 246.786369][ T5564] isku 0003:1E7D:319C.0034: couldn't install keyboard [ 246.793683][ T5564] isku: probe of 0003:1E7D:319C.0034 failed with error -5 [ 246.866917][ T9684] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 246.994341][ T5564] usb 3-1: USB disconnect, device number 25 [ 247.052784][ T9714] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 247.198829][ T9726] __nla_validate_parse: 1 callbacks suppressed [ 247.198849][ T9726] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 247.598392][ T9738] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 248.433268][ T9791] loop4: detected capacity change from 0 to 8192 [ 248.457344][ T5564] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 248.725585][ T5564] usb 2-1: Using ep0 maxpacket: 8 [ 248.853121][ T5564] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 248.969758][ T5564] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 249.075861][ T5564] usb 2-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00 [ 249.101277][ T5564] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 249.110327][ T5564] usb 2-1: config 0 descriptor?? [ 249.752231][ T5564] hid-led 0003:04D8:F372.0035: hidraw0: USB HID v0.00 Device [HID 04d8:f372] on usb-dummy_hcd.1-1/input0 [ 249.765381][ T5564] hid-led 0003:04D8:F372.0035: Greynut Luxafor initialized [ 249.972321][ T5564] usb 2-1: USB disconnect, device number 19 [ 249.978640][ T328] leds luxafor0:blue:led5: Setting an LED's brightness failed (-38) [ 249.986598][ T328] leds luxafor0:green:led5: Setting an LED's brightness failed (-38) [ 249.994674][ T328] leds luxafor0:red:led5: Setting an LED's brightness failed (-38) [ 250.002421][ T328] leds luxafor0:blue:led4: Setting an LED's brightness failed (-38) [ 250.010363][ T328] leds luxafor0:green:led4: Setting an LED's brightness failed (-38) [ 250.018764][ T328] leds luxafor0:red:led4: Setting an LED's brightness failed (-38) [ 250.026585][ T328] leds luxafor0:blue:led3: Setting an LED's brightness failed (-38) [ 250.034422][ T328] leds luxafor0:green:led3: Setting an LED's brightness failed (-38) [ 250.042422][ T328] leds luxafor0:red:led3: Setting an LED's brightness failed (-38) [ 250.050305][ T328] leds luxafor0:blue:led2: Setting an LED's brightness failed (-38) [ 250.058194][ T328] leds luxafor0:green:led2: Setting an LED's brightness failed (-38) [ 250.066151][ T328] leds luxafor0:red:led2: Setting an LED's brightness failed (-38) [ 250.073970][ T328] leds luxafor0:blue:led1: Setting an LED's brightness failed (-38) [ 250.081776][ T328] leds luxafor0:green:led1: Setting an LED's brightness failed (-38) [ 250.089713][ T328] leds luxafor0:red:led1: Setting an LED's brightness failed (-38) [ 250.097574][ T328] leds luxafor0:blue:led0: Setting an LED's brightness failed (-38) [ 250.105469][ T328] leds luxafor0:green:led0: Setting an LED's brightness failed (-38) [ 250.113353][ T328] leds luxafor0:red:led0: Setting an LED's brightness failed (-38) [ 250.385465][ T9835] loop4: detected capacity change from 