last executing test programs: 25.221093399s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe2, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = dup2(r1, r0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10) epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 25.166122278s ago: executing program 1: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b304000000000000850000005900000095"], 0x0}, 0x90) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000002200b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='ext4_remove_blocks\x00', r2}, 0x10) write$cgroup_int(r0, &(0x7f0000000100), 0x1001) ioctl$SIOCSIFHWADDR(r0, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) 24.937056553s ago: executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000000000000000000000000008500000087000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095000000000000002f81c461b3fea834ceb0e17d9838c2830ca7ce46e581a192326a3698c79205e02f1561b0a3c595448e9f7024b45fb2006c9917fe2a42fcd2ce278009682dc8f7c867b177ec5bd50b92aedef35b6cd87b56690b4c96f63ab021ee1cf616d8af74911d5e51b76d2c31b8bece7b0f"], &(0x7f0000000080)='GPL\x00'}, 0x65) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 24.744679733s ago: executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r2 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000001400)=@raw={'raw\x00', 0x8, 0x3, 0x3e8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x318, 0xffffffff, 0xffffffff, 0x318, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @multicast2}, [], [], 'lo\x00', 'gre0\x00'}, 0x0, 0x118, 0x240, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'tftp-20000\x00'}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:default_context_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x448) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r1, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x1, 0x2000, &(0x7f0000000000/0x2000)=nil}) getsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0x9, 0x0, &(0x7f0000000080)) 24.545999514s ago: executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x7a, 0x1}, 0x48) shutdown(0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x3, 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000001c0)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2}}}}}, 0x0) 24.538323766s ago: executing program 1: ptrace(0x10, 0x1) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000140)={0x0, 0x0}) ptrace$getregset(0x4204, r1, 0x0, &(0x7f0000000040)={0x0}) 1.771615305s ago: executing program 4: r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x1c}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x3f, 0x0, r0, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x3}, 0x48) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000009c0)={'team0\x00', 0x0}) setsockopt$inet6_mreq(r3, 0x29, 0x1c, &(0x7f0000000a00)={@local, r4}, 0x14) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r5, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x5}, 0x18) setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000040)={@dev}, 0x14) setsockopt$inet6_mreq(r3, 0x29, 0x1c, &(0x7f00000001c0)={@remote}, 0x14) r6 = dup(r2) ioctl$TIOCNOTTY(r6, 0x5422) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r1, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000680)}}, 0x10) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) dup(r7) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) r8 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000180)={{0x2, 0x0, @loopback}, {0x0, @remote}, 0x0, {0x2, 0x0, @multicast1}}) write$binfmt_script(r9, &(0x7f00000000c0), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r9, 0x0) ioctl$PTP_PEROUT_REQUEST2(r8, 0x40383d0c, &(0x7f00000000c0)) 1.744645039s ago: executing program 4: bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000340), 0x8) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0xffffffffffffffff, r0, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x8, 0x0, @wg}}}}}, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001400009eb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000001300)=0x1, 0x4) setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x300, 0xfc}, 0x1c) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000000000007b010800000000009500004000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffb4}, 0x90) r6 = socket$netlink(0x10, 0x3, 0xa) setsockopt$netlink_NETLINK_RX_RING(r6, 0x10e, 0x6, &(0x7f0000000140)={0x5, 0x7fffffff, 0x0, 0x1a}, 0x10) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000000040)="0324a9763da6d9ea2b6c626b552db0465b891bcd", 0x14}, {&(0x7f0000000580)="cf331e07c105bf672c260fa137c3d4dc586ccb95da192511557e42e7087d16892ecd9745f92f68147947dbe493a95c9dbde28fa1a3b448194308f8e087a63f6d7680b70a43e84d26da82f338cef63dfcf1b5e131704cf665e1bd2d2e1ca7087238778e7ae46c9058da3d1465cec74ee920dcf811f1687bb340fdae4b7e1c45ca0f08", 0x82}, {&(0x7f0000000640)="57760bea", 0x4}], 0x3}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000c00)=""/153, 0x99}], 0x1}, 0x0) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r8 = socket(0x200000100000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000480)={'syz_tun\x00', 0x0}) bind$packet(r8, &(0x7f0000000040)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @local}, 0x14) r10 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', 0x0}) getsockname$packet(r8, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002000128008000100687372001400028008000200", @ANYRES32=r11, @ANYRESDEC=r1, @ANYRES32=r12, @ANYBLOB="080003"], 0x48}}, 0x0) openat$cgroup_subtree(r7, &(0x7f0000000300), 0x2, 0x0) 1.660658763s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000040)='ext4_unlink_enter\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000040)='ext4_unlink_enter\x00', r2}, 0x10) unlink(&(0x7f0000000140)='./cgroup\x00') 1.652534014s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='mm_page_alloc\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r2 = openat$loop_ctrl(0xffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r2, 0x4c80, &(0x7f0000005780)={0x0, 0x0, "ac06f105d310541258e0a2a0b883eb29e46b1fac57461914278705b6a55ba904cefb1f00536dfdc9ce9c12d1207f8a3ad1dad7ed0fc16b2ccd00000000000000080000000c0996d78e489e96651d35ca509de7cf52e7578e9ce37700000000000032936e283ae72a84cc5a72f07fef2fec1463729b336e892b5aadc70f51cb4582b7757f779254377a6a42493fb7023b15fb899a2072631f76cd0a59b17031b431163758724ac0df2d95b9c3fbccef0111f1fc6db466c73268e04c38df1f6bf2cc88aa6126229c332b887eb8e67102000665988ad55f281047000000000000000003000000000100", "2fc7eecad58f368bf3ba45a6f7874bf0f0a2e2d039d23b33645c7a714b200d1ec427e16f2d87c3a7f0a258b1856e10dbfadd1f9f5b294c68af413bb746e6b0803177028065618aa080c2ca8efe18fbb6c85459e9ff5c1aa9c17498a05220b09c2d859832bf5ae846009f6a415023b9a7110bda56f514841bf04e54bf592d28107037e86729ff5789dd40d9180160cf72a92609650dc97d806d75425c3cbabb3e8f59afcd807086dc9a87048f229a1c8b183c2077b18922f8dcade6cbf835b715887e9a20c69f14468fb321e017c8a2361f5300617d2ff15e5e2df6b8fa425461dc9c997020beed571b01b0ae899a7a21fe7f9dce8b2ff0374cde255fe2cd3444fa236242d0a976de3ceed2abb0bcb9e4580db4bf248fa20f27dc7c9a953b420f032e6fe0de2a657b7903f0a3d4d67908255b1ac3274313a683ad8a328816336d20dbfdc9f262073dade576891220dd05e0cb6e97bb433637adb6f42c3a040a0089d9a86b42dffeba614460c184bd405cf3749fad5a47609eeb5c48f0222ea459597a0fa855c9d6d789ed17235c6cbf62757d54c99a03b777b7af6058a33b32aa49973625747e0ff1d3c4898a1ea7e68807d9be2b9ca09de22790441964131b1e6dbf633f06c23ddb02736a741396cb1c3dbe49eabdad6f662ee642be86560e24bf2578bc93119d19b446587a8455b445e1cbcb86848331888a8a8adb0836628a73c9c41f8501ae67caa0165fca251674fcfd5f78415a4497519f0d4a79ba166a55721c4db05be7155ae7bca92f4fff5cdcf2d581d2da972ee240355984210e5927904ee74bd15da96d23e0b5bb07ce1adf2683032e8ae4dd9dd6f5bd841ef30ccdce954426f1cf29f2f35decb485f4faa36caae23e7d136317dbb6ace192dc0484d5e3cc341dee5041430dcd5f320a9f3679196bd2a2348619c4a55e090cecf0da78fdba2b25a3373a813d5e719ef2fbfea38035828e28d1666b64dbabce44140e9f0c7e8685e69d8192d1953c1dba2c2a471658538ade2e295732c4a23ca63b54252673ea15374da608ff431e56c9b74bc88b858511910a8ff6a294354093449e90994cf70a60cb108e19ad7625c27bc7934076a8a8fa8a14b06b0e94813a9ff3961e251856a0d34b728025121cf045be55d3997ca1ba4643509fb7eb84b1dbf97663f63fbf32b32f92eebff4ff420cd8c45fda163c09aa879283c282ef4bc93d416854ada56921cc6f82a67a3d024c1a828eb8d4c901f6066f8df327f694f828124d880da4f98c66087f8a825b9b01609f980a0f48c471fdcb7696e493a02a7b34420ccddae0e26b8f4db77ee712ccbc480fb8fe625d51ee2ead77637b9f7bd4a70fc21581498915c72ce999eb2a3888ad4c66c5e623d2f9c983f4c3e17714a63af06c222a62671b407a8f30619f1cb8a9efc177a18ceefc0760a27f5001124e81eeff04950364cf1881c03c1cc99b1e5dbc36ec94ed875c54a87dc19143303b2ad34738e683fdfe7e257fa5609e785e3c81dcd387bccfba8d31077b2140b06a361167ab1abb6e8c9b6e7b8918c992a7c4fce8797048bc3eba6ef7f65789b6d59ce4e4dcc5a3d44b9ef24de8996347c79cbaaaaef13dbac1dab9fb6090a757be36cf3e15bcde5bddc318bd42265371ebfe941f63a5d2dbcd9c6103ab91b5c292ae86e4dc6df13194dd81319db2ad7f51fe377196b2b87db9614cd1d572f3df9b518d36aacd8c4f454c1a61fd587642e87e8a4d4029e46064cc730e7b75efae0e6b798184b33765160696e327ce80ad8ec0a5c20e57b07b2cc19f849b1c527994b6631ae61bd9c6703966d141714bffb6cfb7708e2c6669cf33f42c8e8130d73a2bdb42bbd3316e1a2deae59b7bbe6e77518326d11714ac543143c8bc4c9cf39d84b06bf10ad463d7b9d14f5d44d98c78f5bc96793c254a652e300065a0e568234110f4f3d93b584b5767e41cb9d2514a16138d8dd650b885b6ac87ce233957dee5c1d2004fc5882d41ffcc1751d565ad92d04ce0cf0221ac7d7a0441f4024ce74ff4d3df9559026ebb5b5602ee9e8d87f1899d20e61879c417a00321e87ceac1b952e51700d384ed3b07c70fd8be0d61290b6100abc393bfd33f425892509e55350797f139b64b68e357f66a1776504ea67689ca482534308c9c7b76c7f9fbe1d1cc739dee391c0b7a781d6bade90ec2a46f617d436cc7f51eb1c94de092ccf1d7b57c31fc1c8e18b9bab9858792a129dfa62b379d22aec6129065a867bda550337e30edcfc0732a5b69559c8d45270d7df9d06b385c51a05e57280d66f5c02c7ca1f463e6ef6d1d2e3b04c6df77fd88e06197acf4d5287660e90d7b1d5d4b7410d44e36aa3652e86d9b97935fc19459bd1e7f155e497bee58013f9cbef97b669b3d8fbd77a286a50b86aa11e4376e44275297bcdcb252ad8ca4742a6cd66563c4ba6318b765899d853043877b6400d654ba955fa6376857b6307d443168211dde06a156d8908269ab033c9de9546b3cc41583e7cae7038720d909fed58b52f7bc7aba12b1be3a2e23474af919426326556cf37d584c4e905f8d84604fdb192f0993b213107fae21c323d69f3113d2f5d6371a49a40b98030868c824ff0916556044bc32ce80497c46c01e254e2accfd01aeabf18c545b907cd5fd0b00a82c42e644690ad1099dc3ec5e0df8c5d783ec93e6712857137eee4d06762fa12233d1ba4e7bc597d970a434ce615ffe432f6289bd297f7973f29e8460391c44cab29f2e21f639e7aea6c0c7e57a35585573b88ce6a2beed7807278b73a9eb21d82a477f7f9eef24c1cf0b7fddee8b3dfa633cb37c3f1ac53f34acd6dc0e29494d644f9bdce8d65e734fa52d1cdd0f147d48f02000b31fd0dcd2766cf8ea8b92bd340195c6833e4320eaf125ad61fa8772ac380f363fd2b3b5df23aa0e08034cfe5963fada592e851f5b274e6defae6cb1dbc5f29c52855352d8417262780ba7c8040cac21a0fda09a76af7a58b66f9a89d35f7a957548cf49f7117542a2f0f2c1c8bb371eba256aaac009798a97a27a62256fafad3988bb9b577eb00c06d28a91c85aa20f176e44e52b37a8068bfec1434c1277e68619e8459f83359976c81ca49462e1b9abf83fed9d4e08d9fdc6626bd73099ff8c2e95384e0517eff3e02a1882ef5a804989ad5a9536628f3989631f610ba9172c92c44c372ff48d590be9896e741001b3ea511727a1476d706debdea7216e1bf2461fda61a7bc6db99c098fe4e32eafbe2ac15782ddfd1609cec300015b542c835ff195cd779699d8ced1edd571f3734ef6373c526553ee9684674cd5ae1e8f390065ed761257cbb120168dcebacc94f22a15d6bc8444afff61601305c9212f086ae5a322968983568bfaed808fd935a8260709781a58bf3cbc3256e81d272a9c1271b93a1f97feebe77e94912e0361c149076abd1aa186ac38e65d879e92bc58bc7adde9339f712b8a07d798ad573318559a31c1e64354bfc5f3e9a195118cab384d9b7d192305e5fe6e8eaebd7403095e3833fb3a6425e7b8b7ae0515d5cba8a19c2b49e33cd9bedbac96f01c5a24ddc36b35f16cfd55ec584f18ecf7313a812d5d44b6ac02808ab4389e7ed6426454d9f4c69a288d36a211f27c4770cad16daba3c97e0d51a7012ba7ee4881daf21ca720c0a14d54852516c8342989ed328d13366be829416218e0d2cc9c708a06669873b4a7a32e35dbc59d5f7eeebb7fb3c307e84c287c2e3a921e94149a90a56e4c8bcf954844eb7edefea72690c518075cdce72c222961c388ba8cb9e2f881582131cce0898c86ad57795a5984ca55e6159bdfab2f7c1a925301eb6a33bf33baf957f18d648b55e0c613db371343cc7ce89f91423629e644b286bba4d8b4cbb116e30da5f7a4bba8606093fe5d6bad8bc5f98fb1ac476bf8724a8008a725ed3aed86c763f2eac7d77f1ef9a96702e13ec5080bb82606741e08fde37aceb1dd32c11afa92be85ff46ec2010ce17d5cf92e91243ccb1070000002a746ca1f1135b1b0638ffe19c8b31644a08f9f1990685e0f458f096daae910e9f36a83a8ba01dde2b5d0d3097b1cf03be7aee0a8c7c4c8672d45c6310e7d2e5558143ad9e79a9751b8ac54a3e86fdfd9320ef69c7130460e259462be21db94fcbd3181903130f3f982f4c8011bfe62bd5903ad8713281be0fa8de38553ea6c3e566152518bd80fbeb5863f0de7c7cf26606b48b63c89d9f9c798816e7e1e1dbb3946a1048ebf383f117ac9bf565a277086fd9cc0250dd22cf1d2c3cf58fa227f4f2c201be2df79230b6a95333f3a3ded0d11f9b647da9b4cb70fa02631552df57b7a6009b1b36d8f7c9f2fc7ac53912f29e79fdb57acecd431adf2dca1c0e7d31d7ff38ce7b3089416d9ab4f7474f1b68141228d4350ad7541676caf115e6c4eeecc706e0268c2eda740cce7a22e1090fb0216608a13c50316ee056414d0dfce99ab3f9c4619df20d7e0c254c3e9a9717f140b1a4ecdba1ca5ce3bb252083a69bb107338184f55d064c912745aa81588de2299fb9f77201c5ded7cbf572b64c0d6d300344226355d1a4cb8088e43780e01e190e9b877ba14431d115296e31c2cc0266c0df82da2530ac1e094cdfee42fcfdb8ee5d03c251d24d5b0fefafa7b9c2a2e73a814e768d57a5429372dce6266dc547a4c93a05dece1e7601a658d4855843db66ba8ecae9cd1703d66a3aff1be2be77c0ce96772d570c73f88d028eb8716dcb5e49792b39f1a5a4275a4f83d8ae2ea8883bbfaa42050392da86d7a4a22835553cd2fdcd0cca630ad003c4a15ae0b7a7cee875b5a08f0ef70d86187054260001c9698419bf1569b1802439cd3fe320d9272b853e7b34a322a5fbade5cd3ad0e1c4b07d111981494215d3b82c2fe8a7697052a3b7b1ef3fb22d5e33e57c8d422b5e3dc9cf1a5df5401559c56610f44a4e409b12aa82bf661c17a2bb76e469583531f782b55da4eabbb68cb39bf32844398fe0ffb79e4c95e3e3c3ed3e9ac304cf1980b7cde8fcf76966cca196748e4ad7a02debd6ccc4a3e9b8adaa7dc668a76cbd137b2e6fbc673900000100000000009bf5ed16d5f5818535802fa7627a7d352f4216ba3f84481394c0500b7aea67e838d5dd0422eeb940ad42546e1f3c2cd85c53abbaada51b5571323d7ea53d436c2d349befca87909c1dc2a23d2db53ecc272b80896b65fa0cad8854e6b36e052ecbe677024b9614a180fc54c20fac7ed4d16e7ba17a368f0a00a036d23ae4b19ad3d99642ff054850233b60e706a4f575e49234acc76211a5bace9b8417eb6d986dab4bc6b8b510ee0477f6b8738f00709b7f35aac1730017c0037e5c40404d145b527a29500fab1e3c00"}) 1.636073536s ago: executing program 2: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xc, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x6e}, [@call]}, &(0x7f0000000000)='GPL\x00'}, 0x80) 1.633614447s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000180)='ext4_ext_show_extent\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000000), 0x400000) 1.626354968s ago: executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) munmap(&(0x7f000025f000/0x2000)=nil, 0x2000) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c048d46362ea0d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337dbcf3456ff6cd0d6b98a258e3509a7d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x54}, 0x42) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0x0, 0x0, &(0x7f0000000280), 0x0, 0xe697, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mkdir(0x0, 0x0) add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000500)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c9d064bbd27b2aa57459cff33a3a9831ac46b8829b48fff3d63520d260804d0", 0x2b}, 0x48, 0xfffffffffffffffd) syz_mount_image$fuse(0x0, &(0x7f0000000440)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r7, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @adiantum, 0x0, @desc1}) renameat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', r7, &(0x7f0000000140)='./file1\x00') ioctl$UI_ABS_SETUP(r5, 0x401c5504, &(0x7f0000000340)={0x400000100002f}) write$uinput_user_dev(r5, &(0x7f0000000d00)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x296, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [], [0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c) 1.600611852s ago: executing program 3: r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000001e20000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r2}, 0x10) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4002011, r0, 0x0) 1.555491419s ago: executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000000000), 0x651, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001080), 0x1, 