last executing test programs: 7.149345675s ago: executing program 2: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x13, 0x5, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x8d}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80) 7.136651706s ago: executing program 2: syz_usb_connect$cdc_ecm(0x0, 0x67, &(0x7f00000005c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x55, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x2, 0x2, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, [@mbim_extended={0x8}, @acm={0x4}, @call_mgmt={0x5}]}, {[{}]}}}]}}]}}, 0x0) 6.413900663s ago: executing program 2: r0 = socket$unix(0x1, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0xee01, r1, 0xffffffffffffffff) r2 = geteuid() r3 = geteuid() setresuid(r3, r2, 0x0) 6.404703175s ago: executing program 2: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = dup(r0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070000000"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "ff00f7000000000000000000af88008300"}) r7 = syz_open_pts(r6, 0x141601) write(r7, &(0x7f0000000000)="d5", 0xfffffedf) ioctl$TCSETSF(r7, 0x5404, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0xfe, "78a4a500000003ffff40ffffffdf00"}) close_range(r6, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x10, 0xffffffffffffffff, 0x0) write$UHID_INPUT(r1, &(0x7f0000000000)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b098b9b711b5d52101b080d29308f0e1ac6e7049b3468959b189a242a9b64f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f070077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'ip_vti0\x00', 0x0}) 5.540316364s ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10) getrandom(&(0x7f0000000080)=""/240, 0xfffffffffffffe77, 0x0) execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000300), 0x0) 5.278559357s ago: executing program 2: ptrace(0x10, 0x1) r0 = inotify_init1(0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$unix(0xffffffffffffffff, 0x0, 0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ptrace$getenv(0xf, r1, 0x0, &(0x7f0000000000)) 3.03137551s ago: executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000440), 0x208e24b) munmap(&(0x7f00008bb000/0x2000)=nil, 0x2000) munmap(&(0x7f000061d000/0x3000)=nil, 0x3000) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000440), 0x6f5, 0x0, &(0x7f0000000480)={0x77359400}) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') preadv(r2, &(0x7f0000000000)=[{&(0x7f0000000200)=""/4095, 0xfff}], 0x1, 0x6c00, 0x0) 2.190385526s ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000900)='jbd2_checkpoint_stats\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x4004662b, 0x20001412) 2.119696707s ago: executing program 3: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x9, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x2, 0x1}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0xc, 0x4, 0x4, 0x7, 0x0, r2, 0x0, '\x00', 0x0, r0, 0x0, 0x1}, 0x48) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0xc0, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0xffffff80, 0x2, [@TCA_HTB_INIT={0x18}, @TCA_HTB_INIT={0x18}, @TCA_HTB_INIT={0x18}, @TCA_HTB_DIRECT_QLEN={0x8}, @TCA_HTB_INIT={0x18}]}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x61, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0xc0}}, 0x0) syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x2208050, &(0x7f0000000140)=ANY=[], 0x1, 0x1516, &(0x7f0000001c00)="$eJzs3Am4T+X2OPC13vfdHDJ8k8x7vWvzTYaXJMmQJEOSJCGZE5IkSZLEIVMSkpDxJJlD5nTSMc9D5qSTK0mSkJDk/T+n4e823H/33l/3r9896/M8+znv2nu/a6991vmePTzPOV90HVa9UY0q9ZkZ/h365wH++CURABIAYCAAZAeAAADK5CiTI217Jo2J/9ZBxH9IgxmXuwJxOUn/0zfpf/om/U/fpP/pm/Q/fZP+p2/S//RN+i9EujYr75WypN9F3v//L6f+J5Pl+v/fB/G3q/7RvtL//zb6X9pb+p9uZPi9ldL/9OL3LwHS//RN+p+eBZe7AHGZyec/fZP+C5Gu/envlDecu9zvtGX5FxYhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOL/g3P+EgMAP48vd11CCCGEEEIIIYT48/i3LncFQgghhBBCCCGE+M9DUKDBQAAZICMkQCbIDFdAFsgK2SA7xOBKyAFXQU64GnJBbsgDeSEf5IcCEAKBBYYICkIhiMM1UBiuhSJQFIpBcXBQAkrCdVAKrofScAOUgRuhLNwE5aA8VICKcDNUglugMtwKVeA2qArVoDrUgNuhJtwBteBOqA13QR24G+rCPVAP7oX60AAawn3QCO6HxtAEmkIzaA4toOUfzE/K/nvzn4Ee8Cz0hF6QCL2hDzwHfaEf9IcBMBCeh0HwAgyGF2EIDIVh8BIMh5dhBLwCI2EUjIZXYQyMhXEwHibAREiC12ASvA6T4Y37s8JUmAbTYQbMhFnwJsyGOTAX3oJ5MB8WQFKmRbAYlsDbsBTegWR4F5bBe5ACy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW2Abvw3bYATthF+yGPbAXPoB98CHsh48gFT/+F+ef/eV86IaAgAoVGjSYATNgAiZgZsyMWTALZsNsGMMY5sAcmBNzYi7MhXkwD+bDfFgACyAhISNjQSyIcYxjYSyMRbAIFsNi6NBhSSyJpfB6LI2lsQyWwbJYFstheSyPFbEiVsJKWBkrYxWsglWxKlbH6ng73o53YC2shbWxNtbBOlgX62I9rIf1sT42xIbYCBthY2yMTbEpNsfm2BJbYitsha2xNbbFttgO22F7bI8dsAN2xI7YCTthZ+yMXbALdsWu2A2fxqfxGXwGn8VnsRdWVb2xD/bBvtgX++MAHIDP4yB8AV/AF3EIDsVh+BK+hC/jCDyDI3EUjsbRWEmNxXE4HllNxCRMwowwCSfjZJyCU3EqTscZOBNn4SycjXNwDr6F83A+zseFuBAX4xJcgkvxHUzGZFyGZzEFl+MKXImrcDWuwrW4DtfiBtyIG3AzbsatuBXfx/dxB+7AXbgL9+Ae/AA/wA/xQxyCqZiKB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5wDgPJ7HC3gBL+LFtA+/SmOUURlUBpWgElRmlVllUVlUNpVNxVRM5VA5VE6VU+VSuVQelUflU/lUAVVAkSLFKlIFVUEVV3FVWBVWRVQRVUwVU045VVKVVKVUKVValVZl1I2qrLpJlVPlVRtXUVVUlVRbV1ndqqqoKqqqqqaqqxqqhqqpaqpaqpaqrWqrOqqOqqvuUfVUb+yPDVRaZxqpodhYDcOmqplqrlqol/EB1UqNwNaqjWqrHlKjcCS2V61cB/Wo6qjGYSf1uBqPT6guaiJ2VU+pbupp1V09o3qo1q6n6qWmYG/VR03Hvqqf6q8GqNlYTaV1rLp6UQ1RQ9Uw9ZJajC+rEeoVNVKNUqPVq2qMGqvGqfFqgpqoktRrapJ6XU1Wb6gpaqqapqarGWqmmqXeVLPVHDVXvaXmqflqgVqoFqnFaol6Wy1V76hk9a5apt5TKWq5WqFWqlVqtVqj1qp1ar3aoDaqTWqz2qK2qm3qfbVd7VA71S61W+1Re9UHap/6UO1XH6lU9bE6oP6mDqpP1CH1qTqsPlNH1OfqqPpCHVNfquPqK3VCnVSn1NfqtPpGnVFn1Tn1rTqvvlMX1PfqovIKNGqltTY60Bl0Rp2gM+nM+gqdRWfV2XR2HdNX6hz6Kp1TX61z6dw6j8mr8+n8uoAONWmrWUe6oC6k4/oaXVhfq4voorqYLq6dLqFL6ut0KX29Lq1v0GX0jbqsvkmX0+V1BQ/6Zl1J36Ir61t1FX2brqqr6eq6hr5d19R36Fr6Tl1b36Xr6Lt1XX2Prqfv1fV1A91Q36cb6ft1Y91EN9XNdHPdQrfUD+hW+kHdWrfRbfVDup1+WLfXj+gO+lHdUT+mO+nHdWf9hO6in9Rd9VO6m35ad9ff64va6566l07UvXUf/Zzuq/vp/nqAHqif14P0C3qwflEP0UP1MP2SHq5f1iP0K3qkHqVH61f1GD1Wj9Pj9QQ9USfp1/Qk/bqerN/QU/RUPU1P1zP0TN3/p0xz/4n5r//O/ME/HH2r3qbf19v1Dr1T79K79R69V+/V+/Q+vV/v16k6VR/QB/RBfVAf0of0YX1YH9FH9FF9VB/Tx/RxfVyf0Cf1t/prfVp/o8/os/qs/laf1+f1hZ++B2DQKKONMYHJYDKaBJPJZDZXmCwmq8lmspuYudLkMFeZnOZqk8vkNnlMXpPP5DcFTGjIWMMmMgVNIRM315jC5lpTxBQ1xUxx40wJU9Jc9z+e/0f1tTQtTSvTyrQ2rU1b09a0M+1Me9PedDAdTEfT0XQynUxn09l0MV1MV9PVdDPdTHfT3fQwPUxP09MkmkTTxzxn+pp+pr8ZYAaa580gM8gMNoPNEDPEDDPDzHAz3IwwI8xIM9KMNqPNGDPGjDPjzAQzwST57GaSmWQmm8lmiplipg3MbmaYGWaWmWVmm9lmrplr5pl5ZoFZYBaZRWaJWWKWmqUm2SSbZWaZSTHLzXKz0qw0q81qs9asNevNerPRbDSbzWaTYraZbWa72W52mp1mt9lt9pq9Zp/ZZ/ab/SbVpJoD5oA5aA6aQ+aQOWwOmyPmiDlqjppj5pg5bo6bE+aEOWVOmdPmtDljzphz5pw5b86bC+aCuWgupt32BSpQgQlMkCHIECQECUHmIHOQJcgSZAuyBbEgFuQIcgQ5g6uDXEHuIE+QN8gX5A8KBGFAgQ04iIKCQaEgHlwTFA6uDYoERYNiQfHABSWCksF1Qang+qB0cENQJrgxKBvcFJQLygcVgorBzUGl4JagcnBrUCW4LagaVAuqBzWC24OawR1BreDOoHZwV1AnuDuoG9wT1AvuDeoHDYKGwX1Bo+D+oHHQJGgaNAuaBy2Cln9qfu/P5H7Q9Qx7hYlh77BP+FzYN+wX9g8HhAPD58NB4Qvh4PDFcEg4NBwWvhQOD18OR4SvhCPDUeHo8NVwTDg2HBeODyeEE8Ok8LVwUvh6ODl8I5wSTg2nBdPDGeHMcFb4Zjg7nBPODd8K54XzwwXhwnBRuDhE/PFuPDl8N1wWvhemhMvDFeHKcFW4OlwTrg3XhevDDeHGcFO4ucygH3cNt4c7wp3hrnB3uCfcG34Q7gs/DPeHH4Wp4cfhgfBv4cHwk/BQ+Gl4OPwsPBJ+Hh4NvwiPhV+Gx8OvwhPhyUwQfh2eDr8Jz4Rnw3Pht+H58LvwQvh9eDH0aTf3aZd3MmQoA2WgBEqgzJSZslAWykbZKEYxykE5KCflpFyUi/JQHspH+agAFaA0TEwFqSDFKU6FqTAVoSJUjIqRI0clqSSVolJUmkpTGSpDZakslSNLFagC3Uw30y10C91Kt9JtdBtVo2pUg2oQYk2qRbWoNtWmOlSH6lJdqkf1qD7Vp4bUkBpRI2pMjakpNaXm1JxaUktqRa2oNbWmttSW2lE7ak/tqQN1oI7UkTpRJ+pMnakLdaGu1JW6UTfqTt2pB/WgntSTEimR+lAf6kt9qT/1p4E0kAbRIBpMg2kIDaFhNIyG03AaQSNoJI2i0fQqjaGxNI7G0wSaSEmURJNoEk2myTSFptA0mkYzaAbNolk0m2bTXJpL82geLaAFtIgW0RJaQktpKSVTMi2jZZRCKbSCVtAqWkVraA2to3W0gTbQJtpEW2gLbaNttJ22007aSbtpN+2lvbSP9tF+2k+plEoH6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifoBJ2iU3SaTtMZOkPn6Bydp+/oAn1PF8lTgs1kM9srbBab1Waz2e2v4zw2r81n89sCNrS5bO5fxGStLWKL2mK2uHW2hC1pr/tNXM6WtxVsRXuzrWRvsZVtOZsJ/j6uae+wteydtra9y9awt/8irmPvtnXt/baebWLr22a2oW1hG9n7bWPbxDa1zWxz28K2sw/b9vYR28E+ajvax34TL7Xv2HV2vd1gN9p99kN7zn5rj9ov7Hn7ne1pe9mB9nk7yL5gB9sX7RA79JcxgB1tX7Vj7Fg7zo63E+zE38TT7HQ7w860s+ybdrad85t4iX3bzrPJdoFdaBfZxT/EaTUl23ftMvueTbHL7Qq70q6yq+0au/b/1rrSbrZb7Fa7135gt9sddqfdZXfbPT/Eaeex335kU+3H9oj93B60n9hD9pg9bD/7IU47v2P2S3vcfmVP2JP2lP3anrbf2DP27A/nn3buX9vv7UXrLTCyYs2GA87AGTmBM3FmvoKzcFbOxtk5xldyDr6Kc/LVnItzcx7Oy/k4PxfgkIktM0dckAtxnK/hwnwtF+GiXIyLs+MSXJKv41J8PZfmG7gM38hl+SYux+W5Alfkm7kS38KV+VauwrdxVa7G1bkG3841+Q6uxXdybb6L6/DdXJfv4Xp8L9fnBtyQ7+NGfD835ibclJtxc27BLfkBbsUPcmtuw235IW7HD3N7foQ78KPckR/jTvw4d+YnuAs/yV35Ke7GT3N3foZ78LPck3txIvfmPvwc9+V+3J8H8EB+ngfxCzyYX+QhPJSH8Us8nF/mEfwKj+RRPJpf5TE8lsfxeJ7AEzmJX+NJ/DpP5jd4Ck/laTydZ/BMnsVv8myew3P5LZ7H83kBL+RFvJiX8Nu8lN/hZH6Xl/F7nMLLeQWv5FW8mtfwWl7H63kDb+RNvJm38Fbexu/zdt7BO3kX7+Y9vJc/4H38Ie/njziVP+YD/Dc+yJ/wIf6UD/NnfIQ/56P8BR/jL/k4f8Un+CSf4q/5NH/DZ/gsn+Nv+Tx/xxf4e77IniHCSEU6MlEQZYgyRglRpihzdEWUJcoaZYuyR7HoyihHdFWUM7o6yhXljvJEeaN8Uf6oQBRGFNmIoygqGBWK4tE1UeHo2qhIVDQqFhWPXFQiKhldF5WKro9KRzdEZaIbo7LRTVG5qHxUIaoY3RxVim6JKke3RlWi26KqUbWoelQjuj2qGd0R1YrujGpHd0Wlo7ujutE9Ub3o3qh+1CBqGN0XNYrujxpHTaKmUbOoedQiahk9ELWKHoxaR22ittFDUbvo4ah99EjUIXo06hg9dml70eDHq+mvtidGvSP90xuyO/Wi+OL4kvjb8aXxd+LJ8Xfjy+LvxVPiy+Mr4ivjq+Kr42via+Pr4uvjG+Ib45vim+Nb4lvj3tfICA7THoTBuMBlcBldgsvkMrsrXBaX1WVz2V3MXelyuKtcTne1y+Vyuzwur8vn8rsCLnTkrGMXuYKukIu7a1xhd60r4oq6Yq64c66EK+lauJaupWvlHnStXRvX1j3kHnIPu4fdI+4R96jr6B5zndzjrrN7wnVxT7on3VOum3vadXfPuB7uWdfT9XKJLtH1cX1cX9fX9Xf93UA30A1yg9xgN9gNcUPcMDfMDXfD3Qg3wo10I91oN9qNcWPcODfOTXATXJJLcpPcJDfZTXZT3BQ3zU1zM9wMN8vNcrPdbDfXzXXz3Dy3wC1wi9wit8QtcUvdUpfskt0yt8yluBS3wq1wq9wqt8atcevcOrfBbXCb3Ca3xW1x29w2t91tdzvdTrfb7XZ73V63z+1z+91+l+pS3QF3wB10B90h96k77D5zR9zn7qj7wh1zX7rj7it3wp10p9zX7rT7xp1xZ9059607775zF9z37qLzLin2WmxS7PXY5NgbsSmxqbFpsemxGbGZsVmxN2OzY3Nic2NvxebF5scWxBbGFsUWx5bE3o4tjb0TS469G1sWey+WElseWxFbGVsVWx3zPv/2yBf0hXzcX+ML+2t9EV/UF/PFvfMlfEl/nS/lr/el/Q2+jL/Rl/U3+XK+vK/gm/imvplv7lv4lv4B38o/6Fv7Nr6tf8i38w/79v4R38E/6jv6x3wn/7jv7J/wXfyTvqt/av5PP56+h3/W9/S9fKLv7fv453xf38/39wP8QP+8H+Rf8IP9i36IH+qH+Zf8cP+yH+Ff8SP9KD/av+rH+LF+nB/vJ/iJPsm/5if51/1k/4af4qf6aX66n+Fn+ln+TT/bz/Fz/Vt+np/vF/iFfpFf7Jf4t/1S/45P9u/6Zf49n+KX+xV+pV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mM8J2v8Pv9Lv8br/H7/Uf+H3+Q7/ff+RT/cf+gP+bP+g/8Yf8p/6w/8wf8Z/7o/4Lf8x/6Y/7r/wJf9Kf8l/70/4bf8af9ef8t/68/85f8N/7i/I3a0IIIYQQ/xT9B9t7/8469dNiAKAPAGTdkffwr3NuyvXjuJ/a1zEGAI/26trg56VBg8TExJ/2TdEQFFoIALFL8zPApXg5tIWHoQO0gVK/W18/VQH5V/mDv9uelj9+I0BmgEw/r0uAH+Jf5b/+H+Rv8vav8/+6/vhCgCKFLs1JO9DP8aX8pf9B/j3t/iB/pk+SAFr/3ZwscCm+lL8kPAiPQYdf7CmEEEIIIYQQQvyonzrf7Y+eb9Oez/OZS3MywqX4j57P/0DlP+MchBBCCCGEEEII8f/2xNPdH3mgQ4c2nf+bBxn/GmX8BQYIAH+BMmTw1x9c7t9MQgghhBBCiD/bpZv+y12JEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRfv37/yFM/dM7X+5zFEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIS63/xMAAP//gUVOqg==") r6 = accept$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x0, @remote}, &(0x7f0000000180)=0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'vxcan0\x00', 0x0}) r8 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setresuid(0x0, r9, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x9, 0x4, 0x4, 0x4, 0x0, 0x1}, 0x48) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x4f4e81, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c00000002060000000000000000000000000000050005000a0000001d34a43c8ccb18cb45f496b3cc9f4f4c527c13827fc1d6e36417caa89e1c748dbd63d37be9b2fe60af8cba7202c6c8160fd66e9b238a45a9db8846272ea4c8eb20a6af398b384e3798b5a864c552acb6"], 0x1c}}, 0x0) ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000140)={0xa0003}) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r12, 0x1}, 0xc) setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@empty, @in=@broadcast, 0x4e22, 0x7, 0x4e22, 0x3, 0xa, 0xa0, 0x80, 0x32, r7, r9}, {0x200, 0xffffffffffff8001, 0x8, 0x7, 0x81, 0x7, 0x50a, 0x2c}, {0xffff, 0x1, 0x7, 0xee68}, 0x8, 0x6e6bbe, 0x1, 0x0, 0x2, 0x3}, {{@in=@local, 0x4d2, 0x3c}, 0xa, @in=@multicast2, 0x34ff, 0x0, 0x1, 0x1, 0x95b, 0x10001, 0x200040}}, 0xe8) fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) 2.011162405s ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018010000756cff7c00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='jbd2_handle_stats\x00', r0}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000400)='jbd2_handle_stats\x00', r2}, 0x10) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) 1.97965743s ago: executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f000001f500)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000008000300", @ANYBLOB='\b'], 0x24}}, 0x0) 1.960014863s ago: executing program 3: syz_usb_connect$hid(0x0, 0x36, &(0x7f0000006100)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x44f, 0xb65d, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}}) 1.48481292s ago: executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x5, 0x8, 0x8}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r1, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r0}, 0x20) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) recvmmsg(r0, &(0x7f0000002f40)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)=""/206, 0xce}], 0x1}}], 0x1, 0x10103, 0x0) 1.478703141s ago: executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0), &(0x7f0000000380), 0x5, r1}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000180018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$SIOCSIFHWADDR(r0, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e40)={&(0x7f0000000600)='ext4_free_blocks\x00', r2}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) 1.469625572s ago: executing program 4: bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$IOC_PR_RELEASE(0xffffffffffffffff, 0x401070ca, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet6(0xa, 0x3, 0x4) setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000001280)={{{@in=@broadcast, @in=@empty, 0x0, 0xfffe, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x33}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0xe8) 971.187393ms ago: executing program 0: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ftruncate(r0, 0x800) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x98, &(0x7f0000000000)=""/152}, 0x80) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r4, r3, 0x7}, 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r4, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r2}, 0x20) sendfile(r2, r1, 0x0, 0x204) 861.762021ms ago: executing program 0: ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000000c0)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x64, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0x0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote, 0x9}, {@dev, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@broadcast}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) 660.863673ms ago: executing program 0: mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1c0a0, &(0x7f0000000080)='seclabel') 649.814264ms ago: executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000006680)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="5e942cccb3cf4217cd22956765443396455ec45ac5ff2ff19caf3f70c5848969b1ad7714e4d3a72296bda9f0c8348a1d605e7f3595504a99eabba2b84e62e561a42bd8f18b2ca80ab68abfbc641b69edd2b1b3faa3da7e352b0e6219c8ba14502e457f7c1f59e96adb6438f9f455f538dc006c2c610cb6226328de647090e8c4ebc54bbd8d20baa087c831681836bf9cda7a8c40638837749c18b0d13faec7964456df468524d3d758da65d753b5c2b44974b0f797f613656c01b62fd8388aab70e395bc", 0xc4}], 0x1}}], 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) unshare(0x400) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) getsockopt$packet_int(r0, 0x107, 0x0, 0x0, &(0x7f0000000180)) 636.285387ms ago: executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000900)='jbd2_checkpoint_stats\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x4004662b, 0x20001412) 594.823954ms ago: executing program 4: r0 = socket$igmp6(0xa, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x89e0, 0x0) 582.313535ms ago: executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f000001f500)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000008000300", @ANYBLOB='\b'], 0x24}}, 0x0) 580.190786ms ago: executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000440), 0x208e24b) munmap(&(0x7f00008bb000/0x2000)=nil, 0x2000) munmap(&(0x7f000061d000/0x3000)=nil, 0x3000) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000440), 0x6f5, 