0 to 8192 [ 250.414889][ T9846] /dev/loop0: Can't open blockdev [ 250.557868][ T9857] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 250.648930][ T1140] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 251.094050][ T9889] loop2: detected capacity change from 0 to 2048 [ 251.147504][ T9889] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 251.226330][ T1140] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 251.237359][ T1140] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 251.246953][ T1140] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 251.259840][ T1140] usb 1-1: New USB device found, idVendor=056a, idProduct=4004, bcdDevice= 0.00 [ 251.268743][ T1140] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 251.286690][ T1140] usb 1-1: config 0 descriptor?? [ 251.427089][ T9907] EXT4-fs warning (device sda1): verify_group_input:147: Cannot add at group 2061 (only 8 groups) [ 251.632786][ T9930] fuse: Bad value for 'fd' [ 251.824416][ T1140] wacom 0003:056A:4004.0036: unknown main item tag 0x0 [ 251.832188][ T1140] wacom 0003:056A:4004.0036: unknown main item tag 0x0 [ 251.838986][ T1140] wacom 0003:056A:4004.0036: unknown main item tag 0x0 [ 251.845644][ T1140] wacom 0003:056A:4004.0036: unknown main item tag 0x0 [ 251.852330][ T1140] wacom 0003:056A:4004.0036: unknown main item tag 0x0 [ 251.859042][ T1140] wacom 0003:056A:4004.0036: unknown main item tag 0x0 [ 251.862063][ T9942] EXT4-fs warning (device sda1): verify_group_input:147: Cannot add at group 2061 (only 8 groups) [ 251.866627][ T1140] wacom 0003:056A:4004.0036: hidraw0: USB HID v0.00 Device [HID 056a:4004] on usb-dummy_hcd.0-1/input0 [ 252.026702][ T1140] usb 1-1: USB disconnect, device number 17 [ 252.255821][ T9973] loop2: detected capacity change from 0 to 256 [ 252.302300][ T9973] FAT-fs (loop2): Directory bread(block 64) failed [ 252.309899][ T9973] FAT-fs (loop2): Directory bread(block 65) failed [ 252.316298][ T9973] FAT-fs (loop2): Directory bread(block 66) failed [ 252.322649][ T9973] FAT-fs (loop2): Directory bread(block 67) failed [ 252.329265][ T9973] FAT-fs (loop2): Directory bread(block 68) failed [ 252.335662][ T9973] FAT-fs (loop2): Directory bread(block 69) failed [ 252.342031][ T9973] FAT-fs (loop2): Directory bread(block 70) failed [ 252.348313][ T9973] FAT-fs (loop2): Directory bread(block 71) failed [ 252.354730][ T9973] FAT-fs (loop2): Directory bread(block 72) failed [ 252.361113][ T9973] FAT-fs (loop2): Directory bread(block 73) failed [ 252.630432][ C0] ------------[ cut here ]------------ [ 252.635709][ C0] WARNING: CPU: 0 PID: 10008 at kernel/softirq.c:358 __local_bh_enable_ip+0x6c/0x80 [ 252.644910][ C0] Modules linked in: [ 252.648648][ C0] CPU: 0 PID: 10008 Comm: syz-executor.3 Tainted: G W 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 252.660185][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 252.670088][ C0] RIP: 0010:__local_bh_enable_ip+0x6c/0x80 [ 252.675721][ C0] Code: 66 8b 05 e7 87 c0 7e 66 85 c0 75 22 bf 01 00 00 00 e8 