0x4e2, &(0x7f0000000b80)="$eJzs3c9vG1kdAPDvTOImm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7ZkLhRFDuOYmdpQiXS/wGJSpzgT+CAxAGpJ+7c4MalHJAKVKAGiYPRjCdpSOMkbRMb7M9HGs28eeP5vldr3nO/SfwCGFlXI2IvIq5ExMcRMVOcT4ot3u9u2XWPH91Z3n90ZzmJTuejvyV5fXYujrwm83Jxz8mI+N63I36YPB23tbO7vlSv17aKcqXd2Ky0dnZvrDWWVmurtY1qdWF+Ye7dm+9UL6yvbzR+9fBbax98/7e/+eKD3+9948dZs6aLuqP9uEjdrpcO42TGI+KDywg2AGNFf64MuiE8lzQiPhURb+bP/0yM5e/m+ZzwWAMA/wc6nZnozBwtAwDDLs1zYElaLnIB05Gm5XI3h/d6TKX1Zqt9/VZze2OlmyubjVJ6a61emytyhbNRSrLyfH78pFw9Vr4ZEa9FxE8nXsrL5eXz5xkAgIv18rH5/58T3fkfABhyk2ddsNifdgAA/XPm/A8ADB3zPwCMHvM/AIwe8z8AjB7zPwCMnmL+Hxt0OwCAvvjuhx9mW2e/+P7rlU92ttebn9xYqbXWy43t5fJyc2uzvNpsrtZr5eVm46z71ZvNzfm3Y/t2pV1rtSutnd3FRnN7o72Yf6/3Yq3Ul14BAKd57Y37f0wiYu+9l/ItjqzlYK6G4ZYOugHAwMj5w+jyLdwwuvwfHzhrLc+evyJ87zmCdX7yHC8CLtq1z8n/w6iS/4fRJf8Po0v+H0ZXp5P0WvM/PbwEABgqcvxAX3/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAENiOt+StFysBT4daVouR7wSEbNRSm6t1WtzEfFqRPxhojSRlecH3WgA4AWlf0mK9b+uzbw1fbz2SvKviXwfET/6+Uc/u73Ubm/NZ+f/fni+fa84Xx1E+wGAsxzM0wfz+IHHj+4sH2z9bM/Db3YXF83i7hdbt2Y8xvP9ZJQiYuofSVHuyj6vjF1A/L27EfHZk/qf5LmR2WLl0+Pxs9iv9DV++l/x07yuu8/+LT79DDHPWusVRsX9bPx5/6TnL42r+X7yxMWPJ/MR6sUdjH/7T41/6eH4N9Zj/Lt63hhv/+47PevuRnx+/KT4yWH8pEf8t84Z/09f+NKbveo6v4i4FifHPxqr0m5sVlo7uzfWGkurtdXaRrW6ML8w9+7Nd6qVPEddOchUP+2v711/9bT+T/WIP3lG/796aq87EwdHv/z3xz/48inxv/6Vk9//10+Jn82JXzs1/hNLU7/uuXx3Fn+l2/+7z/r+Xz9n/Ad/3l0556UAQB+0dnbXl+r12taFHpTigm945CC5pDY7GPKD7PP4i97nM0XK7H+gO5d9MOiRCbhsTx76QbcEAAAAAAAAAAAAAADo5dL/nCgddA8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYZv8JAAD//wqryik=") r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000005c0)) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) r3 = syz_open_procfs(0x0, &(0x7f00000002c0)='io\x00') preadv(r3, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x0, 0x0) 1.330989173s ago: executing program 4: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5}}, 0x1c) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r2 = creat(&(0x7f0000000000)='./file0/file0\x00', 0x0) chdir(&(0x7f0000002340)='./bus\x00') mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) link(&(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='./bus\x00') syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000000400)=ANY=[@ANYRES16=r2, @ANYRES16=r1, @ANYRESHEX, @ANYRESOCT, @ANYRES8, @ANYRESOCT, @ANYRES64, @ANYRES32, @ANYRES8, @ANYRES8=0x0], 0x1, 0x0, &(0x7f0000000000)) link(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file1\x00') write$P9_RGETLOCK(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="2100000037000016e2e900"/24, @ANYRES32=0x0, @ANYBLOB="0300252b28"], 0xe6da) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000280)={@private1, 0x6, 0x0, 0x103, 0xc}, 0x20) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000300)={'ip6gre0\x00', &(0x7f0000000380)={'ip6gre0\x00', 0x0, 0x29, 0xa0, 0x4, 0x9, 0x40, @empty, @private2, 0x40, 0x20, 0x9, 0xf877}}) madvise(&(0x7f000056f000/0x2000)=nil, 0x2000, 0x1) r3 = gettid() process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) mremap(&(0x7f0000371000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x58140, 0x0) finit_module(r4, 0x0, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000001880), 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') 750.382103ms ago: executing program 2: socket(0x10, 0x3, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000006000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x147042, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140)='proc\x00', 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x6, 0xe, &(0x7f0000000300)=ANY=[@ANYBLOB="b700000018000000bca30000000000002403000040feffff720af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000061140400000000001d430000000000007a0a00fe0000001f6114000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767912d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce0900000000000000499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc682928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348de20f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97b4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b4f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb1bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb36e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b78825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e8a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b60000000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffff8, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48) 695.876962ms ago: executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pread64(0xffffffffffffffff, &(0x7f0000000300)=""/150, 0x96, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000018110000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x7f, 0xfff, 0x5}, 0x48) socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x3, 0x300) r2 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r4 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'bridge0\x00', 0x0}) bind$packet(r3, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14) sendto$inet6(r3, &(0x7f0000000280)="060350031603480301020200c52cf7c25975e010b02f0800eb2b2ff0dac8897c6b118777faffffff3066100cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x802, 0x0, 0x2f) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r6}, 0x10) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x10, &(0x7f0000000a40), 0x1, 0x51b, &(0x7f0000001240)="$eJzs3U9vI2cZAPBnnDhkd1OSAoeyUrcVLcpWsHbS0Dbi0C4SglMloNyXkDhRFCeOYqfdRFWVFR8ACSGoxIkTFyQ+ABJaiS+AKlWCO+Kv+LMLB4SAQTO2s5usHWe7drzr/H7S7Lwz83qe53Xs2XlnXo0DOLeej4jrETEWES9FxHRrfaE13b4SEQfNenfvvLucTUmk6Vt/SyJprWvvK2nNLzVfEpMR8Y2vRnw7eTBufW9/Y6larey0lsuNze1yfW//2vrm0lplrbK1sDD/6uJri68sznVO/L2//vvyQ7Qza9frX/7DD777k6+8/ovPv/PbG3+++l6W1lRr+/3t6Kdm04v5e9E2HhE7gwg2BGOt9hSHnQgAAKeSneN/IiI+k5//T8dYfjYHAAAAjJL0jan4TxKRpml6Kz3ij+0qAAAAwJOtkI+BTQql1liAqSgUSqXmGN5PxcVCtVZvfG61tru10hwrOxPFwup6tTLXGlM7E8UkW57Py/eWXz62vBART0fE96cv5Mul5Vp1ZcjXPgAAAOC8uHSs///P6Wb/HwAAABgxM8NOAAAAABg4/X8AAAAYffr/AAAAMNK+9uab2ZS2f/965e293Y3a29dWKvWN0ubucmm5trNdWqvV1vJn9m322l+1Vtv+Qmzt3iw3KvVGub63f2OztrvVuLF+5CewAQAAgDP09HO3f5NExMEXL+RTZqK1LTleeeKsswMGqfAwlX8/uDyAszc27ASAoRkfdgLA0BSHnQAwdA9c6zum6+CdX/U/FwAAYDBmP939/r9rAzDaHur+PzBS3P+H88v9fzi/is4A4Nz7eI/tj37/P0177gsAABioqXxKCqXWvcCpKBRKpYin8p8FKCar69XKXKt/8Ovp4sey5fn8lUnPMcMAAAAAAAAAAAAAAAAAAAAAAAAAQFOaJpECAAAAIy2i8Kckf5p/xOz0i1PHrw9MJP+abhWTd3701g9vLjUaO/PZ+r/n6yciovF+a/3LZ375AgAAADh0cFhq99Pb/XgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Ke7d95dbk89qj7Xz7h/+VJEzHSKPx6T+XwyihFx8R9JjN/3uiQixvoQ/+BWRDzTKX4SM2NZas0sOsW/MOj4+Vsz+Wyapg/Ez9p+qQ/x4Ty7nR1/rnf6/hXi+Xze+fs/3poeVffjX+Hw+DfW5fjz1CljXP7wZ+Wu8W9FXB7vfPxpx0+6xH/hlPG/9c39/W7b0h9HzHb8/yc5Eqvc2Nwu1/f2r61vLq1V1ipbCwvzry6+tvjK4lx5db1ayf69HnMdY3zv2Z//76T2XzwSPzmMPNOj/S9mhWLv9v/3w5t3PtksFo/tIo9/9YXOf/9nToiffSY+m9dq7mi2XT7Iy0eyuvLTD66c1P6VLu9/r7//1V4Nf6M5e+nr3/ldr6oAwNmp7+1vLFWrlZ1+FD44qc77aZo+Soj2WVl/Uh14YeLJSfX+Qvtz8bjk87gVsnPsxyCNM/wkAAAAo+LeSf+wMwEAAAAAAAAAAAAAAAAAAIDz69TPA/vlR3+c2PGYB8NpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4fAAD//+GSy20=") openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) readlink(0x0, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) pwrite64(r7, &(0x7f0000000680)="5507eb7e5b9b46ea6221fb9c3209f2099dfcc16c4fca2ef9b16f9cc35a380b74de9914299099b06fb1426b243c2b8a2c14aa060ebcec01768fa27f5a221dc04f98a92dc2c30e2f7076f306fa6f2ee468b7e06cb0a36593b9176d7c88cee7dd546da9c1957a9b462c9aa00846f1311e6c7d1023dcfa5d15b8174c052886eeccbe6ba69864a810144d55cf0c8d4137e37cccc0dc27aa3ac098c691b105afb4bada5e5da35993761d763d420a508328a7e0a5b8415a93ee27b7392bc1cfc35d49fc5968dbfb32c8ce91dc3a9ca252e6f48399fd5d1d1dbd369debf4bf44dba1ca654d9addd0ae47b20bd11049f7facd167760894e424e9b4489279b9f564b6a25a9ed4a68bc9cafa22e98cb18953aec41469bd199bba56ce6120d521642ee730f224dfa5b5f935ae971984a5ae61ddcc0ea5d6c8fb5afb54fef805c97dffd5a2f5c4c135611672db25c2261fcaded43cbb6f43a6e44761efa59e32ad55d8645966300257ece8472ad4401e7a0170ce1c30c7975b45f13a21e929b4c51f6057e39a42dcc4d80a456df85513e4747aa561d661ad580c459426ee9cf3417c56b8ccf3c32802aaeb74cca769b30a9001d5857f8cab078aabafafe543395ae9db601c4e7fc17636df9e38fb80cf73417756721f99e181925af598a3eb994040d788265ba0130d8a0496f54dbc9184e73741a20c415f15eb32638136c1fdaab210f25c0c139e0d679eea84b20f3f002178d03c17ca11824785d81720df22d2edfe01880365e61622fa746c0aecd1bb88f09deb8fc6ba06720a032db72f9238c38e53592dc9267a99ed33f03b95d4d7809953cd6d82ef05bd5df57d1d16d6012d859345e21bee0b9c9e0bd095d7bdec70867794f345fc292cd98b36c5fb49eabfa501855a1a58d9f44f9c412d0d507708e218fab4e4e34db096da6cd6e28d1986a656ba6b510489843d388b3e5dcd52e86f450f5871d9e30cd134a06e1e317b977e8faacc5a18c45f345002799f53cdba0ced46d42f820f45ecb0f9ba6051220bb0642258ca0367cc236c3a7e00dc52146445cfe327bde5883db09081a6c7b1dfe282ff57f22b84af12a44af51ae2a2a2f4ab605667a7a3a6a681560854bb5bfc575d7001be57c1357412c124f478ecf81c6d59b1933bb7e7fecdee4aca28c609431d443059748701568523dac82431b8706fcacf266e1a9f83917c82b55fca4c474bae5c32397acf7848185699c85f54cc59a7bfaf2579b5f36c6d016af9121b57b769b9d2ebb222527812404a90f85c9d71103b20e35434ef949b4922d6ce76de850ecf761a54542371f03f0d0247e85ad30229bf07f8c0e62cde29610b233b5cc8ab3f6ad9b6cb540c18f07c9842fc658ab06253a56ec59956493c3e54632e11e07799b0f45a198b4aa94ede54c59ca1223a8406220fad504a5ad7614258b8dd3149831b2a68c0fcfa580a34b157b3b567f27bf309b6304ec2898e2e65dc7e0300f9e027edee7344df8ce6c7c80cc352c96d19e33fea2c3b0cc6acbe34c9b48032c8f9d4a0c5cc8ee41b9adc5f100d4af529859f6f6fc974e7bbf5d862d642aacc6bee5d33c5a97a18537bc1b571432c8353687dc47100a78f78f7897cb65d66545d0d95b548643a5f6749d3268212b933373063d95dbc25802f31d2836476afe69ed961ab8d3168dfd0311dfa5767caabf291ae8bc7a249a08f17050e3fcd8ba0c52e07ba9496ccc6b2a5d75d7ba9b2e1cbe12b93f690568ad2143a6757e80deae4cacb3da9ae51da73569cb55d45471c956c8cfea4e0e3f8219bcbe7db6be36b8d8b988fa64ce5eb88a8a4c43ab7fddc99cb6cfe373a059d58764bb048c63350344c84b758ea90414c28d1ec2fd96b59d519623723cb343e99fd37e9d3bd377522371d4afc0d98758ac77910593e0a4025e0b7ba28f37d1f65c2628e2ef2803a4d1ba1240e826dbfdcd6e88b15cafe0b22d38600ea7c3ad010a8371db1d8909c8501b04f09f51368b46d706664d2cab015e0495dad473218aa3172992fc52ffd7390b4faeab431495af766143bd4d67aa5c5377c4b00d2d5628590d846aea3690834cb195b4ffa620728ef64530c1723506443716087f339c82d9ef978c3612cab9edcedb6590868db1ca522b3e5591e2615ae2f628942ed13962d5b2c3bda45dc1b76d142d862e4272e9e03d0364ef5854c9381509c69b414f9a3d80f8780a91bf49523c98b462e9dd50e8eacae50e3c297f1e37cf240d98d7a8d351a31c9e2f3960dcc40af15dd7d68420d8674df61f928592cf85c57e34cec09c1c9267f53d3311b107b15edd519aa73ba41e46a72b6401567544d44f74dfb3cb50928dbe7fb5ab174742f5bb7c6e87043e10491fda66841aa7b34f1da0562a23a2af51583b9ea810f1a2c3b5da3768082a67aba4983130014b45f9bfd4f236a4c56d6a1425902f90d25c5192651244b121b632206d185f94c29f2cf7359809595c1c9507430f6299be59ae76a83ab44111c2206a86d0f682a99ebd937aabda009a963cbf7f787b12b50cb69232e219084c2e6e7cce78aa73e839c78e1fb2c2cddd15be714138cf728182d532c59ec571f71b2794c8a47989bb410161832c83c6676aa9935be9dc59b91deccb4201a2fea8a515e6f4f7084a2bd24a7476949502d6969d06ced91b7ff69de47e09bf1b04489b703091f402f425a80b3464b555acc8075349ecf3b077e41e49e81101fe76c9e6472b0f15d81d53fb85de5b50ed244011879c424b3b33db813aa7c918e72fb7835453b6471a4aa02974ba1101604bf8526b4f76534370e97121f78c427be701744e1d415ef03d389509539de9831fceaabffa71891d4f3313d6b83e0c9e70a788c8966548a43d6e317b3819bf64463e64c2f8a39120a42eedb35343f10c1ebee8fde71bd2ef3fc3c23a0cba8bf09d723764ffff1b293f27e8dfe701aea908fd9f88f4778570e67b00b572b59f8e5cfe2d2ef14eb67254ef4cc88f134d7fae04bdfc8bf4b6cbd2824e4cbe05a5d755c2654a72a7ab651c78b1018ce66075d2053b85f65a97113088bd3925cda4fc9bfdc1a601f0db463f8dda0af411b59e4076ae1690726b12e746082ce2c0bad5501ae684776470f29c2845585db5df70c58c8e07a72ec7dd0ab9a0006f768ab504c11e789186c7f821fcff06c654b93c04693efa96b478a9b9b5bec195d6400ecb798e33cdd2ec75387f2d5186c225edc22f18c99961f5a4c5038331770e6830401ff8e003350e5996e031e6567082c88eaee9095a29d3926bea28ac87467995d28c28fc23774a63c29c1555a01eff3c1154a557d2175fafebde54df157f0a08052492a6cc03da1f2e3f2a775dac69e1a01e1f98b4c244391cf3addf433aee4e1a44417c7b0470c980de39e07ea11fad238330e218ea511f4d553f40213fa92d53e8c4acc62f2a0a92b35df0fec39216f4b624566ea6696401818f3b8d21947b05ab204171794ec5cb0533d46fe363b87ef52fcc786e6cba1d6f72b9cff14be1475c2a94d6804946d4a89d1e0a2e918ffea0324f0a8589bc1eca08336a7caa65050cbd88e68a64ef8dd7ffa6d297d5b6d8b1c1b943e3ab0ac833040bacd6af4a2dd4b6b40ce59c297f463d2bfa8ff698e8c4744b964a4f59f9bf54ecf857d1cdc1e019397fad6c447bdd0b1f39c9c1619647da453e8168889b58a669f389a21e0bbb13a0c85c34afe3ffb50c1d211e7baf8ded290c14a8178d60bb63911d10b01f04e1173b45e2e96709a6002234470c0c024228984ef4b08c4319469a0a91bd205ae82fe23314914736352741cfe8b12af271b8244ca010869368cfa59e52ee1422e416a42519be534d4a1e4fdba1437fc3a7ac36274420481951f2d914bab87ae43fa17423d48832cf71fe9f2f671de782e121ef6e917ace92e1c2ecae2a2c8cbf46333fe5ccc849f8d4fc45201aebdcb3234dfa529c4c369604e1678d6c25d0be35391eb3d647320e8c62c18c4675d6bbdb5ee3d3c2a7e21f47aca18545fa5a063d06d15e437156f8c61a40b194d537ffdaafedf85725fa399ea1f579d78ddb257aa8182af6a107c9aa2c2b1877654e2385ad01be00fab267302c1b86525f9ba76ef05f1b6e3ef8be4611d313e59e5e090e3b400fd74ed48fb62d479cca199834fe65a0e3b2b64ca199b9659a46a211c5b2ba4742e300709b154aa74cd7eed6bd993dbbfe6cce50b10bc67c0f7ff20d34ba99d9e85e35b1002c8d583d29bb88c04023b0a6f0c5ff81fad093f9c1dd3babc6588cc54322de720f923e495dba06ab2ea8501a79242d2c82e0867ec41ee3b115b5daa94acd4ad833611ed99b2096fdf594c7491768516a6a73c4cb45ea1a008aaea88a6df4b7a4c75b540c6d8dd10150b2de2d1997507f3e51da3315439b8c56478c5a1a613b5e2c3197eb1799e2f488c03951e7e5fdf9e07138cb30b03e9ddfbd8cc334bfd40cd55602da63a53905d891929ee77f40ef922bbc121e3a230ff3053bae7467fd4caa3e68a5e1a77f77438ee9ad54532bdfaef0f708fd6160737a3de7086b4e0ef20a8d4207b8525e24657a177cf1c7ff25a8336cc5c7867bc3e7a6526316f92e0b149ce38dbf9ff7ee4bf6debbd2c53f57014fc29f4935bdcae9d871a4577d0918c794da25b6e13824daa98ca1578a581399516226fa88ad776352f5f02a00b896fc277fd86dd940c8c8b9daf3679d1a94f6833cbf1d1ae33ea92cbc0c6a6082a25c44877f83bfcf5aa2fed27c13a0c328a3668bbb2a550fb322402170a7e82932422aff055fa103e1c0952d5823645a0f5a7151b1d6f34d05428213d69e1e7b01db48fea4f0006e74d6fd70620a67cd606e96e3494f39611563bb655546c99f879c33b1010d78416015c4637f20ca60c367ebf0fc7a18a75927318640d34e8dca80a469cf95d986db1b9268dda97317b81f36a6b96c0776e4d167381776a32e3051c4babe24632eeab446c1c0a20eb8751ce8afc92b1ea9052a8c05b60aa655f68548ec8cb9e26abc3089bb235aa31fa3d22c2f20c8c7a7eadf22eb70a1c7266e5d409d3a14d14546b51f5061bf7ab2c45c7837ffcb7b0efa61a1a23829199d47224fc0667ba5db236159d2add269e17c73f03d495dbf6b95b32ec4159ef113d3bbe1afe87530003e5b725a9b95d414ab12c8a9c423435319969a3f77256e3d8e71794becd26cf0429a0acb2a3eef88e675a013448f0b00f9227e87de56c20c94bcc2a250d7213ab2c742e87fec9649ded87767c645a80598a8a21f7ee15b288df4fed707965d0d2f1a60836d25d1486e3bb96f997fd4766699a7559d9d7e80ec0f2110095fa50c4e7664061f96b693c05b0dd6d9f9477321eff0f53627a05b63b4858d9070aa96ec94133a5a0a358603e67c51eaee1a55e5f91792277169962a301434e77327ec0d65f69edc37a1eccfa1c90665c190952dec0783675bee86c7604005f79ec36a59f0405d75fd68709f97e5ef0a9c3970c4fcd2fe292bdc82a9114d16f42b95e4453f3fcf1c9ff704ad241e08aa7023a864905163859b4e6a10d392a1179e640c1bd2708ea6153f023411ae396807b5ab9a6e5716358bc192e52bfd1f97035e65a2f8f4fa9a7f1aebaffb477ecda6e7d45cf2e9b2906716c88b08d87cc7684889c52dd5fa42e23b6b83fe46b0adfae36350b12d37218ca1d223b73a5e609aed484c63090960046adfef83f26b6042c0ba6f0adbb94ce9363e2ff40d0fe4523ba889e6536f15018864c24fa48208a91704bd1d1a530da8970007a8504be6c374f5717761f53c9b89", 0x1000, 0x0) 507.719941ms ago: executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000000)={&(0x7f0000000340)={0xa, 0x4e24, 0x1000000080000, @loopback}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@hopopts_2292={{0x12, 0x29, 0x37}}], 0x18}, 0x0) 452.90677ms ago: executing program 3: syz_mount_image$ext4(&(0x7f0000000880)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x21800e, &(0x7f0000000180)={[{@data_ordered}]}, 0xfe, 0x50e, &(0x7f00000014c0)="$eJzs3V1rZGcdAPD/Oclks93UpOpFLbQWW8kW3ZmksW3woq0o3hWUer+GZBJCJpmQmbSbUCTFDyCIaMErr7wR/ACC9CPIwoJ7LyqK6K5eeKEeOTMnu9nxzCbBedkmvx+cM895zsv//ySbM8952XMCuLRejIi3I2IiIl6JiNmiPi2GOOoO+XL3732wmg/5nHf/mkRS1PVu81qx2nT3o1Tr4HBrpdGo7xXTtfb2bq11cHhjc3tlo75R31laWnx9+Y3l15YXBtLOvF1vfuOPP/7Bz7/55q+//P7vbv75+vfy/L9ezC9rxyDc7Ywr+c/igcmI2BtGsDGYKNpTGXciAACcSd7H/3REfKHT/5+NiU5vrqO3Szc9+uwAAACAQcjemol/JREZAAAAcGG9FREzkaTV4l6AmUjTarV7D+9n46m00Wy1v7Te3N9Zy+dFzEUlXd9s1BeKe2rnopLk04ud8sPpV3umlyLimYj40ezVznR1tdlYG/fJDwAAALgkrvUc//9jtnv8DwAAAFwwc+NOAAAAABi6fsf/yYjzAAAAAIan3/H/lRHnAQAAAAzFt955Jx+y4/dfr713sL/VfO/GWr21Vd3eX62uNvd2qxvN5kbnmX3bp22v0WzufiV29m/V2vVWu9Y6OLy53dzfad/c9P5AAAAAGJdnPv/x3SQijr56tTPkpvLRRJ8VPCsALoz0PAv/YXh5AKPX72seuPgmx50AMD5H404AGLdHHvVR0ik4efNOenLh3wwxKQAAYKDmP1d+/T8/BKiMOzlgqM51/R+4UFz/h8vrnNf/bw8rD2D0KnoAcOmd9qqPvg/vKLv+P1W2YJadui0AAGCoZjrjJK0W1wJnIk2r1YinO//Vv5KsbzbqCxHxqYj47WzlSj692F3H6wEBAAAAAAAAAAAAAAAAAAAAAAAA4IyyLIkMAAAAuNAi0j8lxfu/5mdfnuk9PzCV/HM2ild6vf/Td39ya6Xd3lvM6//2oL79UVH/6jjOYAAAAAC9jo/Tj4/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCQ7t/7YLUYpkYZ9y9fi4i5R+KvdudMxnTnczoqEfHU35OYPLFeEhETA4h/9GFEPFsWP8nTirkii974aURcHU3857MsK41/bQDx4TL7ON//vF3295fGi53P8r//yWL4f/Xf/6UP9n8TffZ/T58xxnN3flnrG//DiOcmy/c/x/GTPvFfKttgyQ/lu985PPyfyu7GI/tZxHyUxz8Zq9be3q21Dg5vbG6vbNQ36jtLS4uvL7+x/NryQm19s1EvxqVt/OHzv/pPT9W/s65O+6NP/LlT2v9yXqicqMx6wxTB7ty695lusdKziU786y+V//6ffUz8/N/EF4vvgXz+/HH5qFs+6YVf3H6hNLEi/lqf9p/2+7/eb6M9Xvn2939/xkUBgBFoHRxurTQa9b2hFz7KsmxUsRTOXzju3Q0txPST0tJPYuFKRIwu6CDObAEAAE+ah53+cWcCAAAAAAAAAAAAAAAAAAAAl1frINJhP06sN+bReJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBY/w0AAP//N23b4Q==") r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) futex(&(0x7f0000004000), 