last executing test programs: 3.256160612s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) renameat2(0xffffffffffffffff, &(0x7f0000000040)='./file0/../file0\x00', 0xffffffffffffffff, &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 3.228184707s ago: executing program 4: r0 = socket$inet6(0xa, 0x2, 0x3a) r1 = fcntl$dupfd(r0, 0x0, r0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='batadv_slave_0\x00', 0x10) write$FUSE_CREATE_OPEN(r1, &(0x7f0000001640)={0xa0}, 0xa0) 3.200030961s ago: executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) request_key(&(0x7f0000000100)='asymmetric\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000040)='R\x9e\xec\xb42:\xd3>\x00rust\xebc*sgrVex*De', 0x0) 3.166278466s ago: executing program 4: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c1, &(0x7f00000005c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2rrAwMpOZzWSNMZHNyu1+Ps0++8zznfk9k4fsbJEnH748Obqfx8MnX/wSWZZEZxjDOEliEJ1ofBULht8EAPAsOymK+L2Y2SSXRES2vbIAgC1a7+9/d9786VLKAgC26N677729f3Bw550ssrg7+fp4VP5nX/6cHd9/GB/HOB7Ea9GP04jqQWE3qqeFsnm3KIppNy8N4uZkejwqk5MPntbn3/8tosrvRT8GVdfZ00aVf+vgzl4+08pPyzqer68/LPO3ox8vnoUX8reX5GOUxquvtOq/Ff34+aP4JMZxvypinv9yL8/fLL794/P3y/LKfDI9HvWqcXPFziW/NAAAAAAAAAAAAAAAAAAAAAAAXGG36r1zepHfiJuTsqvef2fnNNLy17wxWNyfZ5ZPmhO19wcqimJaxPetLQXzoh44z3fjpW57Y0EAAAAAAAAAAAAAAAAAAAC4vh5/+tnR4Xj84NGFNJrdALoR8ee9iP96nmGr50asHtyrr3k4Hnfq5sKYp2m7J3aaMUnEyjLKSVzQbfm3xnPna24aP/xYTnCTE2atnteXT3B3+/NqVtfRYbL8Wr1oerJ6kXyXRszHpLHmtdJ/OlTEJssvXXqov/Hc0xeqxnTFmEhWFfbGr7M7V/ck52eRVnd1aXy3brTi59bGWq97ZLP4398rkmq3jt723owAAAAAAAAAAAAAAAAAAOCam3/6d8nBJyujncJHgQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4Iubf/79BY1qH1xicxqPH//MUAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuAb+CgAA//8HIVi7") r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0xfffffffb, 0x3) mlockall(0x0) 1.763583185s ago: executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.events\x00', 0x26e1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) close(r0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x1a1282, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400) write$cgroup_pid(r0, 0x0, 0x2) 1.738797919s ago: executing program 3: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100)={0x0, 0x0, 0x8, r0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000000)) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x404a2810}, 0xc, 0x0}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000040)={[{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, {0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x3, 0x0, 0x7, 0x0, 0x0, 0x2}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x1f}, 0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) 1.657718201s ago: executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x4, 0x7fe2, 0x1}, 0x48) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000011c0)=ANY=[@ANYBLOB="12010001090003206d0414c340000000000109022400010000a000090400000103010100092100080001220300090581", @ANYRES64], 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000b40), 0x2b842ac, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000fe1f702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000017000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r3, 0x0, 0x0, 0x53, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1.53855126s ago: executing program 3: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='auxv\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') 1.071333333s ago: executing program 1: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='ext4_es_find_extent_range_enter\x00', r1}, 0x10) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) 1.02693491s ago: executing program 0: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000001180)='./bus\x00') r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) io_setup(0x1, &(0x7f0000000200)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x6, 0x1, 0x0, r0, 0x0}]) 1.019519061s ago: executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.events\x00', 0x26e1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) close(r0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x1a1282, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400) write$cgroup_pid(r0, 0x0, 0x2) 966.766549ms ago: executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x18, 0x66, 0x5fb9a818fb7378e9}, 0x18}}, 0x0) 957.92737ms ago: executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"}) r1 = syz_open_pts(r0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, "2b565ccd8395a6bc"}) ioctl$TCGETA(r0, 0x802c542a, &(0x7f0000000700)) 925.292396ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='jbd2_update_log_tail\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='jbd2_update_log_tail\x00', r3}, 0x10) ioctl$TUNSETOFFLOAD(r2, 0x40086607, 0x20001419) 899.403259ms ago: executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x7c77619b76911798, 0x1) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) open$dir(&(0x7f0000000140)='./file0\x00', 0x181001, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='net_prio.prioidx\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x8802, 0x0) pselect6(0x40, &(0x7f0000000180)={0x0, 0x200}, 0x0, &(0x7f00000001c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000}, 0x0, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 763.855711ms ago: executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./bus\x00', 0x1804010, &(0x7f00000004c0)={[{@numtail}, {@uni_xlate}, {@uni_xlate}, {@utf8no}, {@numtail}, {@uni_xlateno}, {@uni_xlateno}, {@fat=@check_strict}, {@fat=@nfs_nostale_ro}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-5'}}, {@uni_xlate}, {@rodir}, {@shortname_lower}, {@utf8no}]}, 0x3, 0x35f, &(0x7f00000006c0)="$eJzs3U9om2UYAPAn+9KkG8ztIAwF4dOboHWbeNBTx+hgLBeV4B9QDK5TSeqgwWB7aFYv4lHwqCdvHvTgYWcRFPHmwasTZCoedLeBY5/k+9L8aZJaBtks/n6H8OR53+d7ny8Nzde0efvacjQvLsSlGzeux+JiKcrLZ5fjZimORxI7rsSkypQcAHAw3Myy+Csr7LOkNOeWAIA5y1//3zg6knnvm73mZyOv/i4EAOBg6v/8f3ivOYuzBi7PpSUAYM4m3v9/ZGy4Mv6r/vLIXwUAAAfV8y+9fOFMLeK5NF2MWHu/U+/U45nh+JlL8Va0YjVOxrG4FVFcKPRuSvntufO1lZNpmnbj1+NR71V06hFr3U69uFI4k+T11TgVm7372UAeJ+e+rK2cSnMRcaWbrx9rpU59IY701//pSKzG6Ujj/on6iPO1ldNp/wD1tZ36bsT28H2LXv9LcSx+eD0uRysu5n3sXNbUVrZOpenZrDZW36lX83mFme+AAAAAAAAAAAAAAAAAAAAAAADAHVlKB44P9r/Jhvv3LC1NGc/3xynq+/sDbRf7A2XVLLLsz3cfr3+QxNj+QLv35+nUy3Ho3p46AAAAAAAAAAAAAAAAAAAA/Ge0NyrRaLVW19sbm83RoLve3jgUEb3M2999/vXhmJwzO8huZ9lGub9GfphiKO2nNpuNLBlMTiImj5MMq5qNz64OOu5nsmpEuzo4i6ltVGcPtVpHH/7l42HmoWTnyLeHc5KYfoLJsI2JI6/dV7S0zwdqPDj9L3OuZVk2q3zr1cmqKEWUR1rtvPLEhTtqbDTIesG319984Mn2iafyzFdZ4dHHjr1w7aNPf282Wr2VI/8KVtbbt7Jmo39/+pNtdtB7qHcypSiC0ugzobxX+fZ4ppH8+MeLD374/f5Wz0Yz70yZkxSn88XuoUoR9NrcNXR42loLU578cwhOfLLcuLr182/7rRr5JmGjDgAAAAAAAAAAAAAAAAAAuCtGPive1/+w78JeVU8/O//OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODuGf7//5FgeyKzn+DvbkwOVVfX2xGVe32aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8z/0TAAD//xIVbik=") openat2$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x18) openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x18) 690.357372ms ago: executing program 3: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100)={0x0, 0x0, 0x8, r0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000000)) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x404a2810}, 0xc, 0x0}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000040)={[{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, {0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x3, 0x0, 0x7, 0x0, 0x0, 0x2}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x1f}, 0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) 362.392863ms ago: executing program 2: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b703000000006c288500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) r2 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) fallocate(r2, 0x0, 0x400000000000004, 0x7) 271.903847ms ago: executing program 2: socket$packet(0x11, 0x2, 0x300) r0 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) syz_emit_ethernet(0x3a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 120.479561ms ago: executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x0, "cd2cf7680800000100f200a0fc380e43c96d22"}) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000040)) 87.796476ms ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005600000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 78.385748ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000017b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r3}, &(0x7f0000000a00), &(0x7f0000000a40)=r2}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r3}, &(0x7f0000000880), &(0x7f00000008c0)=r2}, 0x20) 75.921118ms ago: executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000001180)='./bus\x00') r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) io_setup(0x1, &(0x7f0000000200)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x6, 0x1, 0x0, r0, 0x0}]) 75.571788ms ago: executing program 1: r0 = socket$inet6(0xa, 0x3, 0x1) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev, @in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x2e}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in=@remote}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0) 58.926831ms ago: executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x18, 0x66, 0x5fb9a818fb7378e9}, 0x18}}, 0x0) 49.177122ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='jbd2_update_log_tail\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='jbd2_update_log_tail\x00', r3}, 0x10) ioctl$TUNSETOFFLOAD(r2, 0x40086607, 0x20001419) 41.453313ms ago: executing program 0: sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f00000015c0)='/sys/power/reserved_size', 0x1, 0x0) unshare(0x0) open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) syncfs(0xffffffffffffffff) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x3, &(0x7f0000000040)=[{0x25}, {}, {0x6}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) 36.133984ms ago: executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0xb635773f02ebbeec, 0x13, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{0x1, 0xffffffffffffffff}, &(0x7f0000000280), &(0x7f00000003c0)='%-5lx \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) pipe2(0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800702, &(0x7f0000000300)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x7}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@nodelalloc}, {@grpquota}, {@usrjquota}]}, 0x3, 0x464, &(0x7f0000000fc0)="$eJzs281vFOUfAPDvTF/4/XhrRXwBUarE2PjS0oLKwYtGEw8YTfSAx7othFCooTUR0kg1Bi8mhkTPxqOJf4E3L0Y9mXjVs4aEaC+gp5qZnYHd7W5fZNst7OeTTPs8O8/OPN995tl5Zp6dALrWUPYnidgZEb9GxEA1W19gqPrvxuJ85e/F+UoSS0tv/pnk5a4vzlfKouX7dhSZ4TQi/TgpdlJv9sLFMxPT01Pni/zo3Nl3R2cvXHzm9NmJU1Onps6NHzt29MjY88+NP9uWOLO4ru//YObAvlffvvJa5cSVd378JqvvzmJ9bRztMpQF/tdSrnHd4+3eWYftqkknvR2sCOvSExFZc/Xl/X8geuJW4w3EKx91tHLAhsrOTdtar15YAu5iSXS6BkBnlCf67Pq3XDZp6LElXHuxegGUxX2jWKpreiMtyvQ1XN+201BEnFj458tsiQ26DwEAUOvTyhfH4+lm47807q8pt7uYQxmMiHsiYk9E3BsReyPivoi87AMR8eA69984NbR8/JNe/U+BrVE2/nuhmNuqH/+Vo78Y7Clyu/L4+5KTp6enDhefyXD0bcvyYyvs47uXf/ms1bra8V+23FjsjXIsWNTjam/DDbrJibmJfFDaBtc+jNjf2yz+5OZMQBIR+yJi//o2vbtMnH7y6wOtCi2Pf75SH/8K2jDPtPRVxBPV9l+IhvhLycrzk6P/i+mpw6PlUbHcTz9ffqPV/m8r/jbI2n97/fHfWGQwqZ2vnV11k8tuJ1/+7ZOW1zSrx9/8+O9P3srbpb947f2JubnzYxH9yfE8X/f6+K33lvmyfBb/8KHm/X9P8Z5sPw9FRHYQPxwRj0TEwaLuj0bEYxFxaIUP5IeXWq/bCu0/2fT77+bx39D+60/0nPn+21b7X1v7H81Tw8Ur+fffKtZawdv57AAAAOBOkea/gU/SkZvpNB0Zqf6Gf29sT6dnZueeOjnz3rnJ6m/lB6MvLe90DdTcDx1LFootVvPjxb3icv2R4r7x5z3/z/MjlZnpyQ7HDt1uR4v+n/mjp9O1AzZcs3m08f4OVATYdI39P63PXnp9MysDbCrPa0P3WqX/p5tVD2DzOf9D92rW/y815M0FwN3J+R+6l/4P3Uv/h+6l/0NXKp+E77udB/wbE7+v+fF7iTs2EemGbPlgbJUAuzzR6W8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9vg3AAD//9zg7No=") r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0) ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000140)) ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92}) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000008c0)=@bpf_lsm={0x1d, 0x13, &(0x7f00000004c0)=@raw=[@jmp={0x5, 0x1, 0x0, 0xb, 0x8, 0xfffffffffffffff0, 0x4}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @alu={0x7, 0x1, 0x1, 0x7, 0x0, 0x2, 0xfffffffffffffffc}, @map_idx={0x18, 0xb, 0x5, 0x0, 0xd}, @map_idx={0x18, 0x0, 0x5, 0x0, 0xb}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}], &(0x7f0000000200)='GPL\x00', 0x1, 0xf2, &(0x7f0000000640)=""/242, 0x41000, 0x15, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000740)={0x2, 0xb, 0x101, 0x63a2}, 0x10, 0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000800)=[r4, r4, r3, 0xffffffffffffffff, r3, r3], &(0x7f0000000840)=[{0x0, 0x2, 0x5, 0xa}, {0x3, 0x3, 0x7, 0x7}, {0x3, 0x3, 0x4, 0x9}, {0x5, 0x2, 0x6, 0x4}], 0x10, 0x3c612e6}, 0x90) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r5, 0x4008af60, &(0x7f0000000040)={@my=0x1}) socket$vsock_stream(0x28, 0x1, 0x0) 30.259175ms ago: executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) mkdir(0x0, 0x0) chdir(0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) 0s ago: executing program 2: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000dc0)='rcu_utilization\x00', r1}, 0x5e) preadv(r0, &(0x7f0000001e00)=[{&(0x7f0000000d00)=""/4096, 0x1000}], 0x1, 0x0, 0x0) kernel console output (not intermixed with test programs): es=4294967295 subj=root:sysadm_r:sysadm_t pid=15350 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc054231f29 code=0x7ffc0000 [ 469.348867][ T39] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 469.358470][T15363] loop2: detected capacity change from 0 to 1024 [ 469.378840][ T468] usb 1-1: Using ep0 maxpacket: 32 [ 469.384655][T15363] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled [ 469.394069][T15363] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 469.401311][T15363] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 469.414311][T15363] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 469.422297][T15363] System zones: 0-1, 3-36 [ 469.427372][T15363] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,jqfmt=vfsold,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 469.659485][ T468] usb 1-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=c3.cc [ 469.668386][ T468] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 469.676314][ T468] usb 1-1: Product: syz [ 469.680317][ T468] usb 1-1: Manufacturer: syz [ 469.684793][ T468] usb 1-1: SerialNumber: syz [ 469.690025][ T468] usb 1-1: config 0 descriptor?? [ 469.699104][T10164] usb 2-1: USB disconnect, device number 40 [ 469.708886][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 469.719705][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 469.730202][ T39] usb 4-1: New USB device found, idVendor=06a3, idProduct=0cfa, bcdDevice= 0.00 [ 469.739126][ T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 469.747455][ T39] usb 4-1: config 0 descriptor?? [ 469.788873][ T26] usb 3-1: new full-speed USB device number 48 using dummy_hcd [ 469.848838][T10164] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 470.054492][T11683] usb 1-1: USB disconnect, device number 50 [ 470.088945][T10164] usb 2-1: Using ep0 maxpacket: 16 [ 470.148925][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 470.159776][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64 [ 470.170488][ T26] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 470.183184][ T26] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 470.192057][ T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 470.200368][ T26] usb 3-1: config 0 descriptor?? [ 470.208902][T10164] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 470.219695][T10164] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 470.219726][T15370] raw-gadget.3 gadget: fail, usb_ep_enable returned -22 [ 470.230227][ T39] saitek 0003:06A3:0CFA.003F: unknown main item tag 0x0 [ 470.243205][T10164] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 470.255816][ T39] saitek 0003:06A3:0CFA.003F: unknown main item tag 0x0 [ 470.262606][T10164] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 470.271433][ T39] saitek 