98 42 09 00 65 8b 05 59 85 bf 7e 85 c0 74 02 5d c3 e8 5a 99 bd ff 5d c3 <0f> 0b eb a2 e8 0b 00 00 00 eb d7 66 0f 1f 84 00 00 00 00 00 55 48 [ 252.695162][ C0] RSP: 0018:ffffc90000007d60 EFLAGS: 00010006 [ 252.701063][ C0] RAX: 0000000080010204 RBX: ffff888106dca008 RCX: dffffc0000000000 [ 252.708872][ C0] RDX: 0000000080010204 RSI: 0000000000000201 RDI: ffffffff83fe6af2 [ 252.716684][ C0] RBP: ffffc90000007d60 R08: dffffc0000000000 R09: 0000000000000003 [ 252.724497][ C0] R10: fffff52000000fa0 R11: dffffc0000000001 R12: 0000000000000000 [ 252.732309][ C0] R13: dffffc0000000000 R14: 00000000fffffffe R15: ffff888106dca000 [ 252.740119][ C0] FS: 00007fdbec8da6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 252.748885][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 252.755309][ C0] CR2: 0000000020469000 CR3: 000000011c7ce000 CR4: 00000000003506b0 [ 252.763122][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 252.770935][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 252.778745][ C0] Call Trace: [ 252.781889][ C0] [ 252.784561][ C0] ? show_regs+0x58/0x60 [ 252.788640][ C0] ? __warn+0x160/0x2f0 [ 252.792669][ C0] ? __local_bh_enable_ip+0x6c/0x80 [ 252.797664][ C0] ? report_bug+0x3d9/0x5b0 [ 252.802003][ C0] ? __local_bh_enable_ip+0x6c/0x80 [ 252.807038][ C0] ? handle_bug+0x41/0x70 [ 252.811206][ C0] ? exc_invalid_op+0x1b/0x50 [ 252.815716][ C0] ? asm_exc_invalid_op+0x1b/0x20 [ 252.820578][ C0] ? sock_hash_delete_elem+0x2a2/0x2f0 [ 252.825871][ C0] ? __local_bh_enable_ip+0x6c/0x80 [ 252.830905][ C0] _raw_spin_unlock_bh+0x51/0x60 [ 252.835681][ C0] sock_hash_delete_elem+0x2a2/0x2f0 [ 252.840803][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x290 [ 252.846181][ C0] bpf_trace_run2+0xec/0x210 [ 252.850608][ C0] ? lapic_next_event+0x5f/0x70 [ 252.855295][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 252.859982][ C0] ? flush_tlb_one_user+0x50/0x50 [ 252.864842][ C0] __bpf_trace_tlb_flush+0x23/0x30 [ 252.869794][ C0] flush_tlb_func+0x530/0x550 [ 252.874305][ C0] flush_smp_call_function_queue+0x222/0x6a0 [ 252.880117][ C0] ? native_flush_tlb_multi+0x210/0x210 [ 252.885498][ C0] generic_smp_call_function_single_interrupt+0x13/0x20 [ 252.892271][ C0] __sysvec_call_function_single+0x63/0x1b0 [ 252.897998][ C0] sysvec_call_function_single+0x92/0xb0 [ 252.903466][ C0] [ 252.906241][ C0] [ 252.909020][ C0] asm_sysvec_call_function_single+0x1b/0x20 [ 252.914841][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x57/0x80 [ 252.921084][ C0] Code: 8d 86 e8 ac 45 e9 fc 48 83 3d ac 29 c4 01 00 74 35 48 89 df e8 1e bc 8b fc 66 90 41 f7 c6 00 02 00 00 74 01 fb bf 01 00 00 00 74 ff 82 fc 65 8b 05 35 42 39 7b 85 c0 74 05 5b 41 5e 5d c3 e8 [ 252.940527][ C0] RSP: 0018:ffffc90000fa75c0 EFLAGS: 00000206 [ 252.946428][ C0] RAX: 0000000000000001 RBX: ffff88811eb48ec0 RCX: dffffc0000000000 [ 252.954240][ C0] RDX: 0000000000000001 RSI: 0000000000000246 RDI: 0000000000000001 [ 252.962052][ C0] RBP: ffffc90000fa75d0 R08: dffffc0000000000 R09: ffffed1020c37004 [ 