last executing test programs: 6.36563315s ago: executing program 0: r0 = socket(0x1e, 0x5, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) listen(r0, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000}, 0x1c) accept4$inet6(r0, 0x0, 0x0, 0x0) sendmsg$tipc(r1, &(0x7f0000000640)={&(0x7f0000000300), 0x10, 0x0}, 0x0) 5.434175015s ago: executing program 0: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, 0x0, 0x79) 5.421046536s ago: executing program 0: pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, @thr={&(0x7f0000000180)="a791fd8d4f88", 0x0}}, 0x0) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000100)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRESHEX], 0x0) 3.323469423s ago: executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="6c00000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004c0012800e0001006970366772657461700000003800028014000600fc00000000000000000000000000000014000700ff"], 0x6c}}, 0x0) 3.251362064s ago: executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='ext4_sync_file_enter\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='ext4_sync_file_enter\x00', r3}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r4, &(0x7f0000000680), 0x12) 3.21038572s ago: executing program 0: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000280)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESDEC=0x0, @ANYBLOB=',discard,\x00', @ANYRESHEX, @ANYRESOCT=0x0, @ANYRES8, @ANYBLOB="0002001100000000303030303030303030303030303030303030303135322c796f636884c178f94be4ee34617273657439697300926f38", @ANYBLOB="51060c4f1adb6e795b70e7edcdc5cd30e197ceacee351e08a6e2ee4650101fb28229b16aecf828a55c8aa0efd840e40fef6612e7b389eb304c41e39360e1f5cb6f78bd7100bd30bbd42aa24b2dc9171d068e92ac848e65c9", @ANYRES64, @ANYRESDEC], 0x81, 0x151a, &(0x7f0000002a80)="$eJzs3AuYjtX6MPB1r7UexjTpbZLDsO51P7xpsEyS5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDTZ0iRJSEiyvku7/2fvr713//3V9/m+Pffvuhbrnue97/d+3nuueZ/nva6Zb3qOqteifu1mRCT+EPjrfylCiBghxDAhxDVCiEAIUSm+Uvyl4wUUpPyxJ2F/rgfTr3QH7Eri+edtPP+8jeeft/H88zaef97G88/beP55G8+fsbxs+5xi1/LKu+sKf/7v4Y89K/tD+P3/P0hu+clfbCx/fa9/I4Xnn7fx/PM2nn/exvPP23j+eRvP/z9frX9xjOeft/H8GcvLrvTnz/8frZhfX7Ir3cefuq7wtx9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsTzinL9MCyH+a3+l+2KMMcYYY4wxxtifx+e/0h0wxhhjjDHGGGPs/zwQUiihRSDyifwiRhQQseIqESeuFgXFNSIirhXx4jpRSFwvCosioqgoJhJEcVFCGIHCChKhKClKiai4QZQWN4pEUUaUFeWEE+VFkrhJVBA3i4riFlFJ3Coqi9tEFVFVVBPVxe2ihrhD1BS1RG1xp6gj6op6or64SzQQd4uG4h7RSNwrGov7RBNxv2gqHhDNxIOiuXhItBAPi5biEdFKtBZtRFvR7n8r/wXRV7wo+on+IkUMEAPFS2KQGCyGiKFimHhZDBeviBHiVZEqRopR4jUxWrwuxog3xFgxTowXb4oJYqKYJCaLKWKqSBNviWnibTFdvCNmiJlilpgt0sUcMVe8K+aJ+WKBeE8sFO+LRWKxWCKWigzxgcgUy0SW+FAsFx+JbLFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHbxsdghdopdYrfYI/aKfeITsV98Kg6Iz0SO+PzfzD/7v+T3AgECJEjQoCEf5IMYiIFYiIU4iIOCUBAiEIF4iIdCUAgKQ2EoCkUhARKgBJQABAQCgpJQEqIQhdJQGhIhEcpCWXDgIAmSoALcDBWhIlSCSlAZKkMVqApVoTpUhxpQA2pCTagNtaEO1IF6UA/ugrvgbmgIDaERNILG0BiaQBNoCk2hGTSD5tAcWkALaAktoRW0gjbQBtpBO2gP7aEDdIBO0Ak6Q2foAl0gGZKhK3SFbtANukN36AE9oCf0hF7QG3rDC/ACvAgvQn+oIwfAQBgIg2AQDIGhMBRehuHwCrwCr0IqjIRR8Bq8Bq/DGDgDY2EcjIfxUENOhEkwGUhOhTRIg2kwDabDdJgBM2EmzIZ0mANzYS7Mg/kwH96DhfD+ufdhMSyGpZABGZAJyyALsmA5nIVsWAErYRWshjWwGtbBelgHG2ETbIQtsAW2wTb4GD6GnbATdsNu2At74RP4BD6FTyEVciAHDsJBOASH4DAchlzIhSNwBI7CUTgGx+A4HIcTcBJOwUk4DafhDJyFc3AOzsN5uADPJXzVfG+ZDalCXqKllvlkPhkjY2SsjJVxMk4WlAVlREZkvIyXhWQhWVgWlkVlUZkgE2QJWUKiREkylCVlSRmVUVlalpaJMlGWlWWlk04mySRZQVaQFWVFWUneKivL22QVWVV2dNVldVlDdnI1ZS1ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUTeb9sKgfAEHhQXppMCzkSWspR0Eq2lm1kW/k6PCrbyzHQQXaUneTjchyMhS6yvUuWT8muchJ0k8/IyfCs7CGnQk/5vOwle8s+8gXZV3Zw/WR/OQMGyIFyNgySg+UQOVTOg7ry0sTqyVdlqhwpR8nX5FJ4XY6Rb8ixcpwcL9+UE+REOUlOllPkVJkm35LT5NtyunxHzpAz5Sw5W6bLOXKufFfOk/PlAvmeXCjfl4vkYrlELpUZ8gOZKZfJLPmhXC4/ktlyhVwpV8nVco1cK9fJ9XKD3Cg3yc1yi9wqt8nt8mO5Q+6Uu+RuuUfulfvkJ3K//FQekJ/JHPm5PCj/Ig/JL+Rh+aXMlV/JI/JreVR+I4/Jb+Vx+Z08IU/KU/J7eVr+IM/Is/Kc/FGelz/JC/JneVF6KRQoqZTSKlD5VH4VowqoWHWVilNXq4LqGhVR16p4dZ0qpK5XhVURVVQVUwmquCqhjEJlFalQlVSlVFTdoEqrG1WiKqPKqnLKqfIqSd2kKqibVUV1i6qkblWV1W2qiqqqqqnq6nZVQ92haqpaqra6U9VRdVU9VV/dpRqou1VDdY9qpO5VjdV9qom6XzVVD6hm6kHVXD2kWqiHVUv1iGqlWqs2qq1qpx5V7dVjqoPqqDqpx1Vn9YTqop5Uyeop1VU9rbqpZ1R39azqoZ5TPdXzqpfqrfqon9VF5VU/1V+lqAFqoHpJDVKD1RA1VA1TL6vh6hU1Qr2qUtVINUq9pkar19UY9YYaq8ap8epNNUFNVJPUZDVFTVVp6i01Tb2tpqt31Aw1U81Ss1W6mqOG/FppwX8j/+1/kD/il2ffprarj9UOtVPtUrvVHrVX7VP71H61Xx1QB1SOylEH1UF1SB1Sh9Vhlaty1RF1RB1VR9UxdUwdV8fVCXVS/ai+V6fVD+qMOqvOqh/VeXVeXfj1NRAatNRKax3ofDq/jtEFdKy+Ssfpq3VBfY2O6Gt1vL5OF9LX68K6iC6qi+kEXVyX0Eajtpp0qEvqUjqqb9Cl9Y06UZfRZXU57XR5naRv+sP5v9dfO91Ot9ftdQfdQXfSnXRn3Vl30V10sk7WXXVX3U130911d91D99A9dU/dS/fSfXQf3Vf31f10P52iU/RA/ZIepAfrIXqoHqZf1sP1cD1Cj9CpOlWP0qP0aD1aj9Fj9Fg9Vo/X4/UEPUFP0pP0FD1Fp+k0PU1P09P1dD1Dz9Cz9CydrtP1XD1Xz9Pz9AK9QC/UC/UivUgv0Ut0hs7QmTpTZ+ksvVwv19l6hV6hV+lVeo1eo9fpdXqD3qA36U16i96is/V2vV3v0Dv0Lr1L79F79D69T+/X+/UBfUDn6Bx9UB/Uh/QhfVgf1rk6Vx/RR/RRfVQf08f0cX1cn9An9Cl9Sp/Wp/UZfUaf0+f0eX1eX9AX9EV98dJlXyADGehAB/mCfEFMEBPEBrFBXBAXFAwKBpEgEsQH8UGh4PqgcFAkKBoUCxKC4kGJwAQY2ICCMCgZlAqiwQ1B6eDGIDEoE5QNygUuKB8kBTcFFYKbg4rBLUGl4NagcnBbUCWoGlQLqge3BzWCO4KaQa2gdnBnUCeoG9QL6gdVJ/71mvSeoFFwb9A4uC9oEtwfNA0eCJoFDwbNg4eCFsHDQcvgkaBV0DpoE7QN2v1b9e8KGgR3Bw2Df1bf+zNFHnP9TH+TYgaYgeYlM8gMNkPMUDPMvGyGm1fMCPOqSTUjzSjzmhltXjdjzBtmrBlnxps3zQQz0Uwyk80UM9WkmbfMNPO2mW7eMTPMTDPLzDbpZo6Za94188x8s8C8Zxaa980is9gsMUtNhvnAZJplJst8aJabj0y2WWFWmlVmtVlj1pp1Zr3ZYDaaTWaz2WK2mm1mu/nY7DA7zS6z2+wxe80+84nZbz41B8xnJsd8bg6av5hD5gtz2Hxpcs1X5oj52hw135hj5ltz3HxnTpiT5pT53pw2P5gz5qw5Z340581P5oL52Vw0/tLF/aW3d9SoMR/mwxiMwViMxTiMw4JYECMYwXiMx0JYCAtjYSyKRTEBE7AElsBLCAlLYkmMYhRLY2lMxEQsi2XRocMkTMIKWAErYkWshJWwMlbGKlgFq2E1vB1vxzvwDqyFtfBOvBPrYl2sj/WxATbAhtgQG2EjbIyNsQk2wabYFJthM2yOzbEFtsCW2BJbYStsg22wHbbD9tgeO2AH7ISdsDN2xi7YBZMxGbtiV+yG3bA7dsce2AN7Yk/shb2wD/bBvtgX+2E/TMEUHIgDcRAOwiE4BIfhMByOw3EEjsBUTMVROApH42gcg2NwLI7D8fgmTsCJOAkn4xScimmYhtNwGk7H6TgDZ+AsnIXpmI5zcS7Ow3m4ABfgQlyIi3ARLsElmIEZmImZmIVZuByXYzZm40pciatxNa7Ftbge1+NG3IibcTNuxa24HbfjDtyBu3AX7sE9uA/34X7cjwfwAOZgDh7Eg3gID+FhPIy5mItH8AgexaN4DI/hcTyOJ/AEnsJTeBpP4xk8g+fwHJ7Hn/AC/owX0WOMlSLWXmXj7NW2oL3GxtgC9m/joraYTbDFbQlrbGFb5O9itNYm2jK2rC1nnS1vk+xNv4mr2Kq2mq1ub7c17B225m/iBvZu29DeYxvZe219e9ffxY3tfbaJfdg2tY/YZra1bW7b2hb2YdvSPmJb2da2jW1rO9snbBf7pE22T9mu9unfxJl2mV1vN9iNdpPdbz+15+yP9qj9xp63P9l+tr8dZl+2w+0rdoR91abakb+Jx9s37QQ70U6yk+0UO/U38Sw726bbOXaufdfOs/N/E2fYD+xCm2UX2cV2iV36S3yppyz7oV1uP7LZdoVdaVfZ1XaNXWvX/c9eV9ktdqvdZvfZT+wOu9PusrvtHrv3l/jSeRywn9kc+7k9Yr+2h+wX9rA9ZnPtV7/El87vmP3WHrff2RP2pD1lv7en7Q/2jD37y/lfOvfv7c/2ovVWEJAkRZoCykf5KYYKUCxdRXF0NRWkayhC11I8XUeF6HoqTEWoKBWjBCpOJcgQkiWikEpSKYrSDVSabqREKkNlqRw5Kk9JdBNVoJupIt1ClehWqky3URWqStWoOt1ONegOqkm1qDbdSXWoLtWj+nQXNaC7qSHdQ43oXmpM91ETup+a0gPUjB6k5vQQtaCHqSU9Qq2oNbWhttSOHqX29Bh1oI7UiR6nzvQEdaEnKZmeoq70NHWjZ6g7PUs96DnqSc9TL+pNfegF6ksvUj/qTyk0gAbSSzSIBtMQGkrD6GUaTq/QCHqVUmkkjaLXaDS9TmPoDRpL42g8vUkTaCJNosk0haZSGr1F0+htmk7v0AyaSbNoNqXTHJpL79I8mk8L6D1aSO/TIlpMS2gpZdAHlEnLKIs+pOX0EWXTClpJq2g1raG1tI7W0wbaSJtoM22hrbSNttPHtIN20i7aTXtoL+2jT2g/fUoH6DPKoc/pIP2FDtEXdJi+pFz6io7Q13SUvqFj9C0dp+/oBJ2kU/Q9naYf6AydpXP0I52nn+gC/UwXyZMIIZShCnUYhPnC/GFMWCCMDa8K48Krw4LhNWEkvDaMD68LC4XXh4XDImHRsFiYEBYPS4QmxNCGFIZhybBUGA1vCEuHN4aJYZmwbFgudGH5MCm8KawQ3hxWDG8JK4W3hpXD28IqYdXw4Xurh7eHNcI7wpphrbB2eGdYJ6wb1gvrh3eFDcK7w4bhPWGj8N6wYnhf2CS8P2waPhA2Cx8Mm4cPhS3Ch8OW4SNhq7B12CZsG7YLHw3bh4+FHcKOYafw8bBz+ETYJXwyTA6fCruGT//u8ZRwQDgwfCl8KfT+HrUkujSaEf0gmhldFs2KfhhdHv0omh1dEV0ZXRVdHV0TXRtdF10f3RDdGN0U3RzdEt0a3Rb1vn5+4cBJp5x2gcvn8rsYV8DFuqtcnLvaFXTXuIi71sW761whd70r7Iq4oq6YS3DFXQlnHDrryIWupCvlou4GV9rd6BJdGVfWlXPOlXdJrq1r59q59u4x18F1dJ3c4+5x94R7wj3pnnRPua7uadfNPeO6u2ddD/ece84973q53q6Pe8H1dS+6fq6/S3EpbqAb6Aa5QW6IG+KGuWFuuBvuRrgRLtWlulFulBvtRrsxbowb68a68W68m+AmuElukpviprg0l+amuWluupvuZrgZbpab5dJdupvr5rp5bp5b4Ba4hYkL3SK3yC1xS1yGy3CZLtNluSy33C132S7brXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e1wO9wut8vtcXvcPrfP7Xf73QF3wOW4HHfQHXSH3CF32H3pct1X7oj72h1137hj7lt33H3nTriT7pT73p12P7gz7qw75350591P7oL72V103qVF3opMi7wdmR55JzIjMjMyKzI7kh6ZE5kbeTcyLzI/siDyXmRh5P3IosjiyJLI0khG5INIZmRZJCvyYWR55KNIdmRFZGVkVWR1ZE3E++I7Ql/Sl/JRf4Mv7W/0ib6ML+vLeefL+yR/k6/gb/YV/S2+kr/VV/a3+Sq+qq/mH/GtfGvfxrf17fyjvr1/zHfwHX0n/7jv7J/wXfyTPtk/5bv6p303/4zv7p/1Pfxzvqd/3vfyvX0f/4Lv61/0/Xx/n+IH+IH+JT/ID/ZD/FA/zL/sh/tX/Aj/qk/1I/0o/5of7V/3Y/wbfqwf58f7N/0EP9FP8pP9FD/Vp/m3/DT/tp/u3/Ez/Ew/y8/26X6On+vf9fP8fL/Av+cX+vf9Ir/YL/FLfYb/wGf6ZT7Lf+iX+498tl/hV/pVfrVf49f6dX693+A3+k1+s9/it/ptfrv/2O/wO/0uv9vv8Xv9Pv+J3+8/9Qf8Zz7Hf+4P+r/4Q/4Lf9h/6XP9V/6I/9of9d/4Y/5bf9x/50/4k/6U/96f9j/4M/6sP+d/9Of9T/6C/9lf5N9ZY4wxxhj7b9la+F8fH/APviZ/XZcMFEJcvbNY7t8eV0KIzb/WHSwTOkeEEE/17/ngf606dVJSUn59bLYSQanFQojI5fx84nK84pd/k0VHUeEf9jdY9j5Pv1M/eqsQsX+TEyMuxytEJ/HEL/Vv/if1H318fGbl8Fz8v6i/WIjEUpdzCojL8eX6Ff9J/SLtf6f/Al+kCdHhb3LixOX4cv0k8Zh4WiT/3SMZY4wxxhhjjLG/Giyrdf+9++dL9+cJ+nJOfnE5vnz/+Y/vzxljjDHGGGOMMXblPdu7z5OPJid37M6bP7wB+H+iDd7w5k/YXOmfTIwxxhhjjLE/2+WL/ivdCWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlnf93/hzYlf6HBljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLEr7X8EAAD//7MxObU=") ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x24) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r1, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}, 0x45c) ioctl$UI_DEV_SETUP(r1, 0x5501, 0x0) readv(r1, &(0x7f0000001900)=[{0x0}], 0x1) write$input_event(r1, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @func_proto={0x0, 0x0, 0x0, 0xa, 0x4}, @ptr={0x0, 0x0, 0x0, 0x2, 0x4}]}, {0x0, [0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x46}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00'}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="2000000069000305000000000000000000000000000000000800010002"], 0x20}}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_4={0x3, 0x1, 0x0, "f7940ef7"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @global=@item_012={0x2, 0x1, 0x1, "b8ef"}, @local=@item_012={0x2, 0x2, 0x0, "1a70"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0) syz_usb_ep_write(r0, 0x81, 0x1, &(0x7f0000000000)='B') 2.736996684s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x0, 0x4, 0x0, 0x3}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE_wg(r2, 0x1, 0x19, &(0x7f00000000c0)='wg0\x00', 0x4) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) 1.884986837s ago: executing program 4: bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001880), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000b40), 0x2b842ac, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@fmask={'fmask', 0x3d, 0x1}}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0) 853.475697ms ago: executing program 4: r0 = open(&(0x7f0000000080)='./bus\x00', 0x143142, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0)) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000100)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f8, 0x280, 0x150, 0x150, 0x0, 0xf8010000, 0x398, 0x238, 0x238, 0x398, 0x238, 0x3, 0x0, {[{{@ipv6={@mcast1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, [], [], 'team_slave_0\x00', 'macvlan1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @multicast1}, [], [], 'batadv_slave_0\x00', 'gre0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "decb585218ebf5805f7356720db1714438ea1c4e4d4388cf67108f218b895e9936aa46525113c03de9cfdfa043d27bdb73687ca94feda3275eefade1197a320d"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x358) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"}) ioctl$USBDEVFS_CLEAR_HALT(r1, 0xc0105502, &(0x7f0000000340)={0x1, 0x1}) 812.969383ms ago: executing program 4: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001f40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r3, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0) 724.397357ms ago: executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, 0x0, 0x79) 676.701984ms ago: executing program 4: syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x810000, &(0x7f00000002c0)={[{@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@dmask={'dmask', 0x3d, 0x1}}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'maccyrillic'}}, {@fmask={'fmask', 0x3d, 0x8afa}}, {@uid={'uid', 0x3d, 0xee00}}, {@utf8}]}, 0x1, 0x14f7, &(0x7f0000001580)="$eJzs3AuUzlXbMPB97b3/jGnS3SSHYV/7+nOnwTZJkkNCDkmSJElOCUmTJAmJIaekIQk5TpLDEJLDNCaN8/mQc9LkkSZJQnIK+1t6nvf1PF/P+/a+39P3Wuud67fWXrOv2fe172vPNWvu//9ea+4feo6q16J+7WZEJP4l8NcvKUKIGCHEMCHEDUKIQAhRKb5S/JX1AgpS/rUnYX+uR9OvdQXsWuL+523c/7yN+5+3cf/zNu5/3sb9z9u4/3kb95+xvGz7nGI38si7g9//z8v49f9/kdzyk7/ZWP7mXv+NFO5/3sb9z9u4/3kb9z9v4/7nbdz///1q/Sdr3P+8jfvPWF52rd9/5nFtx7X+/WOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxljec81dpIcS/za91XYwxxhhjjDHGGPvz+PzXugLGGGOMMcYYY4z9/wdCCiW0CEQ+kV/EiAIiVlwn4sT1oqC4QUTEjSJe3CQKiZtFYVFEFBXFRIIoLkoII1BYQSIUJUUpERW3iNLiVpEoyoiyopxworxIEreJCuJ2UVHcISqJO0VlcZeoIqqKaqK6uFvUEPeImqKWqC3uFXVEXVFP1Bf3iQbiftFQPCAaiQdFY/GQaCIeFk3FI6KZeFQ0F4+JFuJx0VI8IVqJ1qKNaCva/T/lvyL6ildFP9FfpIgBYqB4TQwSg8UQMVQME6+L4eINMUK8KVLFSDFKvCVGi7fFGPGOGCvGifHiXTFBTBSTxGQxRUwVaeI9MU28L6aLD8QMMVPMErNFupgj5ooPxTwxXywQH4mF4mOxSCwWS8RSkSE+EZlimcgSn4rl4jORLVaIlWKVWC3WiLVinVgvNoiNYpPYLLaIrWKb2C4+FzvETrFL7BZ7xF6xT3wh9osvxQHxlcgRX/8388/+X/m9QIAACRI0aMgH+SAGYiAWYiEO4qAgFIQIRCAe4qEQFILCUBiKQlFIgAQoASUAAYGAoCSUhChEoTSUhkRIhLJQFhw4SIIkqAC3Q0WoCJWgElSGylAFqkJVqA7VoQbUgJpQE2pDbagDdaAe1IP74D64HxpCQ2gEjaAxNIYm0ASaQlNoBs2gOTSHFtACWkJLaAWtoA20gXbQDtpDe+gAHaATdILO0Bm6QBdIhmToCl2hG3SD7tAdekAP6Ak9oRf0ht7wCrwCr8Kr0B/qyAEwEAbCIBgEQ2AoDIXXYTi8AW/Am5AKI2EUvAVvwdswBs7AWBgH42E81JATYRJMBpJTIQ3SYBpMg+kwHWbATJgJsyEd5sBcmAvzYD7Mh49gIXwMH8NiWAxLIQMyIBOWQRZkwXI4C9mwAlbCKlgNa2A1rIP1sA42wibYCFtgC2yDbfA5fA47YSfsht2wF/bCF/AFfAlfQirkQA4chINwCA7BYTgMuZALR+AIHIWjcAyOwXE4DifgJJyCk3AaTsMZOAvn4BxcgAtwEV5K+K753jIbUoW8Qkst88l8MkbGyFgZK+NknCwoC8qIjMh4GS8LyUKysCwsi8qiMkEmyBKyhESJkmQoS8qSMiqjsrQsLRNloiwry0onnUySSbKCrCAryoqykrxTVpZ3ySqyquzoqsvqsobs5GrKWrK2rC3ryLqynqwv68sGsoFsKBvKRrKRbCwbyybyYdlUDoAh8Ki80pkWciS0lKOglWwt28i28m14UraXY6CD7Cg7yaflOBgLXWR7lyyfk13lJOgmX5CT4UXZQ06FnvJl2Uv2ln3kK7Kv7OD6yf5yBgyQA+VsGCQHyyFyqJwHdeWVjtWTb8pUOVKOkm/JpfC2HCPfkWPlODlevisnyIlykpwsp8ipMk2+J6fJ9+V0+YGcIWfKWXK2TJdz5Fz5oZwn58sF8iO5UH4sF8nFcolcKjPkJzJTLpNZ8lO5XH4ms+UKuVKukqvlGrlWrpPr5Qa5UW6Sm+UWuVVuk9vl53KH3Cl3yd1yj9wr98kv5H75pTwgv5I58mt5UP5FHpLfyMPyW5krv5NH5PfyqPxBHpM/yuPyJ3lCnpSn5M/ytPxFnpFn5Tl5Xl6Qv8qL8pK8LL0UCpRUSmkVqHwqv4pRBVSsuk7FqetVQXWDiqgbVby6SRVSN6vCqogqqoqpBFVclVBGobKKVKhKqlIqqm5RpdWtKlGVUWVVOeVUeZWkblMV1O2qorpDVVJ3qsrqLlVFVVXVVHV1t6qh7lE1VS1VW92r6qi6qp6qr+5TDdT9qqF6QDVSD6rG6iHVRD2smqpHVDP1qGquHlMt1OOqpXpCtVKtVRvVVrVTT6r26inVQXVUndTTqrN6RnVRz6pk9Zzqqp5X3dQLqrt6UfVQL6me6mXVS/VWfdQldVl51U/1VylqgBqoXlOD1GA1RA1Vw9Trarh6Q41Qb6pUNVKNUm+p0eptNUa9o8aqcWq8eldNUBPVJDVZTVFTVZp6T01T76vp6gM1Q81Us9Rsla7mqCF/22nBfyH//X+SP+K3Z9+mtqvP1Q61U+1Su9UetVftU/vUfrVfHVAHVI7KUQfVQXVIHVKH1WGVq3LVEXVEHVVH1TF1TB1Xx9UJdVKdVz+r0+oXdUadVWfVeXVBXVAX//YzEBq01EprHeh8Or+O0QV0rL5Ox+nrdUF9g47oG3W8vkkX0jfrwrqILqqL6QRdXJfQRqO2mnSoS+pSOqpv0aX1rTpRl9FldTntdHmdpG/7l/P/qL52up1ur9vrDrqD7qQ76c66s+6iu+hknay76q66m+6mu+vuuofuoXvqnrqX7qX76D66r+6r++l+OkWn6IH6NT1ID9ZD9FA9TL+uh+vheoQeoVN1qh6lR+nRerQeo8fosXqsHq/H6wl6gp6kJ+kpeopO02l6mp6mp+vpeoaeoWfpWTpdp+u5eq6ep+fpBXqBXqgX6kV6kV6il+gMnaEzdabO0ll6uV6us/UKvUKv0qv0Gr1Gr9Pr9Aa9QW/Sm/QWvUVn6+16u96hd+hdepfeo/fofXqf3q/36wP6gM7ROfqgPqgP6UP6sD6sc3WuPqKP6KP6qD6mj+nj+rg+oU/oU/qUPq1P6zP6jD6nz+kL+oK+qC/qy/rylcu+QAYy0IEO8gX5gpggJogNYoO4IC4oGBQMIkEkiA/ig0LBzUHhoEhQNCgWJATFgxKBCTCwAQVhUDIoFUSDW4LSwa1BYlAmKBuUC1xQPkgKbgsqBLcHFYM7gkrBnUHl4K6gSlA1qBZUD+4OagT3BDWDWkHt4N6gTlA3qBfUD+4LGgT3Bw2DB4JGwYNB4+ChoEnwcNA0eCRoFjwaNA8eC1oEjwctgyeCVkHroE3QNmj3p+7v/ZkiT7l+pr9JMQPMQPOaGWQGmyFmqBlmXjfDzRtmhHnTpJqRZpR5y4w2b5sx5h0z1owz4827ZoKZaCaZyWaKmWrSzHtmmnnfTDcfmBlmppllZpt0M8fMNR+aeWa+WWA+MgvNx2aRWWyWmKUmw3xiMs0yk2U+NcvNZybbrDArzSqz2qwxa806s95sMBvNJrPZbDFbzTaz3XxudpidZpfZbfaYvWaf+cLsN1+aA+Yrk2O+NgfNX8wh8405bL41ueY7c8R8b46aH8wx86M5bn4yJ8xJc8r8bE6bX8wZc9acM+fNBfOruWgumcvGX7m4v/Lyjho15sN8GIMxGIuxGIdxWBALYgQjGI/xWAgLYWEsjEWxKCZgApbAEngFIWFJLIlRjGJpLI2JmIhlsSw6dJiESVgBK2BFrIiVsBJWxspYBatgNayGd+PdeA/eg7WwFt6L92JdrIv1sT42wAbYEBtiI2yEjbExNsEm2BSbYjNshs2xObbAFtgSW2IrbIVtsA22w3bYHttjB+yAnbATdsbO2AW7YDImY1fsit2wG3bH7tgDe2BP7Im9sBf2wT7YF/tiP+yHKZiCA3EgDsJBOASH4DAchsNxOI7AEZiKqTgKR+FoHI1jcAyOxXE4Ht/FCTgRJ+FknIJTMQ3TcBpOw+k4HWfgDJyFszAd03EuzsV5OA8X4AJciAtxES7CJbgEMzADMzETszALl+NyzMZsXIkrcTWuxrW4FtfjetyIG3EzbsatuBW343bcgTtwF+7CPbgH9+E+3I/78QAewBzMwYN4EA/hITyMhzEXc/EIHsGjeBSP4TE8jsfxBJ7AU3gKT+NpPINn8Byewwv4K17ES3gZPcZYKWLtdTbOXm8L2htsjC1g/z4uaovZBFvclrDGFrZF/iFGa22iLWPL2nLW2fI2yd72u7iKrWqr2er2blvD3mNr/i5uYO+3De0DtpF90Na39/1D3Ng+ZJvYx21T+4RtZlvb5ratbWEfty3tE7aVbW3b2La2s33GdrHP2mT7nO1qn/9dnGmX2fV2g91oN9n99kt7zp63R+0P9oL91faz/e0w+7odbt+wI+ybNtWO/F083r5rJ9iJdpKdbKfYqb+LZ9nZNt3OsXPth3aenf+7OMN+YhfaLLvILrZL7NLf4is1ZdlP7XL7mc22K+xKu8qutmvsWrvu32tdZbfYrXab3We/sDvsTrvL7rZ77N7f4ivnOGC/sjn2a3vEfm8P2W/sYXvM5trvfouvnO+Y/dEetz/ZE/akPWV/tqftL/aMPfvb+a+c/Wd7yV623goCkqRIU0D5KD/FUAGKpesojq6ngnQDRehGiqebqBDdTIWpCBWlYpRAxakEGUKyRBRSSSpFUbqFStOtlEhlqCyVI0flKYluowp0O1WkO6gS3UmV6S6qQlWpGlWnu6kG3UM1qRbVpnupDtWlelSf7qMGdD81pAeoET1IjekhakIPU1N6hJrRo9ScHqMW9Di1pCeoFbWmNtSW2tGT1J6eog7UkTrR09SZnqEu9Cwl03PUlZ6nbvQCdacXqQe9RD3pZepFvakPvUJ96VXqR/0phQbQQHqNBtFgGkJDaRi9TsPpDRpBb1IqjaRR9BaNprdpDL1DY2kcjad3aQJNpEk0mabQVEqj92gavU/T6QOaQTNpFs2mdJpDc+lDmkfzaQF9RAvpY1pEi2kJLaUM+oQyaRll0ae0nD6jbFpBK2kVraY1tJbW0XraQBtpE22mLbSVttF2+px20E7aRbtpD+2lffQF7acv6QB9RTn0NR2kv9Ah+oYO07eUS9/REfqejtIPdIx+pOP0E52gk3SKfqbT9AudobN0js7TBfqVLtIlukyeRAihDFWowyDMF+YPY8ICYWx4XRgXXh8WDG8II+GNYXx4U1govDksHBYJi4bFwoSweFgiNCGGNqQwDEuGpcJoeEtYOrw1TAzLhGXDcqELy4dJ4W1hhfD2sGJ4R1gpvDOsHN4VVgmrho8/WD28O6wR3hPWDGuFtcN7wzph3bBeWD+8L2wQ3h82DB8IG4UPhhXDh8Im4cNh0/CRsFn4aNg8fCxsET4etgyfCFuFrcM2YduwXfhk2D58KuwQdgw7hU+HncNnwi7hs2Fy+FzYNXz+D9dTwgHhwPC18LXQ+wfUkujSaEb0k2hmdFk0K/ppdHn0s2h2dEV0ZXRVdHV0TXRtdF10fXRDdGN0U3RzdEt0a3Rb1Pv6+YUDJ51y2gUun8vvYlwBF+uuc3HuelfQ3eAi7kYX725yhdzNrrAr4oq6Yi7BFXclnHHorCMXupKulIu6W1xpd6tLdGVcWVfOOVfeJbm2rp1r59q7p1wH19F1ck+7p90z7hn3rHvWPee6uuddN/eC6+5edD3cS+4l97Lr5Xq7Pu4V19e96vq5/i7FpbiBbqAb5Aa5IW6IG+aGueFuuBvhRrhUl+pGuVFutBvtxrgxbqwb68a78W6Cm+AmuUluipvi0lyam+amueluupvhZrhZbpZLd+lurpvr5rl5boFb4BYmLnSL3CK3xC1xGS7DZbpMl+Wy3HK33GW7bLfSrXSr3Wq31q116916t9FtdJvdZrfVbXXb3Xa3w+1wu9wut8ftcfvcPrff7XcH3AGX43LcQXfQHXKH3GH3rct137kj7nt31P3gjrkf3XH3kzvhTrpT7md32v3izriz7pw77y64X91Fd8lddt6lRd6LTIu8H5ke+SAyIzIzMisyO5IemROZG/kwMi8yP7Ig8lFkYeTjyKLI4siSyNJIRuSTSGZkWSQr8mlkeeSzSHZkRWRlZFVkdWRNxPviO0Jf0pfyUX+LL+1v9Ym+jC/ry3nny/skf5uv4G/3Ff0dvpK/01f2d/kqvqqv5p/wrXxr38a39e38k769f8p38B19J/+07+yf8V38sz7ZP+e7+ud9N/+C7+5f9D38S76nf9n38r19H/+K7+tf9f18f5/iB/iB/jU/yA/2Q/xQP8y/7of7N/wI/6ZP9SP9KP+WH+3f9mP8O36sH+fH+3f9BD/RT/KT/RQ/1af59/w0/76f7j/wM/xMP8vP9ul+jp/rP/Tz/Hy/wH/kF/qP/SK/2C/xS32G/8Rn+mU+y3/ql/vPfLZf4Vf6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX67/9zv8Dv9Lr/b7/F7/T7/hd/vv/QH/Fc+x3/tD/q/+EP+G3/Yf+tz/Xf+iP/eH/U/+GP+R3/c/+RP+JP+lP/Zn/a/+DP+rD/nz/sL/ld/0V/yl/l/1hhjjDHG/kvS/mB9wD/5nvzbuGKgEOL6ncVy/35dCSE2F/7rfLBM6BwRQjzXv+ej/zbq1ElJSfnbY7OVCEotFkJErubnE1fjFaKTeEYki46iwj+tb7DsfYH+YP/onULE/l1OjLgaX93/9v9g/yefHp9ZOTwX/5/sv1iIxFJXcwqIq/HV/Sv+B/sXaf8H9Rf4Jk2IDn+XEyeuxlf3TxJPiedF8j88kjHGGGOMMcYY+6vBslr3P7p/vnJ/nqCv5uQXV+M/uj9njDHGGGOMMcbYtfdi7z7PPpmc3LE7T3jCE578++Ra/2VijDHGGGOM/dmuXvRf60oYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLG863/i48Su9RkZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxa+3/BAAA//8P0TzQ") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0x0, 0x1, 0xf97, 0x8}, 0x48) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@func_proto={0x2, 0x0, 0x0, 0xf, 0x2}]}, {0x0, [0x0, 0x2e]}}, 0x0, 0x28}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={r5, 0x20, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f00000000c0)=""/153, 0x99}}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = open(&(0x7f00000000c0)='./bus\x00', 0x14d27e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r6, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) 482.642515ms ago: executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0x0) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f0000000140)={0x0, r2}) close_range(r0, 0xffffffffffffffff, 0x0) 425.890643ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='ext4_allocate_inode\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) 414.443186ms ago: executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000100000000000000e9ff000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r5}, 0x10) recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) 397.054428ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='ext4_es_find_extent_range_enter\x00', r2}, 0x10) write$cgroup_int(r1, &(0x7f0000000100), 0x1001) 395.948708ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xa, 0x8, 0x8, 0x8, 0x0, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2) r3 = dup(r2) ioctl$USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 359.179094ms ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000dc0)='cpuacct.usage_all\x00', 0x26e1, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000040), &(0x7f0000000180)=r1}, 0x20) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00', r2}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000b40)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r4, &(0x7f0000000180), 0x2000) 346.112076ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 343.081916ms ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x6, 0x3, &(0x7f0000000ec0)=ANY=[@ANYBLOB="850000007d0000007c00000000000000950000000000000059f6a2c30eff3cff9837f1ad5e6e744f8f85d0dc61bd963ed577e4e710b638322604f7a81bf128d9085894690895249d10c96ce1bb69bb8cb0e7f58e73c68779f0900705791fd928b36e5eb3772b4288a38a2e640b71f6e6becace68c61a02170c925adc049c8d7019f8db7b2c6fc66838858121060de6dfbf818a17383879de2bc26e9b5f666d2c40ebe3de19cb4fb1accea705a62d9a6253ad9260631048300b3e2af7c58ee876a161b9e0178de1dfde5e4d24fdc3cb48a025fd2ea94c7f40e8e8bbeefce00388fcea559938b09648790801831a869372544133ae36e4e190d9e0f37ce4d0639a00925c2b2d4352ca770b691d88a982d45d8731ddf851cd49c3a1f22cf245ddaad77f3bb1b268e0f8dad9a91b84173e2e31ee161455635c40b63c2f5a225cb69cad576bd369333cffa87777603913338e5ea61e8560be5ce5dd4873a6d45a458ba16630f388756d10e92b2ee8271170d989743d5af0ad9294a48fbd967eec536c1278a1e815b46bfb2929234fafa49cbc9e536b1e5e5356635d95a7aeed472bd8c4ecac848cac314e2fc3ae15a4efb535f6303e1c64dfad861282921073bc8a722a46101b48a5c03327b96132d42a37fd8ab12eadea2776d9f22fc63b65cb97fbb9bec0db5d648c4dc925f93608baac5460d652f2a076a0210665fd04fbe56ddc00fa0aac947ba5bb4206191115b0152f0c4ab3ac23f549acf20d1d3aaccdbf6f5eebf77ab7962a09847a83c534eab5a4b5ccf29c5f6358cbabad44de63f3ce63fed47c5832f7119ed0d955d045c55aa2764e37a9bcea23c87ad3d0dca011c5962346322fe8418b31d9606042350deed5cc2482d8dd450655e9df41bbbd1eae917e90eb5558c44603a9de8adcccfb91b3d0e27dbd967ccf14e94e4e7d60a07380cf2295475c819b78f415402dd3c19632c7cc18d095b7da8352e407639139e8d4feb257971f4afb647c69d8197eeeca1cb5059989b5693d834724296e1f094480029bb709d61cd0450b2aa38f735d897483b479d9e99d20c6ed3a63892a59fc13c40563fdbe48f6835e28f85c723900000000000000000000e49e42ec3d328e6ac1eb3d753b555991d656229a4c4e5247e748299bdc7590957ffe07fd58ba0ff33b3ede5035600fbf93724793b3c88174f5b65bdd3a39e9e0ee2b975884cf5a22714a78f43ee7845434a729adf4c776b55a7cce992fbb5f4e272e01e702420c5488b209f2aaacbef9bdf76abeb78c3ad24d25b486ebd3977a92817626d794dc9f9dafbe6e08c84c11867ea1b257da26940ed7f4afe68e18b58d75fd854d9dccb52f321055680d78640a862163ef96e8538a6b886cd2a68758a942652b328bb5467c0cf4c6da1c6c3ce594da43be22058c109fcf652150b381a6561ca2bdbc31dcc765272366ec44ca256c62637dbdcfdb6630826e03580e158022fba72848fe42e2fdfb6e2bbd72489881c83b455ad89a7426307f0dd1425835011612036e34fb91"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfcc4}, 0x48) prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001400)={0x0, 0x0, 0x0}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0x0, 0xf000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000}, 0x48) 317.265111ms ago: executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$TIOCL_SCROLLCONSOLE(0xffffffffffffffff, 0x541c, &(0x7f0000001980)={0xd, 0x200}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) getsockopt$packet_int(r0, 0x107, 0x3, &(0x7f0000000380), &(0x7f00000003c0)=0x4) 127.59916ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r5}, 0x10) r6 = dup(r4) write$FUSE_BMAP(r6, &(0x7f0000000080)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) chdir(&(0x7f0000000040)='./file0\x00') syz_mount_image$fuse(0x0, &(0x7f0000006340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='memory.events\x00', 0x26e1, 0x0) 89.491866ms ago: executing program 3: open(&(0x7f00000002c0)='./bus\x00', 0x4c143, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) ftruncate(r0, 0x2007ffb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r0, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(r1, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, "00207d2000000000201b14700c1e0ac74f000000001200000000000900"}) 89.374506ms ago: executing program 2: timer_create(0x3, &(0x7f0000000100)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r0 = socket(0x10, 0x803, 0x4) timer_create(0x3, &(0x7f0000000140)={0x0, 0x0, 0x1, @tid=0xffffffffffffffff}, &(0x7f00000000c0)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x77359400}, {0x0, 0x989680}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0) 53.967182ms ago: executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0x0) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f0000000140)={0x0, r2}) close_range(r0, 0xffffffffffffffff, 0x0) 43.219563ms ago: executing program 1: r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000004000000000000000000190095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) syz_emit_ethernet(0xfdef, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x0) 31.128205ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000f800b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 26.092516ms ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='ext4_allocate_inode\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) 3.245969ms ago: executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000100000000000000e9ff000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r5}, 0x10) recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) 0s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xa, 0x8, 0x8, 0x8, 0x0, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2) r3 = dup(r2) ioctl$USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) kernel console output (not intermixed with test programs): may corrupt user memory! [ 208.193401][ T7565] syz-executor.3[7565] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 208.195191][ T7575] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 136: padding at end of block bitmap is not set [ 208.350587][ T28] audit: type=1326 audit(1718400285.923:28376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7594 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8c45c7cea9 code=0x0 [ 208.415777][ T7589] EXT4-fs (sda1): re-mounted. Quota mode: none. [ 208.460839][ T7600] loop3: detected capacity change from 0 to 128 [ 208.470717][ T7593] loop4: detected capacity change from 0 to 40427 [ 208.479719][ T7593] F2FS-fs (loop4): Found nat_bits in checkpoint [ 208.502799][ T7593] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 208.522610][ T6693] syz-executor.4: attempt to access beyond end of device [ 208.522610][ T6693] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 208.743548][ T7612] loop1: detected capacity change from 0 to 4096 [ 208.750188][ T7612] EXT4-fs: Ignoring removed i_version option [ 208.756081][ T7612] EXT4-fs: Ignoring removed nomblk_io_submit option [ 208.764264][ T7612] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 208.774934][ T7612] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #15: comm syz-executor.1: corrupted inode contents [ 208.787198][ T7612] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #15: comm syz-executor.1: mark_inode_dirty error [ 208.799199][ T7612] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #15: comm syz-executor.1: corrupted inode contents [ 208.811461][ T7612] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #15: comm syz-executor.1: mark_inode_dirty error [ 208.823205][ T7612] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #15: comm syz-executor.1: corrupted inode contents [ 208.835484][ T7612] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #15: comm syz-executor.1: mark_inode_dirty error [ 208.847158][ T7612] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #15: comm syz-executor.1: corrupted inode contents [ 208.859456][ T7612] EXT4-fs error (device loop1): ext4_truncate:4302: inode #15: comm syz-executor.1: mark_inode_dirty error [ 208.870948][ T7612] EXT4-fs error (device loop1) in ext4_setattr:5613: Corrupt filesystem [ 208.879607][ T7614] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #15: comm syz-executor.1: corrupted inode contents [ 208.894774][ T3354] EXT4-fs warning (device loop1): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 208.905623][ T3354] EXT4-fs (loop1): unmounting filesystem. [ 209.289529][ T2483] EXT4-fs (loop2): unmounting filesystem. [ 209.449875][ T7640] loop3: detected capacity change from 0 to 4096 [ 209.456588][ T7640] EXT4-fs: Ignoring removed i_version option [ 209.462713][ T7640] EXT4-fs: Ignoring removed nomblk_io_submit option [ 209.471168][ T7640] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 209.483171][ T7640] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #15: comm syz-executor.3: corrupted inode contents [ 209.498413][ T7640] EXT4-fs error (device loop3): ext4_dirty_inode:6074: inode #15: comm syz-executor.3: mark_inode_dirty error [ 209.511098][ T7640] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #15: comm syz-executor.3: corrupted inode contents [ 209.523477][ T7640] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz-executor.3: mark_inode_dirty error [ 209.535175][ T7640] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #15: comm syz-executor.3: corrupted inode contents [ 209.547453][ T7640] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz-executor.3: mark_inode_dirty error [ 210.059634][ T7650] input: syz0 as /devices/virtual/input/input31 [ 210.172794][ T7654] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 210.183064][ T7640] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #15: comm syz-executor.3: corrupted inode contents [ 210.204474][ T7640] EXT4-fs error (device loop3): ext4_truncate:4302: inode #15: comm syz-executor.3: mark_inode_dirty error [ 210.253194][ T7640] EXT4-fs error (device loop3) in ext4_setattr:5613: Corrupt filesystem [ 210.328862][ T7655] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 210.335915][ T7655] IPv6: NLM_F_CREATE should be set when creating new route [ 210.345088][ T7646] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #15: comm syz-executor.3: corrupted inode contents [ 210.370208][ T3322] EXT4-fs warning (device loop3): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 210.381165][ T3322] EXT4-fs (loop3): unmounting filesystem. [ 210.429309][ T7670] loop3: detected capacity change from 0 to 2048 [ 210.430062][ T7672] syz-executor.0[7672] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 210.436106][ T7672] syz-executor.0[7672] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 210.437300][ T7673] loop2: detected capacity change from 0 to 128 [ 210.475333][ T7670] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 210.483682][ T60] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 210.498877][ T7670] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 136: padding at end of block bitmap is not set [ 210.921696][ T60] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 210.932344][ T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 210.943113][ T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 210.952696][ T60] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 211.062566][ T60] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 211.071523][ T60] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 211.079358][ T60] usb 2-1: Manufacturer: syz [ 211.084254][ T60] usb 2-1: config 0 descriptor?? [ 211.329427][ T3322] EXT4-fs (loop3): unmounting filesystem. [ 211.551915][ T7693] input: syz0 as /devices/virtual/input/input32 [ 211.603247][ T60] appleir 0003:05AC:8243.0023: unknown main item tag 0x0 [ 211.633562][ T7691] loop3: detected capacity change from 0 to 4096 [ 211.641980][ T7691] EXT4-fs: Ignoring removed i_version option [ 211.647987][ T7691] EXT4-fs: Ignoring removed nomblk_io_submit option [ 211.652972][ T60] appleir 0003:05AC:8243.0023: No inputs registered, leaving [ 211.662701][ T60] appleir 0003:05AC:8243.0023: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 211.676686][ T7691] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 211.696717][ T7691] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #15: comm syz-executor.3: corrupted inode contents [ 211.708995][ T7691] EXT4-fs error (device loop3): ext4_dirty_inode:6074: inode #15: comm syz-executor.3: mark_inode_dirty error [ 211.721825][ T7691] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #15: comm syz-executor.3: corrupted inode contents [ 211.734057][ T7691] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz-executor.3: mark_inode_dirty error [ 211.747096][ T7691] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #15: comm syz-executor.3: corrupted inode contents [ 211.759353][ T7691] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz-executor.3: mark_inode_dirty error [ 211.770992][ T7691] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #15: comm syz-executor.3: corrupted inode contents [ 211.783383][ T7691] EXT4-fs error (device loop3): ext4_truncate:4302: inode #15: comm syz-executor.3: mark_inode_dirty error [ 211.795073][ T7691] EXT4-fs error (device loop3) in ext4_setattr:5613: Corrupt filesystem [ 211.803592][ T7702] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #15: comm syz-executor.3: corrupted inode contents [ 211.837913][ T3322] EXT4-fs warning (device loop3): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 211.865766][ T3322] EXT4-fs (loop3): unmounting filesystem. [ 211.886476][ T60] usb 2-1: USB disconnect, device number 19 [ 212.188882][ T7706] loop4: detected capacity change from 0 to 40427 [ 212.202346][ T7706] F2FS-fs (loop4): Found nat_bits in checkpoint [ 212.231850][ T7706] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 212.251533][ T6693] syz-executor.4: attempt to access beyond end of device [ 212.251533][ T6693] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 212.302415][ T7708] syz-executor.3[7708] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 212.302490][ T7708] syz-executor.3[7708] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 212.405719][ T7721] EXT4-fs (sda1): re-mounted. Quota mode: none. [ 212.450919][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 212.450935][ T28] audit: type=1400 audit(1718400288.855:28381): avc: denied { setopt } for pid=7723 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 212.503475][ T520] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 212.549762][ T7729] syz-executor.1[7729] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 212.549894][ T7729] syz-executor.1[7729] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 212.562610][ T7729] syz-executor.1[7729] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 212.574505][ T7729] syz-executor.1[7729] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 212.620566][ T28] audit: type=1400 audit(1718400289.002:28382): avc: denied { getopt } for pid=7734 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 213.320065][ T7746] xt_TPROXY: Can be used only with -p tcp or -p udp [ 213.337726][ T520] usb 3-1: Using ep0 maxpacket: 8 [ 213.360987][ T28] audit: type=1400 audit(1718400289.695:28383): avc: denied { create } for pid=7749 comm="syz-executor.1" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 213.590527][ T7774] loop0: detected capacity change from 0 to 4096 [ 213.597250][ T7774] EXT4-fs: Ignoring removed i_version option [ 213.603322][ T7774] EXT4-fs: Ignoring removed nomblk_io_submit option [ 213.619556][ T7774] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 213.649316][ T520] usb 3-1: New USB device found, idVendor=c93d, idProduct=8813, bcdDevice=25.d8 [ 213.658346][ T520] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.666210][ T520] usb 3-1: Product: syz [ 213.670183][ T520] usb 3-1: Manufacturer: syz [ 213.674605][ T520] usb 3-1: SerialNumber: syz [ 213.679600][ T520] usb 3-1: config 0 descriptor?? [ 213.687839][ T7774] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #15: comm syz-executor.0: corrupted inode contents [ 213.700464][ T7774] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #15: comm syz-executor.0: mark_inode_dirty error [ 213.713075][ T7774] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #15: comm syz-executor.0: corrupted inode contents [ 213.725294][ T7774] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #15: comm syz-executor.0: mark_inode_dirty error [ 213.737004][ T7774] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #15: comm syz-executor.0: corrupted inode contents [ 213.737198][ T520] usb-storage 3-1:0.0: USB Mass Storage device detected [ 213.749301][ T7774] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #15: comm syz-executor.0: mark_inode_dirty error [ 214.412203][ T7774] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #15: comm syz-executor.0: corrupted inode contents [ 214.434430][ T7774] EXT4-fs error (device loop0): ext4_truncate:4302: inode #15: comm syz-executor.0: mark_inode_dirty error [ 214.447834][ T7774] EXT4-fs error (device loop0) in ext4_setattr:5613: Corrupt filesystem [ 214.470145][ T7784] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #15: comm syz-executor.0: corrupted inode contents [ 214.569340][ T520] usb 3-1: USB disconnect, device number 18 [ 214.625165][ T752] EXT4-fs warning (device loop0): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 214.636454][ T752] EXT4-fs (loop0): unmounting filesystem. [ 215.049014][ T28] audit: type=1326 audit(1718400291.245:28384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7801 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbab8a7cea9 code=0x0 [ 215.092614][ T28] audit: type=1326 audit(1718400291.282:28385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7816 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc967e7cea9 code=0x0 [ 215.160579][ T7815] bpf_get_probe_write_proto: 6 callbacks suppressed [ 215.160590][ T7815] syz-executor.2[7815] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 215.167049][ T7815] syz-executor.2[7815] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 215.202898][ T7819] loop1: detected capacity change from 0 to 128 [ 215.232600][ T7821] loop2: detected capacity change from 0 to 512 [ 215.246475][ T7821] EXT4-fs (loop2): 1 orphan inode deleted [ 215.252102][ T7821] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 215.260850][ T7821] ext4 filesystem being mounted at /root/syzkaller-testdir1990169530/syzkaller.QGHLaE/475/file1 supports timestamps until 2038 (0x7fffffff) [ 215.277102][ T351] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 215.289525][ T7821] bridge0: port 4(vlan2) entered blocking state [ 215.295568][ T7821] bridge0: port 4(vlan2) entered disabled state [ 215.309644][ T351] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 215.359560][ T2483] EXT4-fs (loop2): unmounting filesystem. [ 215.426497][ T7827] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 215.721290][ T520] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 216.157836][ T28] audit: type=1326 audit(1718400291.876:28386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7840 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbab8a7cea9 code=0x0 [ 216.349691][ T520] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 216.360445][ T520] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 216.369982][ T520] usb 3-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 216.378835][ T520] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.387205][ T520] usb 3-1: config 0 descriptor?? [ 216.479956][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 216.491858][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 216.503843][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 216.515727][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 216.527702][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 216.539566][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 216.551497][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 216.563376][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 216.575307][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 216.587149][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 216.662920][ T7860] loop4: detected capacity change from 0 to 512 [ 216.692657][ T7860] EXT4-fs (loop4): 1 orphan inode deleted [ 216.700848][ T7860] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 216.711178][ T7860] ext4 filesystem being mounted at /root/syzkaller-testdir3461618182/syzkaller.k79YGu/76/file1 supports timestamps until 2038 (0x7fffffff) [ 216.734216][ T7860] bridge0: port 3(vlan2) entered blocking state [ 216.740484][ T7860] bridge0: port 3(vlan2) entered disabled state [ 216.946828][ T520] hid-led 0003:1D34:000A.0024: unknown main item tag 0x0 [ 216.967886][ T7864] loop0: detected capacity change from 0 to 2048 [ 216.996596][ T7864] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 217.007876][ T7864] ext4 filesystem being mounted at /root/syzkaller-testdir1488289120/syzkaller.huL7Se/485/bus supports timestamps until 2038 (0x7fffffff) [ 217.047405][ T752] EXT4-fs (loop0): unmounting filesystem. [ 217.070057][ T6693] EXT4-fs (loop4): unmounting filesystem. [ 217.107694][ T7870] loop0: detected capacity change from 0 to 2048 [ 217.173578][ T520] hid-led 0003:1D34:000A.0024: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.2-1/input0 [ 217.190895][ T520] hid-led 0003:1D34:000A.0024: Dream Cheeky Webmail Notifier initialized [ 218.057502][ T7879] kvm: pic: non byte write [ 218.628958][ T7882] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 218.648211][ T7792] usb 3-1: USB disconnect, device number 19 [ 218.672989][ T7882] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 218.680056][ T7882] IPv6: NLM_F_CREATE should be set when creating new route [ 218.821655][ T7880] input: syz0 as /devices/virtual/input/input33 [ 221.907569][ C1] net_ratelimit: 157616 callbacks suppressed [ 221.907586][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 221.925169][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 221.936972][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 221.948693][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 221.960484][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 221.972209][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 221.983998][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 221.995716][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 222.007535][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 222.019264][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 224.315848][ T351] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 224.375267][ T7897] loop2: detected capacity change from 0 to 2048 [ 224.481636][ T7905] loop3: detected capacity change from 0 to 2048 [ 224.510790][ T7905] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 224.519264][ T7905] ext4 filesystem being mounted at /root/syzkaller-testdir2642113633/syzkaller.c3EtaD/318/bus supports timestamps until 2038 (0x7fffffff) [ 224.534395][ T7897] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 224.560410][ T3322] EXT4-fs (loop3): unmounting filesystem. [ 224.568134][ T7897] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 136: padding at end of block bitmap is not set [ 224.768220][ T7919] EXT4-fs (sda1): re-mounted. Quota mode: none. [ 224.769621][ T28] audit: type=1326 audit(1718400299.814:28387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7902 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbab8a7cea9 code=0x0 [ 224.781148][ T7924] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 225.201293][ T520] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 225.260818][ T7928] loop1: detected capacity change from 0 to 40427 [ 225.286004][ T2483] EXT4-fs (loop2): unmounting filesystem. [ 225.303893][ T7928] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 225.325214][ T7928] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 225.370342][ T7931] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.378904][ T7931] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.397439][ T7931] device bridge_slave_0 entered promiscuous mode [ 225.412186][ T7928] F2FS-fs (loop1): Found nat_bits in checkpoint [ 225.486639][ T7931] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.499515][ T7931] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.521399][ T7931] device bridge_slave_1 entered promiscuous mode [ 225.579721][ T7928] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 225.587946][ T7928] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 225.602099][ T520] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 225.644986][ T520] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 225.686766][ T28] audit: type=1400 audit(1718400300.663:28388): avc: denied { create } for pid=7927 comm="syz-executor.1" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1 [ 225.729087][ T520] usb 4-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 225.738141][ T520] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.746715][ T520] usb 4-1: config 0 descriptor?? [ 225.752915][ T28] audit: type=1400 audit(1718400300.691:28389): avc: denied { write } for pid=7927 comm="syz-executor.1" name="file2" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1 [ 225.778199][ T28] audit: type=1400 audit(1718400300.691:28390): avc: denied { open } for pid=7927 comm="syz-executor.1" path="/root/syzkaller-testdir897609558/syzkaller.vIX3zh/388/bus/file2" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1 [ 225.932934][ T28] audit: type=1400 audit(1718400300.756:28391): avc: denied { ioctl } for pid=7927 comm="syz-executor.1" path="/root/syzkaller-testdir897609558/syzkaller.vIX3zh/388/bus/file2" dev="loop1" ino=10 ioctlcmd=0x4c02 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1 [ 226.024062][ T7955] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 226.058439][ T7957] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 226.065465][ T7957] IPv6: NLM_F_CREATE should be set when creating new route [ 226.219601][ T19] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 226.307518][ T520] hid-led 0003:1D34:000A.0025: unknown main item tag 0x0 [ 226.340126][ T7792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 226.350182][ T7792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 226.373209][ T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 226.381470][ T783] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 226.467881][ T7962] loop4: detected capacity change from 0 to 256 [ 226.567124][ T520] hid-led 0003:1D34:000A.0025: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.3-1/input0 [ 226.578731][ T783] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.585595][ T783] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.595261][ T520] hid-led 0003:1D34:000A.0025: Dream Cheeky Webmail Notifier initialized [ 226.603678][ T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 226.614364][ T783] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 226.630350][ T783] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.637235][ T783] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.684797][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 226.695784][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 226.719517][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 226.728873][ T19] usb 2-1: config index 0 descriptor too short (expected 45, got 36) [ 226.738172][ T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 226.775522][ T19] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 226.809026][ T19] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 226.816996][ T351] device vlan0 left promiscuous mode [ 226.820626][ T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.841186][ T19] usb 2-1: config 0 descriptor?? [ 226.892732][ T351] bridge0: port 3(vlan0) entered disabled state [ 226.992514][ T351] device bridge_slave_1 left promiscuous mode [ 226.999780][ T351] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.027913][ T351] device veth1_macvtap left promiscuous mode [ 227.043833][ T351] device veth0_vlan left promiscuous mode [ 227.335522][ C1] net_ratelimit: 146806 callbacks suppressed [ 227.335541][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.353245][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.365233][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.377105][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.389088][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.400901][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.412805][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.414628][ T19] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0 [ 227.424661][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.424749][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.424832][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 227.474715][ T19] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0 [ 227.486852][ T19] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0 [ 227.528756][ T19] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0 [ 227.551365][ T19] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0 [ 227.574744][ T19] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0 [ 227.595451][ T19] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0 [ 227.617359][ T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 227.631005][ T783] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 227.662056][ T19] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0 [ 227.688368][ T7931] device veth0_vlan entered promiscuous mode [ 227.696734][ T19] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0 [ 227.723188][ T7931] device veth1_macvtap entered promiscuous mode [ 227.736733][ T19] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0 [ 227.756723][ T19] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0 [ 227.792912][ T19] plantronics 0003:047F:FFFF.0026: No inputs registered, leaving [ 227.822261][ T19] plantronics 0003:047F:FFFF.0026: hiddev96,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 227.888735][ T19] usb 2-1: USB disconnect, device number 20 [ 227.911228][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 227.932810][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 227.955864][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 227.979311][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 228.022505][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 228.038165][ T7979] loop4: detected capacity change from 0 to 40427 [ 228.044846][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 228.052876][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 228.060841][ T7979] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 228.068825][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 228.076813][ T7979] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 228.085138][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 228.093888][ T7979] F2FS-fs (loop4): invalid crc value [ 228.099437][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 228.109774][ T7979] F2FS-fs (loop4): Found nat_bits in checkpoint [ 228.116171][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 228.136407][ T7792] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 228.143642][ T783] usb 4-1: USB disconnect, device number 18 [ 228.151338][ T7792] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 228.272697][ T7979] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 228.283212][ T7979] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 228.359327][ T7997] loop3: detected capacity change from 0 to 2048 [ 228.397789][ T7997] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 228.415448][ T7997] ext4 filesystem being mounted at /root/syzkaller-testdir2642113633/syzkaller.c3EtaD/323/bus supports timestamps until 2038 (0x7fffffff) [ 228.574966][ T3322] EXT4-fs (loop3): unmounting filesystem. [ 228.772815][ T8008] loop3: detected capacity change from 0 to 2048 [ 229.034223][ T8008] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 229.071720][ T8008] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 136: padding at end of block bitmap is not set [ 229.591552][ T3322] EXT4-fs (loop3): unmounting filesystem. [ 229.889702][ T590] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 229.901338][ T590] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 231.407514][ T8098] loop1: detected capacity change from 0 to 256 [ 231.439615][ T8098] exfat: Deprecated parameter 'utf8' [ 231.490155][ T8098] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 231.540364][ T28] audit: type=1326 audit(1718400306.072:28392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8100 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f06e707cea9 code=0x0 [ 231.766794][ T783] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 232.351881][ T783] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 232.368217][ T783] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 232.405882][ T783] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 232.426788][ T783] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.444700][ T783] usb 4-1: config 0 descriptor?? [ 232.763474][ C1] net_ratelimit: 87270 callbacks suppressed [ 232.763490][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 232.781064][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 232.793000][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 232.804947][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 232.816770][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 232.828763][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 232.840681][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 232.852473][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 232.864296][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 232.871834][ T520] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 232.876130][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 232.969677][ T783] hid (null): bogus close delimiter [ 233.208687][ T783] usb 4-1: language id specifier not provided by device, defaulting to English [ 233.274941][ T520] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 233.286943][ T520] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 233.322263][ T520] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 233.331329][ T520] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.349141][ T520] usb 3-1: config 0 descriptor?? [ 233.514709][ T28] audit: type=1400 audit(1718400307.890:28393): avc: denied { setopt } for pid=8177 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 233.544178][ T8184] syz-executor.4[8184] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 233.544258][ T8184] syz-executor.4[8184] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 233.569846][ T8184] device pim6reg1 entered promiscuous mode [ 233.846821][ T8103] loop3: detected capacity change from 0 to 40427 [ 233.855597][ T8103] F2FS-fs (loop3): Mismatch valid blocks 5 vs. 7 [ 233.862350][ T8103] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-117) [ 234.054612][ T783] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0027/input/input34 [ 234.082463][ T783] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0027/input/input35 [ 234.107849][ T783] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0027/input/input36 [ 234.136591][ T783] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0027/input/input37 [ 234.171826][ T783] uclogic 0003:256C:006D.0027: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0 [ 234.284016][ T783] usb 4-1: USB disconnect, device number 19 [ 234.433176][ T8218] incfs: Options parsing error. -22 [ 234.438390][ T8218] incfs: mount failed -22 [ 234.453851][ T8220] syz-executor.4[8220] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 234.453923][ T8220] syz-executor.4[8220] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 234.537228][ T8220] device pim6reg1 entered promiscuous mode [ 234.637929][ T520] uclogic 0003:256C:006D.0028: interface is invalid, ignoring [ 234.716249][ T8228] loop1: detected capacity change from 0 to 512 [ 234.858031][ T8235] loop3: detected capacity change from 0 to 256 [ 234.871719][ T8235] exfat: Deprecated parameter 'utf8' [ 234.879657][ T520] usb 3-1: USB disconnect, device number 20 [ 234.890535][ T8235] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 235.033236][ T8246] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 235.096272][ T8252] tmpfs: Bad value for 'uid' [ 235.113319][ T8254] tmpfs: Unknown parameter 'nolazytime' [ 235.165290][ T8260] loop3: detected capacity change from 0 to 256 [ 235.172807][ T8260] exfat: Deprecated parameter 'utf8' [ 235.180380][ T8260] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 235.428703][ T520] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 235.464628][ T8269] loop2: detected capacity change from 0 to 512 [ 235.471622][ T8269] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349) [ 235.481903][ T8269] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 235.490003][ T8269] System zones: 1-12 [ 235.494680][ T8269] EXT4-fs (loop2): orphan cleanup on readonly fs [ 235.500939][ T8269] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz-executor.2: Inode bitmap for bg 0 marked uninitialized [ 235.519696][ T8269] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 235.551186][ T28] audit: type=1400 audit(1718400309.773:28394): avc: denied { remount } for pid=8268 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 235.572861][ T8269] EXT4-fs error (device loop2): __ext4_remount:6412: comm syz-executor.2: Abort forced by user [ 235.583363][ T8269] EXT4-fs (loop2): re-mounted. Quota mode: none. [ 235.590262][ T8269] EXT4-fs warning (device loop2): dx_probe:892: inode #2: comm syz-executor.2: dx entry: limit 0 != root limit 125 [ 235.602633][ T8269] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 235.615886][ T8269] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 5: comm syz-executor.2: path /root/syzkaller-testdir1990169530/syzkaller.QGHLaE/511/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 235.648209][ T2483] EXT4-fs (loop2): unmounting filesystem. [ 235.829851][ T520] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 235.846528][ T520] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 235.861207][ T520] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 235.872124][ T520] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.888380][ T520] usb 1-1: config 0 descriptor?? [ 235.920197][ T8290] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 236.173793][ T8300] loop3: detected capacity change from 0 to 512 [ 236.194890][ T8300] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349) [ 236.230480][ T7194] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 236.238246][ T8300] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 236.248917][ T8300] System zones: 1-12 [ 236.255575][ T8300] EXT4-fs (loop3): orphan cleanup on readonly fs [ 236.267060][ T8300] EXT4-fs error (device loop3): ext4_read_inode_bitmap:168: comm syz-executor.3: Inode bitmap for bg 0 marked uninitialized [ 236.279891][ T7792] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 236.296127][ T8300] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 236.327166][ T8300] EXT4-fs error (device loop3): __ext4_remount:6412: comm syz-executor.3: Abort forced by user [ 236.344123][ T8300] EXT4-fs (loop3): re-mounted. Quota mode: none. [ 236.359942][ T8300] EXT4-fs warning (device loop3): dx_probe:892: inode #2: comm syz-executor.3: dx entry: limit 0 != root limit 125 [ 236.378114][ T8300] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 236.398125][ T8300] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 5: comm syz-executor.3: path /root/syzkaller-testdir2642113633/syzkaller.c3EtaD/343/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 236.423504][ T520] hid (null): bogus close delimiter [ 236.465214][ T3322] EXT4-fs (loop3): unmounting filesystem. [ 236.510741][ T8306] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 236.632301][ T7194] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 236.660200][ T7194] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 236.670337][ T520] usb 1-1: language id specifier not provided by device, defaulting to English [ 236.685519][ T7792] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 236.707058][ T7792] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 236.723121][ T7194] usb 5-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 236.742043][ T7792] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 236.752033][ T7194] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.763231][ T7194] usb 5-1: config 0 descriptor?? [ 236.770100][ T7792] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.786728][ T7792] usb 3-1: config 0 descriptor?? [ 237.043091][ T28] audit: type=1400 audit(1718400311.149:28395): avc: denied { mounton } for pid=8317 comm="syz-executor.1" path="/root/syzkaller-testdir897609558/syzkaller.vIX3zh/409/file1/bus" dev="tmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 237.096318][ T28] audit: type=1400 audit(1718400311.149:28396): avc: denied { unlink } for pid=8317 comm="syz-executor.1" name="#75" dev="tmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 237.304634][ T7194] hid-led 0003:1D34:000A.002A: unknown main item tag 0x0 [ 237.378899][ T19] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 237.480703][ T8257] loop0: detected capacity change from 0 to 40427 [ 237.522613][ T8257] F2FS-fs (loop0): Mismatch valid blocks 5 vs. 7 [ 237.532300][ T8257] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-117) [ 237.547438][ T7194] hid-led 0003:1D34:000A.002A: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.4-1/input0 [ 237.567425][ T7194] hid-led 0003:1D34:000A.002A: Dream Cheeky Webmail Notifier initialized [ 237.779921][ T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 237.803202][ T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 237.825211][ T19] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 237.851206][ T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.878697][ T19] usb 2-1: config 0 descriptor?? [ 237.889952][ T520] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0029/input/input39 [ 237.910050][ T520] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0029/input/input40 [ 237.928565][ T520] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0029/input/input41 [ 237.950594][ T520] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0029/input/input42 [ 237.972150][ T520] uclogic 0003:256C:006D.0029: input,hiddev96,hidraw1: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0 [ 238.126523][ T7792] uclogic 0003:256C:006D.002B: interface is invalid, ignoring [ 238.147165][ T7792] usb 1-1: USB disconnect, device number 19 [ 238.191456][ C1] net_ratelimit: 113534 callbacks suppressed [ 238.191485][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 238.209228][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.221099][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.233043][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 238.245011][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.256891][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.268837][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 238.280768][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.292619][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.304583][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 238.347161][ T520] usb 3-1: USB disconnect, device number 21 [ 238.960725][ T19] usb 2-1: string descriptor 0 read error: -71 [ 238.982371][ T19] uclogic 0003:256C:006D.002C: failed retrieving string descriptor #200: -71 [ 238.992048][ T19] uclogic 0003:256C:006D.002C: failed retrieving pen parameters: -71 [ 239.002108][ T19] uclogic 0003:256C:006D.002C: failed probing pen v2 parameters: -71 [ 239.014730][ T19] uclogic 0003:256C:006D.002C: failed probing parameters: -71 [ 239.040105][ T19] uclogic: probe of 0003:256C:006D.002C failed with error -71 [ 239.057969][ T19] usb 2-1: USB disconnect, device number 21 [ 239.112669][ T7194] usb 5-1: USB disconnect, device number 20 [ 239.446976][ T8341] loop0: detected capacity change from 0 to 40427 [ 239.454334][ T8341] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 239.480752][ T8341] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 239.502708][ T8341] F2FS-fs (loop0): invalid crc value [ 239.538746][ T8341] F2FS-fs (loop0): Found nat_bits in checkpoint [ 239.578275][ T19] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 239.629503][ T8341] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 239.646040][ T8341] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 239.951131][ T8382] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 239.979666][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 239.993546][ T8382] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 240.004887][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 240.021916][ T19] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 240.047751][ T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.060485][ T19] usb 4-1: config 0 descriptor?? [ 240.399272][ T8402] kvm: pic: non byte write [ 240.501095][ T8405] syz-executor.2[8405] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 240.501172][ T8405] syz-executor.2[8405] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 240.513534][ T8405] syz-executor.2[8405] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 240.525218][ T8405] syz-executor.2[8405] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 240.643736][ T8416] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 240.727199][ T19] hid (null): bogus close delimiter [ 240.732911][ T8416] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 240.954406][ T19] usb 4-1: language id specifier not provided by device, defaulting to English [ 