0003:06A3:0CFA.003F: item fetching failed at offset 4/5 [ 470.278963][T10164] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 470.287211][ T39] saitek 0003:06A3:0CFA.003F: parse failed [ 470.292862][ T39] saitek: probe of 0003:06A3:0CFA.003F failed with error -22 [ 470.300218][T10164] usb 2-1: config 0 descriptor?? [ 470.438048][ T39] usb 4-1: USB disconnect, device number 26 [ 470.613609][T15375] incfs: Can't find or create .index dir in ./file0 [ 470.620292][T15375] incfs: mount failed -14 [ 470.679885][ T26] plantronics 0003:047F:FFFF.0040: unknown main item tag 0x4 [ 470.687318][ T26] plantronics 0003:047F:FFFF.0040: No inputs registered, leaving [ 470.696226][ T26] plantronics 0003:047F:FFFF.0040: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 470.783229][T10164] microsoft 0003:045E:07DA.0041: unknown main item tag 0x0 [ 470.792255][T10164] microsoft 0003:045E:07DA.0041: No inputs registered, leaving [ 470.905486][T10164] microsoft 0003:045E:07DA.0041: hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 470.922999][T10164] microsoft 0003:045E:07DA.0041: no inputs found [ 470.929571][T10164] microsoft 0003:045E:07DA.0041: could not initialize ff, continuing anyway [ 471.003496][ T26] usb 2-1: USB disconnect, device number 41 [ 471.557102][T15406] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 471.565036][T15406] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 472.022610][ T26] usb 3-1: USB disconnect, device number 48 [ 472.338828][ T20] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 472.608794][ T20] usb 2-1: Using ep0 maxpacket: 16 [ 472.708796][ T26] usb 1-1: new high-speed USB device number 51 using dummy_hcd [ 472.728903][ T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 472.739657][ T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 472.749165][ T20] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 472.762231][ T20] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 472.771104][ T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.779817][ T20] usb 2-1: config 0 descriptor?? [ 472.818904][ T39] usb 3-1: new high-speed USB device number 49 using dummy_hcd [ 472.948838][ T26] usb 1-1: Using ep0 maxpacket: 32 [ 473.058781][ T39] usb 3-1: Using ep0 maxpacket: 32 [ 473.068918][ T26] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 473.079743][ T26] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 473.152076][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 473.152090][ T30] audit: type=1326 audit(1718647826.669:33171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15462 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb55f64f29 code=0x0 [ 473.218968][ T26] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 473.227851][ T26] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 473.236015][ T26] usb 1-1: Product: syz [ 473.240090][ T26] usb 1-1: Manufacturer: syz [ 473.279481][ T26] hub 1-1:4.0: USB hub found [ 473.280208][ T20] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0 [ 473.291235][ T20] microsoft 0003:045E:07DA.0042: No inputs registered, leaving [ 473.299082][ T20] microsoft 0003:045E:07DA.0042: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 473.310280][ T20] microsoft 0003:045E:07DA.0042: no inputs found [ 473.316421][ T20] microsoft 0003:045E:07DA.0042: could not initialize ff, continuing anyway [ 473.358998][ T39] usb 3-1: New USB device found, idVendor=257a, idProduct=260c, bcdDevice=a6.30 [ 473.367919][ T39] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 473.375686][ T39] usb 3-1: Product: syz [ 473.379689][ T39] usb 3-1: Manufacturer: syz [ 473.384068][ T39] usb 3-1: SerialNumber: syz [ 473.389158][ T39] usb 3-1: config 0 descriptor?? [ 473.484673][ T20] usb 2-1: USB disconnect, device number 42 [ 473.498869][ T26] hub 1-1:4.0: 2 ports detected [ 473.630946][T11683] usb 3-1: USB disconnect, device number 49 [ 474.012795][T15473] loop1: detected capacity change from 0 to 512 [ 474.030675][T15473] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 474.036158][T15480] netlink: 'syz-executor.3': attribute type 12 has an invalid length. [ 474.041883][T15473] ext4 filesystem being mounted at /root/syzkaller-testdir1920175927/syzkaller.NwIVIT/263/bus supports timestamps until 2038 (0x7fffffff) [ 474.227275][T15487] loop3: detected capacity change from 0 to 40427 [ 474.269796][T15487] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 474.277383][T15487] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 474.286660][T15487] F2FS-fs (loop3): invalid crc value [ 474.293383][T15487] F2FS-fs (loop3): Found nat_bits in checkpoint [ 474.355670][T15491] device veth1_macvtap left promiscuous mode [ 474.557419][T15491] device macsec0 entered promiscuous mode [ 474.566244][T15491] device veth1_macvtap entered promiscuous mode [ 474.572557][T15491] device macsec0 left promiscuous mode [ 474.572732][T15487] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 474.585480][T15487] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 474.600167][ T30] audit: type=1326 audit(1718647828.119:33172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15498 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc054231f29 code=0x0 [ 474.729803][T15487] attempt to access beyond end of device [ 474.729803][T15487] loop3: rw=10241, want=45104, limit=40427 [ 474.741258][T15487] attempt to access beyond end of device [ 474.741258][T15487] loop3: rw=2049, want=45104, limit=40427 [ 474.759728][ T761] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 474.768513][ T761] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 474.948681][T15514] loop3: detected capacity change from 0 to 2048 [ 474.979518][ T30] audit: type=1326 audit(1718647828.499:33173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15439 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 474.989778][T15514] Alternate GPT is invalid, using primary GPT. [ 475.003806][ T39] hub 1-1:4.0: activate --> -90 [ 475.009588][T15514] loop3: p1 p2 p3 [ 475.014184][ T30] audit: type=1326 audit(1718647828.499:33174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15439 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 475.041821][ T30] audit: type=1326 audit(1718647828.499:33175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15439 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 475.065995][ T30] audit: type=1326 audit(1718647828.499:33176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15439 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 475.090404][ T30] audit: type=1326 audit(1718647828.499:33177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15439 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 475.114584][ T30] audit: type=1326 audit(1718647828.499:33178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15439 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 475.144188][ T30] audit: type=1326 audit(1718647828.499:33179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15439 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 475.168550][ T30] audit: type=1326 audit(1718647828.499:33180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15439 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 475.277938][T15526] loop3: detected capacity change from 0 to 512 [ 475.296676][T15524] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.304174][T15524] bridge0: port 1(bridge_slave_0) entered disabled state [ 475.309766][T15526] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 475.311677][T15524] device bridge_slave_0 entered promiscuous mode [ 475.324355][T15526] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 475.336535][T15524] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.343910][T15524] bridge0: port 2(bridge_slave_1) entered disabled state [ 475.354166][T15524] device bridge_slave_1 entered promiscuous mode [ 475.355986][T15526] EXT4-fs (loop3): 1 truncate cleaned up [ 475.365944][T15526] EXT4-fs (loop3): mounted filesystem without journal. Opts: noload,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,init_itable=0x000000000000007f,block_validity,quota,,errors=continue. Quota mode: writeback. [ 475.442116][T15524] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.449001][T15524] bridge0: port 2(bridge_slave_1) entered forwarding state [ 475.456173][T15524] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.463023][T15524] bridge0: port 1(bridge_slave_0) entered forwarding state [ 475.492781][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 475.501509][ T384] bridge0: port 1(bridge_slave_0) entered disabled state [ 475.509917][ T384] bridge0: port 2(bridge_slave_1) entered disabled state [ 475.524827][T11683] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 475.532918][T11683] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.539870][T11683] bridge0: port 1(bridge_slave_0) entered forwarding state [ 475.555158][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 475.563279][ T384] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.570114][ T384] bridge0: port 2(bridge_slave_1) entered forwarding state [ 475.583871][T11683] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 475.599089][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 475.607004][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 475.615408][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 475.623535][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 475.634816][T11683] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 475.642728][T11683] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 475.650711][T11683] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 475.658328][T11683] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 475.669821][T15524] device veth0_vlan entered promiscuous mode [ 475.679784][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 475.687760][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 475.697128][T15524] device veth1_macvtap entered promiscuous mode [ 475.709361][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 475.717135][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 475.725453][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 475.735120][T11683] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 475.743277][T11683] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 475.765988][T15544] syz-executor.2[15544] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 475.766042][T15544] syz-executor.2[15544] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 475.859916][ T761] device bridge_slave_1 left promiscuous mode [ 475.877687][ T761] bridge0: port 2(bridge_slave_1) entered disabled state [ 475.877866][T11683] usb 1-1: USB disconnect, device number 51 [ 475.884784][ T39] hub 1-1:4.0: hub_ext_port_status failed (err = -71) [ 475.898234][ T761] device bridge_slave_0 left promiscuous mode [ 475.904481][ T761] bridge0: port 1(bridge_slave_0) entered disabled state [ 475.912383][ T761] device veth1_macvtap left promiscuous mode [ 475.918305][ T761] device veth0_vlan left promiscuous mode [ 476.925281][T15567] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 476.965836][T15567] loop3: detected capacity change from 0 to 512 [ 476.985339][T15565] loop2: detected capacity change from 0 to 2048 [ 477.009747][T15567] EXT4-fs (loop3): error: could not find journal device path: error -2 [ 477.019934][T15565] Alternate GPT is invalid, using primary GPT. [ 477.026083][T15565] loop2: p1 p2 p3 [ 477.133598][T15582] loop2: detected capacity change from 0 to 2048 [ 477.170470][T15586] tipc: Started in network mode [ 477.175278][T15586] tipc: Node identity ac1414aa, cluster identity 4711 [ 477.182105][T15586] tipc: New replicast peer: 100.1.1.1 [ 477.187897][T15586] tipc: Enabled bearer , priority 0 [ 477.203739][T15582] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 477.431647][T15607] loop3: detected capacity change from 0 to 2048 [ 477.459767][T15605] loop2: detected capacity change from 0 to 256 [ 477.466911][T15607] Alternate GPT is invalid, using primary GPT. [ 477.473035][T15607] loop3: p1 p2 p3 [ 477.489326][T15605] exfat: Deprecated parameter 'utf8' [ 477.494494][T15605] exfat: Bad value for 'gid' [ 477.559543][T15609] device veth1_macvtap left promiscuous mode [ 477.565456][T15609] device macsec0 entered promiscuous mode [ 477.574148][T15609] device veth1_macvtap entered promiscuous mode [ 477.580466][T15609] device macsec0 left promiscuous mode [ 477.612518][T15613] tipc: Enabling of bearer rejected, already enabled [ 477.700982][T15633] device veth1_macvtap left promiscuous mode [ 477.706987][T15633] device macsec0 entered promiscuous mode [ 477.715239][T15633] device veth1_macvtap entered promiscuous mode [ 477.721709][T15633] device macsec0 left promiscuous mode [ 477.727644][T13014] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 477.849453][T15655] loop3: detected capacity change from 0 to 256 [ 477.881832][T15661] device veth1_macvtap left promiscuous mode [ 477.888080][T15661] device macsec0 entered promiscuous mode [ 477.893895][T15655] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 477.917785][T15661] device veth1_macvtap entered promiscuous mode [ 477.924570][T15643] loop2: detected capacity change from 0 to 256 [ 477.924737][T15661] device macsec0 left promiscuous mode [ 478.034659][T15643] exfat: Deprecated parameter 'utf8' [ 478.040444][T15643] exfat: Bad value for 'gid' [ 478.298841][T10164] tipc: Node number set to 2886997162 [ 478.836964][T15717] xt_CT: You must specify a L4 protocol and not use inversions on it [ 478.891924][T15723] loop1: detected capacity change from 0 to 512 [ 478.936043][T15723] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz-executor.1: casefold flag without casefold feature [ 478.956413][T15723] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.1: missing EA_INODE flag [ 478.979072][T15723] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 2 err=-117 [ 478.995287][T15723] EXT4-fs (loop1): 1 orphan inode deleted [ 479.001018][T15723] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 479.017310][T15723] EXT4-fs warning (device loop1): __ext4fs_dirhash:270: inode #15: comm syz-executor.1: Siphash requires key [ 479.029156][T15723] EXT4-fs warning (device loop1): __ext4fs_dirhash:270: inode #15: comm syz-executor.1: Siphash requires key [ 479.040566][T15723] EXT4-fs warning (device loop1): __ext4fs_dirhash:270: inode #15: comm syz-executor.1: Siphash requires key [ 479.318283][T15750] loop2: detected capacity change from 0 to 40427 [ 479.363277][T15754] xt_CT: You must specify a L4 protocol and not use inversions on it [ 479.372374][T15750] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 479.387844][T15750] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 479.405110][T15750] F2FS-fs (loop2): invalid crc value [ 479.412220][T15750] F2FS-fs (loop2): Found nat_bits in checkpoint [ 479.458358][T15750] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 479.467459][T15750] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 479.998879][T13014] usb 1-1: new high-speed USB device number 52 using dummy_hcd [ 480.410984][ T20] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 480.528905][T13014] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 480.540010][T13014] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 480.549593][T13014] usb 1-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00 [ 480.558417][T13014] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 480.566821][T13014] usb 1-1: config 0 descriptor?? [ 480.658827][ T20] usb 4-1: Using ep0 maxpacket: 32 [ 480.939178][ T20] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=e2.de [ 480.948110][ T20] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 480.955873][ T20] usb 4-1: Product: syz [ 480.959895][ T20] usb 4-1: Manufacturer: syz [ 480.964260][ T20] usb 4-1: SerialNumber: syz [ 480.969323][ T20] usb 4-1: config 0 descriptor?? [ 480.998775][T11683] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 481.030909][T15811] loop2: detected capacity change from 0 to 2048 [ 481.049732][T13014] logitech-djreceiver 