252.969863][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000246 [ 252.977671][ C0] R13: 0000000000000000 R14: 0000000000000246 R15: ffff88811eb48ec0 [ 252.985501][ C0] prepare_to_wait_exclusive+0x1ac/0x1f0 [ 252.990954][ C0] unix_wait_for_peer+0x15d/0x330 [ 252.995813][ C0] ? unix_find_other+0x860/0x860 [ 253.000586][ C0] ? io_schedule+0x120/0x120 [ 253.005019][ C0] ? _raw_spin_trylock_bh+0x190/0x190 [ 253.010222][ C0] ? security_unix_may_send+0x7b/0xa0 [ 253.015429][ C0] unix_dgram_sendmsg+0x143f/0x2090 [ 253.020466][ C0] ? unix_dgram_poll+0x710/0x710 [ 253.025237][ C0] ? security_socket_sendmsg+0x82/0xb0 [ 253.030531][ C0] ? unix_dgram_poll+0x710/0x710 [ 253.035320][ C0] ____sys_sendmsg+0x59e/0x8f0 [ 253.039908][ C0] ? __sys_sendmsg_sock+0x40/0x40 [ 253.044766][ C0] ? import_iovec+0xe5/0x120 [ 253.049191][ C0] ___sys_sendmsg+0x252/0x2e0 [ 253.053704][ C0] ? __sys_sendmsg+0x260/0x260 [ 253.058311][ C0] ? __sys_sendmmsg+0x2ca/0x530 [ 253.062992][ C0] __sys_sendmmsg+0x2bf/0x530 [ 253.067525][ C0] ? __ia32_sys_sendmsg+0x90/0x90 [ 253.072367][ C0] ? fpu_flush_thread+0xf0/0xf0 [ 253.077052][ C0] ? __kasan_check_read+0x11/0x20 [ 253.081913][ C0] __x64_sys_sendmmsg+0xa0/0xb0 [ 253.086600][ C0] do_syscall_64+0x3d/0xb0 [ 253.090860][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 253.096580][ C0] RIP: 0033:0x7fdbed55ff29 [ 253.100835][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 253.120274][ C0] RSP: 002b:00007fdbec8da0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 253.128520][ C0] RAX: ffffffffffffffda RBX: 00007fdbed696f80 RCX: 00007fdbed55ff29 [ 253.136330][ C0] RDX: 0000000000000318 RSI: 00000000200bd000 RDI: 0000000000000004 [ 253.144141][ C0] RBP: 00007fdbed5cf074 R08: 0000000000000000 R09: 0000000000000000 [ 253.151960][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 253.159769][ C0] R13: 000000000000000b R14: 00007fdbed696f80 R15: 00007fff5171fed8 [ 253.167580][ C0] [ 253.170442][ C0] ---[ end trace c4d9f53516e183c7 ]--- [ 253.193738][ C0] ================================================================== [ 253.201622][ C0] BUG: KASAN: null-ptr-deref in flush_tlb_func+0x43/0x550 [ 253.208571][ C0] Read of size 8 at addr 0000000000000329 by task kworker/0:5/1140 [ 253.216288][ C0] [ 253.218460][ C0] CPU: 0 PID: 1140 Comm: kworker/0:5 Tainted: G W 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 253.229655][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 253.239550][ C0] Workqueue: 0x0 (events) [ 253.243801][ C0] Call Trace: [ 253.246927][ C0] [ 253.249616][ C0] dump_stack_lvl+0x151/0x1b7 [ 253.254128][ C0] ? io_uring_drop_tctx_refs+0x190/0x190 [ 253.259598][ C0] ? get_stack_info+0x3b/0x100 [ 253.264197][ C0] kasan_report+0x16f/0x1c0 [ 253.268537][ C0] ? flush_tlb_func+0x43/0x550 [ 253.273140][ C0] ? flush_tlb_func+0x43/0x550 [ 253.277736][ C0] kasan_check_range+0x293/0x2a0 [ 253.282519][ C0] __kasan_check_read+0x11/0x20 [ 253.287195][ C0] flush_tlb_func+0x43/0x550 [ 253.291623][ C0] ? kvm_sched_clock_read+0x18/0x40 [ 