0x0, &(0x7f0000000480)={0x77359400}) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') preadv(r2, &(0x7f0000000000)=[{&(0x7f0000000200)=""/4095, 0xfff}], 0x1, 0x6c00, 0x0) 558.62283ms ago: executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) mkdir(0x0, 0x0) r5 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='f', @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',grou']) read$FUSE(r5, &(0x7f00000077c0)={0x2020}, 0x2020) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mincore(&(0x7f0000605000/0x4000)=nil, 0x4000, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) syz_btf_id_by_name$bpf_lsm(0x0) 96.100364ms ago: executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='scsi_dispatch_cmd_start\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_pid(r3, &(0x7f0000000980), 0x12) 65.943429ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x5, 0x8, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) arch_prctl$ARCH_GET_XCOMP_SUPP(0x1021, &(0x7f0000000000)) 53.138571ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000000000400000003000000000000000b7f000000000000000000000d020000000000"], 0xffffffffffffffff, 0x3e, 0xb1, 0x2}, 0x20) 33.024494ms ago: executing program 1: r0 = socket$igmp6(0xa, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x89e0, 0x0) 27.788205ms ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000900)='jbd2_checkpoint_stats\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x4004662b, 0x20001412) 0s ago: executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x13, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000b00)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20000000}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) kernel console output (not intermixed with test programs): =1400 audit(1718567700.631:6654): avc: denied { unmount } for pid=5372 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 174.838820][ T6482] loop4: detected capacity change from 0 to 512 [ 174.910821][ T6482] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #16: comm syz-executor.4: corrupted inode contents [ 174.964182][ T6482] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #16: comm syz-executor.4: mark_inode_dirty error [ 174.986056][ T6482] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #16: comm syz-executor.4: corrupted inode contents [ 175.007753][ T6482] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz-executor.4: mark_inode_dirty error [ 175.019500][ T6482] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #16: comm syz-executor.4: corrupted inode contents [ 175.033581][ T6482] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 175.054017][ T6482] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #16: comm syz-executor.4: corrupted inode contents [ 175.072483][ T6486] kvm [6483]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0xa00000000 [ 175.081806][ T6482] EXT4-fs error (device loop4): ext4_truncate:4302: inode #16: comm syz-executor.4: mark_inode_dirty error [ 175.104459][ T6482] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 175.119069][ T6486] kvm [6483]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x250000f7ff [ 175.131241][ T6482] EXT4-fs (loop4): 1 truncate cleaned up [ 175.137066][ T6482] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 175.147902][ T43] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 175.149058][ T6486] kvm [6483]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x250000ffff [ 175.172389][ T6482] ext4 filesystem being mounted at /root/syzkaller-testdir1836246291/syzkaller.sK21IM/68/file1 supports timestamps until 2038 (0x7fffffff) [ 175.203227][ T6486] kvm [6483]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0x250000ffff [ 175.215423][ T6486] kvm [6483]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x187 data 0x250000f7ff [ 175.230700][ T6486] kvm [6483]: vcpu0, guest rIP: 0x18e ignored wrmsr: 0x11e data 0x250000ffff [ 175.245709][ T6486] kvm [6483]: vcpu0, guest rIP: 0x18e vmx_set_msr: BTF|LBR in IA32_DEBUGCTLMSR 0x250000f7ff, nop [ 175.674598][ T5367] EXT4-fs (loop4): unmounting filesystem. [ 176.014615][ T6531] netlink: 220 bytes leftover after parsing attributes in process `syz-executor.4'. [ 176.288859][ T6562] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 176.311331][ T28] audit: type=1326 audit(1718567702.371:6655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6563 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f00a087cea9 code=0x0 [ 176.427773][ T19] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 176.626676][ T28] audit: type=1400 audit(1718567702.681:6656): avc: denied { unlink } for pid=6579 comm="syz-executor.4" name="#37" dev="tmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 176.664269][ T28] audit: type=1400 audit(1718567702.721:6657): avc: denied { execstack } for pid=6583 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 176.797776][ T19] usb 1-1: config 0 has an invalid interface number: 251 but max is 0 [ 176.805916][ T19] usb 1-1: config 0 has no interface number 0 [ 176.812236][ T19] usb 1-1: config 0 interface 251 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 176.822770][ T19] usb 1-1: config 0 interface 251 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 176.833295][ T19] usb 1-1: New USB device found, idVendor=0cde, idProduct=0008, bcdDevice=45.ed [ 176.842218][ T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.850801][ T19] usb 1-1: config 0 descriptor?? [ 176.855631][ T19] usb 1-1: Interface #251 referenced by multiple IADs [ 176.917782][ T6] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 177.028665][ T6597] loop2: detected capacity change from 0 to 256 [ 177.118538][ T1919] usb 1-1: USB disconnect, device number 11 [ 177.244933][ T6603] fuse: Bad value for 'fd' [ 177.249487][ T6603] fuse: Bad value for 'fd' [ 177.437727][ T6] usb 5-1: Using ep0 maxpacket: 16 [ 177.597809][ T6] usb 5-1: unable to get BOS descriptor or descriptor too short [ 177.677804][ T6] usb 5-1: config 0 has too many interfaces: 119, using maximum allowed: 32 [ 177.686539][ T6] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 119 [ 177.695847][ T6] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 26 [ 177.728565][ T6615] device pim6reg1 entered promiscuous mode [ 177.791189][ T6623] loop2: detected capacity change from 0 to 512 [ 177.799679][ T6623] EXT4-fs (loop2): orphan cleanup on readonly fs [ 177.806153][ T6623] EXT4-fs error (device loop2): ext4_quota_enable:6939: comm syz-executor.2: Bad quota inum: 11, type: 1 [ 177.817471][ T6623] EXT4-fs warning (device loop2): ext4_enable_quotas:6987: Failed to enable quota tracking (type=1, err=-117, ino=11). Please run e2fsck to fix. [ 177.832392][ T6623] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 177.839039][ T6623] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 177.853360][ T5372] EXT4-fs (loop2): unmounting filesystem. [ 177.867767][ T6] usb 5-1: New USB device found, idVendor=17cc, idProduct=1010, bcdDevice=7d.64 [ 177.876669][ T6] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.884466][ T6] usb 5-1: Product: syz [ 177.888527][ T6] usb 5-1: Manufacturer: syz [ 177.892846][ T6] usb 5-1: SerialNumber: syz [ 177.897796][ T6] usb 5-1: config 0 descriptor?? [ 177.937970][ T6] hub 5-1:0.0: bad descriptor, ignoring hub [ 177.943732][ T6] hub: probe of 5-1:0.0 failed with error -5 [ 178.148005][ T6] snd-usb-audio: probe of 5-1:0.0 failed with error -71 [ 178.188120][ T6] usb 5-1: USB disconnect, device number 20 [ 178.509447][ T28] audit: type=1400 audit(1718567704.571:6658): avc: denied { map } for pid=6680 comm="syz-executor.0" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 178.543520][ T6683] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 179.013951][ T6711] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 179.034865][ T6713] fuse: Bad value for 'fd' [ 179.039450][ T6713] fuse: Bad value for 'fd' [ 179.057795][ T1919] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 179.222051][ T6724] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6724 comm=syz-executor.3 [ 179.317773][ T1919] usb 3-1: Using ep0 maxpacket: 8 [ 179.437807][ T1919] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 179.528501][ T1919] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 179.537761][ T1919] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 179.587718][ T1919] usb 3-1: SerialNumber: syz [ 179.599329][ T6740] loop0: detected capacity change from 0 to 256 [ 179.701384][ T1919] usb 3-1: config 0 descriptor?? [ 179.716819][ T6749] loop0: detected capacity change from 0 to 512 [ 179.726099][ T6749] EXT4-fs (loop0): orphan cleanup on readonly fs [ 179.732858][ T6749] EXT4-fs error (device loop0): ext4_quota_enable:6939: comm syz-executor.0: Bad quota inum: 11, type: 1 [ 179.746141][ T6749] EXT4-fs warning (device loop0): ext4_enable_quotas:6987: Failed to enable quota tracking (type=1, err=-117, ino=11). Please run e2fsck to fix. [ 179.763720][ T6749] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 179.770278][ T6749] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 179.783962][ T6092] EXT4-fs (loop0): unmounting filesystem. [ 179.819013][ T6752] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6752 comm=syz-executor.4 [ 179.987849][ T1919] usb 3-1: Found UVC 0.00 device (05ac:8501) [ 179.994668][ T1919] usb 3-1: No valid video chain found. [ 180.042849][ T28] audit: type=1400 audit(1718567706.101:6659): avc: denied { mounton } for pid=6778 comm="syz-executor.3" path="/file0/root/syzkaller-testdir1085479564/syzkaller.4Jbbi5/108/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1 [ 180.042866][ T6779] fuse: Unknown parameter '18446744073709551615' [ 180.050830][ T6781] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6781 comm=syz-executor.4 [ 180.107073][ T6787] loop4: detected capacity change from 0 to 128 [ 180.167766][ T6] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 180.192130][ T1919] usb 3-1: USB disconnect, device number 12 [ 180.447831][ T4547] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 180.527891][ T6] usb 1-1: config 0 has an invalid interface number: 251 but max is 0 [ 180.536011][ T6] usb 1-1: config 0 has no interface number 0 [ 180.542113][ T6] usb 1-1: config 0 interface 251 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 180.552766][ T6] usb 1-1: config 0 interface 251 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 180.563331][ T6] usb 1-1: New USB device found, idVendor=0cde, idProduct=0008, bcdDevice=45.ed [ 180.572520][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.587875][ T6] usb 1-1: config 0 descriptor?? [ 180.592789][ T6] usb 1-1: Interface #251 referenced by multiple IADs [ 180.687730][ T4547] usb 5-1: Using ep0 maxpacket: 8 [ 180.748300][ T6818] loop2: detected capacity change from 0 to 128 [ 180.807843][ T4547] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 180.820683][ T4547] usb 5-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00 [ 180.829563][ T4547] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.840614][ T1919] usb 1-1: USB disconnect, device number 12 [ 180.845293][ T4547] usb 5-1: config 0 descriptor?? [ 180.860641][ T6824] tun0: tun_chr_ioctl cmd 1074025677 [ 180.865868][ T6824] tun0: linktype set to 768 [ 180.888460][ T4547] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 180.971578][ T6826] loop2: detected capacity change from 0 to 40427 [ 180.978498][ T6826] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 180.986026][ T6826] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 180.994833][ T6826] F2FS-fs (loop2): invalid crc value [ 181.001587][ T6826] F2FS-fs (loop2): Found nat_bits in checkpoint [ 181.024887][ T6826] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 181.031827][ T6826] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 181.092441][ T6] usb 5-1: USB disconnect, device number 21 [ 181.445352][ T6832] syz-executor.2: attempt to access beyond end of device [ 181.445352][ T6832] loop2: rw=2049, sector=77824, nr_sectors = 2048 limit=40427 [ 181.463874][ T6832] syz-executor.2: attempt to access beyond end of device [ 181.463874][ T6832] loop2: rw=2049, sector=79872, nr_sectors = 2048 limit=40427 [ 181.481246][ T6832] syz-executor.2: attempt to access beyond end of device [ 181.481246][ T6832] loop2: rw=2049, sector=49152, nr_sectors = 2592 limit=40427 [ 181.497718][ T6832] syz-executor.2: attempt to access beyond end of device [ 181.497718][ T6832] loop2: rw=2049, sector=51744, nr_sectors = 1504 limit=40427 [ 181.515128][ T6832] syz-executor.2: attempt to access beyond end of device [ 181.515128][ T6832] loop2: rw=2049, sector=57344, nr_sectors = 2392 limit=40427 [ 181.532487][ T6832] syz-executor.2: attempt to access beyond end of device [ 181.532487][ T6832] loop2: rw=2049, sector=59736, nr_sectors = 2304 limit=40427 [ 181.550119][ T6832] syz-executor.2: attempt to access beyond end of device [ 181.550119][ T6832] loop2: rw=2049, sector=62040, nr_sectors = 2512 limit=40427 [ 181.575058][ T6832] syz-executor.2: attempt to access beyond end of device [ 181.575058][ T6832] loop2: rw=2049, sector=64552, nr_sectors = 8176 limit=40427 [ 181.598329][ T6832] syz-executor.2: attempt to access beyond end of device [ 181.598329][ T6832] loop2: rw=2049, sector=72728, nr_sectors = 5096 limit=40427 [ 181.619234][ T6832] syz-executor.2: attempt to access beyond end of device [ 181.619234][ T6832] loop2: rw=2049, sector=81920, nr_sectors = 3952 limit=40427 [ 181.680464][ T6843] fuse: Unknown parameter '18446744073709551615' [ 181.704390][ T6846] loop4: detected capacity change from 0 to 1024 [ 181.717789][ T6846] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 181.726547][ T6846] EXT4-fs (loop4): orphan cleanup on readonly fs [ 181.775282][ T6846] EXT4-fs error (device loop4): ext4_free_blocks:6197: comm syz-executor.4: Freeing blocks not in datazone - block = 0, count = 4096 [ 181.788850][ T28] audit: type=1326 audit(1718567707.831:6660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6851 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00a087cea9 code=0x7ffc0000 [ 181.813367][ T5655] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 181.822813][ T6846] EXT4-fs (loop4): 1 orphan inode deleted [ 181.827845][ T28] audit: type=1326 audit(1718567707.831:6661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6851 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00a087cea9 code=0x7ffc0000 [ 181.828917][ T5655] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 181.852463][ T28] audit: type=1326 audit(1718567707.831:6662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6851 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00a087cea9 code=0x7ffc0000 [ 181.868820][ T6846] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 181.884831][ T28] audit: type=1326 audit(1718567707.831:6663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6851 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00a087cea9 code=0x7ffc0000 [ 181.918268][ T28] audit: type=1326 audit(1718567707.981:6664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6851 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00a087cea9 code=0x7ffc0000 [ 181.965335][ T28] audit: type=1326 audit(1718567708.001:6665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6851 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f00a087a627 code=0x7ffc0000 [ 181.996825][ T28] audit: type=1326 audit(1718567708.001:6666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6851 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f00a0840309 code=0x7ffc0000 [ 181.997068][ T5367] EXT4-fs (loop4): unmounting filesystem. [ 182.020564][ T28] audit: type=1326 audit(1718567708.001:6667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6851 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00a087cea9 code=0x7ffc0000 [ 182.020595][ T28] audit: type=1326 audit(1718567708.001:6668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6851 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f00a087a627 code=0x7ffc0000 [ 182.514165][ T6876] tun0: tun_chr_ioctl cmd 1074025677 [ 182.526945][ T6876] tun0: linktype set to 768 [ 182.642540][ T6878] overlayfs: failed to get inode (-116) [ 182.656765][ T6878] overlayfs: failed to get inode (-116) [ 182.686976][ T6863] loop4: detected capacity change from 0 to 131072 [ 182.738873][ T6863] F2FS-fs (loop4): QUOTA feature is enabled, so ignore qf_name [ 182.756522][ T6863] F2FS-fs (loop4): invalid crc value [ 182.774042][ T6863] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 182.798017][ T6863] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b [ 183.177900][ T6908] tun0: tun_chr_ioctl cmd 1074025677 [ 183.183331][ T6908] tun0: linktype set to 768 [ 183.197820][ T4547] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 183.386227][ T6929] netlink: 308 bytes leftover after parsing attributes in process `syz-executor.3'. [ 183.561272][ T4547] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 183.601242][ T4547] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 183.612355][ T4547] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 183.625261][ T4547] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 183.634212][ T4547] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.642604][ T4547] usb 1-1: config 0 descriptor?? [ 183.667799][ T6899] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 183.695846][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x7 [ 183.703312][ T310] hid-generic 0000:0000:0000.001F: ignoring exceeding usage max [ 183.711424][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.718649][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.725806][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.733031][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.740236][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.747449][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.754646][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.761887][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.769065][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.776236][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.783690][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.790897][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.798092][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.805299][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.812513][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.819705][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.826893][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.834125][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.841321][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.848524][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.855706][ T310] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 183.863423][ T310] hid-generic 0000:0000:0000.001F: hidraw0: HID v0.00 Device [syz0] on syz0 [ 184.007788][ T6] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 184.148617][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.158052][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.168506][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.180030][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.191582][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.203141][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.214819][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.226430][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.236963][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.247460][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.254788][ T6] usb 2-1: Using ep0 maxpacket: 32 [ 184.262987][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.273509][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.284034][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.294540][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.305112][ T4547] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 184.315843][ T4547] plantronics 0003:047F:FFFF.0020: No inputs registered, leaving [ 184.328909][ T4547] plantronics 0003:047F:FFFF.0020: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 184.377764][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 184.391772][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 184.405708][ T6] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 184.436009][ T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.445493][ T6] usb 2-1: config 0 descriptor?? [ 184.459657][ T4547] usb 1-1: USB disconnect, device number 13 [ 184.498862][ T6] hub 2-1:0.0: USB hub found [ 184.503442][ T310] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 187.143614][ T6976] netlink: 'syz-executor.2': attribute type 7 has an invalid length. [ 187.171755][ T6985] loop4: detected capacity change from 0 to 512 [ 187.178112][ T6] hub 2-1:0.0: config failed, can't read hub descriptor (err -22) [ 187.189566][ T6990] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 187.231879][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.298705][ T6995] syz-executor.3[6995] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 187.298779][ T6995] syz-executor.3[6995] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 187.318153][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.347220][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.430189][ T7001] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 187.439041][ T7001] overlayfs: missing 'lowerdir' [ 187.481046][ T7001] tmpfs: Bad value for 'nr_blocks' [ 187.514535][ T7001] loop1: detected capacity change from 0 to 1024 [ 187.576370][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.583947][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.591261][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.598570][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.605775][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.613025][ T6] usbhid 2-1:0.0: can't add hid device: -71 [ 187.614614][ T6985] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 187.618775][ T6] usbhid: probe of 2-1:0.0 failed with error -71 [ 187.644513][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.660475][ T6985] ext4 filesystem being mounted at /root/syzkaller-testdir1836246291/syzkaller.sK21IM/99/file1 supports timestamps until 2038 (0x7fffffff) [ 187.688784][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.696457][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.711133][ T7001] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 187.719487][ T7001] ext4 filesystem being mounted at /root/syzkaller-testdir4143059334/syzkaller.M3JBfb/89/file1 supports timestamps until 2038 (0x7fffffff) [ 187.738745][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.745972][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.753273][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.760512][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.767712][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.774893][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.785486][ T6] usb 2-1: USB disconnect, device number 14 [ 187.791276][ T310] usb 3-1: device not accepting address 13, error -71 [ 187.799610][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.838936][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.846165][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.878986][ T7006] EXT4-fs error (device loop4): ext4_readdir:260: inode #12: block 32: comm syz-executor.4: path /root/syzkaller-testdir1836246291/syzkaller.sK21IM/99/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 187.906026][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.916971][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 187.935295][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.090688][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.158892][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.166450][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.174596][ T5401] EXT4-fs (loop1): unmounting filesystem. [ 188.180729][ T5367] EXT4-fs (loop4): unmounting filesystem. [ 188.187307][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.196752][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.215012][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.224812][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.232066][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.239732][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.246951][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.255666][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.263190][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.271474][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.278720][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.285922][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.293628][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.300861][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.308064][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.315267][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.322492][ T4547] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 188.330157][ T4547] hid-generic 0000:0000:0000.0021: hidraw0: HID v0.00 Device [syz0] on syz0 [ 188.348321][ T43] device bridge_slave_1 left promiscuous mode [ 188.352141][ T7016] loop2: detected capacity change from 0 to 256 [ 188.354289][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.370409][ T43] device bridge_slave_0 left promiscuous mode [ 188.371262][ T7016] FAT-fs (loop2): Directory bread(block 64) failed [ 188.376361][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.382781][ T7016] FAT-fs (loop2): Directory bread(block 65) failed [ 188.396125][ T7016] FAT-fs (loop2): Directory bread(block 66) failed [ 188.402817][ T7016] FAT-fs (loop2): Directory bread(block 67) failed [ 188.409390][ T7016] FAT-fs (loop2): Directory bread(block 68) failed [ 188.417127][ T7016] FAT-fs (loop2): Directory bread(block 69) failed [ 188.423851][ T7016] FAT-fs (loop2): Directory bread(block 70) failed [ 188.430668][ T7016] FAT-fs (loop2): Directory bread(block 71) failed [ 188.437118][ T7016] FAT-fs (loop2): Directory bread(block 72) failed [ 188.443521][ T7016] FAT-fs (loop2): Directory bread(block 73) failed [ 188.443598][ T43] device veth1_macvtap left promiscuous mode [ 188.458563][ T43] device veth0_vlan left promiscuous mode [ 188.524787][ T7031] loop2: detected capacity change from 0 to 256 [ 188.539703][ T7031] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 188.591852][ T7037] loop2: detected capacity change from 0 to 512 [ 188.633071][ T7037] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 188.642198][ T7037] ext4 filesystem being mounted at /root/syzkaller-testdir1764879545/syzkaller.w3Dk0z/129/file1 supports timestamps until 2038 (0x7fffffff) [ 188.659582][ T7024] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 188.688456][ T7037] EXT4-fs error (device loop2): ext4_readdir:260: inode #12: block 32: comm syz-executor.2: path /root/syzkaller-testdir1764879545/syzkaller.w3Dk0z/129/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 188.721270][ T7011] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.740896][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x7 [ 188.753307][ T7011] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.760869][ T7011] device bridge_slave_0 entered promiscuous mode [ 188.768247][ T7011] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.775185][ T7011] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.791098][ T19] hid-generic 0000:0000:0000.0022: ignoring exceeding usage max [ 188.820761][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 188.838492][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 188.851171][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 188.863824][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 188.866717][ T7011] device bridge_slave_1 entered promiscuous mode [ 188.876472][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 188.938886][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 188.946248][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 188.974583][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.051788][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.066603][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.079350][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.133335][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 189.143012][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 189.179340][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.188397][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.195800][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.203203][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.210483][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.217712][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.225075][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.232378][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.242408][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 189.259072][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 189.267065][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.273916][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 189.281411][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.289845][ T19] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 189.297599][ T19] hid-generic 0000:0000:0000.0022: hidraw0: HID v0.00 Device [syz0] on syz0 [ 189.344238][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 189.384093][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 189.400621][ T7062] loop4: detected capacity change from 0 to 256 [ 189.421433][ T7062] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 189.455445][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.462337][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 189.546885][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 189.554804][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 189.562712][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 189.585545][ T7011] device veth0_vlan entered promiscuous mode [ 189.605457][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 189.628902][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 189.637271][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 189.647407][ T5372] EXT4-fs (loop2): unmounting filesystem. [ 189.648052][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 189.679312][ T7011] device veth1_macvtap entered promiscuous mode [ 189.696354][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 189.711342][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 189.733252][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 189.807328][ T7089] loop2: detected capacity change from 0 to 256 [ 189.822983][ T28] kauditd_printk_skb: 62 callbacks suppressed [ 189.822996][ T28] audit: type=1400 audit(1718567715.881:6731): avc: denied { mounton } for pid=7077 comm="syz-executor.2" path="/root/syzkaller-testdir1764879545/syzkaller.w3Dk0z/130/file0" dev="sda1" ino=1960 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=fifo_file permissive=1 [ 189.935356][ T7100] serio: Serial port pts0 [ 189.996949][ T7105] IPv6: Can't replace route, no match found [ 190.111157][ T7119] fuse: Bad value for 'group_id' [ 190.177921][ T1919] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 190.240422][ T7135] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 190.249215][ T7135] overlayfs: missing 'lowerdir' [ 190.297008][ T7135] tmpfs: Bad value for 'nr_blocks' [ 190.331447][ T7135] loop4: detected capacity change from 0 to 1024 [ 190.384628][ T7135] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 190.393051][ T7135] ext4 filesystem being mounted at /root/syzkaller-testdir1836246291/syzkaller.sK21IM/109/file1 supports timestamps until 2038 (0x7fffffff) [ 190.406193][ T7142] IPv6: Can't replace route, no match found [ 190.441718][ T28] audit: type=1400 audit(1718567716.501:6732): avc: denied { setopt } for pid=7143 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 190.442071][ T7144] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.0'. [ 190.490822][ T7151] fuse: Bad value for 'group_id' [ 190.677909][ T1919] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 