241.033416][ T8434] syz-executor.2[8434] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 241.033489][ T8434] syz-executor.2[8434] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 241.046158][ T8434] syz-executor.2[8434] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 241.059323][ T8434] syz-executor.2[8434] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 241.213319][ T8453] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 241.253848][ T8453] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 241.298619][ T8464] syz-executor.1[8464] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 241.298703][ T8464] syz-executor.1[8464] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 241.803315][ T28] audit: type=1400 audit(1718400315.542:28397): avc: denied { bind } for pid=8487 comm="syz-executor.0" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 241.864911][ T8490] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 241.914996][ T8490] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 241.950319][ T28] audit: type=1400 audit(1718400315.588:28398): avc: denied { node_bind } for pid=8487 comm="syz-executor.0" saddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 242.131371][ T8355] loop3: detected capacity change from 0 to 40427 [ 242.141281][ T8355] F2FS-fs (loop3): Mismatch valid blocks 5 vs. 7 [ 242.163727][ T8355] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-117) [ 242.373471][ T7792] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 242.441488][ T19] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.002D/input/input43 [ 242.454894][ T19] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.002D/input/input44 [ 242.468010][ T19] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.002D/input/input45 [ 242.481376][ T19] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.002D/input/input46 [ 242.494626][ T19] uclogic 0003:256C:006D.002D: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0 [ 242.633501][ T7792] usb 1-1: Using ep0 maxpacket: 32 [ 242.680668][ T19] usb 4-1: USB disconnect, device number 20 [ 242.763574][ T7792] usb 1-1: config 0 has an invalid interface number: 155 but max is 0 [ 242.771808][ T7792] usb 1-1: config 0 has no interface number 0 [ 242.777786][ T7792] usb 1-1: config 0 interface 155 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 242.787514][ T7792] usb 1-1: config 0 interface 155 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 242.969422][ T7792] usb 1-1: New USB device found, idVendor=05d1, idProduct=1002, bcdDevice=c5.61 [ 242.978451][ T7792] usb 1-1: New USB device strings: Mfr=225, Product=1, SerialNumber=3 [ 242.986519][ T7792] usb 1-1: Product: syz [ 242.990545][ T7792] usb 1-1: Manufacturer: syz [ 242.995006][ T7792] usb 1-1: SerialNumber: syz [ 243.000346][ T7792] usb 1-1: config 0 descriptor?? [ 243.056931][ T7792] ftdi_sio 1-1:0.155: FTDI USB Serial Device converter detected [ 243.064855][ T7792] ftdi_sio ttyUSB0: unknown device type: 0xc561 [ 243.329240][ T19] usb 1-1: USB disconnect, device number 20 [ 243.340307][ T19] ftdi_sio 1-1:0.155: device disconnected [ 243.592606][ T28] audit: type=1400 audit(1718400317.194:28399): avc: denied { module_load } for pid=8534 comm="syz-executor.3" path=2F6D656D66643A1037202864656C6574656429 dev="tmpfs" ino=223 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1 [ 243.619372][ C1] net_ratelimit: 115912 callbacks suppressed [ 243.619392][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.621788][ T8535] Invalid ELF section header overflow [ 243.625276][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 243.654132][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.665958][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.677842][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 243.689633][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.701358][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.713140][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 243.724948][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.736682][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.751717][ T8543] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 243.766888][ T8543] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 243.940777][ T8552] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 244.041983][ T7792] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 244.304518][ T8564] loop0: detected capacity change from 0 to 1024 [ 244.331267][ T8564] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 244.340389][ T28] audit: type=1400 audit(1718400317.886:28400): avc: denied { mounton } for pid=8567 comm="syz-executor.4" path="/root/syzkaller-testdir3461618182/syzkaller.k79YGu/140/file0" dev="sda1" ino=1964 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1 [ 244.368141][ T19] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 244.379204][ T8568] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 244.398631][ T8568] FAT-fs (loop9): unable to read boot sector [ 244.406761][ T8564] EXT4-fs error (device loop0): ext4_quota_enable:6939: comm syz-executor.0: Bad quota inum: 9, type: 2 [ 244.433205][ T8564] EXT4-fs warning (device loop0): ext4_enable_quotas:6987: Failed to enable quota tracking (type=2, err=-117, ino=9). Please run e2fsck to fix. [ 244.453748][ T7792] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 244.472191][ T7792] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 244.495725][ T7792] usb 2-1: New USB device found, idVendor=0810, idProduct=0002, bcdDevice= 0.00 [ 244.527710][ T7792] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.546031][ T7792] usb 2-1: config 0 descriptor?? [ 244.557382][ T8564] EXT4-fs (loop0): mount failed [ 244.757026][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 244.780181][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 244.805706][ T19] usb 4-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 244.818087][ T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.837000][ T19] usb 4-1: config 0 descriptor?? [ 244.890945][ T8583] loop0: detected capacity change from 0 to 256 [ 244.916173][ T8583] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 244.926909][ T7792] usbhid 2-1:0.0: can't add hid device: -71 [ 244.932748][ T7792] usbhid: probe of 2-1:0.0 failed with error -71 [ 244.954093][ T7792] usb 2-1: USB disconnect, device number 22 [ 245.187374][ T8590] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 245.364971][ T19] hid-led 0003:1D34:000A.002E: unknown main item tag 0x0 [ 245.417768][ T8614] serio: Serial port pts0 [ 245.624318][ T19] hid-led 0003:1D34:000A.002E: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.3-1/input0 [ 245.648461][ T19] hid-led 0003:1D34:000A.002E: Dream Cheeky Webmail Notifier initialized [ 246.306276][ T19] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 246.826447][ T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 246.838097][ T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 246.850329][ T19] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 246.861548][ T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 246.875547][ T19] usb 5-1: config 0 descriptor?? [ 247.144592][ T520] usb 4-1: USB disconnect, device number 21 [ 247.181942][ T8650] loop3: detected capacity change from 0 to 256 [ 247.189707][ T8650] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 247.401753][ T7792] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 247.661454][ T8658] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 247.790646][ T7792] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 247.812236][ T7792] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 247.843702][ T7792] usb 1-1: New USB device found, idVendor=0810, idProduct=0002, bcdDevice= 0.00 [ 247.865422][ T7792] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.892272][ T7792] usb 1-1: config 0 descriptor?? [ 247.942398][ T19] usb 5-1: string descriptor 0 read error: -71 [ 247.963965][ T19] uclogic 0003:256C:006D.002F: failed retrieving string descriptor #200: -71 [ 247.976416][ T19] uclogic 0003:256C:006D.002F: failed retrieving pen parameters: -71 [ 248.003470][ T19] uclogic 0003:256C:006D.002F: failed probing pen v2 parameters: -71 [ 248.026180][ T19] uclogic 0003:256C:006D.002F: failed probing parameters: -71 [ 248.054096][ T19] uclogic: probe of 0003:256C:006D.002F failed with error -71 [ 248.075382][ T19] usb 5-1: USB disconnect, device number 21 [ 248.267331][ T7792] usbhid 1-1:0.0: can't add hid device: -71 [ 248.273189][ T7792] usbhid: probe of 1-1:0.0 failed with error -71 [ 248.293874][ T7792] usb 1-1: USB disconnect, device number 21 [ 248.640117][ T8670] device vlan2 entered promiscuous mode [ 248.645502][ T8670] device syz_tun entered promiscuous mode [ 248.682630][ T8670] device syz_tun left promiscuous mode [ 248.694209][ T8675] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 248.714037][ T8675] FAT-fs (loop5): unable to read boot sector [ 248.730310][ T8676] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 248.746008][ T8678] loop0: detected capacity change from 0 to 128 [ 248.783725][ T8676] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 248.841029][ T8683] loop1: detected capacity change from 0 to 2048 [ 248.863992][ T8686] tipc: Failed to remove unknown binding: 66,1,1/0:3612085720/3612085722 [ 248.931430][ T8691] tipc: Failed to remove unknown binding: 66,1,1/0:3612085720/3612085722 [ 249.019632][ T8683] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 249.036647][ T8683] ext4 filesystem being mounted at /root/syzkaller-testdir897609558/syzkaller.vIX3zh/443/file0 supports timestamps until 2038 (0x7fffffff) [ 249.050679][ C1] net_ratelimit: 58409 callbacks suppressed [ 249.050696][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 249.050766][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 249.080150][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 249.091988][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 249.103914][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 249.115833][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 249.127809][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 249.139670][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 249.151616][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 249.163592][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 249.177120][ T3354] EXT4-fs (loop1): unmounting filesystem. [ 249.327819][ T8709] device vlan2 entered promiscuous mode [ 249.341252][ T8714] loop2: detected capacity change from 0 to 128 [ 249.357376][ T8709] device syz_tun entered promiscuous mode [ 249.381860][ T8709] device syz_tun left promiscuous mode [ 249.643997][ T8726] loop0: detected capacity change from 0 to 256 [ 249.666922][ T8721] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 249.680691][ T8726] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea07c, utbl_chksum : 0x7319d30d) [ 249.733023][ T8721] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 249.907335][ T28] audit: type=1400 audit(2000000001.347:28401): avc: denied { create } for pid=8738 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 249.953733][ T8737] VFS: Lookup of 'file0' in fuse fuse would have caused loop [ 250.058618][ T8751] loop3: detected capacity change from 0 to 128 [ 250.217077][ T28] audit: type=1400 audit(2000000000.239:28402): avc: denied { bind } for pid=8743 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 250.364887][ T8755] loop4: detected capacity change from 0 to 256 [ 250.399285][ T8755] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 250.422920][ T8759] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 250.447693][ T8759] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 250.575907][ T8769] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 250.665697][ T8775] VFS: Lookup of 'file0' in fuse fuse would have caused loop [ 250.709878][ T8783] device vlan2 entered promiscuous mode [ 250.715459][ T8783] device syz_tun entered promiscuous mode [ 250.728829][ T8783] device syz_tun left promiscuous mode [ 250.859967][ T8790] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 251.086875][ T8798] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 251.195883][ T8806] loop1: detected capacity change from 0 to 512 [ 251.284722][ T8806] EXT4-fs (loop1): 1 truncate cleaned up [ 251.290319][ T8806] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 251.500715][ T8820] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.1: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0 [ 251.712590][ T7792] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 251.853775][ T8830] loop2: detected capacity change from 0 to 256 [ 251.946660][ T8830] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 251.983423][ T7792] usb 1-1: Using ep0 maxpacket: 16 [ 252.113517][ T7792] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 252.136318][ T7792] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 252.168286][ T3354] EXT4-fs (loop1): unmounting filesystem. [ 252.176328][ T7792] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 252.221694][ T7792] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 252.250247][ T7792] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.276318][ T7792] usb 1-1: config 0 descriptor?? [ 252.443152][ T8849] tipc: Failed to remove unknown binding: 66,1,1/0:786529190/786529192 [ 252.451950][ T8849] tipc: Failed to remove unknown binding: 66,1,1/0:786529190/786529192 [ 252.959889][ T7792] microsoft 0003:045E:07DA.0030: ignoring exceeding usage max [ 252.976520][ T7792] HID 045e:07da: Invalid code 65791 type 1 [ 252.989242][ T7792] HID 045e:07da: Invalid code 768 type 1 [ 253.000387][ T7792] HID 045e:07da: Invalid code 769 type 1 [ 253.011735][ T7792] HID 045e:07da: Invalid code 770 type 1 [ 253.023974][ T7792] HID 045e:07da: Invalid code 771 type 1 [ 253.035027][ T7792] HID 045e:07da: Invalid code 772 type 1 [ 253.046076][ T7792] HID 045e:07da: Invalid code 773 type 1 [ 253.055433][ T7792] HID 045e:07da: Invalid code 774 type 1 [ 253.061011][ T7792] HID 045e:07da: Invalid code 775 type 1 [ 253.066609][ T7792] HID 045e:07da: Invalid code 776 type 1 [ 253.082435][ T7792] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0030/input/input47 [ 253.147972][ T8884] loop2: detected capacity change from 0 to 8192 [ 253.166733][ T7792] microsoft 0003:045E:07DA.0030: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 253.181038][ T7792] usb 1-1: USB disconnect, device number 22 [ 253.831388][ T8900] __nla_validate_parse: 3 callbacks suppressed [ 253.831408][ T8900] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 253.878452][ T8900] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 254.046184][ T8919] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 254.062357][ T8921] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 254.184099][ T8924] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 254.378470][ T8916] loop4: detected capacity change from 0 to 8192 [ 254.452484][ T8936] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 254.475468][ C1] net_ratelimit: 58076 callbacks suppressed [ 254.475487][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 254.493243][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 254.505180][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 254.517114][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 254.529094][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 254.540923][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 254.552823][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 254.564652][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 254.576640][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 254.588487][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 254.603349][ T8937] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 254.759663][ T39] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 255.023663][ T8963] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 255.061755][ T8963] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 255.575065][ T39] usb 2-1: Using ep0 maxpacket: 16 [ 255.658318][ T8969] loop3: detected capacity change from 0 to 256 [ 255.762602][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.788203][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.818115][ T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 255.851402][ T39] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 255.873460][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.091251][ T39] usb 2-1: config 0 descriptor?? [ 256.219964][ T8973] loop2: detected