0003:046D:C534.0043: unknown main item tag 0x0 [ 481.057634][T13014] logitech-djreceiver 0003:046D:C534.0043: unknown main item tag 0x0 [ 481.065743][T13014] logitech-djreceiver 0003:046D:C534.0043: unknown main item tag 0x0 [ 481.073719][T13014] logitech-djreceiver 0003:046D:C534.0043: unknown main item tag 0x0 [ 481.081654][T13014] logitech-djreceiver 0003:046D:C534.0043: unknown main item tag 0x0 [ 481.090495][T15811] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 481.220941][T15821] loop2: detected capacity change from 0 to 512 [ 481.250179][T15821] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 481.257207][T15821] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 481.257449][ T311] usb 1-1: USB disconnect, device number 52 [ 481.269110][T15821] EXT4-fs (loop2): 1 truncate cleaned up [ 481.278287][T15821] EXT4-fs (loop2): mounted filesystem without journal. Opts: noload,mblk_io_submit,debug_want_extra_isize=0x0000000000000068,init_itable=0x000000000000007f,block_validity,quota,,errors=continue. Quota mode: writeback. [ 481.359025][T11683] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 481.370187][T11683] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 481.379780][T11683] usb 2-1: New USB device found, idVendor=06a3, idProduct=0cfa, bcdDevice= 0.00 [ 481.388582][T11683] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.397131][T11683] usb 2-1: config 0 descriptor?? [ 481.668818][ T20] CoreChips 4-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0 [ 481.899707][T11683] saitek 0003:06A3:0CFA.0044: unknown main item tag 0x0 [ 481.906572][T11683] saitek 0003:06A3:0CFA.0044: unknown main item tag 0x0 [ 481.913308][T11683] saitek 0003:06A3:0CFA.0044: item fetching failed at offset 4/5 [ 481.921094][T11683] saitek 0003:06A3:0CFA.0044: parse failed [ 481.926713][T11683] saitek: probe of 0003:06A3:0CFA.0044 failed with error -22 [ 482.101594][T11683] usb 2-1: USB disconnect, device number 43 [ 482.138910][ T20] CoreChips 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9 [ 482.149380][ T20] CoreChips 4-1:0.0 (unnamed net_device) (uninitialized): Failed to reset PHY: -71 [ 482.158504][ T20] CoreChips: probe of 4-1:0.0 failed with error -71 [ 482.165521][ T20] usb 4-1: USB disconnect, device number 27 [ 482.219957][T15831] loop2: detected capacity change from 0 to 256 [ 482.250555][T15831] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 482.656257][T15839] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22 [ 482.666181][T15839] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev bpf, type bpf) errno=-22 [ 482.686847][T15842] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 482.696513][T15842] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 483.009639][T15850] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 483.009870][ T30] kauditd_printk_skb: 39 callbacks suppressed [ 483.009883][ T30] audit: type=1400 audit(1718647836.529:33220): avc: denied { mounton } for pid=15849 comm="syz-executor.3" path="/root/syzkaller-testdir3770104932/syzkaller.4bSxxh/270/file0" dev="sda1" ino=1965 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1 [ 483.020589][T15850] FAT-fs (loop7): unable to read boot sector [ 483.087775][T15858] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 483.205018][ T30] audit: type=1107 audit(1718647836.719:33221): pid=15866 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='O' [ 483.323522][T15873] bridge0: port 1(bridge_slave_0) entered blocking state [ 483.331167][T15873] bridge0: port 1(bridge_slave_0) entered disabled state [ 483.338526][T15873] device bridge_slave_0 entered promiscuous mode [ 483.351667][T15873] bridge0: port 2(bridge_slave_1) entered blocking state [ 483.358596][T15873] bridge0: port 2(bridge_slave_1) entered disabled state [ 483.365946][T15873] device bridge_slave_1 entered promiscuous mode [ 483.388834][ T20] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 483.442360][T15873] bridge0: port 2(bridge_slave_1) entered blocking state [ 483.449265][T15873] bridge0: port 2(bridge_slave_1) entered forwarding state [ 483.456471][T15873] bridge0: port 1(bridge_slave_0) entered blocking state [ 483.463346][T15873] bridge0: port 1(bridge_slave_0) entered forwarding state [ 483.491873][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 483.500206][ T311] bridge0: port 1(bridge_slave_0) entered disabled state [ 483.510136][ T311] bridge0: port 2(bridge_slave_1) entered disabled state [ 483.531096][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 483.539311][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 483.547349][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 483.554198][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 483.561545][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 483.569608][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 483.576439][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 483.583720][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 483.591682][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 483.606678][T15873] device veth0_vlan entered promiscuous mode [ 483.614583][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 483.622769][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 483.629803][ T20] usb 4-1: Using ep0 maxpacket: 32 [ 483.635432][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 483.641499][T15882] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 483.649792][T15873] device veth1_macvtap entered promiscuous mode [ 483.659449][T15882] FAT-fs (loop1): unable to read boot sector [ 483.668248][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 483.684959][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 483.694145][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 483.737983][ T30] audit: type=1107 audit(1718647837.249:33222): pid=15897 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='O' [ 483.775332][T15907] loop1: detected capacity change from 0 to 256 [ 483.792747][T15911] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 483.803473][T15911] FAT-fs (loop5): unable to read boot sector [ 483.823782][T15907] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 483.852803][T15907] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22 [ 483.863208][T15907] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev bpf, type bpf) errno=-22 [ 483.908941][ T20] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=e2.de [ 483.917907][ T20] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 483.925913][ T20] usb 4-1: Product: syz [ 483.929949][ T20] usb 4-1: Manufacturer: syz [ 483.934298][ T20] usb 4-1: SerialNumber: syz [ 483.939378][ T20] usb 4-1: config 0 descriptor?? [ 483.999558][ T345] device bridge_slave_1 left promiscuous mode [ 484.005544][ T345] bridge0: port 2(bridge_slave_1) entered disabled state [ 484.013148][ T345] device bridge_slave_0 left promiscuous mode [ 484.019253][ T345] bridge0: port 1(bridge_slave_0) entered disabled state [ 484.027523][ T345] device veth1_macvtap left promiscuous mode [ 484.033469][ T345] device veth0_vlan left promiscuous mode [ 484.187875][T15938] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 484.200155][T15938] FAT-fs (loop1): unable to read boot sector [ 484.541776][T15958] xt_CT: You must specify a L4 protocol and not use inversions on it [ 484.711591][T15964] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 484.721275][T15964] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 484.788857][ T20] CoreChips 4-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0 [ 485.434252][ T311] usb 3-1: new high-speed USB device number 50 using dummy_hcd [ 485.488939][ T20] CoreChips 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9 [ 485.499365][ T20] CoreChips 4-1:0.0 (unnamed net_device) (uninitialized): Failed to reset PHY: -71 [ 485.508404][ T20] CoreChips: probe of 4-1:0.0 failed with error -71 [ 485.515947][ T20] usb 4-1: USB disconnect, device number 28 [ 485.526443][T15991] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 485.536060][T15991] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 485.798906][ T311] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 485.818308][ T311] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 485.828257][ T311] usb 3-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00 [ 485.837219][ T311] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 485.845981][ T311] usb 3-1: config 0 descriptor?? [ 485.893898][ T30] audit: type=1326 audit(1718647839.409:33223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16005 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x0 [ 485.986041][T16007] loop1: detected capacity change from 0 to 40427 [ 486.009531][T16007] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 486.017085][T16007] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 486.026459][T16007] F2FS-fs (loop1): invalid crc value [ 486.034729][T16007] F2FS-fs (loop1): Found nat_bits in checkpoint [ 486.058071][T16007] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 486.065030][T16007] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 486.086768][T12167] attempt to access beyond end of device [ 486.086768][T12167] loop1: rw=2049, want=40968, limit=40427 [ 486.318790][ T60] usb 4-1: new low-speed USB device number 29 using dummy_hcd [ 486.330060][ T311] logitech-djreceiver 0003:046D:C534.0045: unknown main item tag 0x0 [ 486.338036][ T311] logitech-djreceiver 0003:046D:C534.0045: unknown main item tag 0x0 [ 486.346267][ T311] logitech-djreceiver 0003:046D:C534.0045: unknown main item tag 0x0 [ 486.354581][ T311] logitech-djreceiver 0003:046D:C534.0045: unknown main item tag 0x0 [ 486.362872][ T311] logitech-djreceiver 0003:046D:C534.0045: unknown main item tag 0x0 [ 486.533904][ T384] usb 3-1: USB disconnect, device number 50 [ 486.639981][T16030] xt_CT: You must specify a L4 protocol and not use inversions on it [ 486.698891][ T60] usb 4-1: config index 0 descriptor too short (expected 1307, got 27) [ 486.707028][ T60] usb 4-1: config 0 has an invalid interface number: 0 but max is -1 [ 486.715251][ T60] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 486.724325][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 486.741926][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 486.998858][ T60] usb 4-1: string descriptor 0 read error: -22 [ 487.004914][ T60] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 487.013805][ T60] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 487.029485][ T60] usb 4-1: config 0 descriptor?? [ 487.069134][ T60] hub 4-1:0.0: bad descriptor, ignoring hub [ 487.077116][ T60] hub: probe of 4-1:0.0 failed with error -5 [ 487.084045][ T60] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input89 [ 487.478586][ T311] usb 4-1: USB disconnect, device number 29 [ 488.288830][T11683] usb 3-1: new high-speed USB device number 51 using dummy_hcd [ 488.320057][ T30] audit: type=1400 audit(1718647841.839:33224): avc: denied { mount } for pid=16081 comm="syz-executor.1" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 488.343775][ T30] audit: type=1400 audit(1718647841.839:33225): avc: denied { unmount } for pid=12167 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 488.378003][T16086] loop1: detected capacity change from 0 to 1024 [ 488.410467][T16086] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 488.418920][T16086] EXT4-fs (loop1): orphan cleanup on readonly fs [ 488.426219][T16086] EXT4-fs error (device loop1): ext4_map_blocks:716: inode #3: block 3: comm syz-executor.1: lblock 3 mapped to illegal pblock 3 (length 1) [ 488.440814][T16086] Quota error (device loop1): write_blk: dquota write failed [ 488.448092][T16086] Quota error (device loop1): find_free_dqentry: Can't write quota data block 3 [ 488.457437][T16086] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 488.477782][T16086] EXT4-fs error (device loop1): ext4_map_blocks:602: inode #3: block 3: comm syz-executor.1: lblock 3 mapped to illegal pblock 3 (length 1) [ 488.506364][T16086] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 488.518934][T16086] EXT4-fs error (device loop1): ext4_free_blocks:6193: comm syz-executor.1: Freeing blocks not in datazone - block = 0, count = 4096 [ 488.539124][T11683] usb 3-1: Using ep0 maxpacket: 8 [ 488.547520][T16086] EXT4-fs error (device loop1): ext4_map_blocks:602: inode #3: block 3: comm syz-executor.1: lblock 3 mapped to illegal pblock 3 (length 1) [ 488.562111][T16086] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 488.573526][T16086] EXT4-fs (loop1): 1 orphan inode deleted [ 488.580498][ T30] audit: type=1400 audit(1718647842.099:33226): avc: denied { connect } for pid=16088 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 488.601252][T16086] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 488.658871][T11683] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 488.676894][T16090] EXT4-fs error (device loop1): ext4_search_dir:1548: inode #2: block 16: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 488.686346][T11683] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 488.725278][T11683] usb 3-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 488.741818][T11683] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.759280][T11683] usb 3-1: config 0 descriptor?? [ 489.299469][T11683] elecom 0003:056E:010D.0046: item fetching failed at offset 5/7 [ 489.307260][T11683] elecom: probe of 0003:056E:010D.0046 failed with error -22 [ 489.428799][ T384] usb 4-1: new low-speed USB device number 30 using dummy_hcd [ 489.548780][ T60] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 489.693982][T16109] bridge0: port 1(bridge_slave_0) entered blocking state [ 489.700900][T16109] bridge0: port 1(bridge_slave_0) entered disabled state [ 489.708034][T16109] device bridge_slave_0 entered promiscuous mode [ 489.715037][T16109] bridge0: port 2(bridge_slave_1) entered blocking state [ 489.722034][T16109] bridge0: port 2(bridge_slave_1) entered disabled state [ 489.729388][T16109] device bridge_slave_1 entered promiscuous mode [ 489.775283][T16109] bridge0: port 2(bridge_slave_1) entered blocking state [ 489.782140][T16109] bridge0: port 2(bridge_slave_1) entered forwarding state [ 489.789258][T16109] bridge0: port 1(bridge_slave_0) entered blocking state [ 489.796015][T16109] bridge0: port 1(bridge_slave_0) entered forwarding state [ 489.817252][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 489.824748][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 489.831835][ T384] usb 4-1: config index 0 descriptor too short (expected 1307, got 27) [ 489.840242][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 489.847294][ T384] usb 4-1: config 0 has an invalid interface number: 0 but max is -1 [ 489.856412][ T384] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 489.865233][ T384] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 489.874964][ T384] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 489.886302][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 489.894428][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 489.901305][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 489.910292][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 489.918371][ T311] bridge0: port 2(bridge_slave_1) entered blocking state [ 489.925224][ T311] bridge0: port 2(bridge_slave_1) entered forwarding state [ 489.939291][ T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 489.950398][ T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 489.960878][T10164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 489.969106][T10164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 489.976815][T10164] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 489.984161][ T60] usb 2-1: New USB device found, idVendor=06a3, idProduct=0cfa, bcdDevice= 0.00 [ 489.993292][T10164] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 490.000412][ T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 490.008882][T10164] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 490.011697][ T20] usb 3-1: USB disconnect, device number 51 [ 