190.686339][ T1919] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 190.696298][ T1919] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 190.705045][ T1919] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 190.734785][ T7168] loop2: detected capacity change from 0 to 2048 [ 190.778781][ T7168] Alternate GPT is invalid, using primary GPT. [ 190.786637][ T7168] loop2: p1 p2 p3 [ 190.804778][ T28] audit: type=1400 audit(1718567716.861:6733): avc: denied { read } for pid=7157 comm="syz-executor.2" name="loop2p2" dev="devtmpfs" ino=534 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 190.847797][ T1919] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 190.866265][ T1919] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 190.874333][ T1919] usb 2-1: Product: syz [ 190.878547][ T1919] usb 2-1: Manufacturer: syz [ 190.918247][ T5367] EXT4-fs (loop4): unmounting filesystem. [ 190.948146][ T1919] cdc_wdm 2-1:1.0: skipping garbage [ 190.953592][ T1919] cdc_wdm 2-1:1.0: skipping garbage [ 190.967831][ T1919] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 191.017436][ T7189] loop0: detected capacity change from 0 to 512 [ 191.053757][ T7189] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 191.070924][ T7189] ext4 filesystem being mounted at /root/syzkaller-testdir3084410434/syzkaller.YeLDLp/101/file0 supports timestamps until 2038 (0x7fffffff) [ 191.399952][ T60] usb 2-1: USB disconnect, device number 15 [ 191.520275][ T7208] loop2: detected capacity change from 0 to 2048 [ 191.527120][ T7210] serio: Serial port pts0 [ 191.541697][ T7214] kvm [7213]: vcpu0, guest rIP: 0xfff0 unimplemented HWCR wrmsr: 0x1fff00000000 [ 191.592418][ T28] audit: type=1326 audit(1718567717.651:6734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7219 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf2fc7cea9 code=0x7ffc0000 [ 191.616339][ T28] audit: type=1326 audit(1718567717.651:6735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7219 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf2fc7cea9 code=0x7ffc0000 [ 191.648571][ T28] audit: type=1326 audit(1718567717.651:6736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7219 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf2fc7cea9 code=0x7ffc0000 [ 191.660409][ T7223] SELinux: Context « is not valid (left unmapped). [ 191.672486][ T28] audit: type=1326 audit(1718567717.651:6737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7219 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf2fc7cea9 code=0x7ffc0000 [ 191.703503][ T28] audit: type=1326 audit(1718567717.651:6738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7219 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf2fc7cea9 code=0x7ffc0000 [ 191.727955][ T28] audit: type=1326 audit(1718567717.651:6739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7219 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf2fc7cea9 code=0x7ffc0000 [ 191.752182][ T28] audit: type=1326 audit(1718567717.701:6740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7219 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf2fc7cea9 code=0x7ffc0000 [ 191.790330][ T7237] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'. [ 191.799720][ T7237] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'. [ 191.840567][ T7246] loop3: detected capacity change from 0 to 512 [ 191.893852][ T6092] EXT4-fs (loop0): unmounting filesystem. [ 191.937508][ T7254] serio: Serial port pts0 [ 191.943915][ T7246] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 191.987827][ T7246] ext4 filesystem being mounted at /root/syzkaller-testdir109152022/syzkaller.2Ov07b/16/file1 supports timestamps until 2038 (0x7fffffff) [ 192.022104][ T7268] bridge: RTM_NEWNEIGH with invalid ether address [ 192.086623][ T7246] EXT4-fs error (device loop3): ext4_readdir:260: inode #12: block 32: comm syz-executor.3: path /root/syzkaller-testdir109152022/syzkaller.2Ov07b/16/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 192.422704][ T7298] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'. [ 192.517827][ T7298] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'. [ 192.818755][ T7011] EXT4-fs (loop3): unmounting filesystem. [ 192.835309][ T7326] loop1: detected capacity change from 0 to 128 [ 192.857129][ T7333] syz-executor.3[7333] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 192.857198][ T7333] syz-executor.3[7333] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 192.949362][ T7350] loop0: detected capacity change from 0 to 512 [ 193.060394][ T7350] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 193.159227][ T7362] loop3: detected capacity change from 0 to 128 [ 193.183349][ T7350] ext4 filesystem being mounted at /root/syzkaller-testdir3084410434/syzkaller.YeLDLp/114/file1 supports timestamps until 2038 (0x7fffffff) [ 193.210269][ T7360] loop1: detected capacity change from 0 to 256 [ 193.239338][ T7360] FAT-fs (loop1): Directory bread(block 64) failed [ 193.252243][ T7360] FAT-fs (loop1): Directory bread(block 65) failed [ 193.271324][ T7350] EXT4-fs error (device loop0): ext4_readdir:260: inode #12: block 32: comm syz-executor.0: path /root/syzkaller-testdir3084410434/syzkaller.YeLDLp/114/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 193.307922][ T7371] loop4: detected capacity change from 0 to 512 [ 193.314638][ T7360] FAT-fs (loop1): Directory bread(block 66) failed [ 193.336494][ T7371] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 193.356794][ T7360] FAT-fs (loop1): Directory bread(block 67) failed [ 193.365426][ T7360] FAT-fs (loop1): Directory bread(block 68) failed [ 193.373735][ T7360] FAT-fs (loop1): Directory bread(block 69) failed [ 193.391490][ T7371] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #17: comm syz-executor.4: iget: bad i_size value: -6917529027641081756 [ 193.417808][ T7360] FAT-fs (loop1): Directory bread(block 70) failed [ 193.424163][ T7360] FAT-fs (loop1): Directory bread(block 71) failed [ 193.459520][ T7371] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 17 (err -117) [ 193.475166][ T7360] FAT-fs (loop1): Directory bread(block 72) failed [ 193.521532][ T7371] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 193.530343][ T7360] FAT-fs (loop1): Directory bread(block 73) failed [ 193.613273][ T7383] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'. [ 193.631350][ T5367] EXT4-fs (loop4): unmounting filesystem. [ 193.657799][ T7383] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'. [ 193.762198][ T7389] loop4: detected capacity change from 0 to 512 [ 194.035665][ T7389] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 194.053174][ T6092] EXT4-fs (loop0): unmounting filesystem. [ 194.059023][ T7389] ext4 filesystem being mounted at /root/syzkaller-testdir1836246291/syzkaller.sK21IM/146/file0 supports timestamps until 2038 (0x7fffffff) [ 194.229407][ T7400] loop2: detected capacity change from 0 to 131072 [ 194.241041][ T7400] F2FS-fs (loop2): invalid crc value [ 194.264150][ T7418] loop3: detected capacity change from 0 to 512 [ 194.300277][ T7400] F2FS-fs (loop2): Found nat_bits in checkpoint [ 194.483957][ T7418] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 194.521894][ T7400] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 194.557192][ T7418] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #17: comm syz-executor.3: iget: bad i_size value: -6917529027641081756 [ 194.571302][ T7418] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz-executor.3: couldn't read orphan inode 17 (err -117) [ 194.583790][ T7418] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 194.635921][ T7437] loop0: detected capacity change from 0 to 256 [ 194.643197][ T7011] EXT4-fs (loop3): unmounting filesystem. [ 194.691276][ T5367] EXT4-fs (loop4): unmounting filesystem. [ 194.702564][ T7441] loop1: detected capacity change from 0 to 1024 [ 194.711095][ T7441] EXT4-fs: Ignoring removed i_version option [ 194.711692][ T7437] FAT-fs (loop0): Directory bread(block 64) failed [ 194.723753][ T7441] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 194.728620][ T7437] FAT-fs (loop0): Directory bread(block 65) failed [ 194.739778][ T7437] FAT-fs (loop0): Directory bread(block 66) failed [ 194.742931][ T7441] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 194.746302][ T7437] FAT-fs (loop0): Directory bread(block 67) failed [ 194.761351][ T7437] FAT-fs (loop0): Directory bread(block 68) failed [ 194.777739][ T7437] FAT-fs (loop0): Directory bread(block 69) failed [ 194.794520][ T7437] FAT-fs (loop0): Directory bread(block 70) failed [ 194.800472][ T7441] EXT4-fs error (device loop1): ext4_read_inline_dir:1589: inode #12: block 16: comm syz-executor.1: path /root/syzkaller-testdir4143059334/syzkaller.M3JBfb/119/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=301989902, rec_len=0, size=80 fake=0 [ 194.833528][ T5401] EXT4-fs (loop1): unmounting filesystem. [ 194.837918][ T7450] device pim6reg1 entered promiscuous mode [ 194.846106][ T7437] FAT-fs (loop0): Directory bread(block 71) failed [ 194.855172][ T7437] FAT-fs (loop0): Directory bread(block 72) failed [ 194.864967][ T7437] FAT-fs (loop0): Directory bread(block 73) failed [ 194.983100][ T7473] overlayfs: failed to resolve './file2': -2 [ 194.996886][ T7479] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 195.033416][ T7483] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 195.045026][ T7486] syz-executor.3[7486] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 195.045204][ T7486] syz-executor.3[7486] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 195.143045][ T7502] loop2: detected capacity change from 0 to 512 [ 195.183262][ T7502] EXT4-fs (loop2): 1 orphan inode deleted [ 195.188897][ T7502] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 195.197871][ T7502] ext4 filesystem being mounted at /root/syzkaller-testdir1764879545/syzkaller.w3Dk0z/146/file1 supports timestamps until 2038 (0x7fffffff) [ 195.232353][ T5372] EXT4-fs (loop2): unmounting filesystem. [ 195.256506][ T7511] loop0: detected capacity change from 0 to 256 [ 195.261024][ T7517] loop4: detected capacity change from 0 to 512 [ 195.278335][ T19] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 195.282630][ T7517] EXT4-fs (loop4): orphan cleanup on readonly fs [ 195.292365][ T7524] netlink: 300 bytes leftover after parsing attributes in process `syz-executor.3'. [ 195.294664][ T7511] FAT-fs (loop0): Directory bread(block 64) failed [ 195.308343][ T7511] FAT-fs (loop0): Directory bread(block 65) failed [ 195.314798][ T7511] FAT-fs (loop0): Directory bread(block 66) failed [ 195.314830][ T7517] __quota_error: 179 callbacks suppressed [ 195.314843][ T7517] Quota error (device loop4): find_block_dqentry: Quota for id 0 referenced but not present [ 195.321267][ T7511] FAT-fs (loop0): Directory bread(block 67) failed [ 195.336760][ T7517] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 195.352287][ T7511] FAT-fs (loop0): Directory bread(block 68) failed [ 195.359179][ T7511] FAT-fs (loop0): Directory bread(block 69) failed [ 195.365606][ T7511] FAT-fs (loop0): Directory bread(block 70) failed [ 195.368437][ T7517] EXT4-fs (loop4): 1 truncate cleaned up [ 195.381854][ T7529] loop3: detected capacity change from 0 to 512 [ 195.385659][ T7530] syz-executor.2[7530] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 195.388166][ T7511] FAT-fs (loop0): Directory bread(block 71) failed [ 195.388450][ T7530] syz-executor.2[7530] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 195.400185][ T7529] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 195.421008][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.425878][ T7511] FAT-fs (loop0): Directory bread(block 72) failed [ 195.432821][ T7517] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 195.439193][ T7511] FAT-fs (loop0): Directory bread(block 73) failed [ 195.448014][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.461689][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.468963][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.476173][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.483387][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.490607][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.497839][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.505106][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.512338][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.519855][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.527106][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.534403][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.541675][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.548928][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.556173][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.563460][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.570675][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.578003][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.585209][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.592436][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.599652][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.606849][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.614045][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.621325][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.628552][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.635742][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.642973][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.650153][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.657366][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.664614][ T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 195.675242][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.682474][ T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 195.691977][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.699174][ T19] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 195.708032][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.715213][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.722420][ T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.730246][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.737433][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.744885][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.752222][ T19] usb 2-1: config 0 descriptor?? [ 195.757100][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.764360][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.771526][ T4547] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 195.779212][ T4547] hid-generic 0000:0000:0000.0023: hidraw0: HID v0.00 Device [syz0] on syz0 [ 195.791288][ T5367] EXT4-fs (loop4): unmounting filesystem. [ 195.864571][ T7543] loop0: detected capacity change from 0 to 512 [ 195.898661][ T7543] EXT4-fs (loop0): 1 orphan inode deleted [ 195.904281][ T7543] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 195.913526][ T7543] ext4 filesystem being mounted at /root/syzkaller-testdir3084410434/syzkaller.YeLDLp/122/file1 supports timestamps until 2038 (0x7fffffff) [ 195.949380][ T6092] EXT4-fs (loop0): unmounting filesystem. [ 195.966460][ T7557] input: syz1 as /devices/virtual/input/input23 [ 196.203638][ T7565] device pim6reg1 entered promiscuous mode [ 196.257804][ T19] usbhid 2-1:0.0: can't add hid device: -71 [ 196.263631][ T19] usbhid: probe of 2-1:0.0 failed with error -71 [ 196.270299][ T19] usb 2-1: USB disconnect, device number 16 [ 196.334590][ T7579] netlink: 31 bytes leftover after parsing attributes in process `syz-executor.0'. [ 196.351277][ T7581] loop0: detected capacity change from 0 to 128 [ 196.497764][ T39] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 196.597205][ T7602] input: syz1 as /devices/virtual/input/input24 [ 196.654814][ T7604] loop1: detected capacity change from 0 to 256 [ 196.666147][ T7604] FAT-fs (loop1): Directory bread(block 64) failed [ 196.672612][ T7604] FAT-fs (loop1): Directory bread(block 65) failed [ 196.679068][ T7604] FAT-fs (loop1): Directory bread(block 66) failed [ 196.685487][ T7604] FAT-fs (loop1): Directory bread(block 67) failed [ 196.691891][ T7604] FAT-fs (loop1): Directory