capacity change from 0 to 8192 [ 256.644992][ T39] microsoft 0003:045E:07DA.0031: ignoring exceeding usage max [ 256.697769][ T39] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0031/input/input48 [ 256.852571][ T39] microsoft 0003:045E:07DA.0031: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 256.885819][ T39] usb 2-1: USB disconnect, device number 23 [ 257.238087][ T19] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 257.511103][ T19] usb 3-1: Using ep0 maxpacket: 16 [ 257.609053][ T9030] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 257.638978][ T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 257.659323][ T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 257.669327][ T19] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 257.687241][ T19] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 257.697283][ T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.706308][ T28] audit: type=1326 audit(2000000004.808:28403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9027 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06e707cea9 code=0x7fc00000 [ 257.732113][ T19] usb 3-1: config 0 descriptor?? [ 257.737278][ T28] audit: type=1326 audit(2000000004.808:28404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9027 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f06e707cea9 code=0x7fc00000 [ 257.842303][ T9038] loop3: detected capacity change from 0 to 512 [ 257.851230][ T9038] EXT4-fs (loop3): 1 truncate cleaned up [ 257.856829][ T9038] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 257.868914][ T39] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 258.055525][ T9042] EXT4-fs error (device loop3): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0 [ 258.354833][ T19] microsoft 0003:045E:07DA.0032: unknown main item tag 0x0 [ 258.363357][ T19] microsoft 0003:045E:07DA.0032: No inputs registered, leaving [ 258.371231][ T19] microsoft 0003:045E:07DA.0032: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 258.382658][ T19] microsoft 0003:045E:07DA.0032: no inputs found [ 258.388880][ T19] microsoft 0003:045E:07DA.0032: could not initialize ff, continuing anyway [ 258.399474][ T39] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 258.430766][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 258.442923][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 258.473846][ T39] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 258.495123][ T28] audit: type=1326 audit(2000000005.528:28405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9027 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06e707cea9 code=0x7fc00000 [ 258.583704][ T19] usb 3-1: USB disconnect, device number 22 [ 258.604659][ T39] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 258.625469][ T39] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 258.639727][ T39] usb 5-1: Manufacturer: syz [ 258.654272][ T39] usb 5-1: config 0 descriptor?? [ 258.792149][ T3322] EXT4-fs (loop3): unmounting filesystem. [ 258.997812][ T9069] overlayfs: workdir and upperdir must be separate subtrees [ 259.266597][ T39] appleir 0003:05AC:8243.0033: unknown main item tag 0x0 [ 259.270050][ T28] audit: type=1400 audit(2000000006.248:28406): avc: denied { write } for pid=9078 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 259.273640][ T39] appleir 0003:05AC:8243.0033: No inputs registered, leaving [ 259.352028][ T28] audit: type=1326 audit(2000000006.322:28407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9073 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06b267cea9 code=0x7fc00000 [ 259.376231][ T28] audit: type=1326 audit(2000000006.322:28408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9073 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f06b267cea9 code=0x7fc00000 [ 259.408080][ T39] appleir 0003:05AC:8243.0033: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 259.903228][ C1] net_ratelimit: 54702 callbacks suppressed [ 259.903248][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 259.920826][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 259.932759][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 259.944665][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 259.956687][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 259.968500][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 259.980319][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 259.992302][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 260.004338][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 260.016183][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 260.082843][ T9099] loop0: detected capacity change from 0 to 512 [ 260.096472][ T9099] EXT4-fs: Ignoring removed i_version option [ 260.124228][ T28] audit: type=1326 audit(2000000007.033:28409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9073 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06b267cea9 code=0x7fc00000 [ 260.162190][ T28] audit: type=1326 audit(2000000007.033:28410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9073 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f06b267cea9 code=0x7fc00000 [ 260.186830][ T28] audit: type=1326 audit(2000000007.033:28411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9073 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06b267cea9 code=0x7fc00000 [ 260.212617][ T7194] usb 5-1: USB disconnect, device number 22 [ 260.220426][ T28] audit: type=1326 audit(2000000007.033:28412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9073 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06b267cea9 code=0x7fc00000 [ 260.266954][ T9105] loop2: detected capacity change from 0 to 256 [ 260.273692][ T9105] exfat: Deprecated parameter 'utf8' [ 260.280073][ T9105] exfat: Deprecated parameter 'utf8' [ 260.287716][ T9099] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz-executor.0: invalid block [ 260.305875][ T9105] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 260.320962][ T9099] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz-executor.0: couldn't read orphan inode 11 (err -117) [ 260.349249][ T9099] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 260.375216][ T7931] EXT4-fs (loop0): unmounting filesystem. [ 260.441760][ T9107] loop0: detected capacity change from 0 to 128 [ 260.456516][ T9107] FAT-fs (loop0): invalid media value (0x00) [ 260.473659][ T9107] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 260.490539][ T9107] FAT-fs (loop0): Can't find a valid FAT filesystem [ 260.490586][ T39] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 260.820494][ T39] usb 4-1: Using ep0 maxpacket: 16 [ 261.009648][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 261.021363][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 261.041147][ T39] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 261.073489][ T39] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 261.082357][ T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.161936][ T39] usb 4-1: config 0 descriptor?? [ 261.223209][ T9123] overlayfs: workdir and upperdir must be separate subtrees [ 261.622240][ T9138] loop2: detected capacity change from 0 to 512 [ 261.628956][ T9138] EXT4-fs: Ignoring removed i_version option [ 261.637097][ T9138] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz-executor.2: invalid block [ 261.648479][ T9138] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz-executor.2: couldn't read orphan inode 11 (err -117) [ 261.661746][ T9138] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 261.685065][ T2483] EXT4-fs (loop2): unmounting filesystem. [ 261.734621][ T9145] SELinux: Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped). [ 261.758393][ T9147] EXT4-fs warning (device sda1): ext4_group_extend:1869: can't shrink FS - resize aborted [ 261.811546][ T39] microsoft 0003:045E:07DA.0034: unknown main item tag 0x0 [ 261.818761][ T39] microsoft 0003:045E:07DA.0034: No inputs registered, leaving [ 261.868357][ T39] microsoft 0003:045E:07DA.0034: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 262.158087][ T9149] loop0: detected capacity change from 0 to 256 [ 262.263493][ T9151] loop1: detected capacity change from 0 to 512 [ 262.290278][ T9151] EXT4-fs (loop1): 1 truncate cleaned up [ 262.295906][ T9151] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 262.296829][ T39] microsoft 0003:045E:07DA.0034: no inputs found [ 262.373507][ T39] microsoft 0003:045E:07DA.0034: could not initialize ff, continuing anyway [ 262.479147][ T9160] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.1: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0 [ 262.655319][ T39] usb 4-1: USB disconnect, device number 22 [ 262.759917][ T9181] EXT4-fs warning (device sda1): ext4_group_extend:1869: can't shrink FS - resize aborted [ 262.778669][ T9184] loop2: detected capacity change from 0 to 512 [ 262.894129][ T9186] overlayfs: workdir and upperdir must be separate subtrees [ 263.043088][ T9184] EXT4-fs (loop2): 1 orphan inode deleted [ 263.048777][ T9184] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 263.058242][ T9184] ext4 filesystem being mounted at /root/syzkaller-testdir1990169530/syzkaller.QGHLaE/597/file1 supports timestamps until 2038 (0x7fffffff) [ 263.204908][ T3354] EXT4-fs (loop1): unmounting filesystem. [ 263.424878][ T9203] bpf_get_probe_write_proto: 2 callbacks suppressed [ 263.424910][ T9203] syz-executor.2[9203] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 263.431470][ T9203] syz-executor.2[9203] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 263.564454][ T9204] loop0: detected capacity change from 0 to 256 [ 263.830514][ T9214] loop1: detected capacity change from 0 to 512 [ 263.838762][ T28] kauditd_printk_skb: 133 callbacks suppressed [ 263.838779][ T28] audit: type=1326 audit(2000000010.466:28546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c45c7cea9 code=0x7fc00000 [ 263.869441][ T9214] EXT4-fs: Ignoring removed i_version option [ 263.877953][ T9214] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz-executor.1: invalid block [ 263.889428][ T28] audit: type=1326 audit(2000000010.466:28547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f8c45c7cea9 code=0x7fc00000 [ 263.915831][ T9214] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz-executor.1: couldn't read orphan inode 11 (err -117) [ 263.928607][ T9214] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 263.943558][ T9183] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz-executor.2: Invalid block bitmap block 0 in block_group 0 [ 263.957518][ T9183] EXT4-fs (loop2): Remounting filesystem read-only [ 263.958020][ T3354] EXT4-fs (loop1): unmounting filesystem. [ 263.963833][ T9183] EXT4-fs error (device loop2): ext4_discard_preallocations:5109: comm syz-executor.2: Error -117 reading block bitmap for 0 [ 264.014312][ T2483] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #2: block 3: comm syz-executor.2: lblock 0 mapped to illegal pblock 3 (length 1) [ 264.077217][ T2483] EXT4-fs (loop2): unmounting filesystem. [ 264.088972][ T9221] loop1: detected capacity change from 0 to 256 [ 264.096590][ T28] audit: type=1326 audit(2000000010.697:28548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c45c7cea9 code=0x7fc00000 [ 264.120499][ T7194] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 264.135586][ T28] audit: type=1326 audit(2000000010.697:28549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c45c7cea9 code=0x7fc00000 [ 264.167460][ T28] audit: type=1326 audit(2000000010.697:28550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c45c7cea9 code=0x7fc00000 [ 264.196416][ T28] audit: type=1326 audit(2000000010.697:28551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c45c7cea9 code=0x7fc00000 [ 264.228686][ T28] audit: type=1326 audit(2000000010.697:28552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c45c7cea9 code=0x7fc00000 [ 264.275785][ T9228] loop3: detected capacity change from 0 to 512 [ 264.294261][ T9228] EXT4-fs (loop3): 1 truncate cleaned up [ 264.299740][ T9228] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 264.328120][ T28] audit: type=1326 audit(2000000010.697:28553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c45c7cea9 code=0x7fc00000 [ 264.357868][ T28] audit: type=1326 audit(2000000010.697:28554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c45c7cea9 code=0x7fc00000 [ 264.590647][ T7194] usb 5-1: Using ep0 maxpacket: 32 [ 264.704475][ T9237] EXT4-fs error (device loop3): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0 [ 264.860783][ T9239] overlayfs: workdir and upperdir must be separate subtrees [ 264.921214][ T28] audit: type=1326 audit(2000000010.697:28555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c45c7cea9 code=0x7fc00000 [ 265.125443][ T7194] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 265.144135][ T7194] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 265.177074][ T9242] serio: Serial port pts0 [ 265.229566][ T3322] EXT4-fs (loop3): unmounting filesystem. [ 265.331186][ C1] net_ratelimit: 40120 callbacks suppressed [ 265.331203][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 265.348830][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 265.360592][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 265.372342][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 265.384165][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 265.395961][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 265.407766][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 265.419637][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 265.431447][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 265.443241][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 265.461441][ T7194] usb 5-1: string descriptor 0 read error: -22 [ 265.468602][ T7194] usb 5-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.40 [ 265.478673][ T7194] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.537907][ T7194] usbhid 5-1:1.0: can't add hid device: -22 [ 265.562720][ T7194] usbhid: probe of 5-1:1.0 failed with error -22 [ 265.583964][ T9249] loop0: detected capacity change from 0 to 128 [ 265.592665][ T9249] FAT-fs (loop0): invalid media value (0x00) [ 265.599252][ T9249] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 265.609290][ T9249] FAT-fs (loop0): Can't find a valid FAT filesystem [ 265.633885][ T9245] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.649111][ T9245] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.663419][ T9245] device bridge_slave_0 entered promiscuous mode [ 265.670913][ T9254] EXT4-fs warning (device sda1): ext4_group_extend:1869: can't shrink FS - resize aborted [ 265.695983][ T9245] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.703450][ T9245] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.710850][ T9245] device bridge_slave_1 entered promiscuous mode [ 265.755497][ T7194] usb 5-1: USB disconnect, device number 23 [ 265.819678][ T590] device veth1_to_bridge left promiscuous mode [ 265.825779][ T590] bridge0: port 1(veth1_to_bridge) entered disabled state [ 265.834948][ T590] device vlan0 left promiscuous mode [ 265.840226][ T590] bridge0: port 3(vlan0) entered disabled state [ 265.849146][ T590] device bridge_slave_1 left promiscuous mode [ 265.855183][ T590] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.874674][ T590] device veth1_macvtap left promiscuous mode [ 265.883816][ T590] device veth0_vlan left promiscuous mode [ 266.357144][ T9245] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.364043][ T9245] bridge0: port 2(bridge_slave_1) entered forwarding state [ 266.371134][ T9245] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.377920][ T9245] bridge0: port 1(bridge_slave_0) entered forwarding state [ 266.428665][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 266.437522][ T19] bridge0: port 1(bridge_slave_0) entered disabled state [ 266.445693][ T19] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.611514][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 266.619570][ T7194] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.626457][ T7194] bridge0: port 1(bridge_slave_0) entered forwarding state [ 266.635169][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 266.643264][ T7194] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.650133][ T7194] bridge0: port 2(bridge_slave_1) entered forwarding state [ 266.664493][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 266.672717][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 266.682020][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 266.690011][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 