253.296683][ C0] ? sched_clock+0x9/0x10 [ 253.300822][ C0] ? sched_clock_cpu+0x18/0x3b0 [ 253.305511][ C0] flush_smp_call_function_queue+0x222/0x6a0 [ 253.311331][ C0] ? debug_smp_processor_id+0x17/0x20 [ 253.316532][ C0] ? native_flush_tlb_multi+0x210/0x210 [ 253.321915][ C0] generic_smp_call_function_single_interrupt+0x13/0x20 [ 253.328684][ C0] __sysvec_call_function_single+0x63/0x1b0 [ 253.334410][ C0] sysvec_call_function_single+0x41/0xb0 [ 253.339880][ C0] asm_sysvec_call_function_single+0x1b/0x20 [ 253.345696][ C0] RIP: 0010:unwind_next_frame+0x1/0x700 [ 253.351079][ C0] Code: c0 08 5b 41 5e 41 5f 5d c3 44 89 f1 80 e1 07 80 c1 03 38 c1 7c 99 4c 89 f7 e8 8b 9d 7d 00 eb 8f 66 0f 1f 84 00 00 00 00 00 55 <48> 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 50 49 89 fe 48 ba 00 [ 253.370520][ C0] RSP: 0018:ffffc90000007770 EFLAGS: 00000202 [ 253.376422][ C0] RAX: 0000000000000001 RBX: ffffc90000007780 RCX: 0000000000007701 [ 253.384233][ C0] RDX: dffffc0000000000 RSI: ffffffff81b24826 RDI: ffffc90000007780 [ 253.392047][ C0] RBP: ffffc90000007810 R08: ffffc90000007868 R09: 0000000000000002 [ 253.399854][ C0] R10: ffffc90000007870 R11: dffffc0000000001 R12: ffff8881187d93c0 [ 253.407666][ C0] R13: ffffffff815f5280 R14: ffffc90000007860 R15: 0000000000000000 [ 253.415481][ C0] ? stack_trace_save+0x1c0/0x1c0 [ 253.420343][ C0] ? ____kasan_slab_free+0x126/0x160 [ 253.425463][ C0] ? arch_stack_walk+0x10d/0x140 [ 253.430235][ C0] ? ____kasan_slab_free+0x126/0x160 [ 253.435354][ C0] stack_trace_save+0x113/0x1c0 [ 253.440042][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 253.444989][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 253.449937][ C0] ? kmem_cache_free+0x116/0x2e0 [ 253.454711][ C0] ? kmem_cache_free+0x116/0x2e0 [ 253.459482][ C0] ? kmem_cache_free+0x116/0x2e0 [ 253.464256][ C0] kasan_set_track+0x4b/0x70 [ 253.468682][ C0] ? kasan_set_track+0x4b/0x70 [ 253.473283][ C0] ? kasan_set_free_info+0x23/0x40 [ 253.478232][ C0] ? ____kasan_slab_free+0x126/0x160 [ 253.483355][ C0] kasan_set_free_info+0x23/0x40 [ 253.488125][ C0] ____kasan_slab_free+0x126/0x160 [ 253.493084][ C0] __kasan_slab_free+0x11/0x20 [ 253.497672][ C0] slab_free_freelist_hook+0xbd/0x190 [ 253.502879][ C0] ? inode_free_by_rcu+0x1c/0x20 [ 253.507654][ C0] kmem_cache_free+0x116/0x2e0 [ 253.512255][ C0] ? security_inode_free+0xd0/0xd0 [ 253.517201][ C0] inode_free_by_rcu+0x1c/0x20 [ 253.521800][ C0] rcu_do_batch+0x57a/0xc10 [ 253.526144][ C0] ? local_bh_enable+0x20/0x20 [ 253.530739][ C0] ? __kasan_check_write+0x14/0x20 [ 253.535687][ C0] ? rcu_report_qs_rnp+0x2bf/0x390 [ 253.540636][ C0] rcu_core+0x517/0x1020 [ 253.544724][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 253.549747][ C0] ? sched_clock_cpu+0x18/0x3b0 [ 253.554437][ C0] ? irqtime_account_irq+0x79/0x3c0 [ 253.559469][ C0] rcu_core_si+0x9/0x10 [ 253.563572][ C0] __do_softirq+0x26d/0x5bf [ 253.567913][ C0] do_softirq+0xf6/0x150 [ 253.571995][ C0] [ 253.574769][ C0] [ 253.577547][ C0] ? __local_bh_enable_ip+0x80/0x80 [ 253.582589][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 253.587444][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 253.592564][ C0] __local_bh_enable_ip+0x75/0x80 [ 253.597424][ C0] _raw_spin_unlock_bh+0x51/0x60 [ 253.602197][ C0] sock_hash_delete_elem+0x2a2/0x2f0 [ 253.607332][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x290 [ 253.612705][ C0] bpf_trace_run2+0xec/0x210 [ 253.617128][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 253.621816][ C0] ? bpf_trace_run2+0x210/0x210 [ 253.626499][ C0] ? __this_cpu_preempt_check+0x13/0x20 [ 253.631879][ C0] __bpf_trace_tlb_flush+0x23/0x30 [ 253.636828][ C0] switch_mm_irqs_off+0x616/0x9b0 [ 253.641688][ C0] ? __bpf_trace_sched_switch+0xb/0x10 [ 253.646981][ C0] __schedule+0xb2b/0x1590 [ 253.651238][ C0] ? __sched_text_start+0x8/0x8 [ 253.655931][ C0] ? kthread_data+0x53/0xc0 [ 253.660265][ C0] ? wq_worker_sleeping+0x63/0x200 [ 253.665212][ C0] schedule+0x11f/0x1e0 [ 253.669204][ C0] worker_thread+0xf7f/0x12a0 [ 253.673718][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 253.678404][ C0] kthread+0x421/0x510 [ 253.682306][ C0] ? worker_clr_flags+0x180/0x180 [ 253.687176][ C0] ? kthread_blkcg+0xd0/0xd0 [ 253.691595][ C0] ret_from_fork+0x1f/0x30 [ 253.695891][ C0] [ 253.698716][ C0] ================================================================== [ 253.706610][ C0] Disabling lock debugging due to kernel taint [ 253.712646][ C0] general protection fault, probably for non-canonical address 0xdffffc0000000065: 0000 [#1] PREEMPT SMP KASAN [ 253.724143][ C0] KASAN: null-ptr-deref in range [0x0000000000000328-0x000000000000032f] [ 253.732562][ C0] CPU: 0 PID: 1140 Comm: kworker/0:5 Tainted: G B W 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 253.743758][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 253.753653][ C0] Workqueue: 0x0 (events) [ 253.757906][ C0] RIP: 0010:flush_tlb_func+0x4a/0x550 [ 253.763112][ C0] Code: 8b 35 2a 96 cd 7e 65 66 44 8b 25 31 96 cd 7e 49 8d 9e 28 03 00 00 48 89 df be 08 00 00 00 e8 fd 97 7c 00 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 07 96 7c 00 4c 8b 3b 66 44 89 65 [ 253.782555][ C0] RSP: 0018:ffffc900000075a0 EFLAGS: 00010006 [ 253.788454][ C0] RAX: 0000000000000065 RBX: 0000000000000329 RCX: ffff8881187d93c0 [ 253.796271][ C0] RDX: 0000000080010104 RSI: 0000000000000096 RDI: 00000000ffffffff [ 253.804086][ C0] RBP: ffffc90000007610 R08: ffffffff8141701b R09: 0000000000000003 [ 253.811890][ C0] R10: fffffbfff0e5284c R11: dffffc0000000001 R12: 1ffff1103ee00000 [ 253.819701][ C0] R13: ffff8881f7137180 R14: 0000000000000001 R15: dffffc0000000000 [ 253.827513][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 253.836280][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 253.842710][ C0] CR2: 0000001b33627000 CR3: 000000011c7ce000 CR4: 00000000003506b0 [ 253.850515][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 253.858325][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 253.866136][ C0] Call Trace: [ 253.869262][ C0] [ 