490.016878][T10164] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 490.030257][ T60] usb 2-1: config 0 descriptor?? [ 490.036618][T16109] device veth0_vlan entered promiscuous mode [ 490.052046][T10164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 490.061793][T16109] device veth1_macvtap entered promiscuous mode [ 490.074426][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 490.089753][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 490.139167][ T384] usb 4-1: string descriptor 0 read error: -22 [ 490.145310][ T384] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 490.157020][ T384] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 490.166187][ T384] usb 4-1: config 0 descriptor?? [ 490.209540][ T384] hub 4-1:0.0: bad descriptor, ignoring hub [ 490.215384][ T384] hub: probe of 4-1:0.0 failed with error -5 [ 490.222899][ T384] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input90 [ 490.508440][ T384] usb 4-1: USB disconnect, device number 30 [ 490.617600][ T60] saitek 0003:06A3:0CFA.0047: unknown main item tag 0x0 [ 490.646098][ T60] saitek 0003:06A3:0CFA.0047: unknown main item tag 0x0 [ 490.653050][ T60] saitek 0003:06A3:0CFA.0047: item fetching failed at offset 4/5 [ 490.661072][ T60] saitek 0003:06A3:0CFA.0047: parse failed [ 490.666839][ T60] saitek: probe of 0003:06A3:0CFA.0047 failed with error -22 [ 490.780303][ T345] device bridge_slave_1 left promiscuous mode [ 490.787315][ T345] bridge0: port 2(bridge_slave_1) entered disabled state [ 490.796581][ T345] device bridge_slave_0 left promiscuous mode [ 490.802757][ T345] bridge0: port 1(bridge_slave_0) entered disabled state [ 490.810903][ T345] device veth1_macvtap left promiscuous mode [ 490.813626][ T384] usb 2-1: USB disconnect, device number 44 [ 490.816739][ T345] device veth0_vlan left promiscuous mode [ 491.438856][T11683] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 491.626511][T16171] netem: change failed [ 491.678780][T11683] usb 4-1: Using ep0 maxpacket: 8 [ 491.685660][ T30] audit: type=1326 audit(1718647845.199:33227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16177 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa429f29 code=0x7ffc0000 [ 491.711179][ T30] audit: type=1326 audit(1718647845.199:33228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16177 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa429f29 code=0x7ffc0000 [ 491.808908][T11683] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 491.825486][T11683] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 491.846940][T11683] usb 4-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 491.857020][T11683] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 491.875585][T11683] usb 4-1: config 0 descriptor?? [ 491.888997][T16196] loop4: detected capacity change from 0 to 1024 [ 491.918446][T16196] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 491.926902][T16196] EXT4-fs (loop4): orphan cleanup on readonly fs [ 491.933971][T16196] EXT4-fs error (device loop4): ext4_map_blocks:716: inode #3: block 3: comm syz-executor.4: lblock 3 mapped to illegal pblock 3 (length 1) [ 491.948580][T16196] EXT4-fs error (device loop4): ext4_map_blocks:602: inode #3: block 3: comm syz-executor.4: lblock 3 mapped to illegal pblock 3 (length 1) [ 491.963696][T16196] EXT4-fs error (device loop4): ext4_free_blocks:6193: comm syz-executor.4: Freeing blocks not in datazone - block = 0, count = 4096 [ 491.977574][T16196] EXT4-fs error (device loop4): ext4_map_blocks:602: inode #3: block 3: comm syz-executor.4: lblock 3 mapped to illegal pblock 3 (length 1) [ 491.992994][T16196] EXT4-fs (loop4): 1 orphan inode deleted [ 492.008967][T16196] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 492.079066][T16208] EXT4-fs error (device loop4): ext4_search_dir:1548: inode #2: block 16: comm syz-executor.4: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 492.478870][ T60] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 492.546687][T11683] elecom 0003:056E:010D.0048: item fetching failed at offset 5/7 [ 492.554469][T11683] elecom: probe of 0003:056E:010D.0048 failed with error -22 [ 492.728943][ T60] usb 2-1: Using ep0 maxpacket: 32 [ 492.750055][T16241] loop4: detected capacity change from 0 to 1024 [ 492.780010][T16241] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 492.787344][T16241] EXT4-fs (loop4): error: journal path ./bus is not a block device [ 493.196388][T10164] usb 4-1: USB disconnect, device number 31 [ 493.308869][ T60] usb 2-1: New USB device found, idVendor=257a, idProduct=260c, bcdDevice=a6.30 [ 493.317899][ T60] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 493.325881][ T60] usb 2-1: Product: syz [ 493.330150][ T60] usb 2-1: Manufacturer: syz [ 493.334627][ T60] usb 2-1: SerialNumber: syz [ 493.342449][ T60] usb 2-1: config 0 descriptor?? [ 493.652764][T11683] usb 2-1: USB disconnect, device number 45 [ 494.339231][T16296] netem: change failed [ 494.367571][T16306] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 494.379332][T16306] device batadv_slave_0 entered promiscuous mode [ 494.386583][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 494.386599][ T30] audit: type=1400 audit(1718647847.899:33232): avc: denied { mounton } for pid=16307 comm="syz-executor.0" path="/syzcgroup/unified/syz0" dev="cgroup2" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 494.420456][T16306] device batadv_slave_0 left promiscuous mode [ 494.449154][ T328] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 494.535548][ T30] audit: type=1326 audit(1718647848.049:33233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16328 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 494.569895][ T30] audit: type=1326 audit(1718647848.079:33234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16328 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 494.593937][ T30] audit: type=1326 audit(1718647848.079:33235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16328 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 494.677826][T16345] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 494.688853][ T328] usb 4-1: Using ep0 maxpacket: 8 [ 494.708137][ T30] audit: type=1326 audit(1718647848.219:33236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16349 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 494.732468][ T30] audit: type=1326 audit(1718647848.219:33237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16349 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 494.756932][ T30] audit: type=1326 audit(1718647848.229:33238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16349 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 494.781156][ T30] audit: type=1326 audit(1718647848.229:33239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16349 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 494.806597][ T311] usb 3-1: new high-speed USB device number 52 using dummy_hcd [ 494.814509][ T30] audit: type=1326 audit(1718647848.229:33240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16349 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 494.839149][ T30] audit: type=1326 audit(1718647848.229:33241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16349 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe9d9c9df29 code=0x7ffc0000 [ 494.878901][ T328] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 494.895695][ T328] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 494.907126][ T328] usb 4-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 494.917698][ T328] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.929983][ T328] usb 4-1: config 0 descriptor?? [ 495.085213][T16371] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 495.115603][T16373] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 495.178922][ T311] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 495.190473][ T311] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 495.200062][ T20] usb 5-1: new full-speed USB device number 35 using dummy_hcd [ 495.207422][ T311] usb 3-1: New USB device found, idVendor=06a3, idProduct=0cfa, bcdDevice= 0.00 [ 495.216295][ T311] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.224976][ T311] usb 3-1: config 0 descriptor?? [ 495.580489][ T328] elecom 0003:056E:010D.0049: item fetching failed at offset 5/7 [ 495.588392][ T328] elecom: probe of 0003:056E:010D.0049 failed with error -22 [ 495.699417][ T311] saitek 0003:06A3:0CFA.004A: unknown main item tag 0x0 [ 495.706222][ T311] saitek 0003:06A3:0CFA.004A: unknown main item tag 0x0 [ 495.713018][ T311] saitek 0003:06A3:0CFA.004A: item fetching failed at offset 4/5 [ 495.721113][ T311] saitek 0003:06A3:0CFA.004A: parse failed [ 495.726731][ T311] saitek: probe of 0003:06A3:0CFA.004A failed with error -22 [ 495.752008][T16396] loop1: detected capacity change from 0 to 2048 [ 495.758867][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 495.769652][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64 [ 495.780230][ T20] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 495.793152][ T20] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 495.793520][T16396] loop1: p3 < > p4 < > [ 495.802107][ T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.806164][T16396] loop1: partition table partially beyond EOD, truncated [ 495.821394][T16396] loop1: p3 start 4284289 is beyond EOD, truncated [ 495.828070][ T20] usb 5-1: config 0 descriptor?? [ 495.848872][T16359] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 495.901540][ T384] usb 3-1: USB disconnect, device number 52 [ 495.941403][T16401] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 496.346778][T16411] syz-executor.0[16411] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 496.346833][T16411] syz-executor.0[16411] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 496.415724][ T384] usb 4-1: USB disconnect, device number 32 [ 496.556075][ T20] plantronics 0003:047F:FFFF.004B: unknown main item tag 0x4 [ 496.563746][ T20] plantronics 0003:047F:FFFF.004B: No inputs registered, leaving [ 496.572369][ T20] plantronics 0003:047F:FFFF.004B: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 497.218844][ T60] usb 3-1: new high-speed USB device number 53 using dummy_hcd [ 497.259249][ T328] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 497.488815][ T60] usb 3-1: Using ep0 maxpacket: 8 [ 497.498848][ T328] usb 2-1: Using ep0 maxpacket: 32 [ 497.618902][ T328] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 497.618902][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 497.618934][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 497.629761][ T328] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 497.640594][ T60] usb 3-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 497.668392][ T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 497.676758][ T60] usb 3-1: config 0 descriptor?? [ 497.768880][ T328] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 497.777903][ T328] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 497.786017][ T328] usb 2-1: Product: syz [ 497.790075][ T328] usb 2-1: Manufacturer: syz [ 497.829226][ T328] hub 2-1:4.0: USB hub found [ 498.048863][ T328] hub 2-1:4.0: 2 ports detected [ 498.159433][ T60] elecom 0003:056E:010D.004C: item fetching failed at offset 5/7 [ 498.167134][ T60] elecom: probe of 0003:056E:010D.004C failed with error -22 [ 498.899095][ T311] usb 5-1: USB disconnect, device number 35 [ 499.058671][ T60] usb 3-1: USB disconnect, device number 53 [ 499.515548][T16492] netlink: 'syz-executor.0': attribute type 9 has an invalid length. [ 499.524130][T16492] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 499.564516][T16496] loop4: detected capacity change from 0 to 2048 [ 499.589940][T16496] loop4: p3 < > p4 < > [ 499.593990][T16496] loop4: partition table partially beyond EOD, truncated [ 499.601015][T16496] loop4: p3 start 4284289 is beyond EOD, truncated [ 499.699842][ T30] kauditd_printk_skb: 41 callbacks suppressed [ 499.699857][ T30] audit: type=1326 audit(1718647853.219:33283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16448 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc054231f29 code=0x7ffc0000 [ 499.729804][ T328] hub 2-1:4.0: activate --> -90 [ 499.734536][ T30] audit: type=1326 audit(1718647853.219:33284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16448 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc054231f29 code=0x7ffc0000 [ 499.758939][ T30] audit: type=1326 audit(1718647853.219:33285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16448 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc054231f29 code=0x7ffc0000 [ 499.782864][ T30] audit: type=1326 audit(1718647853.219:33286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16448 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc054231f29 code=0x7ffc0000 [ 499.807014][ T30] audit: type=1326 audit(1718647853.219:33287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16448 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc054231f29 code=0x7ffc0000 [ 499.830941][ T20] usb 1-1: new full-speed USB device number 53 using dummy_hcd [ 499.838450][ T30] audit: type=1326 audit(1718647853.219:33288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16448 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc054231f29 code=0x7ffc0000 [ 499.862450][ T30] audit: type=1326 audit(1718647853.219:33289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16448 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc054231f29 code=0x7ffc0000 [ 499.886513][ T30] audit: type=1326 audit(1718647853.219:33290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16448 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc054231f29 code=0x7ffc0000 [ 499.910596][ T30] audit: type=1326 audit(1718647853.219:33291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16448 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc054231f29 code=0x7ffc0000 [ 499.934706][ T30] audit: type=1326 audit(1718647853.219:33292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16448 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc054231f29 code=0x7ffc0000 [ 499.979106][ T311] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 500.053875][T16514] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22 [ 500.064281][T16514] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 500.905979][ T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 500.920960][ T311] usb 5-1: Using ep0 maxpacket: 8 [ 501.024807][ T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64 [ 501.035453][ T20] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 501.050564][ T20] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 501.059864][ T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.072276][ T20] usb 1-1: config 0 descriptor?? [ 501.092902][T16524] netlink: 'syz-executor.2': attribute type 9 has an invalid length. [ 501.101667][T16524] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 501.108638][T16494] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 501.145614][ T311] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 501.156578][ T311] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 501.170245][ T311] usb 5-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 501.181285][ T328] hub 2-1:4.0: hub_ext_port_status failed (err = -71) [ 501.193330][ T311] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.201986][ T311] usb 5-1: config 0 descriptor?? [ 501.208868][T11312] usb 2-1: USB disconnect, device number 46 [ 501.219003][ T328] usb 2-1-port2: cannot disable (err = -71) [ 501.418838][ T384] usb 3-1: new high-speed USB device number 54 using dummy_hcd [ 501.664632][ T20] plantronics 0003:047F:FFFF.004D: unknown main item tag 0x4 [ 501.672253][ T20] plantronics 0003:047F:FFFF.004D: No inputs registered, leaving [ 501.680547][ T20] plantronics 0003:047F:FFFF.004D: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 501.709451][ T311] elecom 0003:056E:010D.004E: item fetching failed at offset 5/7 [ 501.717155][ T311] elecom: probe of 0003:056E:010D.004E failed with error -22 [ 501.848890][ T384] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 501.861433][ T384] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 501.868815][T11312] usb 2-1: new low-speed USB device number 47 using dummy_hcd [ 501.875729][ T384] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 501.890450][ T384] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.899474][ T384] usb 3-1: config 0 descriptor?? [ 502.238900][T11312] usb 2-1: config index 0 descriptor too short (expected 1307, got 27) [ 502.247087][T11312] usb 2-1: config 0 has an invalid interface number: 0 but max is -1 [ 502.255027][T11312] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 502.264025][T11312] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 502.273896][T11312] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 502.393463][ T384] plantronics 0003:047F:FFFF.004F: unknown main item tag 0x0 [ 502.405119][ T384] plantronics 0003:047F:FFFF.004F: No inputs registered, leaving [ 502.620241][ T311] usb 5-1: USB disconnect, device number 36 [ 502.635001][ T384] plantronics 0003:047F:FFFF.004F: hiddev97,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 502.636974][T16558] syz-executor.4[16558] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 502.647489][T16558] syz-executor.4[16558] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 502.758971][T11312] usb 2-1: string descriptor 0 read error: -22 [ 502.776726][T11312] usb 2-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 502.785739][T11312] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 502.795345][T11312] usb 2-1: config 0 descriptor?? [ 502.839174][T11312] hub 2-1:0.0: bad descriptor, ignoring hub [ 502.845034][T11312] hub: probe of 2-1:0.0 failed with error -5 [ 502.851742][T11312] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input91 [ 502.890112][ T311] usb 3-1: USB disconnect, device number 54 [ 503.272966][ T328] usb 2-1: USB disconnect, device number 47 [ 503.558981][T13014] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 503.577228][T16588] syz-executor.0[16588] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 503.577303][T16588] syz-executor.0[16588] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 503.670237][T16602] loop2: detected capacity change from 0 to 512 [ 503.720315][T16602] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 503.729327][T16602] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 503.803018][T16614] syz-executor.2[16614] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 503.803089][T16614] syz-executor.2[16614] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 503.814729][T13014] usb 4-1: Using ep0 maxpacket: 8 [ 503.890860][T16622] loop2: detected capacity change from 0 to 512 [ 503.948944][T13014] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 503.960135][T13014] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 503.974617][T13014] usb 4-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 503.987184][T13014] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 503.995624][T13014] usb 4-1: config 0 descriptor?? [ 504.009485][T16630] SELinux: security_context_str_to_sid() failed for (dev ?, type ?) errno=-22 [ 504.019124][T16630] SELinux: security_context_str_to_sid() failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 504.040146][ T384] usb 1-1: reset full-speed USB device number 53 using dummy_hcd [ 504.048820][ T60] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 504.070322][T16638] syz-executor.2[16638] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 504.070396][T16638] syz-executor.2[16638] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 504.070812][T16636] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 504.262013][T16650] loop2: detected capacity change from 0 to 512 [ 504.499230][ T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 504.528572][ T60] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 504.542006][T16608] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 504.571498][ T60] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 504.575301][T13014] elecom 0003:056E:010D.0050: item fetching failed at offset 5/7 [ 504.580576][ T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 504.599197][ T60] usb 5-1: config 0 descriptor?? [ 504.601954][T13014] elecom: probe of 0003:056E:010D.0050 failed with error -22 [ 504.642553][T16665] loop2: detected capacity change from 0 to 512 [ 504.691279][T16665] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz-executor.2: casefold flag without casefold feature [ 504.704340][T16665] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.2: missing EA_INODE flag [ 504.716252][T16665] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 12 err=-117 [ 504.730000][T16665] EXT4-fs (loop2): 1 orphan inode deleted [ 504.735549][T16665] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 504.748467][T16665] device batadv_slave_1 entered promiscuous mode [ 504.754908][T16664] device batadv_slave_1 left promiscuous mode [ 505.069512][ T60] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 505.076936][ T60] plantronics 0003:047F:FFFF.0051: No inputs registered, leaving [ 505.109738][ T60] plantronics 0003:047F:FFFF.0051: hiddev97,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 505.109757][T11312] usb 1-1: USB disconnect, device number 53 [ 505.233024][T16693] loop1: detected capacity change from 0 to 512 [ 505.240779][T13014] usb 4-1: USB disconnect, device number 33 [ 505.275146][ T311] usb 5-1: USB disconnect, device number 37 [ 505.284230][T16693] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz-executor.1: casefold flag without casefold feature [ 505.298401][T16693] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.1: missing EA_INODE flag [ 505.310794][T16693] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 12 err=-117 [ 505.323581][T16693] EXT4-fs (loop1): 1 orphan inode deleted [ 505.329636][T16693] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 505.344175][T16693] device batadv_slave_1 entered promiscuous mode [ 505.350654][T16692] device batadv_slave_1 left promiscuous mode [ 505.409201][T16710] SELinux: security_context_str_to_sid() failed for (dev ?, type ?) errno=-22 [ 505.430945][T16710] SELinux: security_context_str_to_sid() failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 505.459121][T16712] loop3: detected capacity change from 0 to 2048 [ 505.499174][T16712] loop3: p3 < > p4 < > [ 505.503224][T16712] loop3: partition table partially beyond EOD, truncated [ 505.510102][T16712] loop3: p3 start 4284289 is beyond EOD, truncated [ 505.679118][T16735] SELinux: security_context_str_to_sid() failed for (dev ?, type ?) errno=-22 [ 505.688587][T16735] SELinux: security_context_str_to_sid() failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 505.816238][ T60] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 505.850112][T16758] loop3: detected capacity change from 0 to 256 [ 506.099041][ T60] usb 2-1: Using ep0 maxpacket: 8 [ 506.229125][ T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 506.245107][ T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 506.256350][ T60] usb 2-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 506.267658][ T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 506.283049][ T60] usb 2-1: config 0 descriptor?? [ 506.512497][T16795] loop3: detected capacity change from 0 to 2048 [ 506.549846][T16795] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22 [ 506.559121][T16795] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22 [ 506.568991][T16795] SELinux: duplicate or incompatible mount options [ 506.691774][T16801] loop3: detected capacity change from 0 to 512 [ 506.832644][ T60] elecom 0003:056E:010D.0052: item fetching failed at offset 5/7 [ 506.883431][ T60] elecom: probe of 0003:056E:010D.0052 failed with error -22 [ 506.946004][T16801] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz-executor.3: casefold flag without casefold feature [ 506.966185][T16801] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.3: missing EA_INODE flag [ 506.978420][T16801] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 12 err=-117 [ 506.991227][T16801] EXT4-fs (loop3): 1 orphan inode deleted [ 506.998685][T16801] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 507.014716][T16801] device batadv_slave_1 entered promiscuous mode [ 507.021899][T16800] device batadv_slave_1 left promiscuous mode [ 507.102918][T16824] loop4: detected capacity change from 0 to 1024 [ 507.121251][T16826] loop2: detected capacity change from 0 to 2048 [ 507.139780][T16824] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 507.146994][T16824] EXT4-fs (loop4): error: journal path ./bus is not a block device [ 507.149273][T16826] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22 [ 507.165413][T16826] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22 [ 507.177130][T16826] SELinux: duplicate or incompatible mount options [ 508.441388][ T60] usb 2-1: USB disconnect, device number 48 [ 508.620534][T16875] loop1: detected capacity change from 0 to 512 [ 508.708815][ T39] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 508.774661][T16875] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz-executor.1: inode #1: comm syz-executor.1: iget: illegal inode # [ 508.789966][T16875] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 1 err=-117 [ 508.803493][T16875] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz-executor.1: inode #1: comm syz-executor.1: iget: illegal inode # [ 508.817899][T16875] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 1 err=-117 [ 508.831359][T16875] EXT4-fs (loop1): 1 orphan inode deleted [ 508.836946][T16875] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_ioprio=0x0000000000000007,debug_want_extra_isize=0x000000000000005c,minixdf,nodelalloc,grpquota,usrjquota=,,errors=continue. Quota mode: writeback. [ 509.302289][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 509.323685][ T39] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 509.348618][T16892] loop4: detected capacity change from 0 to 2048 [ 509.349394][T16894] loop3: detected capacity change from 0 to 256 [ 509.369627][T16892] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22 [ 509.378675][T16892] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22 [ 509.389392][T16892] SELinux: duplicate or incompatible mount options [ 509.398086][T16894] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 509.468791][T16904] tipc: Failed to remove unknown binding: 66,1,1/0:2016924108/2016924110 [ 509.477098][T16904] tipc: Failed to remove unknown binding: 66,1,1/0:2016924108/2016924110 [ 509.528896][ T39] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 509.538054][ T39] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 509.545934][ T39] usb 3-1: Product: syz [ 509.549945][ T39] usb 3-1: Manufacturer: syz [ 509.554279][ T39] usb 3-1: SerialNumber: syz [ 509.559394][ T39] usb 3-1: config 0 descriptor?? [ 509.688749][ T328] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 509.839125][ T39] snd-usb-audio: probe of 3-1:0.0 failed with error -12 [ 509.856834][ T39] usb 3-1: USB disconnect, device number 55 [ 509.928791][ T328] usb 5-1: Using ep0 maxpacket: 8 [ 509.964513][T16931] tipc: Failed to remove unknown binding: 66,1,1/0:533954582/533954584 [ 509.972794][T16931] tipc: Failed to remove unknown binding: 66,1,1/0:533954582/533954584 [ 510.048855][ T328] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 510.073129][ T328] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 510.107689][ T328] usb 5-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 510.132766][ T328] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 510.144867][ T30] kauditd_printk_skb: 29 callbacks suppressed [ 510.144882][ T30] audit: type=1326 audit(1718647863.659:33322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb55f64f29 code=0x0 [ 510.182084][ T328] usb 5-1: config 0 descriptor?? [ 510.234521][T16956] tipc: Failed to remove unknown binding: 66,1,1/0:4218724226/4218724228 [ 510.243189][T16956] tipc: Failed to remove unknown binding: 66,1,1/0:4218724226/4218724228 [ 510.274650][T16962] loop0: detected capacity change from 0 to 256 [ 510.290853][T16962] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 510.355351][T16966] incfs: Can't find or create .index dir in ./file0 [ 510.361886][T16966] incfs: mount failed -14 [ 510.717051][ T328] elecom 0003:056E:010D.0053: item fetching failed at offset 5/7 [ 510.724823][ T328] elecom: probe of 0003:056E:010D.0053 failed with error -22 [ 510.774512][T16992] incfs: Can't find or create .index dir in ./file0 [ 510.781076][T16992] incfs: mount failed -14 [ 510.810625][T16994] loop0: detected capacity change from 0 to 256 [ 510.840424][T16994] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 510.995512][T16999] loop3: detected capacity change from 0 to 512 [ 511.037475][ T384] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 511.051982][T16999] EXT4-fs (sda1): Cannot change data mode on remount [ 511.365100][T17020] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.2'. [ 511.406842][T13014] usb 5-1: USB disconnect, device number 38 [ 511.435686][T17027] loop3: detected capacity change from 0 to 256 [ 511.441942][ T384] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 511.458652][ T384] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 511.551847][T17027] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 512.518911][ T384] usb 2-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 512.534227][ T384] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 512.554358][ T384] usb 2-1: Product: syz [ 512.558475][ T384] usb 2-1: Manufacturer: syz [ 512.574819][ T384] usb 2-1: SerialNumber: syz [ 512.594466][ T384] usb 2-1: config 0 descriptor?? [ 512.898842][ T60] usb 1-1: new high-speed USB device number 54 using dummy_hcd [ 512.967231][T17066] syz-executor.2[17066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 512.967309][T17066] syz-executor.2[17066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 512.979472][ T384] snd-usb-audio: probe of 2-1:0.0 failed with error -12 [ 513.056856][ T384] usb 2-1: USB disconnect, device number 49 [ 513.072819][T17066] syz-executor.2[17066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 513.072902][T17066] syz-executor.2[17066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 513.208006][ T60] usb 1-1: Using ep0 maxpacket: 8 [ 513.478823][ T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 513.494864][ T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 513.505576][ T384] usb 3-1: new low-speed USB device number 56 using dummy_hcd [ 513.539173][ T60] usb 1-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 513.565804][ T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 513.578297][ T60] usb 1-1: config 0 descriptor?? [ 513.777178][T17102] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 513.794528][T17104] loop3: detected capacity change from 0 to 256 [ 513.852112][ T30] audit: type=1326 audit(1718647867.369:33323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17107 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7079e96f29 code=0x0 [ 513.928889][ T384] usb 3-1: config index 0 descriptor too short (expected 1307, got 27) [ 513.937025][ T384] usb 3-1: config 0 has an invalid interface number: 0 but max is -1 [ 513.945008][ T384] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 513.954055][ T384] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 513.963855][ T384] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 514.193675][ T60] elecom 0003:056E:010D.0054: item fetching failed at offset 5/7 [ 514.201796][ T60] elecom: probe of 0003:056E:010D.0054 failed with error -22 [ 514.428964][ T384] usb 3-1: string descriptor 0 read error: -22 [ 514.435079][ T384] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 514.443953][ T384] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 514.452317][ T384] usb 3-1: config 0 descriptor?? [ 514.499389][ T384] hub 3-1:0.0: bad descriptor, ignoring hub [ 514.505156][ T384] hub: probe of 3-1:0.0 failed