266.705734][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 266.714112][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 266.725076][ T9245] device veth0_vlan entered promiscuous mode [ 266.731294][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 266.744066][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 266.758452][ T9245] device veth1_macvtap entered promiscuous mode [ 266.765813][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 266.774434][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 266.790616][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 266.804943][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 266.822246][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 266.847296][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 266.856626][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 266.878149][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 266.894075][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 267.367060][ T9283] loop4: detected capacity change from 0 to 512 [ 267.374390][ T9283] EXT4-fs: Ignoring removed i_version option [ 267.382416][ T9283] EXT4-fs error (device loop4): __ext4_iget:5046: inode #11: block 1: comm syz-executor.4: invalid block [ 267.395115][ T9283] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 11 (err -117) [ 267.407343][ T9283] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 267.438502][ T9287] loop0: detected capacity change from 0 to 256 [ 267.446921][ T6693] EXT4-fs (loop4): unmounting filesystem. [ 267.457122][ T9287] FAT-fs (loop0): Directory bread(block 64) failed [ 267.463495][ T9287] FAT-fs (loop0): Directory bread(block 65) failed [ 267.470193][ T9287] FAT-fs (loop0): Directory bread(block 66) failed [ 267.476712][ T9287] FAT-fs (loop0): Directory bread(block 67) failed [ 267.484749][ T9287] FAT-fs (loop0): Directory bread(block 68) failed [ 267.491661][ T9287] FAT-fs (loop0): Directory bread(block 69) failed [ 267.498128][ T9287] FAT-fs (loop0): Directory bread(block 70) failed [ 267.504480][ T9287] FAT-fs (loop0): Directory bread(block 71) failed [ 267.511217][ T9287] FAT-fs (loop0): Directory bread(block 72) failed [ 267.517578][ T9287] FAT-fs (loop0): Directory bread(block 73) failed [ 267.556231][ T9289] loop0: detected capacity change from 0 to 256 [ 268.602257][ T9315] __nla_validate_parse: 1 callbacks suppressed [ 268.602276][ T9315] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 268.917949][ T7194] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 269.308511][ T7194] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 269.322888][ T7194] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 269.335011][ T7194] usb 1-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 269.349824][ T7194] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.366065][ T7194] usb 1-1: config 0 descriptor?? [ 269.895853][ T7194] hid-led 0003:1D34:000A.0035: unknown main item tag 0x0 [ 270.144886][ T7194] hid-led 0003:1D34:000A.0035: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.0-1/input0 [ 270.163151][ T7194] hid-led 0003:1D34:000A.0035: Dream Cheeky Webmail Notifier initialized [ 270.759174][ C1] net_ratelimit: 58837 callbacks suppressed [ 270.759204][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 270.776912][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 270.788936][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 270.801060][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 270.812953][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 270.824980][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 270.836918][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 270.849007][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 270.860867][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 270.872829][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 271.845504][ T7792] usb 1-1: USB disconnect, device number 23 [ 272.850166][ T7792] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 272.904594][ T19] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 273.089666][ T9374] loop4: detected capacity change from 0 to 2048 [ 273.096332][ T9374] EXT4-fs: Ignoring removed orlov option [ 273.112338][ T9374] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 273.163217][ T9380] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 273.251284][ T7792] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 273.265406][ T7792] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 273.288780][ T7792] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 273.303605][ T7792] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 273.311743][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 273.326857][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 273.340553][ T7792] usb 1-1: config 0 descriptor?? [ 273.351154][ T19] usb 4-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00 [ 273.368245][ T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 273.384934][ T19] usb 4-1: config 0 descriptor?? [ 273.427204][ T9384] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 273.453399][ T9384] EXT4-fs (loop4): Remounting filesystem read-only [ 273.554447][ T520] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 273.562238][ T6693] EXT4-fs (loop4): unmounting filesystem. [ 273.678580][ T9390] loop4: detected capacity change from 0 to 512 [ 273.685803][ T9390] EXT4-fs: Ignoring removed mblk_io_submit option [ 273.692673][ T9390] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 273.705368][ T9390] EXT4-fs (loop4): 1 truncate cleaned up [ 273.711160][ T9390] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 273.737580][ T6693] EXT4-fs (loop4): unmounting filesystem. [ 273.825671][ T520] usb 2-1: Using ep0 maxpacket: 16 [ 273.869557][ T7792] plantronics 0003:047F:FFFF.0036: unknown main item tag 0x0 [ 273.877037][ T7792] plantronics 0003:047F:FFFF.0036: unbalanced collection at end of report description [ 273.886663][ T7792] plantronics 0003:047F:FFFF.0036: parse failed [ 273.893626][ T7792] plantronics: probe of 0003:047F:FFFF.0036 failed with error -22 [ 273.912701][ T19] dragonrise 0003:0079:0006.0037: unknown main item tag 0x0 [ 273.922205][ T19] dragonrise 0003:0079:0006.0037: item fetching failed at offset 1/5 [ 273.939569][ T19] dragonrise 0003:0079:0006.0037: parse failed [ 273.949284][ T19] dragonrise: probe of 0003:0079:0006.0037 failed with error -22 [ 273.957286][ T520] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 273.980075][ T520] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 273.993847][ T520] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 274.009903][ T520] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.018895][ T520] usb 2-1: config 0 descriptor?? [ 274.097544][ T7792] usb 1-1: USB disconnect, device number 24 [ 274.133276][ T783] usb 4-1: USB disconnect, device number 23 [ 274.156860][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 274.156876][ T28] audit: type=1326 audit(2000000019.982:28557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4516a7cea9 code=0x7ffc0000 [ 274.188310][ T28] audit: type=1326 audit(2000000020.019:28558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4516a7cea9 code=0x7ffc0000 [ 274.222714][ T28] audit: type=1326 audit(2000000020.019:28559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4516a7cea9 code=0x7ffc0000 [ 274.246833][ T28] audit: type=1326 audit(2000000020.019:28560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4516a7cea9 code=0x7ffc0000 [ 274.271085][ T28] audit: type=1326 audit(2000000020.047:28561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4516a7cea9 code=0x7ffc0000 [ 274.296229][ T28] audit: type=1326 audit(2000000020.047:28562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4516a7a627 code=0x7ffc0000 [ 274.320230][ T28] audit: type=1326 audit(2000000020.047:28563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4516a40309 code=0x7ffc0000 [ 274.344241][ T28] audit: type=1326 audit(2000000020.047:28564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f4516a7cea9 code=0x7ffc0000 [ 274.369252][ T19] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 274.376846][ T28] audit: type=1326 audit(2000000020.047:28565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4516a7a627 code=0x7ffc0000 [ 274.401004][ T28] audit: type=1326 audit(2000000020.047:28566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4516a40309 code=0x7ffc0000 [ 274.447732][ T9415] loop2: detected capacity change from 0 to 512 [ 274.455756][ T9415] EXT4-fs: Ignoring removed mblk_io_submit option [ 274.462384][ T9415] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 274.473589][ T9415] EXT4-fs (loop2): 1 truncate cleaned up [ 274.479725][ T9415] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 274.509109][ T9245] EXT4-fs (loop2): unmounting filesystem. [ 274.538525][ T9383] loop1: detected capacity change from 0 to 256 [ 274.551556][ T9383] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 274.575577][ T9383] input: syz0 as /devices/virtual/input/input51 [ 274.601550][ T520] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0038/input/input52 [ 274.637812][ T19] usb 5-1: Using ep0 maxpacket: 16 [ 274.666721][ T9426] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 274.682212][ T520] microsoft 0003:045E:07DA.0038: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 274.767903][ T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 274.790957][ T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 274.818865][ T19] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 274.869066][ T19] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 274.888031][ T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.907559][ T19] usb 5-1: config 0 descriptor?? [ 274.943605][ T9449] serio: Serial port pts0 [ 275.038509][ T9455] loop2: detected capacity change from 0 to 512 [ 275.051297][ T9455] EXT4-fs (loop2): 1 orphan inode deleted [ 275.052099][ T9458] loop0: detected capacity change from 0 to 512 [ 275.057248][ T9455] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 275.074511][ T783] usb 2-1: USB disconnect, device number 24 [ 275.084408][ T9458] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #11: comm syz-executor.0: corrupted in-inode xattr [ 275.097348][ T9458] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz-executor.0: couldn't read orphan inode 11 (err -117) [ 275.104663][ T9455] ext4 filesystem being mounted at /root/syzkaller-testdir1338084227/syzkaller.FPHPKT/30/file1 supports timestamps until 2038 (0x7fffffff) [ 275.111558][ T9458] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 275.318451][ T9462] syz-executor.2[9462] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 275.318747][ T9462] syz-executor.2[9462] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 275.433588][ T19] microsoft 0003:045E:07DA.0039: unknown main item tag 0x0 [ 275.453045][ T19] microsoft 0003:045E:07DA.0039: No inputs registered, leaving [ 275.462319][ T19] microsoft 0003:045E:07DA.0039: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 275.476675][ T19] microsoft 0003:045E:07DA.0039: no inputs found [ 275.482983][ T19] microsoft 0003:045E:07DA.0039: could not initialize ff, continuing anyway [ 275.655730][ T9464] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 275.674337][ T19] usb 5-1: USB disconnect, device number 24 [ 275.838116][ T7931] EXT4-fs (loop0): unmounting filesystem. [ 275.852572][ T9470] binder: binder_mmap: 9469 20ffb000-20fff000 bad vm_flags failed -1 [ 275.876418][ T9472] incfs: Options parsing error. -22 [ 275.881537][ T9472] incfs: mount failed -22 [ 275.886962][ T9472] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 275.954525][ T9454] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz-executor.2: Invalid block bitmap block 0 in block_group 0 [ 275.968467][ T9454] EXT4-fs (loop2): Remounting filesystem read-only [ 275.974813][ T9454] EXT4-fs error (device loop2): ext4_discard_preallocations:5109: comm syz-executor.2: Error -117 reading block bitmap for 0 [ 275.992092][ T783] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 276.048586][ T9245] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #2: block 3: comm syz-executor.2: lblock 0 mapped to illegal pblock 3 (length 1) [ 276.068889][ T9245] EXT4-fs (loop2): unmounting filesystem. [ 276.187066][ C1] net_ratelimit: 77386 callbacks suppressed [ 276.187087][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 276.204807][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 276.216711][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 276.228549][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 276.240380][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 276.252283][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 276.264214][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 276.276163][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 276.287976][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 276.299882][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 276.328015][ T19] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 276.363279][ T9487] loop4: detected capacity change from 0 to 512 [ 276.369850][ T9487] EXT4-fs: Ignoring removed mblk_io_submit option [ 276.377477][ T9487] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 276.388887][ T9487] EXT4-fs (loop4): 1 truncate cleaned up [ 276.394511][ T783] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 276.405340][ T9487] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 276.414255][ T783] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 276.425793][ T783] usb 2-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00 [ 276.434739][ T783] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 276.443256][ T783] usb 2-1: config 0 descriptor?? [ 276.454308][ T9479] bridge0: port 1(bridge_slave_0) entered blocking state [ 276.462498][ T9479] bridge0: port 1(bridge_slave_0) entered disabled state [ 276.471144][ T9479] device bridge_slave_0 entered promiscuous mode [ 276.478066][ T9479] bridge0: port 2(bridge_slave_1) entered blocking state [ 276.484983][ T9479] bridge0: port 2(bridge_slave_1) entered disabled state [ 276.493426][ T9479] device bridge_slave_1 entered promiscuous mode [ 276.513137][ T6693] EXT4-fs (loop4): unmounting filesystem. [ 276.664643][ T9479] bridge0: port 2(bridge_slave_1) entered blocking state [ 276.671533][ T9479] bridge0: port 2(bridge_slave_1) entered forwarding state [ 276.678647][ T9479] bridge0: port 1(bridge_slave_0) entered blocking state [ 276.685402][ T9479] bridge0: port 1(bridge_slave_0) entered forwarding state [ 276.731127][ T19] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 276.759145][ T19] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 276.785934][ T7792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 276.800607][ T7792] bridge0: port 1(bridge_slave_0) entered disabled state [ 276.813673][ T7792] bridge0: port 2(bridge_slave_1) entered disabled state [ 276.857015][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 276.865139][ T19] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 276.878920][ T520] bridge0: port 1(bridge_slave_0) entered blocking state [ 276.885807][ T520] bridge0: port 1(bridge_slave_0) entered forwarding state [ 276.894486][ T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 276.910687][ T19] usb 1-1: SerialNumber: syz [ 276.920063][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 276.938532][ T520] bridge0: port 2(bridge_slave_1) entered blocking state [ 276.945413][ T520] bridge0: port 2(bridge_slave_1) entered forwarding state [ 276.957126][ T783] dragonrise 0003:0079:0006.003A: unknown main item tag 0x0 [ 276.969208][ T783] dragonrise 0003:0079:0006.003A: item fetching failed at offset 1/5 [ 276.988897][ T783] dragonrise 0003:0079:0006.003A: parse failed [ 277.000171][ T783] dragonrise: probe of 0003:0079:0006.003A failed with error -22 [ 277.020532][ T9479] device veth0_vlan entered promiscuous mode [ 277.040592][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 277.049493][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 277.066634][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 277.080951][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 277.095325][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 277.109221][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 277.159525][ T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 277.169086][ T9479] device veth1_macvtap entered promiscuous mode [ 277.181648][ T520] usb 2-1: USB disconnect, device number 25 [ 277.199365][ T43] device bridge_slave_1 left promiscuous mode [ 277.205987][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.217359][ T19] usb 1-1: 0:2 : does not exist [ 277.222073][ T19] usb 1-1: unit 120 not found! [ 277.235776][ T19] usb 1-1: unit 102 not found! [ 277.240842][ T43] device bridge_slave_0 left promiscuous mode [ 277.246778][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 277.260190][ T19] usb 1-1: USB disconnect, device number 25 [ 277.274126][ T43] device veth1_macvtap left promiscuous mode [ 277.280266][ T43] device veth0_vlan left promiscuous mode [ 277.477766][ T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 277.495337][ T783] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 277.560844][ T9495] device pim6reg1 entered promiscuous mode [ 277.760137][ T9500] incfs: Options parsing error. -22 [ 277.768943][ T9500] incfs: mount failed -22 [ 277.778160][ T9500] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 278.085117][ T9517] loop1: detected capacity change from 0 to 256 [ 278.099931][ T9517] FAT-fs (loop1): Unrecognized mount option "B1q鞳+d'#.