0x3, 0x0, 0x0, 0x0, 0x0) read$ptp(r0, &(0x7f0000001a00)=""/4096, 0x1000) 413.342396ms ago: executing program 4: r0 = openat(0xffffffffffffff9c, 0x0, 0x8700, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x54, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}, @TCA_INGRESS_BLOCK={0x8}]}, 0x54}}, 0x10) syz_open_procfs(0x0, 0x0) r4 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) symlinkat(&(0x7f0000000200)='./file0\x00', r5, &(0x7f0000000240)='./file0\x00') ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000000)=0x6000) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r6 = getpid() sched_setscheduler(r6, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r9 = socket(0x1e, 0x4, 0x0) connect$tipc(r9, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) sendmmsg$unix(r9, &(0x7f0000004400), 0x400000000000203, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000080)) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'/11], 0x15) 189.83061ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00', r1}, 0x10) mkdir(&(0x7f0000000540)='./file0\x00', 0x0) 175.658562ms ago: executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) 152.560866ms ago: executing program 0: bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xc, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x6e}, [@call]}, &(0x7f0000000000)='GPL\x00'}, 0x80) 120.092241ms ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000040000000000080000100850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x9, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@RTA_GATEWAY={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0xff}}]}, 0x24}}, 0x0) 96.222044ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='mm_page_alloc\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r2 = openat$loop_ctrl(0xffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r2, 0x4c80, &(0x7f0000005780)={0x0, 0x0, "ac06f105d310541258e0a2a0b883eb29e46b1fac57461914278705b6a55ba904cefb1f00536dfdc9ce9c12d1207f8a3ad1dad7ed0fc16b2ccd00000000000000080000000c0996d78e489e96651d35ca509de7cf52e7578e9ce37700000000000032936e283ae72a84cc5a72f07fef2fec1463729b336e892b5aadc70f51cb4582b7757f779254377a6a42493fb7023b15fb899a2072631f76cd0a59b17031b431163758724ac0df2d95b9c3fbccef0111f1fc6db466c73268e04c38df1f6bf2cc88aa6126229c332b887eb8e67102000665988ad55f281047000000000000000003000000000100", "2fc7eecad58f368bf3ba45a6f7874bf0f0a2e2d039d23b33645c7a714b200d1ec427e16f2d87c3a7f0a258b1856e10dbfadd1f9f5b294c68af413bb746e6b0803177028065618aa080c2ca8efe18fbb6c85459e9ff5c1aa9c17498a05220b09c2d859832bf5ae846009f6a415023b9a7110bda56f514841bf04e54bf592d28107037e86729ff5789dd40d9180160cf72a92609650dc97d806d75425c3cbabb3e8f59afcd807086dc9a87048f229a1c8b183c2077b18922f8dcade6cbf835b715887e9a20c69f14468fb321e017c8a2361f5300617d2ff15e5e2df6b8fa425461dc9c997020beed571b01b0ae899a7a21fe7f9dce8b2ff0374cde255fe2cd3444fa236242d0a976de3ceed2abb0bcb9e4580db4bf248fa20f27dc7c9a953b420f032e6fe0de2a657b7903f0a3d4d67908255b1ac3274313a683ad8a328816336d20dbfdc9f262073dade576891220dd05e0cb6e97bb433637adb6f42c3a040a0089d9a86b42dffeba614460c184bd405cf3749fad5a47609eeb5c48f0222ea459597a0fa855c9d6d789ed17235c6cbf62757d54c99a03b777b7af6058a33b32aa49973625747e0ff1d3c4898a1ea7e68807d9be2b9ca09de22790441964131b1e6dbf633f06c23ddb02736a741396cb1c3dbe49eabdad6f662ee642be86560e24bf2578bc93119d19b446587a8455b445e1cbcb86848331888a8a8adb0836628a73c9c41f8501ae67caa0165fca251674fcfd5f78415a4497519f0d4a79ba166a55721c4db05be7155ae7bca92f4fff5cdcf2d581d2da972ee240355984210e5927904ee74bd15da96d23e0b5bb07ce1adf2683032e8ae4dd9dd6f5bd841ef30ccdce954426f1cf29f2f35decb485f4faa36caae23e7d136317dbb6ace192dc0484d5e3cc341dee5041430dcd5f320a9f3679196bd2a2348619c4a55e090cecf0da78fdba2b25a3373a813d5e719ef2fbfea38035828e28d1666b64dbabce44140e9f0c7e8685e69d8192d1953c1dba2c2a471658538ade2e295732c4a23ca63b54252673ea15374da608ff431e56c9b74bc88b858511910a8ff6a294354093449e90994cf70a60cb108e19ad7625c27bc7934076a8a8fa8a14b06b0e94813a9ff3961e251856a0d34b728025121cf045be55d3997ca1ba4643509fb7eb84b1dbf97663f63fbf32b32f92eebff4ff420cd8c45fda163c09aa879283c282ef4bc93d416854ada56921cc6f82a67a3d024c1a828eb8d4c901f6066f8df327f694f828124d880da4f98c66087f8a825b9b01609f980a0f48c471fdcb7696e493a02a7b34420ccddae0e26b8f4db77ee712ccbc480fb8fe625d51ee2ead77637b9f7bd4a70fc21581498915c72ce999eb2a3888ad4c66c5e623d2f9c983f4c3e17714a63af06c222a62671b407a8f30619f1cb8a9efc177a18ceefc0760a27f5001124e81eeff04950364cf1881c03c1cc99b1e5dbc36ec94ed875c54a87dc19143303b2ad34738e683fdfe7e257fa5609e785e3c81dcd387bccfba8d31077b2140b06a361167ab1abb6e8c9b6e7b8918c992a7c4fce8797048bc3eba6ef7f65789b6d59ce4e4dcc5a3d44b9ef24de8996347c79cbaaaaef13dbac1dab9fb6090a757be36cf3e15bcde5bddc318bd42265371ebfe941f63a5d2dbcd9c6103ab91b5c292ae86e4dc6df13194dd81319db2ad7f51fe377196b2b87db9614cd1d572f3df9b518d36aacd8c4f454c1a61fd587642e87e8a4d4029e46064cc730e7b75efae0e6b798184b33765160696e327ce80ad8ec0a5c20e57b07b2cc19f849b1c527994b6631ae61bd9c6703966d141714bffb6cfb7708e2c6669cf33f42c8e8130d73a2bdb42bbd3316e1a2deae59b7bbe6e77518326d11714ac543143c8bc4c9cf39d84b06bf10ad463d7b9d14f5d44d98c78f5bc96793c254a652e300065a0e568234110f4f3d93b584b5767e41cb9d2514a16138d8dd650b885b6ac87ce233957dee5c1d2004fc5882d41ffcc1751d565ad92d04ce0cf0221ac7d7a0441f4024ce74ff4d3df9559026ebb5b5602ee9e8d87f1899d20e61879c417a00321e87ceac1b952e51700d384ed3b07c70fd8be0d61290b6100abc393bfd33f425892509e55350797f139b64b68e357f66a1776504ea67689ca482534308c9c7b76c7f9fbe1d1cc739dee391c0b7a781d6bade90ec2a46f617d436cc7f51eb1c94de092ccf1d7b57c31fc1c8e18b9bab9858792a129dfa62b379d22aec6129065a867bda550337e30edcfc0732a5b69559c8d45270d7df9d06b385c51a05e57280d66f5c02c7ca1f463e6ef6d1d2e3b04c6df77fd88e06197acf4d5287660e90d7b1d5d4b7410d44e36aa3652e86d9b97935fc19459bd1e7f155e497bee58013f9cbef97b669b3d8fbd77a286a50b86aa11e4376e44275297bcdcb252ad8ca4742a6cd66563c4ba6318b765899d853043877b6400d654ba955fa6376857b6307d443168211dde06a156d8908269ab033c9de9546b3cc41583e7cae7038720d909fed58b52f7bc7aba12b1be3a2e23474af919426326556cf37d584c4e905f8d84604fdb192f0993b213107fae21c323d69f3113d2f5d6371a49a40b98030868c824ff0916556044bc32ce80497c46c01e254e2accfd01aeabf18c545b907cd5fd0b00a82c42e644690ad1099dc3ec5e0df8c5d783ec93e6712857137eee4d06762fa12233d1ba4e7bc597d970a434ce615ffe432f6289bd297f7973f29e8460391c44cab29f2e21f639e7aea6c0c7e57a35585573b88ce6a2beed7807278b73a9eb21d82a477f7f9eef24c1cf0b7fddee8b3dfa633cb37c3f1ac53f34acd6dc0e29494d644f9bdce8d65e734fa52d1cdd0f147d48f02000b31fd0dcd2766cf8ea8b92bd340195c6833e4320eaf125ad61fa8772ac380f363fd2b3b5df23aa0e08034cfe5963fada592e851f5b274e6defae6cb1dbc5f29c52855352d8417262780ba7c8040cac21a0fda09a76af7a58b66f9a89d35f7a957548cf49f7117542a2f0f2c1c8bb371eba256aaac009798a97a27a62256fafad3988bb9b577eb00c06d28a91c85aa20f176e44e52b37a8068bfec1434c1277e68619e8459f83359976c81ca49462e1b9abf83fed9d4e08d9fdc6626bd73099ff8c2e95384e0517eff3e02a1882ef5a804989ad5a9536628f3989631f610ba9172c92c44c372ff48d590be9896e741001b3ea511727a1476d706debdea7216e1bf2461fda61a7bc6db99c098fe4e32eafbe2ac15782ddfd1609cec300015b542c835ff195cd779699d8ced1edd571f3734ef6373c526553ee9684674cd5ae1e8f390065ed761257cbb120168dcebacc94f22a15d6bc8444afff61601305c9212f086ae5a322968983568bfaed808fd935a8260709781a58bf3cbc3256e81d272a9c1271b93a1f97feebe77e94912e0361c149076abd1aa186ac38e65d879e92bc58bc7adde9339f712b8a07d798ad573318559a31c1e64354bfc5f3e9a195118cab384d9b7d192305e5fe6e8eaebd7403095e3833fb3a6425e7b8b7ae0515d5cba8a19c2b49e33cd9bedbac96f01c5a24ddc36b35f16cfd55ec584f18ecf7313a812d5d44b6ac02808ab4389e7ed6426454d9f4c69a288d36a211f27c4770cad16daba3c97e0d51a7012ba7ee4881daf21ca720c0a14d54852516c8342989ed328d13366be829416218e0d2cc9c708a06669873b4a7a32e35dbc59d5f7eeebb7fb3c307e84c287c2e3a921e94149a90a56e4c8bcf954844eb7edefea72690c518075cdce72c222961c388ba8cb9e2f881582131cce0898c86ad57795a5984ca55e6159bdfab2f7c1a925301eb6a33bf33baf957f18d648b55e0c613db371343cc7ce89f91423629e644b286bba4d8b4cbb116e30da5f7a4bba8606093fe5d6bad8bc5f98fb1ac476bf8724a8008a725ed3aed86c763f2eac7d77f1ef9a96702e13ec5080bb82606741e08fde37aceb1dd32c11afa92be85ff46ec2010ce17d5cf92e91243ccb1070000002a746ca1f1135b1b0638ffe19c8b31644a08f9f1990685e0f458f096daae910e9f36a83a8ba01dde2b5d0d3097b1cf03be7aee0a8c7c4c8672d45c6310e7d2e5558143ad9e79a9751b8ac54a3e86fdfd9320ef69c7130460e259462be21db94fcbd3181903130f3f982f4c8011bfe62bd5903ad8713281be0fa8de38553ea6c3e566152518bd80fbeb5863f0de7c7cf26606b48b63c89d9f9c798816e7e1e1dbb3946a1048ebf383f117ac9bf565a277086fd9cc0250dd22cf1d2c3cf58fa227f4f2c201be2df79230b6a95333f3a3ded0d11f9b647da9b4cb70fa02631552df57b7a6009b1b36d8f7c9f2fc7ac53912f29e79fdb57acecd431adf2dca1c0e7d31d7ff38ce7b3089416d9ab4f7474f1b68141228d4350ad7541676caf115e6c4eeecc706e0268c2eda740cce7a22e1090fb0216608a13c50316ee056414d0dfce99ab3f9c4619df20d7e0c254c3e9a9717f140b1a4ecdba1ca5ce3bb252083a69bb107338184f55d064c912745aa81588de2299fb9f77201c5ded7cbf572b64c0d6d300344226355d1a4cb8088e43780e01e190e9b877ba14431d115296e31c2cc0266c0df82da2530ac1e094cdfee42fcfdb8ee5d03c251d24d5b0fefafa7b9c2a2e73a814e768d57a5429372dce6266dc547a4c93a05dece1e7601a658d4855843db66ba8ecae9cd1703d66a3aff1be2be77c0ce96772d570c73f88d028eb8716dcb5e49792b39f1a5a4275a4f83d8ae2ea8883bbfaa42050392da86d7a4a22835553cd2fdcd0cca630ad003c4a15ae0b7a7cee875b5a08f0ef70d86187054260001c9698419bf1569b1802439cd3fe320d9272b853e7b34a322a5fbade5cd3ad0e1c4b07d111981494215d3b82c2fe8a7697052a3b7b1ef3fb22d5e33e57c8d422b5e3dc9cf1a5df5401559c56610f44a4e409b12aa82bf661c17a2bb76e469583531f782b55da4eabbb68cb39bf32844398fe0ffb79e4c95e3e3c3ed3e9ac304cf1980b7cde8fcf76966cca196748e4ad7a02debd6ccc4a3e9b8adaa7dc668a76cbd137b2e6fbc673900000100000000009bf5ed16d5f5818535802fa7627a7d352f4216ba3f84481394c0500b7aea67e838d5dd0422eeb940ad42546e1f3c2cd85c53abbaada51b5571323d7ea53d436c2d349befca87909c1dc2a23d2db53ecc272b80896b65fa0cad8854e6b36e052ecbe677024b9614a180fc54c20fac7ed4d16e7ba17a368f0a00a036d23ae4b19ad3d99642ff054850233b60e706a4f575e49234acc76211a5bace9b8417eb6d986dab4bc6b8b510ee0477f6b8738f00709b7f35aac1730017c0037e5c40404d145b527a29500fab1e3c00"}) 83.527677ms ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000580)='ext4_allocate_inode\x00', r2}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) 50.409432ms ago: executing program 0: syz_usb_connect(0x0, 0x3d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000b19a3640d219751284070102030109022b0002070000ac18563dd8399550bba2ef9521593300090400010079319c0009040000000202ff"], 0x0) 2.950129ms ago: executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0xa, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0xbd}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80) 0s ago: executing program 3: r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) bind$can_raw(r0, &(0x7f0000000000), 0x10) kernel console output (not intermixed with test programs): 0000.0047: unknown main item tag 0x0 [ 426.266269][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.273539][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.280968][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.288606][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.289333][T14259] EXT4-fs (loop3): unmounting filesystem. [ 426.296138][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.308689][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.315949][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.323385][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.330887][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.338271][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.345472][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.352595][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.359822][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.367015][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.374376][ T313] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 426.382292][ T313] hid-generic 0000:0000:0000.0047: hidraw0: HID v0.00 Device [syz0] on syz0 [ 426.392128][ T350] __quota_error: 96 callbacks suppressed [ 426.392142][ T350] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 426.415487][ T350] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-5 [ 426.494953][T14776] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 426.505607][ T28] audit: type=1326 audit(2134217845.993:11751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 426.549393][ T28] audit: type=1326 audit(2134217845.993:11752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 426.576183][ T28] audit: type=1326 audit(2134217845.993:11753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 426.600248][ T28] audit: type=1326 audit(2134217845.993:11754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 426.624812][ T28] audit: type=1326 audit(2134217845.993:11755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 426.656939][ T28] audit: type=1326 audit(2134217845.993:11756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 426.686502][ T28] audit: type=1326 audit(2134217845.993:11757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 426.720426][ T28] audit: type=1326 audit(2134217845.993:11758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 426.748147][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x1 [ 426.755723][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.763278][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.770595][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.777875][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.785108][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.792420][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.799825][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x4 [ 426.811802][ T313] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 426.849733][ T24] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 426.857199][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.864395][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.871720][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.878961][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.886289][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.893646][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.900818][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.908144][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.915243][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.922464][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.929678][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.937207][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.944491][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.951951][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.959215][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.966422][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.973701][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 426.980949][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 427.308615][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 427.316055][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 427.323237][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 427.330427][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 427.337649][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 427.370578][ T39] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 427.378640][ T39] hid-generic 0000:0000:0000.0048: hidraw0: HID v0.00 Device [syz0] on syz0 [ 427.491890][T14808] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 427.551698][ T313] usb 4-1: New USB device found, idVendor=0582, idProduct=0023, bcdDevice=53.24 [ 427.560566][ T313] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 427.581606][ T313] usb 4-1: Product: syz [ 427.585595][ T313] usb 4-1: Manufacturer: syz [ 427.590025][ T313] usb 4-1: SerialNumber: syz [ 427.601650][ T24] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 427.602376][ T313] usb 4-1: config 0 descriptor?? [ 427.631629][ T3027] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 427.663614][ T313] snd-usb-audio: probe of 4-1:0.0 failed with error -2 [ 427.782069][ T24] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 427.800033][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 427.833519][ T24] usb 2-1: Product: syz [ 427.837596][ T24] usb 2-1: Manufacturer: syz [ 427.856546][ T24] usb 2-1: SerialNumber: syz [ 427.869551][ T313] usb 4-1: USB disconnect, device number 27 [ 427.875324][ T3027] usb 5-1: Using ep0 maxpacket: 16 [ 427.903477][ T24] cdc_ether: probe of 2-1:1.0 failed with error -22 [ 427.991673][ T3027] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 427.996512][T14808] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 428.002498][ T3027] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 428.022271][ T3027] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 428.035211][ T3027] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 428.044250][ T3027] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 428.052838][ T3027] usb 5-1: config 0 descriptor?? [ 428.104331][ T39] usb 2-1: USB disconnect, device number 30 [ 428.291672][ T24] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 428.314130][T14818] fuse: Bad value for 'group_id' [ 428.396867][T14820] loop3: detected capacity change from 0 to 512 [ 428.403849][T14820] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 428.412143][T14820] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 428.423447][T14820] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 428.437735][T14820] EXT4-fs (loop3): 1 truncate cleaned up [ 428.443256][T14820] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 428.457895][T14820] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 428.464999][T14820] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 428.482092][T14820] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 428.532330][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.539431][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.546427][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.551628][ T24] usb 1-1: Using ep0 maxpacket: 32 [ 428.553481][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.565455][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.572441][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.579469][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.586496][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.593542][ T313] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 428.600918][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.607952][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.615049][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.622294][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.629330][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.636511][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.643572][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.650562][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.657783][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.664907][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.671897][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.678908][ T3027] microsoft 0003:045E:07DA.0049: unknown main item tag 0x0 [ 428.686170][ T3027] microsoft 0003:045E:07DA.0049: No inputs registered, leaving [ 428.691683][ T24] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 428.694098][ T3027] microsoft 0003:045E:07DA.0049: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 428.715468][ T24] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 428.725016][ T3027] microsoft 0003:045E:07DA.0049: no inputs found [ 428.725031][ T24] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 428.731150][ T3027] microsoft 0003:045E:07DA.0049: could not initialize ff, continuing anyway [ 428.740116][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 428.757854][ T3027] usb 5-1: USB disconnect, device number 36 [ 428.822695][ T24] hub 1-1:4.0: USB hub found [ 428.961792][ T313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 428.973786][ T313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 428.984821][ T313] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 428.997926][ T313] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 428.998430][T14259] EXT4-fs (loop3): unmounting filesystem. [ 429.012484][ T313] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.023055][ T313] usb 3-1: config 0 descriptor?? [ 429.041666][T14818] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 429.041810][ T24] hub 1-1:4.0: 2 ports detected [ 429.353637][T14842] netlink: 'syz-executor.3': attribute type 27 has an invalid length. [ 429.564632][ T313] plantronics 0003:047F:FFFF.004A: unknown main item tag 0xd [ 429.572596][T14842] bridge0: port 2(bridge_slave_1) entered disabled state [ 429.574031][ T313] plantronics 0003:047F:FFFF.004A: No inputs registered, leaving [ 429.579665][T14842] bridge0: port 1(bridge_slave_0) entered disabled state [ 429.588558][ T313] plantronics 0003:047F:FFFF.004A: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 429.842903][ T332] usb 3-1: USB disconnect, device number 43 [ 430.152026][ T300] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 430.174231][T14875] tipc: Started in network mode [ 430.178900][T14875] tipc: Node identity 2007ff, cluster identity 4711 [ 430.185636][T14875] tipc: Node number set to 2099199 [ 430.200515][T14877] netlink: 'syz-executor.1': attribute type 27 has an invalid length. [ 430.222460][T14877] bridge0: port 2(bridge_slave_1) entered disabled state [ 430.229456][T14877] bridge0: port 1(bridge_slave_0) entered disabled state [ 430.302751][T14881] loop1: detected capacity change from 0 to 512 [ 430.317595][T14881] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 97: padding at end of block bitmap is not set [ 430.333057][T14881] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.1: corrupted xattr block 19 [ 430.345827][T14881] EXT4-fs warning (device loop1): ext4_evict_inode:299: xattr delete (err -117) [ 430.354820][T14881] EXT4-fs (loop1): 1 orphan inode deleted [ 430.360370][T14881] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 430.369439][T14881] ext4 filesystem being mounted at /root/syzkaller-testdir3837960840/syzkaller.qRg23f/70/file0 supports timestamps until 2038 (0x7fffffff) [ 430.393103][T14071] EXT4-fs (loop1): unmounting filesystem. [ 430.422449][T14897] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 430.447155][T14901] syz-executor.1[14901] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 430.447228][T14901] syz-executor.1[14901] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 430.461744][ T332] hub 1-1:4.0: activate --> -90 [ 430.521736][ T300] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 430.540053][ T300] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 430.558373][ T300] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 430.577201][ T300] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.585808][ T300] usb 4-1: config 0 descriptor?? [ 430.679466][T14909] netlink: 'syz-executor.4': attribute type 27 has an invalid length. [ 430.698311][T14909] bridge0: port 2(bridge_slave_1) entered disabled state [ 430.705378][T14909] bridge0: port 1(bridge_slave_0) entered disabled state [ 430.723598][T14909] device wg2 left promiscuous mode [ 430.811669][ T510] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 430.815692][T14912] loop4: detected capacity change from 0 to 512 [ 430.826193][T14912] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 430.834813][T14912] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 430.853684][T14912] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 430.868204][T14912] EXT4-fs (loop4): 1 truncate cleaned up [ 430.873713][T14912] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 430.885283][T14912] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 430.893310][T14912] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 430.912177][T14912] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 431.428838][T10603] EXT4-fs (loop4): unmounting filesystem. [ 431.469519][T14921] fuse: Bad value for 'group_id' [ 431.474433][ T510] usb 3-1: New USB device found, idVendor=0582, idProduct=0023, bcdDevice=53.24 [ 431.483935][ T510] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 431.491773][ T510] usb 3-1: Product: syz [ 431.495840][ T510] usb 3-1: Manufacturer: syz [ 431.500156][ T510] usb 3-1: SerialNumber: syz [ 431.505549][ T510] usb 3-1: config 0 descriptor?? [ 431.553094][ T510] snd-usb-audio: probe of 3-1:0.0 failed with error -2 [ 431.568110][ T313] usb 1-1: USB disconnect, device number 32 [ 431.581645][ T332] hub 1-1:4.0: hub_ext_port_status failed (err = -71) [ 431.780350][ T3027] usb 3-1: USB disconnect, device number 44 [ 431.871308][T14924] device vlan2 entered promiscuous mode [ 431.881681][ T300] uclogic 0003:256C:006D.004B: failed retrieving Huion firmware version: -71 [ 431.890347][ T300] uclogic 0003:256C:006D.004B: failed probing parameters: -71 [ 431.897728][ T300] uclogic: probe of 0003:256C:006D.004B failed with error -71 [ 431.905814][ T300] usb 4-1: USB disconnect, device number 28 [ 432.021667][ T39] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 432.471684][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 432.483157][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 432.494237][ T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 432.507001][ T39] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 432.516252][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 432.679740][ T39] usb 2-1: config 0 descriptor?? [ 432.701847][T14921] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22 [ 432.715698][ T28] kauditd_printk_skb: 29 callbacks suppressed [ 432.715741][ T28] audit: type=1400 audit(2134217852.203:11773): avc: denied { write } for pid=14956 comm="syz-executor.3" path="socket:[84373]" dev="sockfs" ino=84373 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 432.943894][T14965] syz-executor.0[14965] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 432.944141][T14965] syz-executor.0[14965] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 433.155047][ T39] plantronics 0003:047F:FFFF.004C: unknown main item tag 0xd [ 433.178771][ T39] plantronics 0003:047F:FFFF.004C: No inputs registered, leaving [ 433.190817][ T39] plantronics 0003:047F:FFFF.004C: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 433.442648][ T39] usb 2-1: USB disconnect, device number 31 [ 433.511307][ T28] audit: type=1400 audit(2134217852.993:11774): avc: denied { read } for pid=14973 comm="syz-executor.3" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 433.533735][ T3027] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 433.541602][ T28] audit: type=1400 audit(2134217852.993:11775): avc: denied { open } for pid=14973 comm="syz-executor.3" path="/root/syzkaller-testdir4131987708/syzkaller.84oahx/69/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 433.901740][ T3027] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 433.912609][ T3027] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 433.922105][ T3027] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 433.930948][ T3027] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.946233][ T3027] usb 1-1: config 0 descriptor?? [ 434.352461][T15018] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15018 comm=syz-executor.3 [ 434.365473][ T28] audit: type=1400 audit(2134217853.863:11776): avc: denied { nlmsg_tty_audit } for pid=15017 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 434.409276][T15022] fuse: Bad value for 'group_id' [ 435.037359][ T313] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 435.052988][T15037] syz-executor.4[15037] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 435.053065][T15037] syz-executor.4[15037] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 435.357670][ T3027] uclogic 0003:256C:006D.004D: failed retrieving Huion firmware version: -71 [ 435.378465][ T3027] uclogic 0003:256C:006D.004D: failed probing parameters: -71 [ 435.386260][ T3027] uclogic: probe of 0003:256C:006D.004D failed with error -71 [ 435.397375][ T3027] usb 1-1: USB disconnect, device number 33 [ 435.434484][T15057] bridge0: port 1(bridge_slave_0) entered blocking state [ 435.446683][T15057] bridge0: port 1(bridge_slave_0) entered disabled state [ 435.451707][ T313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 435.454127][T15057] device bridge_slave_0 entered promiscuous mode [ 435.470773][ T313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 435.495048][T15057] bridge0: port 2(bridge_slave_1) entered blocking state [ 435.501626][ T313] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 435.501951][T15057] bridge0: port 2(bridge_slave_1) entered disabled state [ 435.521646][ T313] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 435.522770][T15057] device bridge_slave_1 entered promiscuous mode [ 435.536999][ T313] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 435.545904][ T313] usb 4-1: config 0 descriptor?? [ 435.561779][T15022] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 435.630023][T15057] bridge0: port 2(bridge_slave_1) entered blocking state [ 435.636898][T15057] bridge0: port 2(bridge_slave_1) entered forwarding state [ 435.644034][T15057] bridge0: port 1(bridge_slave_0) entered blocking state [ 435.650870][T15057] bridge0: port 1(bridge_slave_0) entered forwarding state [ 435.673948][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 435.682559][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 435.689941][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 435.699703][ T3027] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 435.707795][ T3027] bridge0: port 1(bridge_slave_0) entered blocking state [ 435.714643][ T3027] bridge0: port 1(bridge_slave_0) entered forwarding state [ 435.724353][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 435.732533][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 435.739369][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 435.751543][ T3027] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 435.760783][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 435.776301][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 435.791947][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 435.799818][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 435.807059][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 435.815264][T15057] device veth0_vlan entered promiscuous mode [ 435.830079][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 435.841346][T15057] device veth1_macvtap entered promiscuous mode [ 435.864429][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 435.891785][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 436.022613][ T313] plantronics 0003:047F:FFFF.004E: unknown main item tag 0xd [ 436.030972][ T313] plantronics 0003:047F:FFFF.004E: No inputs registered, leaving [ 436.039389][ T313] plantronics 0003:047F:FFFF.004E: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 436.219795][T15109] xt_policy: too many policy elements [ 436.302469][ T313] usb 4-1: USB disconnect, device number 29 [ 436.501643][ T39] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 436.642857][ T350] device bridge_slave_1 left promiscuous mode [ 436.649013][ T350] bridge0: port 2(bridge_slave_1) entered disabled state [ 436.656455][ T350] device bridge_slave_0 left promiscuous mode [ 436.662527][ T350] bridge0: port 1(bridge_slave_0) entered disabled state [ 436.719465][T15123] xt_CT: You must specify a L4 protocol and not use inversions on it [ 436.918277][ T28] audit: type=1400 audit(2134217856.403:11777): avc: denied { setcurrent } for pid=15139 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 436.942858][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 436.953750][ T28] audit: type=1401 audit(2134217856.403:11778): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t [ 436.962802][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 436.980667][ T39] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 436.989924][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.011106][T15144] xt_policy: too many policy elements [ 437.012266][ T39] usb 2-1: config 0 descriptor?? [ 437.025264][T15142] loop2: detected capacity change from 0 to 512 [ 437.042051][T15142] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 97: padding at end of block bitmap is not set [ 437.057660][T15142] Quota error (device loop2): write_blk: dquota write failed [ 437.064975][T15142] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 437.075318][T15142] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.2: corrupted xattr block 19 [ 437.088010][T15142] EXT4-fs warning (device loop2): ext4_evict_inode:299: xattr delete (err -117) [ 437.097215][T15142] EXT4-fs (loop2): 1 orphan inode deleted [ 437.102824][T15142] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 437.111727][ T10] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5 [ 437.120542][ T10] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 437.130442][T15142] ext4 filesystem being mounted at /root/syzkaller-testdir2412164184/syzkaller.2P6fy8/495/file0 supports timestamps until 2038 (0x7fffffff) [ 437.169117][ T8654] EXT4-fs (loop2): unmounting filesystem. [ 437.196497][T15157] fuse: Bad value for 'group_id' [ 437.201654][ T300] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 437.452263][ T300] usb 5-1: Using ep0 maxpacket: 8 [ 437.471652][ T313] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 437.611699][ T300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 437.622480][ T300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 437.631990][ T300] usb 5-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 437.640834][ T300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.649330][ T300] usb 5-1: config 0 descriptor?? [ 437.831694][ T313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 437.842742][ T313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 437.853656][ T313] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 437.866310][ T313] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 437.875144][ T313] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.883817][ T313] usb 3-1: config 0 descriptor?? [ 437.928427][T15165] xt_CT: You must specify a L4 protocol and not use inversions on it [ 437.942592][T15157] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22 [ 437.995359][ T510] kernel write not supported for file bpf-prog (pid: 510 comm: kworker/1:4) [ 438.016359][T15177] xt_policy: too many policy elements [ 438.081757][ T39] uclogic 0003:256C:006D.004F: failed retrieving Huion firmware version: -71 [ 438.090442][ T39] uclogic 0003:256C:006D.004F: failed probing parameters: -71 [ 438.097762][ T39] uclogic: probe of 0003:256C:006D.004F failed with error -71 [ 438.106117][ T39] usb 2-1: USB disconnect, device number 32 [ 438.122539][ T300] hid-picolcd 0003:04D8:F002.0050: unknown main item tag 0x0 [ 438.129820][ T300] hid-picolcd 0003:04D8:F002.0050: unknown main item tag 0x0 [ 438.148955][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 438.148972][ T28] audit: type=1400 audit(2134217857.633:11779): avc: denied { mount } for pid=15184 comm="syz-executor.0" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 438.177584][ T28] audit: type=1400 audit(2134217857.633:11780): avc: denied { watch } for pid=15184 comm="syz-executor.0" path="/root/syzkaller-testdir3551822420/syzkaller.gPtFH5/804/file0" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 438.205016][ T28] audit: type=1400 audit(2134217857.633:11781): avc: denied { mounton } for pid=15184 comm="syz-executor.0" path="/root/syzkaller-testdir3551822420/syzkaller.gPtFH5/804/file0" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 438.233045][ T28] audit: type=1400 audit(2134217857.703:11782): avc: denied { unmount } for pid=6662 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 438.253400][ T300] hid-picolcd 0003:04D8:F002.0050: No report with id 0xf3 found [ 438.261398][ T300] hid-picolcd 0003:04D8:F002.0050: No report with id 0xf4 found [ 438.360801][ T789] usb 5-1: USB disconnect, device number 37 [ 438.458167][ T313] plantronics 0003:047F:FFFF.0051: unknown main item tag 0xd [ 438.466646][ T313] plantronics 0003:047F:FFFF.0051: No inputs registered, leaving [ 438.474987][ T313] plantronics 0003:047F:FFFF.0051: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 438.565094][T15193] xt_CT: You must specify a L4 protocol and not use inversions on it [ 438.682494][ T39] usb 3-1: USB disconnect, device number 45 [ 439.336318][ T313] kernel write not supported for file bpf-prog (pid: 313 comm: kworker/0:2) [ 439.472076][T15210] loop2: detected capacity change from 0 to 2048 [ 439.490104][T15218] xt_CT: You must specify a L4 protocol and not use inversions on it [ 439.509785][T15210] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 439.518343][T15210] ext4 filesystem being mounted at /root/syzkaller-testdir2412164184/syzkaller.2P6fy8/499/file0 supports timestamps until 2038 (0x7fffffff) [ 439.538784][ T28] audit: type=1400 audit(2134217859.023:11783): avc: denied { read } for pid=15207 comm="syz-executor.2" name="file1" dev="loop2" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 439.563567][T15227] input: syz0 as /devices/virtual/input/input58 [ 439.572160][T15232] fuse: Bad value for 'group_id' [ 439.831625][ T313] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 439.841627][ T300] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 440.191670][ T313] usb 5-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 440.201307][ T313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 440.218901][ T313] usb 5-1: config 0 descriptor?? [ 440.224655][ T8654] EXT4-fs (loop2): unmounting filesystem. [ 440.231669][ T300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 440.241769][T15240] xt_policy: too many policy elements [ 440.242852][ T300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 440.259105][ T300] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 440.273181][ T300] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 440.282081][ T300] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 440.290523][ T300] usb 1-1: config 0 descriptor?? [ 440.311711][T15232] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 440.416100][T15254] xt_CT: You must specify a L4 protocol and not use inversions on it [ 440.450287][T15258] loop2: detected capacity change from 0 to 512 [ 440.458895][T15258] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz-executor.2: casefold flag without casefold feature [ 440.471935][T15258] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.2: missing EA_INODE flag [ 440.477674][T15229] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 440.483807][T15258] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 2 err=-117 [ 440.504239][T15229] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 440.504349][T15258] EXT4-fs (loop2): 1 orphan inode deleted [ 440.517416][T15258] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 440.710993][ T8654] EXT4-fs (loop2): unmounting filesystem. [ 440.836944][ T300] plantronics 0003:047F:FFFF.0052: unknown main item tag 0xd [ 440.852528][ T300] plantronics 0003:047F:FFFF.0052: No inputs registered, leaving [ 440.866747][ T300] plantronics 0003:047F:FFFF.0052: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 441.080478][T15275] input: syz0 as /devices/virtual/input/input60 [ 441.086739][ T3027] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 441.122229][ T789] usb 1-1: USB disconnect, device number 34 [ 441.258022][ T28] audit: type=1400 audit(2134217860.743:11784): avc: denied { create } for pid=15279 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=iucv_socket permissive=1 [ 441.281261][T15282] loop1: detected capacity change from 0 to 512 [ 441.302503][T15282] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 441.310396][T15282] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 441.318248][T15282] System zones: 0-1, 15-15, 18-18, 34-34 [ 441.324361][T15282] EXT4-fs (loop1): orphan cleanup on readonly fs [ 441.330624][T15282] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0 [ 441.339734][ T3027] usb 4-1: Using ep0 maxpacket: 32 [ 441.339750][T15282] EXT4-fs warning (device loop1): ext4_enable_quotas:6987: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 441.358955][T15282] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 441.365742][T15282] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 40: padding at end of block bitmap is not set [ 441.380462][T15282] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6157: Corrupt filesystem [ 441.389293][T15282] EXT4-fs (loop1): 1 truncate cleaned up [ 441.394778][T15282] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 441.409666][T14071] EXT4-fs (loop1): unmounting filesystem. [ 441.461681][ T3027] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 441.472491][ T3027] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 441.481960][ T3027] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 441.490797][ T3027] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.542019][ T3027] hub 4-1:4.0: USB hub found [ 442.044890][ T3027] hub 4-1:4.0: 2 ports detected [ 442.073913][T15315] loop2: detected capacity change from 0 to 512 [ 442.080504][T15315] EXT4-fs: Ignoring removed nobh option [ 442.086640][T15315] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 442.113833][T15315] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 442.122668][T15315] ext4 filesystem being mounted at /root/syzkaller-testdir2412164184/syzkaller.2P6fy8/514/file0 supports timestamps until 2038 (0x7fffffff) [ 442.143418][ T8654] EXT4-fs (loop2): unmounting filesystem. [ 442.216701][ T28] audit: type=1400 audit(2134217861.703:11785): avc: denied { mount } for pid=15319 comm="syz-executor.2" name="/" dev="pstore" ino=12814 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 442.239546][ T28] audit: type=1400 audit(2134217861.703:11786): avc: denied { mounton } for pid=15319 comm="syz-executor.2" path="/root/syzkaller-testdir2412164184/syzkaller.2P6fy8/515/file0" dev="pstore" ino=12814 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=dir permissive=1 [ 442.383518][ T28] audit: type=1400 audit(2134217861.873:11787): avc: denied { unmount } for pid=8654 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 442.449110][T15327] netlink: 'syz-executor.2': attribute type 27 has an invalid length. [ 442.468249][T15327] bridge0: port 2(bridge_slave_1) entered disabled state [ 442.475240][T15327] bridge0: port 1(bridge_slave_0) entered disabled state [ 442.533598][T15332] fuse: Bad value for 'group_id' [ 442.542604][T15327] device vti0 left promiscuous mode [ 442.579731][ T313] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 442.584229][T15338] loop2: detected capacity change from 0 to 512 [ 442.590195][ T313] asix: probe of 5-1:0.0 failed with error -71 [ 442.602333][ T313] usb 5-1: USB disconnect, device number 38 [ 442.623960][T15338] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 97: padding at end of block bitmap is not set [ 442.639566][T15338] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.2: corrupted xattr block 19 [ 442.652178][T15338] EXT4-fs warning (device loop2): ext4_evict_inode:299: xattr delete (err -117) [ 442.661056][T15338] EXT4-fs (loop2): 1 orphan inode deleted [ 442.666687][T15338] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 442.675658][T15338] ext4 filesystem being mounted at /root/syzkaller-testdir2412164184/syzkaller.2P6fy8/519/file0 supports timestamps until 2038 (0x7fffffff) [ 442.718875][ T8654] EXT4-fs (loop2): unmounting filesystem. [ 442.753129][T15351] loop2: detected capacity change from 0 to 512 [ 442.859523][T15352] device vlan2 entered promiscuous mode [ 442.878893][ T789] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 443.025542][T15351] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 443.033712][T15351] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 443.041834][T15351] System zones: 0-1, 15-15, 18-18, 34-34 [ 443.050656][T15351] EXT4-fs (loop2): orphan cleanup on readonly fs [ 443.057244][T15351] EXT4-fs warning (device loop2): ext4_enable_quotas:6987: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 443.071841][T15351] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 443.078583][T15351] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 40: padding at end of block bitmap is not set [ 443.093210][T15351] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6157: Corrupt filesystem [ 443.101869][T15351] EXT4-fs (loop2): 1 truncate cleaned up [ 443.107304][T15351] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 443.124670][ T8654] EXT4-fs (loop2): unmounting filesystem. [ 443.478679][ T3027] hub 4-1:4.0: activate --> -90 [ 443.521734][ T789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 443.540437][T15368] netlink: 'syz-executor.1': attribute type 27 has an invalid length. [ 443.541122][ T789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 443.559491][ T789] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 443.572612][ T789] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 443.581506][ T789] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 443.591235][ T789] usb 1-1: config 0 descriptor?? [ 443.611719][T15332] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 444.072386][ T789] plantronics 0003:047F:FFFF.0053: unknown main item tag 0xd [ 444.080856][ T789] plantronics 0003:047F:FFFF.0053: No inputs registered, leaving [ 444.089629][ T789] plantronics 0003:047F:FFFF.0053: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 444.251641][ T789] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 444.342682][ T3027] usb 1-1: USB disconnect, device number 35 [ 444.382683][T15375] syz-executor.1[15375] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 444.382764][T15375] syz-executor.1[15375] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 444.390229][T15373] device syzkaller0 entered promiscuous mode [ 444.414703][ T703] usb 4-1: USB disconnect, device number 30 [ 444.421700][ T313] hub 4-1:4.0: hub_ext_port_status failed (err = -71) [ 444.455243][T15382] loop3: detected capacity change from 0 to 512 [ 444.482396][T15382] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 444.490238][T15382] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 444.498207][T15382] System zones: 0-1, 15-15, 18-18, 34-34 [ 444.504282][T15382] EXT4-fs (loop3): orphan cleanup on readonly fs [ 444.510505][T15382] __quota_error: 8 callbacks suppressed [ 444.510522][T15382] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0 [ 444.524987][T15382] EXT4-fs warning (device loop3): ext4_enable_quotas:6987: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 444.539324][T15382] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 444.546044][T15382] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 40: padding at end of block bitmap is not set [ 444.560877][T15382] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6157: Corrupt filesystem [ 444.569720][T15382] EXT4-fs (loop3): 1 truncate cleaned up [ 444.575335][T15382] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 444.591385][T14259] EXT4-fs (loop3): unmounting filesystem. [ 444.611665][ T789] usb 3-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 444.620593][ T789] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 444.629361][ T789] usb 3-1: config 0 descriptor?? [ 444.701640][ T313] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 444.876636][T15371] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 444.885607][T15371] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 445.131749][ T313] usb 2-1: Using ep0 maxpacket: 8 [ 445.451955][T15410] syz-executor.0[15410] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 445.452018][T15410] syz-executor.0[15410] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 445.491713][ T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 445.514267][ T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 445.523905][ T313] usb 2-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 445.532767][ T313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 445.541054][ T313] usb 2-1: config 0 descriptor?? [ 445.577005][T15413] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 445.636273][ T300] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 445.649286][T15417] loop4: detected capacity change from 0 to 512 [ 445.662470][T15417] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 445.670237][T15417] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 445.678055][T15417] System zones: 0-1, 15-15, 18-18, 34-34 [ 445.684008][T15417] EXT4-fs (loop4): orphan cleanup on readonly fs [ 445.690245][T15417] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0 [ 445.699408][T15417] EXT4-fs warning (device loop4): ext4_enable_quotas:6987: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 445.714010][T15417] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 445.720611][T15417] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 40: padding at end of block bitmap is not set [ 445.735157][T15417] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6157: Corrupt filesystem [ 445.743858][T15417] EXT4-fs (loop4): 1 truncate cleaned up [ 445.749306][T15417] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 445.766603][T15057] EXT4-fs (loop4): unmounting filesystem. [ 445.901618][ T300] usb 4-1: Using ep0 maxpacket: 32 [ 446.012505][ T313] hid-picolcd 0003:04D8:F002.0054: unknown main item tag 0x0 [ 446.019815][ T313] hid-picolcd 0003:04D8:F002.0054: unknown main item tag 0x0 [ 446.061674][ T300] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 446.072791][ T300] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 446.082433][ T300] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 446.091295][ T300] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 446.092086][ T313] hid-picolcd 0003:04D8:F002.0054: No report with id 0xf3 found [ 446.106706][ T313] hid-picolcd 0003:04D8:F002.0054: No report with id 0xf4 found [ 446.152119][ T300] hub 4-1:4.0: USB hub found [ 446.180334][ T28] audit: type=1326 audit(2134217865.663:11789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15436 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f090ea7cea9 code=0x7ffc0000 [ 446.204682][ T28] audit: type=1326 audit(2134217865.663:11790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15436 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f090ea7cea9 code=0x7ffc0000 [ 446.228701][ T28] audit: type=1326 audit(2134217865.663:11791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15436 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f090ea7cea9 code=0x7ffc0000 [ 446.253098][ T28] audit: type=1326 audit(2134217865.663:11792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15436 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f090ea7cea9 code=0x7ffc0000 [ 446.277354][ T28] audit: type=1326 audit(2134217865.663:11793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15436 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f090ea7cea9 code=0x7ffc0000 [ 446.287454][ T313] usb 2-1: USB disconnect, device number 33 [ 446.301688][ T28] audit: type=1326 audit(2134217865.663:11794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15436 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f090ea7cea9 code=0x7ffc0000 [ 446.331178][ T28] audit: type=1400 audit(2134217865.773:11795): avc: denied { create } for pid=15379 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 446.352248][ T28] audit: type=1400 audit(2134217865.773:11796): avc: denied { write } for pid=15379 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 446.361705][ T300] hub 4-1:4.0: 2 ports detected [ 448.464235][ T789] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 448.477713][ T789] asix: probe of 3-1:0.0 failed with error -71 [ 448.485159][ T789] usb 3-1: USB disconnect, device number 46 [ 448.492983][T15453] SELinux: Context system_u:object_r:chfn_exec_t:s0 is not valid (left unmapped). [ 448.980570][T15464] loop4: detected capacity change from 0 to 40427 [ 448.995463][T15464] F2FS-fs (loop4): invalid crc value [ 449.002327][T15464] F2FS-fs (loop4): Found nat_bits in checkpoint [ 449.036086][T15464] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 449.058655][T15488] loop1: detected capacity change from 0 to 512 [ 449.076875][T15488] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 97: padding at end of block bitmap is not set [ 449.092145][T15488] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.1: corrupted xattr block 19 [ 449.105180][T15488] EXT4-fs warning (device loop1): ext4_evict_inode:299: xattr delete (err -117) [ 449.117249][T15488] EXT4-fs (loop1): 1 orphan inode deleted [ 449.122898][T15488] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 449.131844][T15488] ext4 filesystem being mounted at /root/syzkaller-testdir3837960840/syzkaller.qRg23f/125/file0 supports timestamps until 2038 (0x7fffffff) [ 449.152257][T14071] EXT4-fs (loop1): unmounting filesystem. [ 449.671633][ T789] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 449.768398][ T510] usb 4-1: USB disconnect, device number 31 [ 449.774248][ T300] hub 4-1:4.0: hub_ext_port_status failed (err = -71) [ 449.881690][ T313] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 449.911608][ T789] usb 1-1: Using ep0 maxpacket: 8 [ 449.927995][T15511] loop3: detected capacity change from 0 to 40427 [ 450.031792][ T789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 450.042668][ T789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 450.052741][ T789] usb 1-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 450.062561][ T789] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 450.071127][ T789] usb 1-1: config 0 descriptor?? [ 450.079632][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 450.079649][ T28] audit: type=1326 audit(2134217869.573:11802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15515 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 450.109629][ T28] audit: type=1326 audit(2134217869.573:11803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15515 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 450.133602][ T28] audit: type=1326 audit(2134217869.573:11804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15515 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 450.157583][ T28] audit: type=1326 audit(2134217869.573:11805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15515 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 450.181680][ T28] audit: type=1326 audit(2134217869.573:11806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15515 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 450.206938][ T28] audit: type=1326 audit(2134217869.573:11807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15515 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 450.209554][T15524] loop3: detected capacity change from 0 to 512 [ 450.231052][ T28] audit: type=1326 audit(2134217869.573:11808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15515 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 450.262641][ T28] audit: type=1326 audit(2134217869.573:11809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15515 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 450.271326][T15524] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 97: padding at end of block bitmap is not set [ 450.286784][ T28] audit: type=1326 audit(2134217869.573:11810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15515 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f638987cea9 code=0x7ffc0000 [ 450.300992][ T313] usb 3-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 450.333838][ T313] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 450.333876][T15524] Quota error (device loop3): write_blk: dquota write failed [ 450.342550][ T313] usb 3-1: config 0 descriptor?? [ 450.353251][T15524] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.3: corrupted xattr block 19 [ 450.366458][T15524] EXT4-fs warning (device loop3): ext4_evict_inode:299: xattr delete (err -117) [ 450.375435][T15524] EXT4-fs (loop3): 1 orphan inode deleted [ 450.381015][T15524] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 450.389776][T15524] ext4 filesystem being mounted at /root/syzkaller-testdir4131987708/syzkaller.84oahx/95/file0 supports timestamps until 2038 (0x7fffffff) [ 450.411289][T14259] EXT4-fs (loop3): unmounting filesystem. [ 450.441225][T15530] loop1: detected capacity change from 0 to 512 [ 450.449089][T15530] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 450.457118][T15530] EXT4-fs (loop1): 1 truncate cleaned up [ 450.462806][T15530] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 450.525822][T14071] EXT4-fs (loop1): unmounting filesystem. [ 450.531913][T15534] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 450.563244][ T789] hid-picolcd 0003:04D8:F002.0055: unknown main item tag 0x0 [ 450.570483][ T789] hid-picolcd 0003:04D8:F002.0055: unknown main item tag 0x0 [ 450.604932][T15503] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 450.618002][T15503] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 450.641677][ T789] hid-picolcd 0003:04D8:F002.0055: No report with id 0xf3 found [ 450.652099][ T789] hid-picolcd 0003:04D8:F002.0055: No report with id 0xf4 found [ 450.733208][T15555] loop1: detected capacity change from 0 to 512 [ 450.743705][T15555] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 97: padding at end of block bitmap is not set [ 450.759164][T15555] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.1: corrupted xattr block 19 [ 451.053592][T15555] EXT4-fs warning (device loop1): ext4_evict_inode:299: xattr delete (err -117) [ 451.071000][T15555] EXT4-fs (loop1): 1 orphan inode deleted [ 451.081727][T15555] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 451.090492][T15555] ext4 filesystem being mounted at /root/syzkaller-testdir3837960840/syzkaller.qRg23f/137/file0 supports timestamps until 2038 (0x7fffffff) [ 451.117248][T15549] loop3: detected capacity change from 0 to 40427 [ 451.125012][ T300] usb 1-1: USB disconnect, device number 36 [ 451.131811][T14071] EXT4-fs (loop1): unmounting filesystem. [ 451.201341][T15565] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 451.328445][T15581] loop3: detected capacity change from 0 to 512 [ 451.337274][T15581] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 451.348967][T15581] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 451.359606][T15581] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 451.372977][T15581] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 451.380902][T15581] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.3: corrupted in-inode xattr [ 451.393615][T15581] EXT4-fs (loop3): Remounting filesystem read-only [ 451.399967][T15581] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 451.412252][T15581] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 451.422174][T15581] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 451.433627][T15581] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 451.443567][T15581] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 451.456913][T15581] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 451.468334][T15581] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 451.478273][T15581] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 451.491670][T15581] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 451.503072][T15581] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 451.513089][T15581] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 451.526443][T15581] EXT4-fs error (device loop3): ext4_find_dest_de:2112: inode #2: block 3: comm syz-executor.3: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 451.545877][T15581] EXT4-fs (loop3): Remounting filesystem read-only [ 451.568640][T14259] EXT4-fs (loop3): unmounting filesystem. [ 451.630067][T15600] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 451.698246][T15057] syz-executor.4: attempt to access beyond end of device [ 451.698246][T15057] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 451.715689][T15057] syz-executor.4: attempt to access beyond end of device [ 451.715689][T15057] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 451.739111][T15057] syz-executor.4: attempt to access beyond end of device [ 451.739111][T15057] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 452.073214][T15606] loop3: detected capacity change from 0 to 40427 [ 452.237260][T15630] bridge0: port 1(bridge_slave_0) entered blocking state [ 452.244203][T15630] bridge0: port 1(bridge_slave_0) entered disabled state [ 452.251534][T15630] device bridge_slave_0 entered promiscuous mode [ 452.261453][T15630] bridge0: port 2(bridge_slave_1) entered blocking state [ 452.275627][T15630] bridge0: port 2(bridge_slave_1) entered disabled state [ 452.287160][T15630] device bridge_slave_1 entered promiscuous mode [ 452.446454][T15630] bridge0: port 2(bridge_slave_1) entered blocking state [ 452.453385][T15630] bridge0: port 2(bridge_slave_1) entered forwarding state [ 452.460477][T15630] bridge0: port 1(bridge_slave_0) entered blocking state [ 452.467334][T15630] bridge0: port 1(bridge_slave_0) entered forwarding state [ 452.476448][ T8] device bridge_slave_1 left promiscuous mode [ 452.482828][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 452.490552][ T8] device bridge_slave_0 left promiscuous mode [ 452.499808][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 452.508590][ T8] device veth1_macvtap left promiscuous mode [ 452.544534][ T8] device veth0_vlan left promiscuous mode [ 452.554512][T15651] loop1: detected capacity change from 0 to 512 [ 452.572653][T15651] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 452.591821][T15651] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 452.613005][T15651] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 452.651661][ T313] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 452.663208][T15651] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 452.673386][T15651] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.1: corrupted in-inode xattr [ 452.691767][ T313] asix: probe of 3-1:0.0 failed with error -71 [ 452.693935][T15651] EXT4-fs (loop1): Remounting filesystem read-only [ 452.704186][T15651] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 452.709232][ T313] usb 3-1: USB disconnect, device number 47 [ 452.726505][T15651] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 452.760518][T15651] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 452.778845][T15651] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 452.797310][T15651] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 452.822109][T15669] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 452.839953][T15669] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 452.850524][T15669] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 452.864690][T15669] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 452.876994][T15669] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 452.887073][T15669] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 452.912431][T15669] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #2: block 3: comm syz-executor.1: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 452.938813][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 452.946705][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 452.956481][T15669] EXT4-fs (loop1): Remounting filesystem read-only [ 452.962146][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 452.964449][T15675] loop2: detected capacity change from 0 to 512 [ 452.970220][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 452.994094][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 453.003004][T14071] EXT4-fs (loop1): unmounting filesystem. [ 453.003084][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 453.018747][T15675] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 97: padding at end of block bitmap is not set [ 453.033662][ T300] bridge0: port 1(bridge_slave_0) entered blocking state [ 453.040508][ T300] bridge0: port 1(bridge_slave_0) entered forwarding state [ 453.048560][T15675] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.2: corrupted xattr block 19 [ 453.062292][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 453.070721][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 453.078875][T15675] EXT4-fs warning (device loop2): ext4_evict_inode:299: xattr delete (err -117) [ 453.088044][ T300] bridge0: port 2(bridge_slave_1) entered blocking state [ 453.094916][ T300] bridge0: port 2(bridge_slave_1) entered forwarding state [ 453.102199][T15675] EXT4-fs (loop2): 1 orphan inode deleted [ 453.107824][T15675] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 453.116877][T15675] ext4 filesystem being mounted at /root/syzkaller-testdir2412164184/syzkaller.2P6fy8/529/file0 supports timestamps until 2038 (0x7fffffff) [ 453.131151][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 453.139141][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 