253.871955][ C0] ? __die_body+0x62/0xb0 [ 253.876119][ C0] ? die_addr+0x9f/0xd0 [ 253.880110][ C0] ? exc_general_protection+0x311/0x4b0 [ 253.885497][ C0] ? asm_exc_general_protection+0x27/0x30 [ 253.891047][ C0] ? check_panic_on_warn+0x5b/0xb0 [ 253.895996][ C0] ? flush_tlb_func+0x4a/0x550 [ 253.900593][ C0] ? kvm_sched_clock_read+0x18/0x40 [ 253.905627][ C0] ? sched_clock+0x9/0x10 [ 253.909813][ C0] ? sched_clock_cpu+0x18/0x3b0 [ 253.914484][ C0] flush_smp_call_function_queue+0x222/0x6a0 [ 253.920298][ C0] ? debug_smp_processor_id+0x17/0x20 [ 253.925502][ C0] ? native_flush_tlb_multi+0x210/0x210 [ 253.930885][ C0] generic_smp_call_function_single_interrupt+0x13/0x20 [ 253.937653][ C0] __sysvec_call_function_single+0x63/0x1b0 [ 253.943382][ C0] sysvec_call_function_single+0x41/0xb0 [ 253.948853][ C0] asm_sysvec_call_function_single+0x1b/0x20 [ 253.954666][ C0] RIP: 0010:unwind_next_frame+0x1/0x700 [ 253.960048][ C0] Code: c0 08 5b 41 5e 41 5f 5d c3 44 89 f1 80 e1 07 80 c1 03 38 c1 7c 99 4c 89 f7 e8 8b 9d 7d 00 eb 8f 66 0f 1f 84 00 00 00 00 00 55 <48> 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 50 49 89 fe 48 ba 00 [ 253.979489][ C0] RSP: 0018:ffffc90000007770 EFLAGS: 00000202 [ 253.985390][ C0] RAX: 0000000000000001 RBX: ffffc90000007780 RCX: 0000000000007701 [ 253.993200][ C0] RDX: dffffc0000000000 RSI: ffffffff81b24826 RDI: ffffc90000007780 [ 254.001012][ C0] RBP: ffffc90000007810 R08: ffffc90000007868 R09: 0000000000000002 [ 254.008824][ C0] R10: ffffc90000007870 R11: dffffc0000000001 R12: ffff8881187d93c0 [ 254.016635][ C0] R13: ffffffff815f5280 R14: ffffc90000007860 R15: 0000000000000000 [ 254.024449][ C0] ? stack_trace_save+0x1c0/0x1c0 [ 254.029310][ C0] ? ____kasan_slab_free+0x126/0x160 [ 254.034430][ C0] ? arch_stack_walk+0x10d/0x140 [ 254.039203][ C0] ? ____kasan_slab_free+0x126/0x160 [ 254.044324][ C0] stack_trace_save+0x113/0x1c0 [ 254.049009][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 254.053956][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 254.058910][ C0] ? kmem_cache_free+0x116/0x2e0 [ 254.063678][ C0] ? kmem_cache_free+0x116/0x2e0 [ 254.068451][ C0] ? kmem_cache_free+0x116/0x2e0 [ 254.073226][ C0] kasan_set_track+0x4b/0x70 [ 254.077651][ C0] ? kasan_set_track+0x4b/0x70 [ 254.082252][ C0] ? kasan_set_free_info+0x23/0x40 [ 254.087199][ C0] ? ____kasan_slab_free+0x126/0x160 [ 254.092325][ C0] kasan_set_free_info+0x23/0x40 [ 254.097092][ C0] ____kasan_slab_free+0x126/0x160 [ 254.102040][ C0] __kasan_slab_free+0x11/0x20 [ 254.106640][ C0] slab_free_freelist_hook+0xbd/0x190 [ 254.111849][ C0] ? inode_free_by_rcu+0x1c/0x20 [ 254.116623][ C0] kmem_cache_free+0x116/0x2e0 [ 254.121222][ C0] ? security_inode_free+0xd0/0xd0 [ 254.126171][ C0] inode_free_by_rcu+0x1c/0x20 [ 254.130770][ C0] rcu_do_batch+0x57a/0xc10 [ 254.135111][ C0] ? local_bh_enable+0x20/0x20 [ 254.139713][ C0] ? __kasan_check_write+0x14/0x20 [ 254.144657][ C0] ? rcu_report_qs_rnp+0x2bf/0x390 [ 254.149603][ C0] rcu_core+0x517/0x1020 [ 