Ԓͯ?o\ [ 278.099931][ T9517] 18446744073709551615" or missing value [ 278.943845][ T9530] loop2: detected capacity change from 0 to 512 [ 278.982579][ T520] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 279.069238][ T9530] EXT4-fs (loop2): 1 orphan inode deleted [ 279.076480][ T9530] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 279.104268][ T9530] ext4 filesystem being mounted at /root/syzkaller-testdir1202125996/syzkaller.6mJqnZ/5/file1 supports timestamps until 2038 (0x7fffffff) [ 279.372948][ T9540] syz-executor.2[9540] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 279.373244][ T9540] syz-executor.2[9540] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 279.552587][ T520] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 279.576996][ T9542] overlayfs: workdir and upperdir must be separate subtrees [ 279.672802][ T19] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 279.682517][ T520] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 279.699034][ T9524] loop3: detected capacity change from 0 to 131072 [ 279.708536][ T9524] F2FS-fs (loop3): Found nat_bits in checkpoint [ 279.748620][ T9524] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 279.770083][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 279.770098][ T28] audit: type=1400 audit(2000000025.170:28571): avc: denied { mounton } for pid=9523 comm="syz-executor.3" path="/root/syzkaller-testdir2642113633/syzkaller.c3EtaD/409/file0/file1" dev="loop3" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 279.805078][ T520] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 279.814204][ T520] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 279.822208][ T520] usb 1-1: SerialNumber: syz [ 279.855874][ T9529] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz-executor.2: Invalid block bitmap block 0 in block_group 0 [ 279.870065][ T9529] EXT4-fs (loop2): Remounting filesystem read-only [ 279.876475][ T9529] EXT4-fs error (device loop2): ext4_discard_preallocations:5109: comm syz-executor.2: Error -117 reading block bitmap for 0 [ 279.935987][ T19] usb 2-1: Using ep0 maxpacket: 32 [ 279.958761][ T9479] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #2: block 3: comm syz-executor.2: lblock 0 mapped to illegal pblock 3 (length 1) [ 280.002199][ T9479] EXT4-fs (loop2): unmounting filesystem. [ 280.065830][ T19] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 280.082225][ T19] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 280.144336][ T520] usb 1-1: 0:2 : does not exist [ 280.151292][ T520] usb 1-1: unit 120 not found! [ 280.183579][ T520] usb 1-1: unit 102 not found! [ 280.200059][ T520] usb 1-1: USB disconnect, device number 26 [ 280.338318][ T9555] futex_wake_op: syz-executor.3 tries to shift op by -1; fix this program [ 280.424682][ T9557] loop4: detected capacity change from 0 to 256 [ 280.489810][ T19] usb 2-1: string descriptor 0 read error: -22 [ 280.496210][ T19] usb 2-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.40 [ 280.545296][ T19] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.760051][ T19] usbhid 2-1:1.0: can't add hid device: -22 [ 280.783594][ T19] usbhid: probe of 2-1:1.0 failed with error -22 [ 280.824433][ T9564] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 280.875195][ T9573] loop3: detected capacity change from 0 to 2048 [ 280.895916][ T9560] bridge0: port 1(bridge_slave_0) entered blocking state [ 280.903707][ T9573] EXT4-fs: Ignoring removed orlov option [ 280.909299][ T9560] bridge0: port 1(bridge_slave_0) entered disabled state [ 280.917748][ T9560] device bridge_slave_0 entered promiscuous mode [ 280.927232][ T9573] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 280.941089][ T9560] bridge0: port 2(bridge_slave_1) entered blocking state [ 280.949531][ T9560] bridge0: port 2(bridge_slave_1) entered disabled state [ 280.964717][ T9560] device bridge_slave_1 entered promiscuous mode [ 280.980761][ T7194] usb 2-1: USB disconnect, device number 26 [ 281.176056][ T9560] bridge0: port 2(bridge_slave_1) entered blocking state [ 281.182965][ T9560] bridge0: port 2(bridge_slave_1) entered forwarding state [ 281.190058][ T9560] bridge0: port 1(bridge_slave_0) entered blocking state [ 281.196829][ T9560] bridge0: port 1(bridge_slave_0) entered forwarding state [ 281.204060][ T19] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 281.289937][ T9579] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 281.314704][ T9579] EXT4-fs (loop3): Remounting filesystem read-only [ 281.334360][ T7194] bridge0: port 1(bridge_slave_0) entered disabled state [ 281.342605][ T7194] bridge0: port 2(bridge_slave_1) entered disabled state [ 281.367350][ T590] device bridge_slave_1 left promiscuous mode [ 281.376392][ T590] bridge0: port 2(bridge_slave_1) entered disabled state [ 281.395495][ T590] device bridge_slave_0 left promiscuous mode [ 281.409496][ T590] bridge0: port 1(bridge_slave_0) entered disabled state [ 281.421771][ T590] device veth1_macvtap left promiscuous mode [ 281.430632][ T590] device veth0_vlan left promiscuous mode [ 281.463444][ T19] usb 1-1: Using ep0 maxpacket: 16 [ 281.758512][ C1] net_ratelimit: 64427 callbacks suppressed [ 281.758532][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 281.761453][ T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 281.764363][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 281.798472][ T19] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 281.798695][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 281.820924][ T19] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 281.822870][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 281.831621][ T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 281.843525][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 281.863231][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 281.867979][ T3322] EXT4-fs (loop3): unmounting filesystem. [ 281.875106][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 281.892222][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 281.893711][ T19] usb 1-1: config 0 descriptor?? [ 281.904131][ C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:96:63:d7:b6:66:d4, vlan:0) [ 281.920723][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 282.197213][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 282.212132][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 282.231163][ T9603] loop1: detected capacity change from 0 to 512 [ 282.254820][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 282.263195][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 282.263199][ T9603] EXT4-fs (loop1): bad block size 8192 [ 282.280662][ T520] bridge0: port 1(bridge_slave_0) entered blocking state [ 282.287528][ T520] bridge0: port 1(bridge_slave_0) entered forwarding state [ 282.294842][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 282.304049][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 282.312224][ T520] bridge0: port 2(bridge_slave_1) entered blocking state [ 282.319070][ T520] bridge0: port 2(bridge_slave_1) entered forwarding state [ 282.326381][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 282.334343][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 282.342562][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 282.350421][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 282.366328][ T9560] device veth0_vlan entered promiscuous mode [ 282.384812][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 282.393019][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 282.401681][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 282.409570][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 282.423236][ T9575] loop0: detected capacity change from 0 to 256 [ 282.449145][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 282.459571][ T9575] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 282.472508][ T28] audit: type=1400 audit(2000000027.671:28572): avc: denied { getopt } for pid=9605 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 282.493683][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 282.602669][ T9608] loop4: detected capacity change from 0 to 256 [ 283.191633][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 283.199741][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 283.231010][ T9560] device veth1_macvtap entered promiscuous mode [ 283.252277][ T9575] input: syz0 as /devices/virtual/input/input54 [ 283.273618][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 283.288405][ T7194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 283.375044][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 283.386635][ T19] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.003B/input/input55 [ 283.402069][ T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 283.463528][ T9626] loop4: detected capacity change from 0 to 256 [ 283.488783][ T9626] exfat: Deprecated parameter 'utf8' [ 283.503830][ T19] microsoft 0003:045E:07DA.003B: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 283.532746][ T9626] exfat: Deprecated parameter 'utf8' [ 283.561929][ T9626] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 283.578074][ T9638] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9638 comm=syz-executor.2 [ 283.635240][ T28] audit: type=1400 audit(2000000028.732:28573): avc: denied { read } for pid=9636 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 283.947392][ T28] audit: type=1400 audit(2000000028.972:28574): avc: denied { execute } for pid=9625 comm="syz-executor.4" path="/root/syzkaller-testdir3461618182/syzkaller.k79YGu/225/file0/bus" dev="loop4" ino=1048802 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 283.986911][ T520] usb 1-1: USB disconnect, device number 27 [ 284.027407][ T9670] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9670 comm=syz-executor.2 [ 284.115085][ T9676] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 284.126643][ T9676] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 284.134881][ T9676] CPU: 1 PID: 9676 Comm: syz-executor.1 Not tainted 6.1.78-syzkaller-00009-g25216be1ac5e #0 [ 284.144774][ T9676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 284.154670][ T9676] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0 [ 284.160745][ T9676] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 ac 07 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 04 25 00 48 89 5c 24 18 4c 8b [ 284.180188][ T9676] RSP: 0018:ffffc90000a976c0 EFLAGS: 00010246 [ 284.186086][ T9676] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000 [ 284.193897][ T9676] RDX: ffffc9000cd2c000 RSI: 000000000000041c RDI: 000000000000041d [ 284.201707][ T9676] RBP: ffffc90000a97818 R08: 0000000000000005 R09: ffffffff8411e7b3 [ 284.209521][ T9676] R10: 0000000000000004 R11: ffff8881225c6540 R12: dffffc0000000000 [ 284.217333][ T9676] R13: ffff888117f6d140 R14: 1ffff92000152ee4 R15: 0000000000000000 [ 284.225144][ T9676] FS: 00007fc968c726c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 284.233909][ T9676] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 284.240333][ T9676] CR2: 0000000020010000 CR3: 000000013e47d000 CR4: 00000000003506a0 [ 284.248148][ T9676] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 284.255955][ T9676] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 284.263769][ T9676] Call Trace: [ 284.266891][ T9676] [ 284.269671][ T9676] ? __die_body+0x62/0xb0 [ 284.273837][ T9676] ? die_addr+0x9f/0xd0 [ 284.277829][ T9676] ? exc_general_protection+0x317/0x4c0 [ 284.283216][ T9676] ? asm_exc_general_protection+0x27/0x30 [ 284.288765][ T9676] ? xdp_do_generic_redirect+0x303/0xad0 [ 284.294234][ T9676] ? dev_map_generic_redirect+0x90/0x7d0 [ 284.299700][ T9676] ? __free_pages_core+0x180/0x180 [ 284.304647][ T9676] ? __this_cpu_preempt_check+0x13/0x20 [ 284.310029][ T9676] ? bq_enqueue+0x3e0/0x3e0 [ 284.314368][ T9676] ? bpf_prog_run_generic_xdp+0x9aa/0x1110 [ 284.320014][ T9676] xdp_do_generic_redirect+0x411/0xad0 [ 284.325306][ T9676] do_xdp_generic+0x53e/0x800 [ 284.329818][ T9676] ? generic_xdp_tx+0x560/0x560 [ 284.334506][ T9676] ? __schedule+0xcaf/0x1550 [ 284.338931][ T9676] ? tun_get_user+0x2340/0x3a90 [ 284.343617][ T9676] tun_get_user+0x238a/0x3a90 [ 284.348133][ T9676] ? futex_q_unlock+0x30/0x30 [ 284.352646][ T9676] ? tun_do_read+0x1ee0/0x1ee0 [ 284.357243][ T9676] ? ref_tracker_alloc+0x31d/0x450 [ 284.362191][ T9676] ? ref_tracker_dir_print+0x160/0x160 [ 284.367486][ T9676] ? futex_wait+0x4b7/0x7e0 [ 284.371828][ T9676] ? avc_policy_seqno+0x1b/0x70 [ 284.376513][ T9676] ? tun_get+0xe9/0x120 [ 284.380507][ T9676] tun_chr_write_iter+0x129/0x210 [ 284.385366][ T9676] vfs_write+0x902/0xeb0 [ 284.389443][ T9676] ? __x64_sys_prctl+0xd0/0xd0 [ 284.394047][ T9676] ? file_end_write+0x1c0/0x1c0 [ 284.398732][ T9676] ? __fget_files+0x2cb/0x330 [ 284.403246][ T9676] ? __fdget_pos+0x204/0x390 [ 284.407672][ T9676] ? ksys_write+0x77/0x2c0 [ 284.411926][ T9676] ksys_write+0x199/0x2c0 [ 284.416090][ T9676] ? bpf_trace_run1+0x240/0x240 [ 284.420778][ T9676] ? __ia32_sys_read+0x90/0x90 [ 284.425377][ T9676] ? __bpf_trace_sys_enter+0x62/0x70 [ 284.430497][ T9676] __x64_sys_write+0x7b/0x90 [ 284.434927][ T9676] do_syscall_64+0x3d/0xb0 [ 284.439178][ T9676] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 284.444905][ T9676] RIP: 0033:0x7fc967e7bbef [ 284.449158][ T9676] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 b9 80 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 0c 81 02 00 48 [ 284.468600][ T9676] RSP: 002b:00007fc968c72090 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 284.476845][ T9676] RAX: ffffffffffffffda RBX: 00007fc967fb3f80 RCX: 00007fc967e7bbef [ 284.484659][ T9676] RDX: 000000000000fdef RSI: 0000000020000780 RDI: 00000000000000c8 [ 284.492469][ T9676] RBP: 00007fc967eebff4 R08: 0000000000000000 R09: 0000000000000000 [ 284.500279][ T9676] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000 [ 284.508223][ T9676] R13: 000000000000000b R14: 00007fc967fb3f80 R15: 00007ffd1b19ca78 2033/05/18 03:33:49 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 284.516043][ T9676] [ 284.518896][ T9676] Modules linked in: [ 284.522676][ T9676] ---[ end trace 0000000000000000 ]--- [ 284.527931][ T9676] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0 [ 284.534032][ T9676] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 ac 07 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 04 25 00 48 89 5c 24 18 4c 8b [ 284.553490][ T9676] RSP: 0018:ffffc90000a976c0 EFLAGS: 00010246 [ 284.559347][ T9676] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000 [ 284.567178][ T9676] RDX: ffffc9000cd2c000 RSI: 000000000000041c RDI: 000000000000041d [ 284.574985][ T9676] RBP: ffffc90000a97818 R08: 0000000000000005 R09: ffffffff8411e7b3 [ 284.582778][ T9676] R10: 0000000000000004 R11: ffff8881225c6540 R12: dffffc0000000000 [ 284.590614][ T9676] R13: ffff888117f6d140 R14: 1ffff92000152ee4 R15: 0000000000000000 [ 284.598427][ T9676] FS: 00007fc968c726c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 284.607189][ T9676] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 284.613614][ T9676] CR2: 0000000020010000 CR3: 000000013e47d000 CR4: 00000000003506a0 [ 284.621431][ T9676] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 284.629233][ T9676] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 284.637030][ T9676] Kernel panic - not syncing: Fatal exception in interrupt [ 284.644272][ T9676] Kernel Offset: disabled [ 284.648398][ T9676] Rebooting in 86400 seconds..