453.157600][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 453.183560][ T8654] EXT4-fs (loop2): unmounting filesystem. [ 453.191925][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 453.209986][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 453.218239][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 453.231531][T15630] device veth0_vlan entered promiscuous mode [ 453.238842][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 453.246997][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 453.260117][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 454.331080][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 454.491794][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 454.502991][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 454.539866][T15630] device veth1_macvtap entered promiscuous mode [ 454.554052][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 454.569359][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 454.609428][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 454.622446][ T789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 454.728598][T15712] device pim6reg1 entered promiscuous mode [ 454.919316][T15730] loop1: detected capacity change from 0 to 2048 [ 454.962069][T15730] loop1: p1 < > p4 [ 454.966994][T15730] loop1: p4 size 8388608 extends beyond EOD, truncated [ 455.658494][T11122] hid-generic 0000:0000:0000.0056: unknown main item tag 0x0 [ 455.695305][T11122] hid-generic 0000:0000:0000.0056: hidraw0: HID v0.00 Device [syz0] on syz0 [ 455.797322][T15762] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 455.834805][T15758] device bridge0 entered promiscuous mode [ 455.840427][T15758] device vlan2 entered promiscuous mode [ 455.846766][T15758] bridge0: port 3(vlan2) entered blocking state [ 455.853608][T15758] bridge0: port 3(vlan2) entered disabled state [ 455.861238][T15758] device bridge0 left promiscuous mode [ 455.871244][T15766] device pim6reg1 entered promiscuous mode [ 455.890084][ T28] kauditd_printk_skb: 77 callbacks suppressed [ 455.890119][ T28] audit: type=1326 audit(2134217875.373:11870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 455.951653][ T28] audit: type=1326 audit(2134217875.413:11871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 455.983811][ T28] audit: type=1326 audit(2134217875.413:11872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 456.021629][ T28] audit: type=1326 audit(2134217875.413:11873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 456.065246][ T28] audit: type=1326 audit(2134217875.413:11874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 456.111876][ T28] audit: type=1326 audit(2134217875.423:11875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 456.149636][ T28] audit: type=1326 audit(2134217875.423:11876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 456.218297][ T28] audit: type=1326 audit(2134217875.423:11877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 456.302752][ T28] audit: type=1326 audit(2134217875.423:11878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 456.331930][ T28] audit: type=1326 audit(2134217875.423:11879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 456.693373][ T313] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 456.700936][T15796] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 456.732533][ T313] hid-generic 0000:0000:0000.0057: hidraw0: HID v0.00 Device [syz0] on syz0 [ 456.828836][T15806] loop3: detected capacity change from 0 to 2048 [ 456.882292][T15806] loop3: p1 < > p4 [ 456.886599][T15806] loop3: p4 size 8388608 extends beyond EOD, truncated [ 457.079467][ T300] hid-generic 0000:0000:0000.0058: unknown main item tag 0x0 [ 457.082180][T15829] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 457.096067][ T300] hid-generic 0000:0000:0000.0058: hidraw0: HID v0.00 Device [syz0] on syz0 [ 458.535318][T15831] loop1: detected capacity change from 0 to 131072 [ 458.691675][ T789] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 458.719193][T15831] F2FS-fs (loop1): QUOTA feature is enabled, so ignore qf_name [ 458.727485][T15831] F2FS-fs (loop1): invalid crc value [ 458.734192][T15831] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 458.771211][T15831] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b [ 458.831543][T15886] input: syz1 as /devices/virtual/input/input62 [ 458.931638][ T789] usb 1-1: Using ep0 maxpacket: 32 [ 459.058973][ T789] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 459.073411][ T789] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 2 [ 459.095573][T15897] loop3: detected capacity change from 0 to 512 [ 459.106092][T15897] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 459.190254][T15897] EXT4-fs (loop3): orphan cleanup on readonly fs [ 459.197564][T15897] EXT4-fs error (device loop3): ext4_orphan_get:1422: comm syz-executor.3: bad orphan inode 15 [ 459.208788][T15897] ext4_test_bit(bit=14, block=18) = 1 [ 459.214211][T15897] is_bad_inode(inode)=0 [ 459.218531][T15897] NEXT_ORPHAN(inode)=1023 [ 459.222828][T15897] max_ino=32 [ 459.225930][T15897] i_nlink=0 [ 459.229687][T15897] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.3: corrupted xattr block 19 [ 459.243401][T15897] EXT4-fs warning (device loop3): ext4_evict_inode:299: xattr delete (err -117) [ 459.252703][T15897] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 459.277628][T15897] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz-executor.3: path /root/syzkaller-testdir4131987708/syzkaller.84oahx/129/qY3aK: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=4096 fake=0 [ 459.304918][T15903] xt_CT: You must specify a L4 protocol and not use inversions on it [ 459.316468][T14259] EXT4-fs (loop3): unmounting filesystem. [ 459.421680][ T789] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 459.430593][ T789] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 459.438395][ T789] usb 1-1: Product: syz [ 459.442399][ T789] usb 1-1: Manufacturer: syz [ 459.446783][ T789] usb 1-1: SerialNumber: syz [ 459.621714][ T510] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 459.934940][ T510] usb 4-1: Using ep0 maxpacket: 16 [ 460.052059][ T510] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 460.118342][ T510] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 460.177442][ T510] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 460.218518][T15920] loop2: detected capacity change from 0 to 512 [ 460.255283][T15920] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 460.274035][ T510] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 460.282989][ T510] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.291320][T15920] EXT4-fs (loop2): invalid journal inode [ 460.292006][ T510] usb 4-1: config 0 descriptor?? [ 460.297932][T15920] EXT4-fs (loop2): can't get journal size [ 460.308616][T15920] EXT4-fs (loop2): 1 truncate cleaned up [ 460.314299][T15920] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 460.324979][T15913] loop4: detected capacity change from 0 to 131072 [ 460.332844][ T8654] EXT4-fs (loop2): unmounting filesystem. [ 460.333302][T15913] F2FS-fs (loop4): invalid crc value [ 460.345701][T15913] F2FS-fs (loop4): Found nat_bits in checkpoint [ 460.380815][T15913] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 460.566515][T15931] xt_NFQUEUE: number of total queues is 0 [ 460.750462][T15939] netlink: 'syz-executor.1': attribute type 22 has an invalid length. [ 460.764324][T15909] loop3: detected capacity change from 0 to 512 [ 460.771190][T15909] EXT4-fs: old and new quota format mixing [ 460.836563][ T510] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0059/input/input63 [ 461.010997][ T510] microsoft 0003:045E:07DA.0059: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 461.169590][ T39] usb 1-1: USB disconnect, device number 37 [ 461.191706][ T510] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 461.304270][ T332] usb 4-1: USB disconnect, device number 32 [ 461.601657][ T510] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 461.611787][ T510] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 461.711802][ T510] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 461.720746][ T510] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 461.728525][ T510] usb 5-1: SerialNumber: syz [ 462.022565][ T510] usb 5-1: 0:2 : does not exist [ 462.031937][ T510] usb 5-1: USB disconnect, device number 39 [ 462.044441][T15973] loop3: detected capacity change from 0 to 256 [ 462.052265][T15973] exfat: Deprecated parameter 'utf8' [ 462.057545][T15973] exfat: Bad value for 'gid' [ 462.191653][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 462.191670][ T28] audit: type=1326 audit(2134217881.673:11882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15981 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe34567cea9 code=0x7ffc0000 [ 462.229648][T15984] tipc: Failed to remove unknown binding: 66,1,1/0:1878587413/1878587415 [ 462.238916][T15984] tipc: Failed to remove unknown binding: 66,1,1/0:1878587413/1878587415 [ 462.246239][ T28] audit: type=1326 audit(2134217881.713:11883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15981 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe34567cea9 code=0x7ffc0000 [ 462.271086][T15984] tipc: Failed to remove unknown binding: 66,1,1/0:1878587413/1878587415 [ 462.274603][ T28] audit: type=1326 audit(2134217881.713:11884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15981 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe34567cea9 code=0x7ffc0000 [ 462.316003][ T28] audit: type=1326 audit(2134217881.713:11885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15981 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe34567cea9 code=0x7ffc0000 [ 462.344860][T15988] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 462.350567][ T28] audit: type=1326 audit(2134217881.713:11886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15981 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe34567cea9 code=0x7ffc0000 [ 462.386371][ T28] audit: type=1326 audit(2134217881.713:11887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15981 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe34567cea9 code=0x7ffc0000 [ 462.410489][ T28] audit: type=1326 audit(2134217881.713:11888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15981 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe34567cea9 code=0x7ffc0000 [ 462.421663][T11122] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 462.482209][T15992] netlink: 'syz-executor.2': attribute type 22 has an invalid length. [ 462.942274][ T28] audit: type=1326 audit(2134217882.423:11889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16009 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1af407cea9 code=0x7ffc0000 [ 462.979059][ T28] audit: type=1326 audit(2134217882.453:11890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16009 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1af407cea9 code=0x7ffc0000 [ 462.991606][T11122] usb 2-1: Using ep0 maxpacket: 32 [ 463.009779][ T28] audit: type=1326 audit(2134217882.453:11891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16009 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1af407cea9 code=0x7ffc0000 [ 463.047483][T16018] 8021q: VLANs not supported on lo [ 463.084426][T16023] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 463.118689][T16023] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 463.131668][T11122] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 463.155112][T11122] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 2 [ 463.166368][T16028] loop4: detected capacity change from 0 to 512 [ 463.178870][T16028] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 463.199042][T16028] EXT4-fs (loop4): invalid journal inode [ 463.204609][T16028] EXT4-fs (loop4): can't get journal size [ 463.211186][T16028] EXT4-fs (loop4): 1 truncate cleaned up [ 463.216815][T16028] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 463.234716][T15630] EXT4-fs (loop4): unmounting filesystem. [ 463.331675][T11122] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 463.362302][T16043] loop3: detected capacity change from 0 to 256 [ 463.373952][T16043] FAT-fs (loop3): Directory bread(block 64) failed [ 463.380372][T16043] FAT-fs (loop3): Directory bread(block 65) failed [ 463.386871][T11122] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 463.388963][T16043] FAT-fs (loop3): Directory bread(block 66) failed [ 463.396549][T11122] usb 2-1: Product: syz [ 463.405623][T11122] usb 2-1: Manufacturer: syz [ 463.410323][T11122] usb 2-1: SerialNumber: syz [ 463.414808][T16043] FAT-fs (loop3): Directory bread(block 67) failed [ 463.421328][T16043] FAT-fs (loop3): Directory bread(block 68) failed [ 463.428010][T16043] FAT-fs (loop3): Directory bread(block 69) failed [ 463.434634][T16043] FAT-fs (loop3): Directory bread(block 70) failed [ 463.435143][T16042] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 463.441004][T16043] FAT-fs (loop3): Directory bread(block 71) failed [ 463.449402][T16047] 8021q: VLANs not supported on lo [ 463.455315][T16043] FAT-fs (loop3): Directory bread(block 72) failed [ 463.467357][T16043] FAT-fs (loop3): Directory bread(block 73) failed [ 463.471656][ T332] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 463.492037][T16050] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 463.523057][T16050] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 463.911788][ T332] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 463.947196][ T332] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 464.061643][ T332] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 464.070634][ T332] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 464.078501][ T332] usb 1-1: SerialNumber: syz [ 464.241295][T16076] loop4: detected capacity change from 0 to 512 [ 464.253339][T16076] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 97: padding at end of block bitmap is not set [ 464.268719][T16076] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.4: corrupted xattr block 19 [ 464.281215][T16076] EXT4-fs warning (device loop4): ext4_evict_inode:299: xattr delete (err -117) [ 464.290198][T16076] EXT4-fs (loop4): 1 orphan inode deleted [ 464.295964][T16076] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 464.304771][T16076] ext4 filesystem being mounted at /root/syzkaller-testdir391506199/syzkaller.4Ks7gQ/36/file0 supports timestamps until 2038 (0x7fffffff) [ 464.326475][T15630] EXT4-fs (loop4): unmounting filesystem. [ 464.382603][ T332] usb 1-1: 0:2 : does not exist [ 464.393584][ T332] usb 1-1: USB disconnect, device number 38 [ 464.413004][T16090] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 464.432830][T16090] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 464.498470][ T510] kernel write not supported for file 16103/task/16104/clear_refs (pid: 510 comm: kworker/1:4) [ 465.183940][ T332] usb 2-1: USB disconnect, device number 34 [ 465.353641][T16138] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 465.363150][T16138] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 465.789034][T16152] loop4: detected capacity change from 0 to 1024 [ 465.797073][T16152] EXT4-fs: Ignoring removed nomblk_io_submit option [ 465.813695][T16152] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 465.833707][T15630] EXT4-fs (loop4): unmounting filesystem. [ 466.311240][T11122] usb 3-1: new high-speed USB device number 48 using dummy_hcd [ 466.581596][T11122] usb 3-1: Using ep0 maxpacket: 32 [ 466.701698][T11122] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 466.723791][T11122] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 2 [ 466.844511][T16203] loop4: detected capacity change from 0 to 1024 [ 466.851394][T16203] EXT4-fs: Ignoring removed nomblk_io_submit option [ 466.863389][T16203] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 466.880597][T16209] loop3: detected capacity change from 0 to 512 [ 466.887852][T15630] EXT4-fs (loop4): unmounting filesystem. [ 466.893582][T11122] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 466.903123][T11122] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 466.921450][T16209] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 466.921462][T11122] usb 3-1: Product: syz [ 466.921478][T11122] usb 3-1: Manufacturer: syz [ 466.931721][T16209] ext4 filesystem being mounted at /root/syzkaller-testdir4131987708/syzkaller.84oahx/154/bus supports timestamps