bread(block 68) failed [ 196.698384][ T7604] FAT-fs (loop1): Directory bread(block 69) failed [ 196.713867][ T7604] FAT-fs (loop1): Directory bread(block 70) failed [ 196.719802][ T7612] loop0: detected capacity change from 0 to 512 [ 196.727412][ T7604] FAT-fs (loop1): Directory bread(block 71) failed [ 196.733993][ T7604] FAT-fs (loop1): Directory bread(block 72) failed [ 196.741051][ T7604] FAT-fs (loop1): Directory bread(block 73) failed [ 196.749574][ T7612] EXT4-fs (loop0): orphan cleanup on readonly fs [ 196.756136][ T7612] Quota error (device loop0): find_block_dqentry: Quota for id 0 referenced but not present [ 196.768961][ T7612] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 196.785474][ T7612] EXT4-fs (loop0): 1 truncate cleaned up [ 196.798140][ T7612] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 196.831428][ T6092] EXT4-fs (loop0): unmounting filesystem. [ 196.846499][ T7624] loop0: detected capacity change from 0 to 512 [ 196.853583][ T7624] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 196.869136][ T7624] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #17: comm syz-executor.0: iget: bad i_size value: -6917529027641081756 [ 196.882738][ T7624] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz-executor.0: couldn't read orphan inode 17 (err -117) [ 196.895073][ T7624] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 196.895073][ T39] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 196.895101][ T39] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 196.924689][ T39] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 196.933560][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.943561][ T6092] EXT4-fs (loop0): unmounting filesystem. [ 197.107797][ T60] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 197.437735][ T60] usb 4-1: Using ep0 maxpacket: 32 [ 197.557783][ T60] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.568546][ T60] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.747822][ T60] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 197.756831][ T60] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 197.765885][ T60] usb 4-1: Product: syz [ 197.770138][ T60] usb 4-1: Manufacturer: syz [ 197.818209][ T60] hub 4-1:4.0: USB hub found [ 197.826255][ T28] audit: type=1400 audit(1718567723.881:6920): avc: denied { lock } for pid=7650 comm="syz-executor.1" path="socket:[53379]" dev="sockfs" ino=53379 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 197.870531][ T7651] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 197.878900][ T7651] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 197.888060][ T7651] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready [ 197.896079][ T7651] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready [ 197.904473][ T7651] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready [ 197.951094][ T7651] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready [ 197.994090][ T7656] loop1: detected capacity change from 0 to 512 [ 198.006222][ T7656] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 198.025640][ T7656] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #17: comm syz-executor.1: iget: bad i_size value: -6917529027641081756 [ 198.039259][ T60] hub 4-1:4.0: 2 ports detected [ 198.051084][ T7656] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz-executor.1: couldn't read orphan inode 17 (err -117) [ 198.066819][ T7656] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 198.093912][ T7657] syz-executor.0 (7657) used greatest stack depth: 19184 bytes left [ 198.113055][ T5401] EXT4-fs (loop1): unmounting filesystem. [ 198.134677][ T7647] loop4: detected capacity change from 0 to 131072 [ 198.142021][ T7647] F2FS-fs (loop4): invalid crc value [ 198.148517][ T7647] F2FS-fs (loop4): Found nat_bits in checkpoint [ 198.171011][ T7647] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 198.244535][ T28] audit: type=1400 audit(1718567724.301:6921): avc: denied { execute_no_trans } for pid=7675 comm="syz-executor.0" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1335 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 198.362223][ T7682] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 198.371413][ T7682] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 198.527764][ T39] aiptek 3-1:17.0: Aiptek using 400 ms programming speed [ 198.536318][ T39] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input25 [ 198.557045][ T39] input: failed to attach handler kbd to device input25, error: -5 [ 198.897822][ T342] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 199.011202][ T310] usb 3-1: USB disconnect, device number 15 [ 199.047797][ T19] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 199.153101][ T341] Bluetooth: hci0: Frame reassembly failed (-84) [ 199.257808][ T342] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 199.268575][ T342] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 199.278092][ T342] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 199.286907][ T342] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.295386][ T342] usb 5-1: config 0 descriptor?? [ 199.347871][ T60] hub 4-1:4.0: activate --> -90 [ 199.407805][ T19] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 199.416347][ T19] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 199.426632][ T19] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 199.435563][ T19] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 199.557854][ T19] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 199.566730][ T19] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 199.574675][ T19] usb 2-1: Product: syz [ 199.578733][ T19] usb 2-1: Manufacturer: syz [ 199.607522][ T7730] loop0: detected capacity change from 0 to 128 [ 199.628095][ T19] cdc_wdm 2-1:1.0: skipping garbage [ 199.633134][ T19] cdc_wdm 2-1:1.0: skipping garbage [ 199.638657][ T19] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 199.719315][ T7733] loop0: detected capacity change from 0 to 40427 [ 199.726100][ T7733] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 199.733753][ T7733] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 199.742372][ T7733] F2FS-fs (loop0): invalid crc value [ 199.748686][ T7733] F2FS-fs (loop0): Found nat_bits in checkpoint [ 199.771256][ T7733] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 199.778207][ T7733] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 199.882481][ T19] usb 2-1: USB disconnect, device number 17 [ 200.117799][ T342] usb 5-1: language id specifier not provided by device, defaulting to English [ 200.515858][ T5655] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 200.525417][ T5655] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 200.695519][ T7749] loop0: detected capacity change from 0 to 8192 [ 200.748809][ T7749] loop0: p1 < > p2 p3 < p5 p6 > p4 [ 200.753902][ T7749] loop0: partition table partially beyond EOD, truncated [ 200.761271][ T7749] loop0: p1 start 277760 is beyond EOD, truncated [ 200.767565][ T7749] loop0: p2 start 6684676 is beyond EOD, truncated [ 200.774547][ T7749] loop0: p5 start 6684676 is beyond EOD, truncated [ 200.777778][ T342] uclogic 0003:256C:006D.0024: failed retrieving string descriptor #100: -71 [ 200.795757][ T342] uclogic 0003:256C:006D.0024: failed retrieving pen parameters: -71 [ 200.803777][ T342] uclogic 0003:256C:006D.0024: failed probing pen v1 parameters: -71 [ 200.811668][ T342] uclogic 0003:256C:006D.0024: failed probing parameters: -71 [ 200.818945][ T342] uclogic: probe of 0003:256C:006D.0024 failed with error -71 [ 200.827485][ T342] usb 5-1: USB disconnect, device number 22 [ 201.148271][ T39] usb 4-1: USB disconnect, device number 14 [ 201.197732][ T7713] Bluetooth: hci0: command 0x1003 tx timeout [ 201.203578][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 204.141819][ T7795] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 204.161955][ T7795] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 204.177846][ T7795] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready [ 204.178365][ T7804] loop2: detected capacity change from 0 to 512 [ 204.192092][ T7795] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready [ 204.210230][ T7795] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready [ 204.218468][ T7804] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 204.227639][ T7804] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 204.227818][ T7795] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready [ 204.243376][ T7795] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready [ 204.243791][ T7804] System zones: 0-2, 18-18, 34-35 [ 204.274552][ T7804] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 204.340836][ T7804] EXT4-fs (loop2): re-mounted. Quota mode: none. [ 204.368150][ T7804] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 204.387981][ T7804] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 204.396147][ T7804] EXT4-fs (loop2): re-mounted. Quota mode: none. [ 204.402963][ T7804] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz-executor.2: path /root/syzkaller-testdir1764879545/syzkaller.w3Dk0z/167/file0: bad entry in directory: inode out of bounds - offset=24, inode=134217739, rec_len=20, size=2048 fake=0 [ 204.435002][ T5372] EXT4-fs (loop2): unmounting filesystem. [ 204.459128][ T28] audit: type=1400 audit(1718567730.521:6922): avc: denied { ioctl } for pid=7831 comm="syz-executor.0" path="socket:[53206]" dev="sockfs" ino=53206 ioctlcmd=0x8924 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 204.497796][ T6] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 206.054076][ T7851] loop3: detected capacity change from 0 to 512 [ 206.061577][ T7851] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 206.070768][ T7851] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 206.079398][ T7851] System zones: 0-2, 18-18, 34-35 [ 206.084813][ T7851] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 207.060323][ T7851] EXT4-fs (loop3): re-mounted. Quota mode: none. [ 207.077991][ T7851] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 208.039655][ T7857] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz-executor.3: path /root/syzkaller-testdir109152022/syzkaller.2Ov07b/54/file0: bad entry in directory: inode out of bounds - offset=24, inode=134217739, rec_len=20, size=2048 fake=0 [ 208.064527][ T7851] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 208.075513][ T7851] EXT4-fs (loop3): re-mounted. Quota mode: none. [ 209.047720][ T6] usb 2-1: device descriptor read/all, error -71 [ 209.088981][ T7011] EXT4-fs (loop3): unmounting filesystem. [ 209.174357][ T7885] loop0: detected capacity change from 0 to 512 [ 209.215078][ T7893] 9p: Unknown uid 00000000004294967295 [ 209.221199][ T7885] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 209.231193][ T7885] EXT4-fs (loop0): 1 truncate cleaned up [ 209.236951][ T7885] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 209.267066][ T6092] EXT4-fs (loop0): unmounting filesystem. [ 209.278446][ T7898] overlayfs: invalid redirect ((null)) [ 209.377308][ T7907] loop2: detected capacity change from 0 to 2048 [ 209.384697][ T7907] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 209.434657][ T7916] loop4: detected capacity change from 0 to 1024 [ 209.473701][ T7916] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 209.577777][ T7926] device veth1_macvtap left promiscuous mode [ 209.588037][ T7916] EXT4-fs error (device loop4): ext4_xattr_ibody_get:603: inode #15: comm syz-executor.4: corrupted in-inode xattr [ 209.600448][ T7916] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.4: corrupted in-inode xattr [ 209.752258][ T7929] overlayfs: failed to resolve './file2': -2 [ 210.279058][ T7916] bio_check_eod: 1 callbacks suppressed [ 210.279108][ T7916] syz-executor.4: attempt to access beyond end of device [ 210.279108][ T7916] loop4: rw=2049, sector=3606377190, nr_sectors = 2 limit=1024 [ 210.399598][ T7932] device veth1_macvtap entered promiscuous mode [ 210.406052][ T7936] 9p: Unknown uid 00000000004294967295 [ 210.426526][ T7916] EXT4-fs warning (device loop4): ext4_end_bio:347: I/O error 10 writing to inode 15 starting block 1803188595) [ 210.441774][ T7938] loop0: detected capacity change from 0 to 512 [ 210.453814][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 210.465262][ T7916] Buffer I/O error on device loop4, logical block 1803188595 [ 210.476966][ T7938] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 210.485153][ T7940] overlayfs: invalid redirect ((null)) [ 210.490777][ T7938] EXT4-fs (loop0): 1 truncate cleaned up [ 210.496229][ T7938] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 210.504978][ T7916] syz-executor.4: attempt to access beyond end of device [ 210.504978][ T7916] loop4: rw=2049, sector=3403208898, nr_sectors = 2 limit=1024 [ 210.505008][ T7916] EXT4-fs warning (device loop4): ext4_end_bio:347: I/O error 10 writing to inode 15 starting block 1701604449) [ 210.505034][ T7916] Buffer I/O error on device loop4, logical block 1701604449 [ 210.505088][ T7916] syz-executor.4: attempt to access beyond end of device [ 210.505088][ T7916] loop4: rw=2049, sector=59108, nr_sectors = 2 limit=1024 [ 210.554683][ T7916] EXT4-fs warning (device loop4): ext4_end_bio:347: I/O error 10 writing to inode 15 starting block 29554) [ 210.567416][ T7916] Buffer I/O error on device loop4, logical block 29554 [ 210.576886][ T6092] EXT4-fs (loop0): unmounting filesystem. [ 210.578674][ T5367] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz-executor.4: path /root/syzkaller-testdir1836246291/syzkaller.sK21IM/178/bus: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 210.615962][ T5367] EXT4-fs (loop4): Inode 15 (ffff88813ccaa808): i_reserved_data_blocks (1) not cleared! [ 210.628786][ T5367] EXT4-fs (loop4): unmounting filesystem. [ 210.700320][ T7955] loop2: detected capacity change from 0 to 2048 [ 210.713007][ T7955] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 210.830514][ T7959] loop3: detected capacity change from 0 to 256 [ 210.844820][ T7959] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 211.168123][ T7945] loop1: detected capacity change from 0 to 40427 [ 211.175450][ T7945] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 211.193280][ T7945] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 211.266185][ T7962] overlayfs: failed to resolve './file2': -2 [ 211.346037][ T7957] loop0: detected capacity change from 0 to 40427 [ 211.395598][ T7945] F2FS-fs (loop1): Found nat_bits in checkpoint [ 211.458313][ T10] device bridge_slave_1 left promiscuous mode [ 211.465331][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.473203][ T7957] F2FS-fs (loop0): Found nat_bits in checkpoint [ 211.484500][ T7945] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 211.491600][ T10] device bridge_slave_0 left promiscuous mode [ 211.497790][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.517749][ T7945] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 211.538719][ T10] device veth1_macvtap left promiscuous mode [ 211.558884][ T10] device veth0_vlan left promiscuous mode [ 211.576624][ T7976] loop2: detected capacity change from 0 to 512 [ 211.582291][ T7957] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 211.593822][ T7976] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 211.609168][ T7976] EXT4-fs (loop2): 1 truncate cleaned up [ 211.617720][ T7976] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 211.634811][ T5372] EXT4-fs (loop2): unmounting filesystem. [ 211.635744][ T7980] loop3: detected capacity change from 0 to 1024 [ 211.664362][ T6092] syz-executor.0: attempt to access beyond end of device [ 211.664362][ T6092] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 211.679922][ T7980] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 211.695824][ T7986] incfs: Options parsing error. -22 [ 211.701448][ T7986] incfs: mount failed -22 [ 211.771134][ T7980] EXT4-fs error (device loop3): ext4_xattr_ibody_get:603: inode #15: comm syz-executor.3: corrupted in-inode xattr [ 211.783564][ T7980] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.3: corrupted in-inode xattr [ 211.799240][ T7980] syz-executor.3: attempt to access beyond end of device [ 211.799240][ T7980] loop3: rw=2049, sector=3606377190, nr_sectors = 2 limit=1024 [ 211.813672][ T7980] EXT4-fs warning (device loop3): ext4_end_bio:347: I/O error 10 writing to inode 15 starting block 1803188595) [ 211.826212][ T7980] Buffer I/O error on device loop3, logical block 1803188595 [ 211.833502][ T7980] syz-executor.3: attempt to access beyond end of device [ 211.833502][ T7980] loop3: rw=2049, sector=3403208898, nr_sectors = 2 limit=1024 [ 211.848032][ T7980] EXT4-fs warning (device loop3): ext4_end_bio:347: I/O error 10 writing to inode 15 starting block 1701604449) [ 211.859784][ T7980] Buffer I/O error on device loop3, logical block 1701604449 [ 211.867886][ T7980] syz-executor.3: attempt to access beyond end of device [ 211.867886][ T7980] loop3: rw=2049, sector=59108, nr_sectors = 2 limit=1024 [ 211.883057][ T7980] EXT4-fs warning (device loop3): ext4_end_bio:347: I/O error 10 writing to inode 15 starting block 29554) [ 211.894459][ T7980] Buffer I/O error on device loop3, logical block 29554 [ 211.902915][ T7996] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 211.926159][ T7011] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz-executor.3: path /root/syzkaller-testdir109152022/syzkaller.2Ov07b/65/bus: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 211.955905][ T7011] EXT4-fs (loop3): Inode 15 (ffff88813afd44a0): i_reserved_data_blocks (1) not cleared! [ 211.967400][ T7011] EXT4-fs (loop3): unmounting filesystem. [ 211.992445][ T7973] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.999583][ T7973] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.007118][ T7973] device bridge_slave_0 entered promiscuous mode [ 212.014375][ T7973] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.021857][ T7973] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.029361][ T7973] device bridge_slave_1 entered promiscuous mode [ 212.077081][ T8024] device pim6reg1 entered promiscuous mode [ 212.123865][ T7973] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.130750][ T7973] bridge0: port 2(bridge_slave_1) entered forwarding state [ 212.137850][ T7973] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.144617][ T7973] bridge0: port 1(bridge_slave_0) entered forwarding state [ 212.182730][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 212.190449][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.198142][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.205286][ T8033] loop1: detected capacity change from 0 to 1024 [ 212.219277][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 212.227200][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.229314][ T8033] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 212.233959][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 212.249560][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 212.257624][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.264513][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 212.288350][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 212.307462][ T8037] loop2: detected capacity change from 0 to 512 [ 212.313754][ T8033] EXT4-fs error (device loop1): ext4_xattr_ibody_get:603: inode #15: comm syz-executor.1: corrupted in-inode xattr [ 212.325245][ T8037] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 212.326355][ T8033] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.1: corrupted in-inode xattr [ 212.334049][ T8037] EXT4-fs (loop2): 1 truncate cleaned up [ 212.346292][ T8033] syz-executor.1: attempt to access beyond end of device [ 212.346292][ T8033] loop1: rw=2049, sector=3606377190, nr_sectors = 2 limit=1024 [ 212.351199][ T8037] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 212.366036][ T8033] EXT4-fs warning (device loop1): ext4_end_bio:347: I/O error 10 writing to inode 15 starting block 1803188595) [ 212.387290][ T8033] Buffer I/O error on device loop1, logical block 1803188595 [ 212.394851][ T8033] syz-executor.1: attempt to access beyond end of device [ 212.394851][ T8033] loop1: rw=2049, sector=3403208898, nr_sectors = 2 limit=1024 [ 212.395892][ T5372] EXT4-fs (loop2): unmounting filesystem. [ 212.409237][ T8033] EXT4-fs warning (device loop1): ext4_end_bio:347: I/O error 10 writing to inode 15 starting block 1701604449) [ 212.435415][ T8033] Buffer I/O error on device loop1, logical block 1701604449 [ 212.437849][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 212.442991][ T8033] syz-executor.1: attempt to access beyond end of device [ 212.442991][ T8033] loop1: rw=2049, sector=59108, nr_sectors = 2 limit=1024 [ 212.464487][ T8033] EXT4-fs warning (device loop1): ext4_end_bio:347: I/O error 10 writing to inode 15 starting block 29554) [ 212.475932][ T8033] Buffer I/O error on device loop1, logical block 29554 [ 212.488117][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 212.509662][ T7973] device veth0_vlan entered promiscuous mode [ 212.518167][ T5401] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 16: comm syz-executor.1: path /root/syzkaller-testdir4143059334/syzkaller.M3JBfb/167/bus: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 212.519481][ T8032] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.551522][ T8032] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.559156][ T5401] EXT4-fs (loop1): Inode 15 (ffff88813adddb80): i_reserved_data_blocks (1) not cleared! [ 212.559244][ T8032] device bridge_slave_0 entered promiscuous mode [ 212.569209][ T5401] EXT4-fs (loop1): unmounting filesystem. [ 212.581518][ T7973] device veth1_macvtap entered promiscuous mode [ 212.587981][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 212.595599][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 212.603540][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 212.611753][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 212.620127][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 212.629058][ T8032] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.636055][ T8032] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.643296][ T8032] device bridge_slave_1 entered promiscuous mode [ 212.652538][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 212.659846][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 212.675433][ T8048] geneve1: tun_chr_ioctl cmd 1074025681 [ 212.689796][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 212.698249][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 212.706346][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 212.716071][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 212.741370][ T8050] input: syz0 as /devices/virtual/input/input26 [ 212.823383][ T8032] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.830275][ T8032] bridge0: port 2(bridge_slave_1) entered forwarding state [ 212.837363][ T8032] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.844160][ T8032] bridge0: port 1(bridge_slave_0) entered forwarding state [ 212.933680][ T1919] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.943319][ T1919] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.954930][ T8069] loop0: detected capacity change from 0 to 512 [ 212.965338][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 212.980547][ T8069] EXT4-fs error (device loop0): __ext4_fill_super:5386: inode #2: comm syz-executor.0: iget: special inode unallocated [ 212.983024][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 212.993021][ T8069] EXT4-fs (loop0): get root inode failed [ 213.005473][ T8069] EXT4-fs (loop0): mount failed [ 213.029793][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 213.037964][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.044826][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 213.053459][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 213.063972][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.069242][ T8059] loop2: detected capacity change from 0 to 40427 [ 213.070841][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 213.084972][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 213.090976][ T8069] loop0: detected capacity change from 0 to 256 [ 213.093013][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 213.099938][ T8059] F2FS-fs (loop2): Found nat_bits in checkpoint [ 213.119925][ T10] device bridge_slave_1 left promiscuous mode [ 213.126012][ T8069] exFAT-fs (loop0): invalid boot record signature [ 213.132532][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.139864][ T8069] exFAT-fs (loop0): failed to read boot sector [ 213.145831][ T8069] exFAT-fs (loop0): failed to recognize exfat type [ 213.152664][ T10] device bridge_slave_0 left promiscuous mode [ 213.158748][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.166978][ T10] device veth1_macvtap left promiscuous mode [ 213.172971][ T10] device veth0_vlan left promiscuous mode [ 213.179352][ T8077] syz-executor.4[8077] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 213.179421][ T8077] syz-executor.4[8077] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 213.179781][ T8059] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 213.383589][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 213.405147][ T8032] device veth0_vlan entered promiscuous mode [ 213.423565][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 213.433960][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 213.447896][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 213.462891][ T8063] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.470930][ T8063] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.484921][ T8063] device bridge_slave_0 entered promiscuous mode [ 213.505204][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 213.511741][ T8088] loop2: detected capacity change from 0 to 40427 [ 213.516545][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 213.529619][ T8032] device veth1_macvtap entered promiscuous mode [ 213.537104][ T8088] F2FS-fs (loop2): invalid crc value [ 213.537219][ T8063] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.550342][ T8063] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.557992][ T8088] F2FS-fs (loop2): Found nat_bits in checkpoint [ 213.558067][ T8063] device bridge_slave_1 entered promiscuous mode [ 213.578683][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 213.586520][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 213.594664][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 213.635778][ T8088] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 213.645047][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 213.660210][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 213.801830][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 213.810255][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 213.834778][ T1427] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 213.845198][ T1427] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 213.858701][ T1427] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.865582][ T1427] bridge0: port 1(bridge_slave_0) entered forwarding state [ 213.876529][ T1427] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 213.876533][ T8097] loop2: detected capacity change from 0 to 512 [ 213.891441][ T1427] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 213.900076][ T1427] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.906943][ T1427] bridge0: port 2(bridge_slave_1) entered forwarding state [ 213.908695][ T8094] loop3: detected capacity change from 0 to 40427 [ 213.921007][ T1427] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 213.921552][ T8094] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 213.928654][ T1427] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 213.943943][ T1427] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 213.944519][ T8097] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 213.952516][ T8094] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 213.968309][ T8097] ext4 filesystem being mounted at /root/syzkaller-testdir1764879545/syzkaller.w3Dk0z/194/file0 supports timestamps until 2038 (0x7fffffff) [ 213.991187][ T8063] device veth0_vlan entered promiscuous mode [ 213.997128][ T8094] F2FS-fs (loop3): invalid crc value [ 214.011399][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 214.020078][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 214.028725][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 214.036090][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 214.050402][ T8063] device veth1_macvtap entered promiscuous mode [ 214.072427][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 214.076799][ T8094] F2FS-fs (loop3): Found nat_bits in checkpoint [ 214.081133][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 214.094950][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 214.299070][ T8094] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 214.376484][ T8094] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 214.392732][ T8104] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 214.530919][ T8114] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 214.541989][ T8114] device vlan2 entered promiscuous mode [ 214.563535][ T8120] loop1: detected capacity change from 0 to 1024 [ 214.599857][ T8120] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 214.917822][ T8120] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 214.941737][ T8120] System zones: 0-1, 2-3, 4-36, 98-101, 102-102 [ 214.949026][ T8120] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 214.965876][ T8120] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #16: comm syz-executor.1: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 1796(4), depth 0(0) [ 214.986255][ T5372] EXT4-fs (loop2): unmounting filesystem. [ 214.994733][ T341] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 215.009693][ T341] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 215.031773][ T8063] EXT4-fs (loop1): unmounting filesystem. [ 215.079233][ T10] device bridge_slave_1 left promiscuous mode [ 215.085211][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.107485][ T10] device bridge_slave_0 left promiscuous mode [ 215.117196][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.131669][ T10] device veth1_macvtap left promiscuous mode [ 215.137509][ T10] device veth0_vlan left promiscuous mode [ 215.283424][ T8144] device veth1_macvtap left promiscuous mode [ 215.294678][ T8147] device veth1_macvtap entered promiscuous mode [ 215.300983][ T8146] serio: Serial port pts0 [ 215.307835][ T6] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 215.321813][ T8143] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 215.343088][ T8150] loop3: detected capacity change from 0 to 128 [ 215.547759][ T6] usb 1-1: Using ep0 maxpacket: 8 [ 215.571869][ T8161] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.579029][ T8161] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.581411][ T8160] loop4: detected capacity change from 0 to 40427 [ 215.586270][ T8161] device bridge_slave_0 entered promiscuous mode [ 215.598392][ T8160] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 215.599958][ T8161] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.605950][ T8160] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 215.612743][ T8161] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.613171][ T8161] device bridge_slave_1 entered promiscuous mode [ 215.630101][ T8160] F2FS-fs (loop4): invalid crc value [ 215.641337][ T8160] F2FS-fs (loop4): Found nat_bits in checkpoint [ 215.677974][ T6] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 215.681848][ T8160] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 215.688024][ T6] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 215.694804][ T8160] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 215.710742][ T6] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 215.723940][ T6] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 215.735073][ T6] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 215.743992][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.789322][ T6] hub 1-1:1.0: bad descriptor, ignoring hub [ 215.789572][ T8161] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.801922][ T8161] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.803131][ T6] hub: probe of 1-1:1.0 failed with error -5 [ 215.809016][ T8161] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.820292][ T6] cdc_wdm 1-1:1.0: skipping garbage [ 215.821616][ T8161] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.833806][ T6] cdc_wdm 1-1:1.0: skipping garbage [ 216.089635][ T6] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 216.121590][ T1919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 216.125018][ T6] usb 1-1: USB disconnect, device number 14 [ 216.134537][ T1919] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.147104][ T8172] loop1: detected capacity change from 0 to 1024 [ 216.155658][ T1919] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.166487][ T8172] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 216.168661][ T8174] 9pnet: p9_errstr2errno: server reported unknown error ‌@يخ‚ح(للي«QhQI¸¥ [ 216.177245][ T8172] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 216.193477][ T8172] System zones: 0-1, 2-3, 4-36, 98-101, 102-102 [ 216.200107][ T8172] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 216.212893][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 216.219995][ T8172] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #16: comm syz-executor.1: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 1796(4), depth 0(0) [ 216.221194][ T19] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.245262][ T19] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.252619][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 216.252820][ T8063] EXT4-fs (loop1): unmounting filesystem. [ 216.260708][ T19] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.272841][ T19] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.299391][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 216.307191][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 216.318285][ T535] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 216.327939][ T535] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 216.346540][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 216.366677][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 216.375833][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 216.385497][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 216.393304][ T8161] device veth0_vlan entered promiscuous mode [ 216.408028][ T8161] device veth1_macvtap entered promiscuous mode [ 216.460469][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 216.473219][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 216.481522][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 216.925662][ T10] device bridge_slave_1 left promiscuous mode [ 216.931744][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.939523][ T10] device bridge_slave_0 left promiscuous mode [ 216.945484][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.953683][ T10] device veth1_macvtap left promiscuous mode [ 216.959621][ T10] device veth0_vlan left promiscuous mode [ 218.049155][ T6] usb 1-1: new low-speed USB device number 15 using dummy_hcd [ 218.109732][ T8209] loop0: detected capacity change from 0 to 512 [ 218.132269][ T8209] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 218.141557][ T8209] ext4 filesystem being mounted at /root/syzkaller-testdir3084410434/syzkaller.YeLDLp/201/file0 supports timestamps until 2038 (0x7fffffff) [ 218.556751][ T8225] device veth1_macvtap left promiscuous mode [ 218.578153][ T8225] device veth1_macvtap entered promiscuous mode [ 218.981831][ T6092] EXT4-fs (loop0): unmounting filesystem. [ 218.999182][ T8237] netlink: 'syz-executor.0': attribute type 25 has an invalid length. [ 219.007224][ T8237] netlink: 'syz-executor.0': attribute type 8 has an invalid length. [ 219.108251][ T8254] overlayfs: invalid redirect ((null)) [ 219.400123][ T8262] loop1: detected capacity change from 0 to 512 [ 219.419530][ T8262] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 219.428579][ T8262] ext4 filesystem being mounted at /root/syzkaller-testdir2026699564/syzkaller.Ka7gKn/13/file0 supports timestamps until 2038 (0x7fffffff) [ 219.531309][ T8266] device veth1_macvtap left promiscuous mode [ 219.533236][ T8268] loop2: detected capacity change from 0 to 512 [ 219.546442][ T8266] device veth1_macvtap entered promiscuous mode [ 219.554528][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 219.564385][ T8268] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 219.573305][ T8268] ext4 filesystem being mounted at /root/syzkaller-testdir1764879545/syzkaller.w3Dk0z/203/file0 supports timestamps until 2038 (0x7fffffff) [ 219.775054][ T8268] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 219.920089][ T8275] loop3: detected capacity change from 0 to 256 [ 219.933984][ T8275] exfat: Deprecated parameter 'utf8' [ 219.950222][ T8275] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 220.607510][ T8304] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 220.621716][ T8063] EXT4-fs (loop1): unmounting filesystem. [ 221.185983][ T1919] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 221.364275][ T8331] device veth1_macvtap left promiscuous mode [ 221.560542][ T8333] device veth1_macvtap entered promiscuous mode [ 221.598085][ T1919] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 221.617190][ T1919] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 221.627025][ T1919] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 221.635921][ T1919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.645328][ T1919] usb 2-1: config 0 descriptor?? [ 221.660194][ T8337] overlayfs: failed to resolve './file1': -2 [ 222.305156][ T8358] loop3: detected capacity change from 0 to 256 [ 222.379871][ T8364] overlayfs: failed to resolve './file1': -2 [ 222.859861][ T8312] loop1: detected capacity change from 0 to 128 [ 222.872946][ T8312] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 222.881973][ T8312] ext4 filesystem being mounted at /root/syzkaller-testdir2026699564/syzkaller.Ka7gKn/15/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 223.268186][ T1919] uclogic 0003:256C:006D.0025: failed retrieving string descriptor #100: -71 [ 223.281874][ T1919] uclogic 0003:256C:006D.0025: failed retrieving pen parameters: -71 [ 223.290346][ T1919] uclogic 0003:256C:006D.0025: failed probing pen v1 parameters: -71 [ 223.310460][ T1919] uclogic 0003:256C:006D.0025: failed probing parameters: -71 [ 223.318027][ T1919] uclogic: probe of 0003:256C:006D.0025 failed with error -71 [ 223.328053][ T1919] usb 2-1: USB disconnect, device number 20 [ 223.647644][ T8415] loop3: detected capacity change from 0 to 256 [ 223.659867][ T28] audit: type=1400 audit(1718567749.721:6923): avc: denied { wake_alarm } for pid=8417 comm="syz-executor.4" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 223.732469][ T28] audit: type=1400 audit(1718567749.791:6924): avc: denied { setattr } for pid=8420 comm="syz-executor.0" name="map_files" dev="proc" ino=57608 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 223.764228][ T8063] EXT4-fs (loop1): unmounting filesystem. [ 223.798586][ T8433] fuse: Bad value for 'fd' [ 224.197773][ T310] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 224.395201][ T28] audit: type=1400 audit(1718567750.451:6925): avc: denied { write } for pid=8466 comm="syz-executor.2" name="file2" dev="sda1" ino=1965 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1 [ 224.417937][ T1919] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 224.555232][ T8481] loop3: detected capacity change from 0 to 1024 [ 224.557795][ T310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 224.562131][ T8481] EXT4-fs: Ignoring removed nomblk_io_submit option [ 224.576701][ T310] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 224.580366][ T8481] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 224.588038][ T310] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.598778][ T8481] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 224.607096][ T310] usb 2-1: config 0 descriptor?? [ 224.616135][ T8481] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 224.628052][ T8481] System zones: 0-1, 3-36 [ 224.633191][ T8481] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 224.658306][ T8481] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 224.667949][ T8161] EXT4-fs (loop3): unmounting filesystem. [ 224.769950][ T8492] loop4: detected capacity change from 0 to 256 [ 224.782585][ T8492] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 225.067811][ T1919] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 225.077891][ T8514] fuse: Bad value for 'fd' [ 225.078789][ T1919] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 225.092614][ T1919] usb 1-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 225.101525][ T1919] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.110293][ T1919] usb 1-1: config 0 descriptor?? [ 225.158387][ T310] keytouch 0003:0926:3333.0026: fixing up Keytouch IEC report descriptor [ 225.168205][ T310] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0026/input/input27 [ 225.249941][ T310] keytouch 0003:0926:3333.0026: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 225.578841][ T1919] logitech-djreceiver 0003:046D:C71B.0027: unknown main item tag 0x0 [ 225.586794][ T1919] logitech-djreceiver 0003:046D:C71B.0027: unknown main item tag 0x0 [ 225.904793][ T1920] usb 1-1: USB disconnect, device number 16 [ 225.927037][ T28] audit: type=1400 audit(1718567751.981:6926): avc: denied { relabelfrom } for pid=8543 comm="syz-executor.2" name="UNIX-STREAM" dev="sockfs" ino=57763 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 225.951515][ T28] audit: type=1401 audit(1718567751.981:6927): op=setxattr invalid_context="" [ 226.054917][ T310] usb 2-1: USB disconnect, device number 21 [ 226.314891][ T28] audit: type=1401 audit(1718567752.371:6928): op=setxattr invalid_context="" [ 226.329158][ T8573] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8573 comm=syz-executor.3 [ 226.437050][ T28] audit: type=1401 audit(1718567752.491:6929): op=setxattr invalid_context="" [ 226.449123][ T8591] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 226.452403][ T28] audit: type=1400 audit(1718567752.511:6930): avc: denied { mounton } for pid=8590 comm="syz-executor.3" path="/root/syzkaller-testdir665671617/syzkaller.J7MNsN/41/file0" dev="sda1" ino=1965 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1 [ 226.458233][ T8591] FAT-fs (loop7): unable to read boot sector [ 226.503944][ T8600] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8600 comm=syz-executor.3 [ 226.516840][ T8600] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 226.610991][ T28] audit: type=1400 audit(1718567752.671:6931): avc: denied { map } for pid=8609 comm="syz-executor.1" path="socket:[56980]" dev="sockfs" ino=56980 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1 [ 226.635232][ T28] audit: type=1400 audit(1718567752.671:6932): avc: denied { accept } for pid=8609 comm="syz-executor.1" lport=8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 227.091026][ T8649] loop0: detected capacity change from 0 to 40427 [ 227.098009][ T8649] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 227.105537][ T8649] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 227.114517][ T8649] F2FS-fs (loop0): invalid crc value [ 227.136180][ T8649] F2FS-fs (loop0): Found nat_bits in checkpoint [ 227.175269][ T8649] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 227.182602][ T310] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 227.190266][ T8649] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 227.217503][ T6092] bio_check_eod: 2 callbacks suppressed [ 227.217522][ T6092] syz-executor.0: attempt to access beyond end of device [ 227.217522][ T6092] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 227.366358][ T8706] fuse: Bad value for 'fd' [ 227.418747][ T8714] bridge0: port 3(vlan2) entered blocking state [ 227.424928][ T8714] bridge0: port 3(vlan2) entered disabled state [ 227.528286][ T8732] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 227.587372][ T310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 227.598639][ T310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 227.608212][ T310] usb 2-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 227.617042][ T310] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.625239][ T310] usb 2-1: config 0 descriptor?? [ 227.937748][ T1920] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 227.975465][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 227.982763][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 227.990062][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 227.997265][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.004495][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.011867][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.019136][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.026257][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.033491][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.040751][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.047898][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.055072][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.062313][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.069494][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.076681][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.083897][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.091099][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.098309][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.105493][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.112727][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.119952][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.127119][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.134334][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.141532][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.148767][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.155935][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.163154][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.168999][ T310] logitech-djreceiver 0003:046D:C71B.0029: unknown main item tag 0x0 [ 228.170411][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.178397][ T1920] usb 4-1: Using ep0 maxpacket: 16 [ 228.185446][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.190512][ T310] logitech-djreceiver 0003:046D:C71B.0029: unknown main item tag 0x0 [ 228.197740][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.212756][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.219909][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.227111][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.234310][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.241602][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.248749][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.256120][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.263352][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.270574][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.277999][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.285264][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.292495][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.299705][ T1919] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 228.307492][ T1919] hid-generic 0000:0000:0000.0028: hidraw0: HID v0.00 Device [syz0] on syz0 [ 228.318300][ T1920] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 228.329125][ T1920] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 228.336935][ T8770] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8770 comm=syz-executor.4 [ 228.338933][ T1920] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 228.353426][ T8770] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 228.360152][ T1920] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.377657][ T1920] usb 4-1: config 0 descriptor?? [ 228.427855][ T310] usb 2-1: USB disconnect, device number 22 [ 228.448469][ T8781] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.0'. [ 228.495680][ T8792] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 229.007762][ T24] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 229.068293][ T1920] kovaplus 0003:1E7D:2D50.002A: item fetching failed at offset 5/7 [ 229.076179][ T1920] kovaplus 0003:1E7D:2D50.002A: parse failed [ 229.082046][ T1920] kovaplus: probe of 0003:1E7D:2D50.002A failed with error -22 [ 229.125273][ T8811] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.1'. [ 229.147828][ T1919] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 229.219531][ T8824] bridge0: port 3(vlan2) entered blocking state [ 229.225639][ T8824] bridge0: port 3(vlan2) entered disabled state [ 229.268017][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 229.357523][ T8837] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.1'. [ 229.407792][ T24] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 229.427829][ T24] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 229.438283][ T24] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 229.448387][ T24] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 229.458500][ T24] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 229.468288][ T24] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 229.488848][ T8849] bridge0: port 3(vlan2) entered blocking state [ 229.494926][ T8849] bridge0: port 3(vlan2) entered disabled state [ 229.527923][ T1919] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 229.540429][ T1919] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 229.550161][ T1919] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 229.559029][ T1919] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.570049][ T24] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 229.584137][ T1919] usb 5-1: config 0 descriptor?? [ 229.588976][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 229.597157][ T24] usb 1-1: SerialNumber: syz [ 229.648108][ T24] cdc_acm 1-1:1.0: Control and data interfaces are not separated! [ 229.655821][ T24] cdc_acm: probe of 1-1:1.0 failed with error -12 [ 230.859685][ T1427] usb 1-1: USB disconnect, device number 17 [ 230.922002][ T24] usb 4-1: USB disconnect, device number 15 [ 231.737799][ T1427] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 231.760833][ T8805] loop4: detected capacity change from 0 to 128 [ 231.769014][ T8805] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 231.777529][ T8805] ext4 filesystem being mounted at /root/syzkaller-testdir3426065652/syzkaller.fgv3Rj/72/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 231.864838][ T8929] tipc: Started in network mode [ 231.869775][ T8929] tipc: Node identity 00000000000000000000ffff, cluster identity 4711 [ 231.877922][ T8929] tipc: Enabling of bearer rejected, failed to enable media [ 232.477845][ T1919] uclogic 0003:256C:006D.002B: failed retrieving string descriptor #100: -71 [ 232.486754][ T1919] uclogic 0003:256C:006D.002B: failed retrieving pen parameters: -71 [ 232.494828][ T1919] uclogic 0003:256C:006D.002B: failed probing pen v1 parameters: -71 [ 232.504231][ T1427] usb 1-1: Using ep0 maxpacket: 16 [ 232.509631][ T1919] uclogic 0003:256C:006D.002B: failed probing parameters: -71 [ 232.518690][ T1919] uclogic: probe of 0003:256C:006D.002B failed with error -71 [ 232.539878][ T1919] usb 5-1: USB disconnect, device number 23 [ 232.566889][ T8947] device batadv_slave_0 entered promiscuous mode [ 232.573730][ T8946] device batadv_slave_0 left promiscuous mode [ 232.647811][ T1427] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 232.658743][ T1427] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 232.668654][ T1427] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 232.677602][ T1427] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.686224][ T1427] usb 1-1: config 0 descriptor?? [ 233.181255][ T7973] EXT4-fs (loop4): unmounting filesystem. [ 233.206499][ T8977] device batadv_slave_0 entered promiscuous mode [ 233.212632][ T8979] loop4: detected capacity change from 0 to 256 [ 233.219019][ T8976] device batadv_slave_0 left promiscuous mode [ 233.229572][ T8979] FAT-fs (loop4): Directory bread(block 64) failed [ 233.236057][ T8979] FAT-fs (loop4): Directory bread(block 65) failed [ 233.242410][ T8979] FAT-fs (loop4): Directory bread(block 66) failed [ 233.249249][ T8979] FAT-fs (loop4): Directory bread(block 67) failed [ 233.255816][ T8979] FAT-fs (loop4): Directory bread(block 68) failed [ 233.262584][ T8979] FAT-fs (loop4): Directory bread(block 69) failed [ 233.269108][ T8979] FAT-fs (loop4): Directory bread(block 70) failed [ 233.275504][ T8979] FAT-fs (loop4): Directory bread(block 71) failed [ 233.282287][ T8979] FAT-fs (loop4): Directory bread(block 72) failed [ 233.288714][ T8979] FAT-fs (loop4): Directory bread(block 73) failed [ 233.323694][ T8979] syz-executor.4: attempt to access beyond end of device [ 233.323694][ T8979] loop4: rw=2051, sector=1224, nr_sectors = 128 limit=256 [ 233.327284][ T1427] kovaplus 0003:1E7D:2D50.002C: item fetching failed at offset 5/7 [ 233.345551][ T1427] kovaplus 0003:1E7D:2D50.002C: parse failed [ 233.351493][ T1427] kovaplus: probe of 0003:1E7D:2D50.002C failed with error -22 [ 233.957742][ T1427] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 234.127732][ T1920] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 234.249271][ T60] usb 1-1: USB disconnect, device number 18 [ 234.321103][ T9020] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.0'. [ 234.337782][ T1427] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 234.348557][ T1427] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 234.358091][ T1427] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 234.367160][ T1427] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.367743][ T1920] usb 2-1: Using ep0 maxpacket: 16 [ 234.375662][ T1427] usb 4-1: config 0 descriptor?? [ 234.497782][ T1920] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 234.508551][ T1920] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 234.518021][ T1920] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 234.527592][ T1920] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 234.537113][ T1920] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 234.546587][ T1920] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 234.607778][ T9026] loop4: detected capacity change from 0 to 256 [ 234.616520][ T9026] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 234.627816][ T1920] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 234.632565][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 234.632579][ T28] audit: type=1400 audit(1718567760.691:6958): avc: denied { write } for pid=9025 comm="syz-executor.4" path="/root/syzkaller-testdir3426065652/syzkaller.fgv3Rj/80/file2/bus" dev="loop4" ino=1048858 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 234.637299][ T1920] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 234.678789][ T1920] usb 2-1: SerialNumber: syz [ 234.718388][ T1920] cdc_acm 2-1:1.0: Control and data interfaces are not separated! [ 234.726067][ T1920] cdc_acm: probe of 2-1:1.0 failed with error -12 [ 234.917759][ T1919] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 234.931378][ T1920] usb 2-1: USB disconnect, device number 23 [ 235.109390][ T9028] syz-executor.0[9028] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 235.109437][ T9028] syz-executor.0[9028] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 235.157862][ T1919] usb 5-1: Using ep0 maxpacket: 8 [ 235.287801][ T1919] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 235.300448][ T1919] usb 5-1: New USB device found, idVendor=05a4, idProduct=8003, bcdDevice= 0.00 [ 235.309248][ T1919] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.317415][ T1919] usb 5-1: config 0 descriptor?? [ 235.358034][ T1919] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 235.417747][ T1920] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 235.438404][ T28] audit: type=1326 audit(1718567761.501:6959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9041 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200147cea9 code=0x7ffc0000 [ 235.462511][ T28] audit: type=1326 audit(1718567761.501:6960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9041 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200147cea9 code=0x7ffc0000 [ 235.486290][ T28] audit: type=1326 audit(1718567761.501:6961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9041 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f200147cea9 code=0x7ffc0000 [ 235.490253][ T8998] loop3: detected capacity change from 0 to 128 [ 235.510260][ T28] audit: type=1326 audit(1718567761.501:6962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9041 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200147cea9 code=0x7ffc0000 [ 235.518494][ T8998] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 235.540069][ T28] audit: type=1326 audit(1718567761.501:6963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9041 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200147cea9 code=0x7ffc0000 [ 235.548459][ T8998] ext4 filesystem being mounted at /root/syzkaller-testdir665671617/syzkaller.J7MNsN/67/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 235.574983][ T60] usb 5-1: USB disconnect, device number 24 [ 235.607087][ T28] audit: type=1326 audit(1718567761.501:6964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9041 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f200147cea9 code=0x7ffc0000 [ 235.636532][ T28] audit: type=1326 audit(1718567761.521:6965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9041 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f200147cea9 code=0x7ffc0000 [ 235.660233][ T28] audit: type=1326 audit(1718567761.521:6966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9041 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f200147a627 code=0x7ffc0000 [ 235.683781][ T28] audit: type=1326 audit(1718567761.521:6967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9041 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2001440309 code=0x7ffc0000 [ 235.707387][ T1920] usb 1-1: Using ep0 maxpacket: 16 [ 235.827797][ T1920] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 235.838582][ T1920] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 235.848268][ T1920] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 235.857083][ T1920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.857791][ T1427] uclogic 0003:256C:006D.002D: failed retrieving string descriptor #100: -71 [ 235.873925][ T1427] uclogic 0003:256C:006D.002D: failed retrieving pen parameters: -71 [ 235.874047][ T1920] usb 1-1: config 0 descriptor?? [ 235.881889][ T1427] uclogic 0003:256C:006D.002D: failed probing pen v1 parameters: -71 [ 235.894586][ T1427] uclogic 0003:256C:006D.002D: failed probing parameters: -71 [ 235.901854][ T1427] uclogic: probe of 0003:256C:006D.002D failed with error -71 [ 235.910341][ T1427] usb 4-1: USB disconnect, device number 16 [ 236.479306][ T8161] EXT4-fs (loop3): unmounting filesystem. [ 236.496404][ T1920] kovaplus 0003:1E7D:2D50.002E: item fetching failed at offset 5/7 [ 236.504308][ T1920] kovaplus 0003:1E7D:2D50.002E: parse failed [ 236.510138][ T1920] kovaplus: probe of 0003:1E7D:2D50.002E failed with error -22 [ 236.942242][ T9102] loop1: detected capacity change from 0 to 512 [ 236.948774][ T9102] EXT4-fs: Ignoring removed mblk_io_submit option [ 236.955371][ T9102] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 236.966648][ T9102] EXT4-fs (loop1): Test dummy encryption mode enabled [ 236.974174][ T9102] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a040e01c, mo2=0002] [ 236.981993][ T9102] System zones: 1-12 [ 236.986103][ T9102] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz-executor.1: casefold flag without casefold feature [ 236.999211][ T9102] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.1: missing EA_INODE flag [ 237.016092][ T9102] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 12 err=-117 [ 237.043157][ T9102] EXT4-fs (loop1): 1 orphan inode deleted [ 237.048874][ T9102] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 237.099234][ T8063] EXT4-fs (loop1): unmounting filesystem. [ 237.242207][ T1427] usb 1-1: USB disconnect, device number 19 [ 237.445938][ T9115] syz-executor.0[9115] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 237.446009][ T9115] syz-executor.0[9115] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 237.519039][ T9121] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.0'. [ 237.550523][ T9123] netlink: 148 bytes leftover after parsing attributes in process `syz-executor.3'. [ 237.561816][ T9123] loop3: detected capacity change from 0 to 256 [ 237.568434][ T9123] exfat: Unknown parameter 'ہ' [ 237.691209][ T9128] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 237.737254][ T9140] loop4: detected capacity change from 0 to 512 [ 237.749233][ T9140] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 237.758098][ T9140] ext4 filesystem being mounted at /root/syzkaller-testdir3426065652/syzkaller.fgv3Rj/91/bus supports timestamps until 2038 (0x7fffffff) [ 237.777907][ T7973] EXT4-fs (loop4): unmounting filesystem. [ 237.978026][ T331] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 238.000397][ T9159] loop4: detected capacity change from 0 to 2048 [ 238.009478][ T9159] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 238.017922][ T9159] ext4 filesystem being mounted at /root/syzkaller-testdir3426065652/syzkaller.fgv3Rj/98/bus supports timestamps until 2038 (0x7fffffff) [ 238.063958][ T7973] EXT4-fs (loop4): unmounting filesystem. [ 238.913879][ T331] usb 4-1: Using ep0 maxpacket: 8 [ 239.042597][ T331] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 239.087381][ T9211] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 239.207807][ T331] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.40 [ 239.219975][ T331] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.224532][ T9222] syz-executor.1[9222] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 239.227927][ T9222] syz-executor.1[9222] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 239.228056][ T331] usb 4-1: Product: syz [ 239.493723][ T331] usb 4-1: Manufacturer: syz [ 239.504593][ T9222] syz-executor.1[9222] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 239.504665][ T9222] syz-executor.1[9222] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 239.529502][ T331] usb 4-1: SerialNumber: syz [ 239.578029][ T331] usbhid 4-1:1.0: couldn't find an input interrupt endpoint [ 239.667314][ T9242] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 239.678841][ T9242] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 239.687087][ T9242] CPU: 0 PID: 9242 Comm: syz-executor.1 Not tainted 6.1.78-syzkaller-00009-g25216be1ac5e #0 [ 239.696979][ T9242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 239.706875][ T9242] RIP: 0010:dev_map_enqueue+0x31/0x340 2024/06/16 19:56:05 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 239.712170][ T9242] Code: 56 41 55 41 54 53 48 83 ec 18 48 89 55 c0 49 89 f7 48 89 fb 49 bc 00 00 00 00 00 fc ff df e8 c6 1f de ff 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 10 1d 25 00 4c 8b 33 48 83 c3 20 [ 239.731616][ T9242] RSP: 0018:ffffc900060ff648 EFLAGS: 00010246 [ 239.737518][ T9242] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000 [ 239.745327][ T9242] RDX: ffffc90003abe000 RSI: 0000000000000108 RDI: 0000000000000109 [ 239.753162][ T9242] RBP: ffffc900060ff688 R08: 0000000000000005 R09: ffffffff8411ded5 [ 239.760952][ T9242] R10: 0000000000000004 R11: ffff8881122c5100 R12: dffffc0000000000 [ 239.768765][ T9242] R13: 0000000000000000 R14: ffff8881f70364a0 R15: ffff88810c0e4070 [ 239.776573][ T9242] FS: 00007f20022b56c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 239.785339][ T9242] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.791761][ T9242] CR2: 0000000000000000 CR3: 00000001359ca000 CR4: 00000000003506b0 [ 239.799576][ T9242] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 239.807386][ T9242] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 239.815199][ T9242] Call Trace