with error -5 [ 514.511393][ T384] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input92 [ 514.703079][T11683] usb 3-1: USB disconnect, device number 56 [ 514.721986][T17128] device pim6reg1 entered promiscuous mode [ 514.895147][T17145] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 514.898413][ T384] usb 1-1: USB disconnect, device number 54 [ 514.908965][T17145] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 515.096470][T17165] syz-executor.4[17165] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 515.096839][T17165] syz-executor.4[17165] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 515.860092][T17184] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'. [ 516.143476][T17210] syz-executor.2[17210] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 516.143803][T17210] syz-executor.2[17210] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 516.317735][T11312] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 516.338681][T17204] loop1: detected capacity change from 0 to 40427 [ 516.380676][T17204] F2FS-fs (loop1): invalid crc value [ 516.387016][T17204] F2FS-fs (loop1): Found nat_bits in checkpoint [ 516.400539][T17216] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'. [ 516.452861][T17204] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 516.808762][T11312] usb 5-1: Using ep0 maxpacket: 8 [ 516.935311][T17244] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 516.959278][T11312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 516.984891][T11312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 517.007397][T17248] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 517.017314][T11312] usb 5-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 517.028351][T11312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 517.041023][T11312] usb 5-1: config 0 descriptor?? [ 517.114329][T17252] loop3: detected capacity change from 0 to 256 [ 517.474234][T17264] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 517.482063][T17264] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 517.544887][T17268] syz-executor.0[17268] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 517.545277][T17268] syz-executor.0[17268] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 517.699171][T11312] elecom 0003:056E:010D.0055: item fetching failed at offset 5/7 [ 517.718453][T11312] elecom: probe of 0003:056E:010D.0055 failed with error -22 [ 517.834780][T17279] device batadv_slave_0 entered promiscuous mode [ 517.888838][T17286] incfs: Can't find or create .index dir in ./file0 [ 517.895401][T17286] incfs: mount failed -14 [ 517.932024][T17278] device batadv_slave_0 left promiscuous mode [ 517.983598][T17294] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 517.991446][T17294] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 518.188951][T17312] loop1: detected capacity change from 0 to 256 [ 518.406590][T17322] incfs: Can't find or create .index dir in ./file0 [ 518.413235][T17322] incfs: mount failed -14 [ 518.463421][ T468] usb 5-1: USB disconnect, device number 39 [ 518.693204][T17333] loop3: detected capacity change from 0 to 512 [ 518.732810][T17335] loop4: detected capacity change from 0 to 2048 [ 518.750942][T17333] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 518.762076][T17333] ext4 filesystem being mounted at /root/syzkaller-testdir3770104932/syzkaller.4bSxxh/395/file0 supports timestamps until 2038 (0x7fffffff) [ 518.766555][T17335] Alternate GPT is invalid, using primary GPT. [ 518.782307][T17335] loop4: p1 p2 p3 [ 518.818813][T11312] usb 1-1: new high-speed USB device number 55 using dummy_hcd [ 518.904210][ T30] audit: type=1326 audit(1718647872.419:33324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17340 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7079e96f29 code=0x0 [ 519.188548][T17350] syz-executor.1[17350] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 519.189033][T17350] syz-executor.1[17350] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 519.388896][T11312] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 519.406105][T17360] loop2: detected capacity change from 0 to 256 [ 519.410074][T11312] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 519.793100][T11312] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 519.802045][T11312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 519.810163][T11312] usb 1-1: Product: syz [ 519.814221][T11312] usb 1-1: Manufacturer: syz [ 519.818664][T11312] usb 1-1: SerialNumber: syz [ 519.830047][T11312] usb 1-1: config 0 descriptor?? [ 519.842364][T17369] xt_hashlimit: max too large, truncated to 1048576 [ 519.871086][T17371] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 520.109133][T11312] snd-usb-audio: probe of 1-1:0.0 failed with error -12 [ 520.117021][T11312] usb 1-1: USB disconnect, device number 55 [ 520.178809][T11683] usb 5-1: new low-speed USB device number 40 using dummy_hcd [ 521.077642][T17398] fuse: Bad value for 'fd' [ 521.083496][T17398] 9pnet: p9_errstr2errno: server reported unknown error [ 521.118922][T11683] usb 5-1: config index 0 descriptor too short (expected 1307, got 27) [ 521.127795][T11683] usb 5-1: config 0 has an invalid interface number: 0 but max is -1 [ 521.145346][T11683] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 521.157058][T11683] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 521.167279][T11683] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 521.180510][T17402] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 521.228865][ T328] usb 1-1: new high-speed USB device number 56 using dummy_hcd [ 521.369055][T17406] loop3: detected capacity change from 0 to 512 [ 522.030290][T17409] loop2: detected capacity change from 0 to 256 [ 522.040534][T17406] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 522.054646][T17406] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 522.068386][T17406] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 522.068865][T11683] usb 5-1: string descriptor 0 read error: -22 [ 522.082348][T17406] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 522.096858][T11683] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 522.100948][T17406] EXT4-fs (loop3): 1 orphan inode deleted [ 522.114857][T17406] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_ioprio=0x0000000000000007,debug_want_extra_isize=0x000000000000005c,minixdf,nodelalloc,grpquota,usrjquota=,,errors=continue. Quota mode: writeback. [ 522.124314][T11683] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 522.174710][T11683] usb 5-1: config 0 descriptor?? [ 522.185895][T17412] loop1: detected capacity change from 0 to 128 [ 522.198936][ T328] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 522.210401][ T328] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 522.221607][T11683] hub 5-1:0.0: bad descriptor, ignoring hub [ 522.227434][T11683] hub: probe of 5-1:0.0 failed with error -5 [ 522.233310][ T328] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 522.243516][T11683] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input93 [ 522.408887][ T328] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 522.417888][ T328] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 522.432242][ T39] usb 5-1: USB disconnect, device number 40 [ 522.455138][ T328] usb 1-1: Product: syz [ 522.466828][ T328] usb 1-1: Manufacturer: syz [ 522.477885][T17432] loop2: detected capacity change from 0 to 40427 [ 522.479332][ T328] usb 1-1: SerialNumber: syz [ 522.502419][T17440] fuse: Bad value for 'fd' [ 522.517001][T17440] 9pnet: p9_errstr2errno: server reported unknown error [ 522.530449][ T328] usb 1-1: selecting invalid altsetting 1 [ 522.539561][T17432] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 522.550446][T17432] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 522.576143][T17432] F2FS-fs (loop2): Found nat_bits in checkpoint [ 522.649226][T17432] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 522.667778][T17432] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 522.695221][T17432] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 522.707395][T17432] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 522.841049][T17455] loop3: detected capacity change from 0 to 512 [ 523.039503][ T328] usb 1-1: selecting invalid altsetting 1 [ 523.046781][ T328] cdc_ncm 1-1:1.0: bind() failure [ 523.127924][T17455] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 523.142152][T17455] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 523.155597][T17455] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 523.169726][T17455] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 523.182971][T17455] EXT4-fs (loop3): 1 orphan inode deleted [ 523.188536][T17455] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_ioprio=0x0000000000000007,debug_want_extra_isize=0x000000000000005c,minixdf,nodelalloc,grpquota,usrjquota=,,errors=continue. Quota mode: writeback. [ 523.263269][ T468] usb 1-1: USB disconnect, device number 56 [ 523.686786][T17469] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 523.727684][T17477] loop2: detected capacity change from 0 to 256 [ 523.746994][T17481] loop1: detected capacity change from 0 to 128 [ 523.898977][T17484] loop3: detected capacity change from 0 to 256 [ 524.049995][T17489] loop0: detected capacity change from 0 to 128 [ 524.161504][T17487] loop2: detected capacity change from 0 to 40427 [ 524.189183][T17487] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 524.198499][T17497] loop1: detected capacity change from 0 to 256 [ 524.205083][T17487] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 524.215887][T17487] F2FS-fs (loop2): Found nat_bits in checkpoint [ 524.241667][T17501] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 524.259289][T17487] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 524.266261][T17487] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 524.292136][T17487] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 524.301222][T17487] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 524.332084][T17513] loop1: detected capacity change from 0 to 256 [ 524.410824][T17515] loop4: detected capacity change from 0 to 512 [ 524.612398][T17515] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode # [ 524.636797][T17521] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 524.649073][T17515] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117 [ 524.668778][T17515] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode # [ 524.682663][T17515] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117 [ 524.695514][T17515] EXT4-fs (loop4): 1 orphan inode deleted [ 524.701111][T17515] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_ioprio=0x0000000000000007,debug_want_extra_isize=0x000000000000005c,minixdf,nodelalloc,grpquota,usrjquota=,,errors=continue. Quota mode: writeback. [ 525.048993][T11683] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 525.119834][T17540] loop3: detected capacity change from 0 to 128 [ 525.293321][T17540] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 525.344101][T17540] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 525.344299][T17547] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 525.361684][T17540] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: none. [ 525.370285][T17540] EXT4-fs (loop3): ext4_remount: Checksum for group 0 failed (39871!=39978) [ 525.407919][T17553] loop3: detected capacity change from 0 to 512 [ 525.440680][T17553] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 525.451727][T17553] ext4 filesystem being mounted at /root/syzkaller-testdir3770104932/syzkaller.4bSxxh/412/file0 supports timestamps until 2038 (0x7fffffff) [ 525.461649][T17558] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 525.568805][T11683] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 525.585107][T11683] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 525.602280][T11683] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 525.722108][T17575] device pim6reg1 entered promiscuous mode [ 525.744556][T17578] loop4: detected capacity change from 0 to 128 [ 525.768907][T11683] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 525.784373][T11683] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 525.798169][T11683] usb 2-1: Product: syz [ 525.802347][T11683] usb 2-1: Manufacturer: syz [ 525.806940][T11683] usb 2-1: SerialNumber: syz [ 525.812700][T17578] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 525.854934][T17578] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 525.866659][T11683] usb 2-1: selecting invalid altsetting 1 [ 525.882971][T17578] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: none. [ 525.949333][T17583] EXT4-fs (loop4): ext4_remount: Checksum for group 0 failed (39871!=39978) [ 526.521948][T17606] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 526.542732][T17609] loop4: detected capacity change from 0 to 256 [ 526.545026][T11683] usb 2-1: selecting invalid altsetting 1 [ 526.554438][T11683] cdc_ncm 2-1:1.0: bind() failure [ 526.574771][T17612] loop3: detected capacity change from 0 to 512 [ 526.599725][T17609] exfat: Deprecated parameter 'utf8' [ 526.605445][T17609] exfat: Deprecated parameter 'namecase' [ 526.611340][T17609] exfat: Deprecated parameter 'utf8' [ 526.620249][T17609] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 526.634493][T17612] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 526.645603][T17612] ext4 filesystem being mounted at /root/syzkaller-testdir3770104932/syzkaller.4bSxxh/415/file0 supports timestamps until 2038 (0x7fffffff) [ 526.691192][ T60] usb 2-1: USB disconnect, device number 50 [ 526.721942][T17616] loop0: detected capacity change from 0 to 128 [ 526.770295][T17616] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 526.793332][T17616] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 526.817180][T17628] loop4: detected capacity change from 0 to 256 [ 526.826052][T17616] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: none. [ 526.839811][T17616] EXT4-fs (loop0): ext4_remount: Checksum for group 0 failed (39871!