254.153684][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 254.158716][ C0] ? sched_clock_cpu+0x18/0x3b0 [ 254.163405][ C0] ? irqtime_account_irq+0x79/0x3c0 [ 254.168441][ C0] rcu_core_si+0x9/0x10 [ 254.172431][ C0] __do_softirq+0x26d/0x5bf [ 254.176771][ C0] do_softirq+0xf6/0x150 [ 254.180850][ C0] [ 254.183627][ C0] [ 254.186404][ C0] ? __local_bh_enable_ip+0x80/0x80 [ 254.191448][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 254.196298][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 254.201335][ C0] __local_bh_enable_ip+0x75/0x80 [ 254.206192][ C0] _raw_spin_unlock_bh+0x51/0x60 [ 254.210967][ C0] sock_hash_delete_elem+0x2a2/0x2f0 [ 254.216109][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x290 [ 254.221469][ C0] bpf_trace_run2+0xec/0x210 [ 254.225894][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 254.230583][ C0] ? bpf_trace_run2+0x210/0x210 [ 254.235269][ C0] ? __this_cpu_preempt_check+0x13/0x20 [ 254.240650][ C0] __bpf_trace_tlb_flush+0x23/0x30 [ 254.245596][ C0] switch_mm_irqs_off+0x616/0x9b0 [ 254.250460][ C0] ? __bpf_trace_sched_switch+0xb/0x10 [ 254.255752][ C0] __schedule+0xb2b/0x1590 [ 254.260005][ C0] ? __sched_text_start+0x8/0x8 [ 254.264692][ C0] ? kthread_data+0x53/0xc0 [ 254.269030][ C0] ? wq_worker_sleeping+0x63/0x200 [ 254.273977][ C0] schedule+0x11f/0x1e0 [ 254.277969][ C0] worker_thread+0xf7f/0x12a0 [ 254.282485][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 254.287173][ C0] kthread+0x421/0x510 [ 254.291076][ C0] ? worker_clr_flags+0x180/0x180 [ 254.295936][ C0] ? kthread_blkcg+0xd0/0xd0 [ 254.300363][ C0] ret_from_fork+0x1f/0x30 [ 254.304617][ C0] [ 254.307480][ C0] Modules linked in: [ 254.311216][ C0] ---[ end trace c4d9f53516e183c8 ]--- [ 254.316506][ C0] RIP: 0010:flush_tlb_func+0x4a/0x550 [ 254.321716][ C0] Code: 8b 35 2a 96 cd 7e 65 66 44 8b 25 31 96 cd 7e 49 8d 9e 28 03 00 00 48 89 df be 08 00 00 00 e8 fd 97 7c 00 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 07 96 7c 00 4c 8b 3b 66 44 89 65 [ 254.341158][ C0] RSP: 0018:ffffc900000075a0 EFLAGS: 00010006 [ 254.347058][ C0] RAX: 0000000000000065 RBX: 0000000000000329 RCX: ffff8881187d93c0 [ 254.354870][ C0] RDX: 0000000080010104 RSI: 0000000000000096 RDI: 00000000ffffffff [ 254.362681][ C0] RBP: ffffc90000007610 R08: ffffffff8141701b R09: 0000000000000003 [ 254.370493][ C0] R10: fffffbfff0e5284c R11: dffffc0000000001 R12: 1ffff1103ee00000 [ 254.378304][ C0] R13: ffff8881f7137180 R14: 0000000000000001 R15: dffffc0000000000 [ 254.386116][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 254.394881][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 254.401305][ C0] CR2: 0000001b33627000 CR3: 000000011c7ce000 CR4: 00000000003506b0 [ 254.409117][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 254.416925][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 254.424749][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 255.533458][ C0] Shutting down cpus with NMI [ 255.538182][ C0] Kernel Offset: disabled [ 255.542301][ C0] Rebooting in 86400 seconds..