=39978) [ 527.335805][T17654] loop1: detected capacity change from 0 to 1024 [ 527.357315][T17654] EXT4-fs (loop1): Test dummy encryption mode enabled [ 527.364066][T17654] EXT4-fs (loop1): Ignoring removed orlov option [ 527.372878][T17655] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 527.382558][T17654] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 527.485045][T17664] loop2: detected capacity change from 0 to 512 [ 527.556158][T17664] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode # [ 527.570928][T17664] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117 [ 527.584704][T17664] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode # [ 527.599049][T17664] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117 [ 527.612729][T17664] EXT4-fs (loop2): 1 orphan inode deleted [ 527.618320][T17664] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_ioprio=0x0000000000000007,debug_want_extra_isize=0x000000000000005c,minixdf,nodelalloc,grpquota,usrjquota=,,errors=continue. Quota mode: writeback. [ 527.862784][T17678] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=17678 comm=syz-executor.2 [ 528.112675][T17692] input: syz1 as /devices/virtual/input/input94 [ 528.272841][T17691] loop2: detected capacity change from 0 to 256 [ 528.332318][T17691] exfat: Deprecated parameter 'utf8' [ 528.337881][T17691] exfat: Deprecated parameter 'namecase' [ 528.363742][T17691] exfat: Deprecated parameter 'utf8' [ 528.381906][T17694] loop0: detected capacity change from 0 to 512 [ 528.390236][T17691] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 528.430875][T17694] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 528.442271][T17694] ext4 filesystem being mounted at /root/syzkaller-testdir1404502971/syzkaller.NplciK/833/file0 supports timestamps until 2038 (0x7fffffff) [ 528.511626][T17701] loop2: detected capacity change from 0 to 1024 [ 528.528754][T11683] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 528.549867][T17701] EXT4-fs (loop2): Test dummy encryption mode enabled [ 528.556562][T17701] EXT4-fs (loop2): Ignoring removed orlov option [ 528.572166][T17701] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 528.894888][T17713] loop2: detected capacity change from 0 to 512 [ 529.009318][T17713] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode # [ 529.023498][T17713] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117 [ 529.036642][T17713] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode # [ 529.050813][T17713] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117 [ 529.064108][T17713] EXT4-fs (loop2): 1 orphan inode deleted [ 529.069701][T17713] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_ioprio=0x0000000000000007,debug_want_extra_isize=0x000000000000005c,minixdf,nodelalloc,grpquota,usrjquota=,,errors=continue. Quota mode: writeback. [ 529.160551][T17719] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=17719 comm=syz-executor.3 [ 529.188800][T11683] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 529.198869][T11683] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 529.213187][T11683] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 529.249371][T17733] loop3: detected capacity change from 0 to 256 [ 529.264321][T17728] device pim6reg1 entered promiscuous mode [ 529.378870][T11683] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 529.387844][T11683] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 529.395622][T11683] usb 2-1: Product: syz [ 529.400459][T11683] usb 2-1: Manufacturer: syz [ 529.643074][T17744] input: syz1 as /devices/virtual/input/input95 [ 529.809973][T11683] usb 2-1: SerialNumber: syz [ 529.949195][T11683] usb 2-1: selecting invalid altsetting 1 [ 530.450993][T17769] loop0: detected capacity change from 0 to 1024 [ 530.491066][T17769] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 530.498243][T17769] EXT4-fs (loop0): error: journal path ./bus is not a block device [ 530.508799][T11683] usb 2-1: selecting invalid altsetting 1 [ 530.514366][T11683] cdc_ncm 2-1:1.0: bind() failure [ 530.800246][T17775] loop3: detected capacity change from 0 to 512 [ 531.146202][ T60] usb 2-1: USB disconnect, device number 51 [ 531.161876][T17775] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 531.176020][T17775] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 531.189063][T17775] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 531.203181][T17775] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 531.216533][T17775] EXT4-fs (loop3): 1 orphan inode deleted [ 531.222231][T17775] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_ioprio=0x0000000000000007,debug_want_extra_isize=0x000000000000005c,minixdf,nodelalloc,grpquota,usrjquota=,,errors=continue. Quota mode: writeback. [ 531.645338][ T30] audit: type=1326 audit(1718647885.159:33325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17798 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb55f64f29 code=0x7ffc0000 [ 531.675757][ T30] audit: type=1326 audit(1718647885.189:33326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17798 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb55f64f29 code=0x7ffc0000 [ 531.787645][ T30] audit: type=1326 audit(1718647885.199:33327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17798 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb55f64f29 code=0x7ffc0000 [ 531.940620][ T30] audit: type=1326 audit(1718647885.199:33328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17798 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb55f64f29 code=0x7ffc0000 [ 531.964959][ T30] audit: type=1326 audit(1718647885.199:33329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17798 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb55f64f29 code=0x7ffc0000 [ 531.965303][T17793] input: syz1 as /devices/virtual/input/input96 [ 531.989222][ T30] audit: type=1326 audit(1718647885.199:33330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17798 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb55f64f29 code=0x7ffc0000 [ 532.027907][ T30] audit: type=1326 audit(1718647885.199:33331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17798 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb55f64f29 code=0x7ffc0000 [ 532.051899][ T30] audit: type=1326 audit(1718647885.239:33332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17798 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb55f64f29 code=0x7ffc0000 [ 532.079705][ T30] audit: type=1326 audit(1718647885.369:33333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17798 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb55f64f29 code=0x7ffc0000 [ 532.103838][ T30] audit: type=1326 audit(1718647885.459:33334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17798 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb55f64f29 code=0x7ffc0000 [ 532.167442][T17822] loop3: detected capacity change from 0 to 1024 [ 532.242283][T17822] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 532.249678][T17822] EXT4-fs (loop3): error: journal path ./bus is not a block device [ 532.538531][T17846] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 532.888032][T17863] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.4'. [ 532.899177][T17863] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 533.078373][T17877] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 533.083605][T17881] loop3: detected capacity change from 0 to 512 [ 533.828178][T17881] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 533.924822][T17881] ext4 filesystem being mounted at /root/syzkaller-testdir3770104932/syzkaller.4bSxxh/435/file0 supports timestamps until 2038 (0x7fffffff) [ 534.171592][T17920] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 534.495378][T17929] loop4: detected capacity change from 0 to 512 [ 534.534351][T17933] loop0: detected capacity change from 0 to 128 [ 534.586546][T17929] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 534.598912][T17929] ext4 filesystem being mounted at /root/syzkaller-testdir673112664/syzkaller.asVFik/127/w5T)`)YFnA@T<3ڂ$rcnHwC" -8 supports timestamps until 2038 (0x7fffffff) [ 534.659199][T17929] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz-executor.4: corrupted inode contents [ 534.687081][T17929] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #2: comm syz-executor.4: mark_inode_dirty error [ 534.699351][T17929] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz-executor.4: corrupted inode contents [ 534.712054][T17929] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz-executor.4: mark_inode_dirty error [ 534.731402][T17929] EXT4-fs warning (device loop4): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D. [ 534.752383][T16109] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor.4: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 534.775609][T16109] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D. [ 534.801334][T16109] EXT4-fs error (device loop4): ext4_readdir:220: inode #2: comm syz-executor.4: path (unknown): directory fails checksum at offset 18432 [ 535.570663][T16109] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D. [ 535.607155][T16109] EXT4-fs error (device loop4): ext4_readdir:220: inode #2: comm syz-executor.4: path (unknown): directory fails checksum at offset 20480 [ 535.622105][T16109] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D. [ 535.645222][T16109] EXT4-fs error (device loop4): ext4_readdir:220: inode #2: comm syz-executor.4: path (unknown): directory fails checksum at offset 22528 [ 535.669372][T16109] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D. [ 535.692361][T16109] EXT4-fs error (device loop4): ext4_readdir:220: inode #2: comm syz-executor.4: path (unknown): directory fails checksum at offset 24576 [ 535.715739][T16109] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D. [ 535.747225][T17955] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 535.761134][T17960] input: syz0 as /devices/virtual/input/input97 [ 535.775928][T16109] EXT4-fs error (device loop4): ext4_readdir:220: inode #2: comm syz-executor.4: path (unknown): directory fails checksum at offset 26624 [ 535.800739][T16109] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D. [ 535.816499][T16109] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D. [ 535.842723][T16109] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D. [ 535.859920][T16109] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D. [ 537.091972][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 537.091986][ T30] audit: type=1326 audit(1718647890.609:33340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17994 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc054231f29 code=0x0 [ 537.126126][T17986] bridge0: port 1(bridge_slave_0) entered blocking state [ 537.133488][T17986] bridge0: port 1(bridge_slave_0) entered disabled state [ 537.140869][T17986] device bridge_slave_0 entered promiscuous mode [ 537.147996][T17986] bridge0: port 2(bridge_slave_1) entered blocking state [ 537.154963][T17986] bridge0: port 2(bridge_slave_1) entered disabled state [ 537.162555][T17986] device bridge_slave_1 entered promiscuous mode [ 537.278278][T17986] bridge0: port 2(bridge_slave_1) entered blocking state [ 537.285182][T17986] bridge0: port 2(bridge_slave_1) entered forwarding state [ 537.292287][T17986] bridge0: port 1(bridge_slave_0) entered blocking state [ 537.299238][T17986] bridge0: port 1(bridge_slave_0) entered forwarding state [ 537.326019][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 537.334620][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 537.342801][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 537.355299][T18010] input: syz0 as /devices/virtual/input/input98 [ 537.883352][T13014] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 537.892240][T13014] bridge0: port 1(bridge_slave_0) entered blocking state [ 537.899142][T13014] bridge0: port 1(bridge_slave_0) entered forwarding state [ 537.918078][T13014] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 537.932530][T13014] bridge0: port 2(bridge_slave_1) entered blocking state [ 537.934418][T18021] loop0: detected capacity change from 0 to 512 [ 537.939450][T13014] bridge0: port 2(bridge_slave_1) entered forwarding state [ 537.959377][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 537.967596][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 537.986005][T13014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 537.995177][T13014] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 538.015481][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 538.020683][T18021] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 538.023841][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 538.050722][T18021] ext4 filesystem being mounted at /root/syzkaller-testdir1404502971/syzkaller.NplciK/860/file0 supports timestamps until 2038 (0x7fffffff) [ 538.070401][T17986] device veth0_vlan entered promiscuous mode [ 538.078815][T13014] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 538.086662][T13014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 538.095080][T13014] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 538.102588][T13014] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 538.110931][ T8] device bridge_slave_1 left promiscuous mode [ 538.116878][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 538.124909][ T8] device bridge_slave_0 left promiscuous mode [ 538.131007][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 538.139125][ T8] device veth1_macvtap left promiscuous mode [ 538.144968][ T8] device veth0_vlan left promiscuous mode [ 538.182156][ T30] audit: type=1400 audit(1718647891.699:33341): avc: denied { connect } for pid=18041 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 538.332286][T18039] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.2'. [ 538.348988][T18043] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 538.433408][T17986] device veth1_macvtap entered promiscuous mode [ 538.568071][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 538.588279][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 538.600106][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 538.620084][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 538.628628][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 538.638133][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 538.647298][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 538.744179][ T30] audit: type=1400 audit(1718647892.259:33342): avc: denied { mount } for pid=18061 comm="syz-executor.4" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 538.909589][ T30] audit: type=1400 audit(1718647892.429:33343): avc: denied { getopt } for pid=18064 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 539.241477][T18086] loop4: detected capacity change from 0 to 256 [ 539.387340][ T30] audit: type=1326 audit(1718647892.899:33344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18087 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb55f64f29 code=0x0 [ 539.768274][ T30] audit: type=1326 audit(1718647893.279:33345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18094 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa429f29 code=0x0 [ 539.830132][T18101] futex_wake_op: syz-executor.0 tries to shift op by -1; fix this program [ 539.956606][T18118] loop0: detected capacity change from 0 to 512 [ 540.249186][T18124] loop4: detected capacity change from 0 to 256 [ 540.295214][T18118] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000079f) [ 540.372900][T18118] FAT-fs (loop0): Filesystem has been set read-only [ 541.605980][ T30] audit: type=1326 audit(1718647895.119:33346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18176 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb55f64f29 code=0x0 [ 541.692533][T18178] loop2: detected capacity change from 0 to 256 [ 541.778758][ T468] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 541.957214][T18195] loop1: detected capacity change from 0 to 256 [ 541.977676][T18195] FAT-fs (loop1): Directory bread(block 64) failed [ 541.984340][T18195] FAT-fs (loop1): Directory bread(block 65) failed [ 541.990820][T18195] FAT-fs (loop1): Directory bread(block 66) failed [ 541.997260][T18195] FAT-fs (loop1): Directory bread(block 67) failed [ 542.003732][T18195] FAT-fs (loop1): Directory bread(block 68) failed [ 542.010302][T18195] FAT-fs (loop1): Directory bread(block 69) failed [ 542.016735][T18195] FAT-fs (loop1): Directory bread(block 70) failed [ 542.018737][ T468] usb 5-1: Using ep0 maxpacket: 32 [ 542.023193][T18195] FAT-fs (loop1): Directory bread(block 71) failed [ 542.034645][T18195] FAT-fs (loop1): Directory bread(block 72) failed [ 542.041038][T18195] FAT-fs (loop1): Directory bread(block 73) failed [ 542.138917][ T468] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 542.150452][ T468] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 542.161646][ T468] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 542.170736][ T468] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 542.180278][ T468] usb 5-1: config 0 descriptor?? [ 542.198805][T18163] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 542.219152][ T468] hub 5-1:0.0: USB hub found [ 542.404464][T18228] loop2: detected capacity change from 0 to 256 [ 542.456025][T18228] FAT-fs (loop2): Directory bread(block 64) failed [ 542.465769][T18228] FAT-fs (loop2): Directory bread(block 65) failed [ 542.472258][T18228] FAT-fs (loop2): Directory bread(block 66) failed [ 542.479141][T18228] FAT-fs (loop2): Directory bread(block 67) failed [ 542.485630][T18228] FAT-fs (loop2): Directory bread(block 68) failed [ 542.492108][T18228] FAT-fs (loop2): Directory bread(block 69) failed [ 542.498514][T18228] FAT-fs (loop2): Directory bread(block 70) failed [ 542.504926][T18228] FAT-fs (loop2): Directory bread(block 71) failed [ 542.511361][T18228] FAT-fs (loop2): Directory bread(block 72) failed [ 542.517777][T18228] FAT-fs (loop2): Directory bread(block 73) failed [ 542.787669][ T30] audit: type=1326 audit(1718647896.299:33347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18236 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa429f29 code=0x7ffc0000 [ 542.811997][ T30] audit: type=1326 audit(1718647896.299:33348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18236 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa429f29 code=0x7ffc0000 [ 542.836080][ T30] audit: type=1326 audit(1718647896.299:33349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18236 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fd1fa429f29 code=0x7ffc0000 [ 542.861184][ T30] audit: type=1326 audit(1718647896.299:33350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18236 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa429f29 code=0x7ffc0000 [ 542.885702][ T30] audit: type=1326 audit(1718647896.299:33351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18236 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa429f29 code=0x7ffc0000 [ 542.910075][ T30] audit: type=1326 audit(1718647896.299:33352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18236 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd1fa429f29 code=0x7ffc0000 [ 542.934360][ T30] audit: type=1326 audit(1718647896.299:33353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18236 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa429f29 code=0x7ffc0000 [ 542.958955][ T30] audit: type=1326 audit(1718647896.299:33354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18236 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa429f29 code=0x7ffc0000 [ 542.983257][ T30] audit: type=1326 audit(1718647896.299:33355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18236 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fd1fa429f29 code=0x7ffc0000 [ 543.014525][ T30] audit: type=1326 audit(1718647896.299:33356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18236 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 543.368562][T18258] loop1: detected capacity change from 0 to 512 [ 643.188668][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 643.195553][ C0] (detected by 0, t=10002 jiffies, g=93693, q=384) [ 643.202051][ C0] rcu: All QSes seen, last rcu_preempt kthread activity 10003 (4295001538-4294991535), jiffies_till_next_fqs=1, root ->qsmask 0x0 [ 643.215243][ C0] rcu: rcu_preempt kthread starved for 10004 jiffies! g93693 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 643.226268][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 643.236074][ C0] rcu: RCU grace-period kthread stack dump: [ 643.241798][ C0] task:rcu_preempt state:R running task stack:28288 pid: 14 ppid: 2 flags:0x00004000 [ 643.252386][ C0] Call Trace: [ 643.255596][ C0] [ 643.258387][ C0] __schedule+0xccc/0x1590 [ 643.262637][ C0] ? __sched_text_start+0x8/0x8 [ 643.267318][ C0] schedule+0x11f/0x1e0 [ 643.271309][ C0] schedule_timeout+0x18c/0x370 [ 643.275996][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 643.281029][ C0] ? console_conditional_schedule+0x30/0x30 [ 643.286758][ C0] ? update_process_times+0x200/0x200 [ 643.291966][ C0] ? prepare_to_swait_event+0x308/0x320 [ 643.297351][ C0] rcu_gp_fqs_loop+0x2af/0xf80 [ 643.301946][ C0] ? debug_smp_processor_id+0x17/0x20 [ 643.307157][ C0] ? __note_gp_changes+0x4ab/0x920 [ 643.312103][ C0] ? rcu_gp_init+0xc30/0xc30 [ 643.316529][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 643.321563][ C0] ? rcu_gp_init+0x9cf/0xc30 [ 643.325991][ C0] rcu_gp_kthread+0xa4/0x350 [ 643.330417][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 643.335101][ C0] ? wake_nocb_gp+0x1e0/0x1e0 [ 643.339702][ C0] ? __kasan_check_read+0x11/0x20 [ 643.344564][ C0] ? __kthread_parkme+0xb2/0x200 [ 643.349337][ C0] kthread+0x421/0x510 [ 643.353327][ C0] ? wake_nocb_gp+0x1e0/0x1e0 [ 643.357841][ C0] ? kthread_blkcg+0xd0/0xd0 [ 643.362268][ C0] ret_from_fork+0x1f/0x30 [ 643.366524][ C0] [ 643.369384][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 643.375558][ C0] NMI backtrace for cpu 0 [ 643.379719][ C0] CPU: 0 PID: 18234 Comm: syz-executor.4 Tainted: G W 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 643.391346][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 643.401244][ C0] Call Trace: [ 643.404363][ C0] [ 643.407148][ C0] dump_stack_lvl+0x151/0x1b7 [ 643.411655][ C0] ? io_uring_drop_tctx_refs+0x190/0x190 [ 643.417128][ C0] dump_stack+0x15/0x17 [ 643.421115][ C0] nmi_cpu_backtrace+0x2f7/0x300 [ 643.425891][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 643.431878][ C0] ? panic+0x751/0x751 [ 643.435789][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 643.441719][ C0] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 643.447500][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 643.453410][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 643.459135][ C0] rcu_check_gp_kthread_starvation+0x1e3/0x250 [ 643.465121][ C0] print_other_cpu_stall+0x112d/0x1340 [ 643.470417][ C0] ? copy_fpstate_to_sigframe+0x853/0x9a0 [ 643.475974][ C0] ? print_cpu_stall+0x5f0/0x5f0 [ 643.480748][ C0] ? bpf_trace_run1+0xc4/0x1c0 [ 643.485353][ C0] ? fpregs_set+0x6f0/0x6f0 [ 643.489688][ C0] rcu_sched_clock_irq+0xaec/0x12f0 [ 643.494717][ C0] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 643.500706][ C0] ? hrtimer_run_queues+0x15f/0x440 [ 643.505743][ C0] update_process_times+0x198/0x200 [ 643.510775][ C0] tick_sched_timer+0x188/0x240 [ 643.515470][ C0] ? tick_setup_sched_timer+0x480/0x480 [ 643.520851][ C0] __hrtimer_run_queues+0x41a/0xad0 [ 643.525880][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 643.530824][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 643.536726][ C0] hrtimer_interrupt+0x40c/0xaa0 [ 643.541504][ C0] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 643.547229][ C0] sysvec_apic_timer_interrupt+0x44/0xc0 [ 643.552697][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 643.558510][ C0] RIP: 0033:0x7f11fbed86a7 [ 643.562768][ C0] Code: 0b e9 68 fe ff ff 48 83 c4 18 48 8d 3d b2 01 c7 00 5b 5d 41 5c 41 5d 41 5e 41 5f e9 b3 68 fd ff 0f 1f 00 b8 27 00 00 00 0f 05 0f 1f 84 00 00 00 00 00 b8 66 00 00 00 0f 05 c3 0f 1f 84 00 00 [ 643.582380][ C0] RSP: 002b:00007f11fb212b88 EFLAGS: 00000206 [ 643.588283][ C0] RAX: 0000000000000016 RBX: 00007f11fb212cf0 RCX: 00007f11fbed86a7 [ 643.596094][ C0] RDX: 00007f11fb212bc0 RSI: 00007f11fb212cf0 RDI: 0000000000000021 [ 643.604361][ C0] RBP: 0000000000000000 R08: 00007f11fb2136c0 R09: 00007f11fb2136c0 [ 643.612160][ C0] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f11fc01212c [ 643.619969][ C0] R13: 000000000000006e R14: 00007ffef9189080 R15: 00007ffef9189168 [ 643.627785][ C0] [ 715.508849][ C0] BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=0 stuck for 172s! [ 715.517715][ C0] BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=-20 stuck for 168s! [ 715.526596][ C0] Showing busy workqueues and worker pools: [ 715.532310][ C0] workqueue events: flags=0x0 [ 715.536807][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=4/256 refcnt=5 [ 715.536846][ C0] in-flight: 384:bpf_map_free_deferred [ 715.536878][ C0] pending: bpf_prog_free_deferred, psi_avgs_work, kfree_rcu_monitor [ 715.536941][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=10/256 refcnt=11 [ 715.536982][ C0] pending: bpf_map_free_deferred, usb_gadget_state_work, kfree_rcu_monitor, jump_label_update_timeout, vmstat_shepherd, free_work, key_garbage_collector, rht_deferred_worker, rht_deferred_worker, rht_deferred_worker [ 715.537124][ C0] workqueue events_long: flags=0x0 [ 715.592093][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=4/256 refcnt=5 [ 715.592139][ C0] pending: br_fdb_cleanup, br_fdb_cleanup, br_multicast_gc_work, br_fdb_cleanup [ 715.592211][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=5/256 refcnt=6 [ 715.592246][ C0] pending: br_fdb_cleanup, br_fdb_cleanup, br_fdb_cleanup, br_multicast_gc_work, br_multicast_gc_work [ 715.592325][ C0] workqueue events_unbound: flags=0x2 [ 715.632793][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/512 refcnt=4 [ 715.632834][ C0] pending: flush_memcg_stats_dwork, toggle_allocation_gate [ 715.632896][ C0] workqueue events_power_efficient: flags=0x80 [ 715.653317][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=5/256 refcnt=6 [ 715.653360][ C0] pending: wg_ratelimiter_gc_entries, check_lifetime, neigh_periodic_work, gc_worker, neigh_periodic_work [ 715.653456][ C0] workqueue rcu_gp: flags=0x8 [ 715.677294][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.677344][ C0] pending: srcu_invoke_callbacks [ 715.677391][ C0] workqueue mm_percpu_wq: flags=0x8 [ 715.694998][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.695044][ C0] pending: vmstat_update [ 715.695083][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.695120][ C0] pending: vmstat_update [ 715.695157][ C0] workqueue writeback: flags=0x4a [ 715.723851][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=5/256 refcnt=7 [ 715.723893][ C0] pending: wb_update_bandwidth_workfn, wb_workfn, wb_workfn, wb_workfn, wb_workfn [ 715.723986][ C0] workqueue kblockd: flags=0x18 [ 715.745077][ C0] pwq 3: cpus=1 node=0 flags=0x0 nice=-20 active=3/256 refcnt=4 [ 715.745129][ C0] pending: blk_mq_timeout_work, blk_mq_timeout_work, blk_mq_timeout_work [ 715.745207][ C0] workqueue usb_hub_wq: flags=0x4 [ 715.766278][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=2/256 refcnt=3 [ 715.766321][ C0] in-flight: 468:hub_event hub_event [ 715.779253][ C0] workqueue dm_bufio_cache: flags=0x8 [ 715.784413][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.784458][ C0] pending: work_fn [ 715.784496][ C0] workqueue ipv6_addrconf: flags=0x40008 [ 715.801382][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/1 refcnt=2 [ 715.801429][ C0] pending: addrconf_verify_work [ 715.813837][ C0] workqueue wg-kex-wg0: flags=0x6 [ 715.818666][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3 [ 715.818704][ C0] pending: wg_packet_handshake_send_worker [ 715.831725][ C0] workqueue wg-crypt-wg0: flags=0x28 [ 715.836773][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.836822][ C0] pending: wg_packet_encrypt_worker [ 715.836866][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.836903][ C0] pending: wg_packet_encrypt_worker [ 715.836941][ C0] workqueue wg-crypt-wg1: flags=0x28 [ 715.867919][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.867973][ C0] pending: wg_packet_encrypt_worker [ 715.868016][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.868056][ C0] pending: wg_packet_encrypt_worker [ 715.868094][ C0] workqueue wg-crypt-wg2: flags=0x28 [ 715.898916][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.898964][ C0] pending: wg_packet_encrypt_worker [ 715.899004][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.899042][ C0] pending: wg_packet_encrypt_worker [ 715.899089][ C0] workqueue wg-kex-wg0: flags=0x6 [ 715.929673][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3 [ 715.929717][ C0] pending: wg_packet_handshake_send_worker [ 715.929759][ C0] workqueue wg-crypt-wg0: flags=0x28 [ 715.947886][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.947930][ C0] pending: wg_packet_encrypt_worker [ 715.960758][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.960801][ C0] pending: wg_packet_encrypt_worker [ 715.973617][ C0] workqueue wg-kex-wg1: flags=0x6 [ 715.978426][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4 [ 715.978464][ C0] pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker [ 715.978521][ C0] workqueue wg-crypt-wg1: flags=0x28 [ 715.999459][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.999503][ C0] pending: wg_packet_encrypt_worker [ 715.999546][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 715.999585][ C0] pending: wg_packet_encrypt_worker [ 715.999622][ C0] workqueue wg-kex-wg2: flags=0x6 [ 716.030182][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/256 refcnt=4 [ 716.030228][ C0] pending: wg_packet_handshake_send_worker, wg_packet_handshake_send_worker [ 716.030287][ C0] workqueue wg-crypt-wg2: flags=0x28 [ 716.051312][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.051360][ C0] pending: wg_packet_encrypt_worker [ 716.051400][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.051437][ C0] pending: wg_packet_encrypt_worker [ 716.051483][ C0] workqueue wg-kex-wg0: flags=0x6 [ 716.082044][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3 [ 716.082087][ C0] pending: wg_packet_handshake_send_worker [ 716.082128][ C0] workqueue wg-crypt-wg0: flags=0x28 [ 716.100284][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.100326][ C0] pending: wg_packet_encrypt_worker [ 716.113135][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.113178][ C0] pending: wg_packet_encrypt_worker [ 716.126085][ C0] workqueue wg-kex-wg1: flags=0x6 [ 716.130934][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3 [ 716.130974][ C0] pending: wg_packet_handshake_send_worker [ 716.143962][ C0] workqueue wg-crypt-wg1: flags=0x28 [ 716.149082][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.149123][ C0] pending: wg_packet_encrypt_worker [ 716.161924][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.161965][ C0] pending: wg_packet_encrypt_worker [ 716.162004][ C0] workqueue wg-kex-wg2: flags=0x6 [ 716.179744][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3 [ 716.179785][ C0] pending: wg_packet_handshake_send_worker [ 716.179826][ C0] workqueue wg-crypt-wg2: flags=0x28 [ 716.197940][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.197983][ C0] pending: wg_packet_encrypt_worker [ 716.198024][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.198061][ C0] pending: wg_packet_encrypt_worker [ 716.198100][ C0] workqueue wg-kex-wg0: flags=0x6 [ 716.228658][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3 [ 716.228697][ C0] pending: wg_packet_handshake_send_worker [ 716.241677][ C0] workqueue wg-crypt-wg0: flags=0x28 [ 716.246769][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.246809][ C0] pending: wg_packet_encrypt_worker [ 716.246850][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.246886][ C0] pending: wg_packet_encrypt_worker [ 716.246924][ C0] workqueue wg-crypt-wg1: flags=0x28 [ 716.277723][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.277770][ C0] pending: wg_packet_encrypt_worker [ 716.277812][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.277848][ C0] pending: wg_packet_encrypt_worker [ 716.277887][ C0] workqueue wg-kex-wg2: flags=0x6 [ 716.308419][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3 [ 716.308459][ C0] pending: wg_packet_handshake_send_worker [ 716.308499][ C0] workqueue wg-crypt-wg2: flags=0x28 [ 716.326563][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.326607][ C0] pending: wg_packet_encrypt_worker [ 716.326647][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.326685][ C0] pending: wg_packet_encrypt_worker [ 716.326734][ C0] workqueue wg-kex-wg0: flags=0x6 [ 716.357257][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3 [ 716.357297][ C0] pending: wg_packet_handshake_send_worker [ 716.357337][ C0] workqueue wg-crypt-wg0: flags=0x28 [ 716.375401][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.375447][ C0] pending: wg_packet_encrypt_worker [ 716.375487][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.375524][ C0] pending: wg_packet_encrypt_worker [ 716.401275][ C0] workqueue wg-kex-wg1: flags=0x6 [ 716.406099][ C0] pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3 [ 716.406138][ C0] pending: wg_packet_handshake_send_worker [ 716.406177][ C0] workqueue wg-crypt-wg1: flags=0x28 [ 716.424238][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.424282][ C0] pending: wg_packet_encrypt_worker [ 716.424319][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.424356][ C0] pending: wg_packet_encrypt_worker [ 716.424393][ C0] workqueue wg-crypt-wg2: flags=0x28 [ 716.455213][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.455261][ C0] pending: wg_packet_encrypt_worker [ 716.455304][ C0] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 [ 716.455341][ C0] pending: wg_packet_encrypt_worker [ 716.455383][ C0] pool 2: cpus=1 node=0 flags=0x0 nice=0 hung=173s workers=7 idle: 39 60 10164 9904 26