until 2038 (0x7fffffff) [ 466.934431][T11122] usb 3-1: SerialNumber: syz [ 467.031628][ T313] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 467.221709][ T703] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 467.271685][ T313] usb 1-1: Using ep0 maxpacket: 16 [ 467.391862][ T313] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 467.402792][ T313] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 467.412865][ T313] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 467.425630][ T313] usb 1-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00 [ 467.434635][ T313] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.444977][ T313] usb 1-1: config 0 descriptor?? [ 467.461654][ T703] usb 2-1: Using ep0 maxpacket: 32 [ 467.621695][ T703] usb 2-1: unable to get BOS descriptor or descriptor too short [ 467.701910][ T703] usb 2-1: config 0 has an invalid interface number: 39 but max is 1 [ 467.738297][ T703] usb 2-1: config 0 has no interface number 1 [ 467.745041][ T703] usb 2-1: config 0 interface 39 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 467.755566][ T703] usb 2-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x1, skipping [ 467.826783][T14259] EXT4-fs (loop3): unmounting filesystem. [ 467.895497][T16237] loop3: detected capacity change from 0 to 128 [ 467.922376][ T313] elecom 0003:056E:00FB.005A: unknown main item tag 0x0 [ 467.929203][ T703] usb 2-1: New USB device found, idVendor=19d2, idProduct=1003, bcdDevice=da.79 [ 467.938281][ T313] elecom 0003:056E:00FB.005A: unbalanced delimiter at end of report description [ 467.947354][ T703] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 467.955310][ T313] elecom: probe of 0003:056E:00FB.005A failed with error -22 [ 467.962568][ T703] usb 2-1: Product: syz [ 467.966491][ T703] usb 2-1: Manufacturer: syz [ 467.970920][ T703] usb 2-1: SerialNumber: syz [ 467.977415][ T703] usb 2-1: config 0 descriptor?? [ 468.022074][ T703] usb 2-1: bad CDC descriptors [ 468.122779][ T703] usb 1-1: USB disconnect, device number 39 [ 468.224883][ T313] usb 2-1: USB disconnect, device number 35 [ 468.572371][ T8] kworker/u4:0: attempt to access beyond end of device [ 468.572371][ T8] loop3: rw=1048577, sector=145, nr_sectors = 896 limit=128 [ 468.776235][T16253] loop4: detected capacity change from 0 to 512 [ 468.791223][T16256] xt_CT: You must specify a L4 protocol and not use inversions on it [ 468.799890][ T313] usb 3-1: USB disconnect, device number 48 [ 468.819824][T16253] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 97: padding at end of block bitmap is not set [ 468.837209][T16262] loop2: detected capacity change from 0 to 1024 [ 468.844884][T16262] EXT4-fs: Ignoring removed nomblk_io_submit option [ 468.849115][T16253] __quota_error: 9 callbacks suppressed [ 468.849135][T16253] Quota error (device loop4): write_blk: dquota write failed [ 468.864261][T16253] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 468.885169][T16262] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 468.909105][ T8654] EXT4-fs (loop2): unmounting filesystem. [ 468.915419][T16253] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.4: corrupted xattr block 19 [ 468.928319][T16253] EXT4-fs warning (device loop4): ext4_evict_inode:299: xattr delete (err -117) [ 468.937847][ T28] audit: type=1326 audit(2134217888.433:11897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16274 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f410ee7cea9 code=0x7ffc0000 [ 468.962862][T16253] EXT4-fs (loop4): 1 orphan inode deleted [ 468.968991][ T28] audit: type=1326 audit(2134217888.453:11898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16274 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f410ee7cea9 code=0x7ffc0000 [ 468.970187][T16253] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 469.002513][ T8] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-5 [ 469.006069][ T28] audit: type=1326 audit(2134217888.493:11899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16274 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f410ee7cea9 code=0x7ffc0000 [ 469.011354][ T8] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 469.043427][ T28] audit: type=1326 audit(2134217888.493:11900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16274 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f410ee7cea9 code=0x7ffc0000 [ 469.069028][T16253] ext4 filesystem being mounted at /root/syzkaller-testdir391506199/syzkaller.4Ks7gQ/60/file0 supports timestamps until 2038 (0x7fffffff) [ 469.089235][ T28] audit: type=1326 audit(2134217888.493:11901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16274 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f410ee7cea9 code=0x7ffc0000 [ 469.119762][ T28] audit: type=1326 audit(2134217888.493:11902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16274 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f410ee7cea9 code=0x7ffc0000 [ 469.275569][T15630] EXT4-fs (loop4): unmounting filesystem. [ 469.352551][T16289] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 469.503310][T16294] loop4: detected capacity change from 0 to 512 [ 469.509891][T16294] ext4: Unknown parameter 'obj_type' [ 469.662214][T16314] loop4: detected capacity change from 0 to 512 [ 469.680185][T16314] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 97: padding at end of block bitmap is not set [ 469.695827][T16314] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.4: corrupted xattr block 19 [ 469.717080][T16314] EXT4-fs warning (device loop4): ext4_evict_inode:299: xattr delete (err -117) [ 469.726362][T16314] EXT4-fs (loop4): 1 orphan inode deleted [ 469.728721][T16310] loop2: detected capacity change from 0 to 256 [ 469.732075][T16314] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 469.738923][T16310] exfat: Deprecated parameter 'utf8' [ 469.746966][T16314] ext4 filesystem being mounted at /root/syzkaller-testdir391506199/syzkaller.4Ks7gQ/62/file0 supports timestamps until 2038 (0x7fffffff) [ 469.752215][T16310] exfat: Bad value for 'gid' [ 469.776707][T15630] EXT4-fs (loop4): unmounting filesystem. [ 469.916361][T16327] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16327 comm=syz-executor.2 [ 469.916411][T16328] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 469.930176][T16327] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 469.949663][T16327] device veth0_to_bridge entered promiscuous mode [ 469.959315][T16325] device veth0_to_bridge left promiscuous mode [ 470.054485][T16333] loop3: detected capacity change from 0 to 256 [ 470.530750][T16350] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16350 comm=syz-executor.0 [ 470.800972][T16378] loop3: detected capacity change from 0 to 128 [ 471.060382][T16385] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16385 comm=syz-executor.2 [ 471.586837][ T43] kworker/u4:2: attempt to access beyond end of device [ 471.586837][ T43] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 471.609949][T16377] loop4: detected capacity change from 0 to 131072 [ 471.622669][T16377] F2FS-fs (loop4): Test dummy encryption mode enabled [ 471.632467][T16377] F2FS-fs (loop4): Test dummy encryption mode enabled [ 471.652828][T16377] F2FS-fs (loop4): Found nat_bits in checkpoint [ 471.709533][T16377] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 471.729612][T16377] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 472.240696][T16431] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 472.250014][T16431] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 472.261638][ T313] usb 3-1: new high-speed USB device number 49 using dummy_hcd [ 472.615435][T16443] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16443 comm=syz-executor.3 [ 472.628491][ T313] usb 3-1: config 7 descriptor has 1 excess byte, ignoring [ 472.645232][ T313] usb 3-1: config 7 has 1 interface, different from the descriptor's value: 2 [ 472.694446][T16451] loop4: detected capacity change from 0 to 512 [ 472.709981][T16451] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 97: padding at end of block bitmap is not set [ 472.725472][T16451] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.4: corrupted xattr block 19 [ 472.738462][T16451] EXT4-fs warning (device loop4): ext4_evict_inode:299: xattr delete (err -117) [ 472.747643][T16451] EXT4-fs (loop4): 1 orphan inode deleted [ 472.753274][T16451] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 472.762055][T16451] ext4 filesystem being mounted at /root/syzkaller-testdir391506199/syzkaller.4Ks7gQ/74/file0 supports timestamps until 2038 (0x7fffffff) [ 472.783377][T15630] EXT4-fs (loop4): unmounting filesystem. [ 472.821771][ T313] usb 3-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 7.84 [ 472.831386][ T313] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 472.839550][ T313] usb 3-1: Product: syz [ 472.843588][ T313] usb 3-1: Manufacturer: syz [ 472.848093][ T313] usb 3-1: SerialNumber: syz [ 472.912881][ T313] rndis_host 3-1:7.0: skipping garbage [ 472.918210][ T313] usb 3-1: bad CDC descriptors [ 473.112939][ T313] usb 3-1: USB disconnect, device number 49 [ 473.557716][T16486] loop3: detected capacity change from 0 to 512 [ 473.574004][T16486] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 97: padding at end of block bitmap is not set [ 473.589466][T16486] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.3: corrupted xattr block 19 [ 473.602160][T16486] EXT4-fs warning (device loop3): ext4_evict_inode:299: xattr delete (err -117) [ 473.611088][T16486] EXT4-fs (loop3): 1 orphan inode deleted [ 473.617151][T16486] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 473.626184][T16486] ext4 filesystem being mounted at /root/syzkaller-testdir4131987708/syzkaller.84oahx/182/file0 supports timestamps until 2038 (0x7fffffff) [ 473.652942][T14259] EXT4-fs (loop3): unmounting filesystem. [ 474.032672][T16505] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16505 comm=syz-executor.4 [ 474.054151][T16505] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 474.069839][T16505] device veth0_to_bridge entered promiscuous mode [ 474.105384][T16503] device veth0_to_bridge left promiscuous mode [ 474.175653][T16513] loop2: detected capacity change from 0 to 128 [ 474.542750][T16520] loop3: detected capacity change from 0 to 512 [ 474.554124][T16520] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 97: padding at end of block bitmap is not set [ 474.569114][T16520] __quota_error: 54 callbacks suppressed [ 474.569132][T16520] Quota error (device loop3): write_blk: dquota write failed [ 474.582121][T16520] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 474.592972][T16520] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.3: corrupted xattr block 19 [ 474.605577][T16520] EXT4-fs warning (device loop3): ext4_evict_inode:299: xattr delete (err -117) [ 474.614606][T16520] EXT4-fs (loop3): 1 orphan inode deleted [ 474.620162][T16520] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 474.629116][T16520] ext4 filesystem being mounted at /root/syzkaller-testdir4131987708/syzkaller.84oahx/185/file0 supports timestamps until 2038 (0x7fffffff) [ 474.643424][ T10] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-5 [ 474.652445][ T10] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 474.666908][T14259] EXT4-fs (loop3): unmounting filesystem. [ 474.850445][T16531] device vlan2 entered promiscuous mode [ 474.881626][ T332] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 474.960396][ T43] kworker/u4:2: attempt to access beyond end of device [ 474.960396][ T43] loop2: rw=1, sector=145, nr_sectors = 896 limit=128 [ 474.984850][T16533] loop2: detected capacity change from 0 to 512 [ 474.992340][T16533] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 475.000407][T16533] EXT4-fs (loop2): orphan cleanup on readonly fs [ 475.006923][T16533] EXT4-fs warning (device loop2): ext4_enable_quotas:6987: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 475.021523][T16533] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 475.028644][T16533] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 40: padding at end of block bitmap is not set [ 475.043430][T16533] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6157: Corrupt filesystem [ 475.052607][T16533] EXT4-fs (loop2): 1 truncate cleaned up [ 475.058116][T16533] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 475.078775][ T8654] EXT4-fs (loop2): unmounting filesystem. [ 475.122540][T16542] device syzkaller0 entered promiscuous mode [ 475.291702][ T332] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 475.302583][ T332] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 475.312227][ T332] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 475.327307][ T332] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 475.506680][T16552] input: syz0 as /devices/virtual/input/input67 [ 476.633068][T16555] bridge0: port 3(veth1_macvtap) entered blocking state [ 476.639866][T16555] bridge0: port 3(veth1_macvtap) entered disabled state [ 476.651008][ T332] usb 1-1: config 0 descriptor?? [ 476.664369][T16559] loop2: detected capacity change from 0 to 512 [ 476.683037][T16564] loop4: detected capacity change from 0 to 512 [ 476.692502][T16559] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 97: padding at end of block bitmap is not set [ 476.707456][T16564] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 476.715760][T16564] EXT4-fs (loop4): orphan cleanup on readonly fs [ 476.722336][T16559] Quota error (device loop2): write_blk: dquota write failed [ 476.729545][T16559] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 476.739549][T16564] EXT4-fs warning (device loop4): ext4_enable_quotas:6987: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 476.753968][T16564] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 476.760932][T16559] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.2: corrupted xattr block 19 [ 476.773687][T16564] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 40: padding at end of block bitmap is not set [ 476.788251][T16559] EXT4-fs warning (device loop2): ext4_evict_inode:299: xattr delete (err -117) [ 476.797295][T16564] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6157: Corrupt filesystem [ 476.805982][T16559] EXT4-fs (loop2): 1 orphan inode deleted [ 476.811927][T16559] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 476.820986][T16564] EXT4-fs (loop4): 1 truncate cleaned up [ 476.826565][ T350] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5 [ 476.835712][T16564] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 476.844417][T16559] ext4 filesystem being mounted at /root/syzkaller-testdir2412164184/syzkaller.2P6fy8/600/file0 supports timestamps until 2038 (0x7fffffff) [ 476.858817][ T350] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 476.882101][T15630] EXT4-fs (loop4): unmounting filesystem. [ 476.890773][ T8654] EXT4-fs (loop2): unmounting filesystem. [ 477.122544][ T332] arvo 0003:1E7D:30D4.005B: unknown main item tag 0x0 [ 477.129186][ T332] arvo 0003:1E7D:30D4.005B: item fetching failed at offset 5/7 [ 477.136739][ T332] arvo 0003:1E7D:30D4.005B: parse failed [ 477.142223][ T332] arvo: probe of 0003:1E7D:30D4.005B failed with error -22 [ 477.150293][T16565] loop3: detected capacity change from 0 to 131072 [ 477.157578][T16565] F2FS-fs (loop3): Test dummy encryption mode enabled [ 477.164247][T16565] F2FS-fs (loop3): Test dummy encryption mode enabled [ 477.173241][T16565] F2FS-fs (loop3): Found nat_bits in checkpoint [ 477.208242][T16565] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 477.869597][T16595] input: syz0 as /devices/virtual/input/input68 [ 478.779270][ T313] usb 1-1: USB disconnect, device number 40 [ 478.825981][T16604] bridge0: port 1(veth1_macvtap) entered blocking state [ 478.839298][T16606] loop2: detected capacity change from 0 to 512 [ 478.845483][T16604] bridge0: port 1(veth1_macvtap) entered disabled state [ 478.881195][T16606] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 97: padding at end of block bitmap is not set [ 478.900014][T16606] Quota error (device loop2): write_blk: dquota write failed [ 478.909426][T16606] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 478.920076][T16606] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.2: corrupted xattr block 19 [ 478.932842][T16606] EXT4-fs warning (device loop2): ext4_evict_inode:299: xattr delete (err -117) [ 478.941805][T16606] EXT4-fs (loop2): 1 orphan inode deleted [ 478.947575][T16606] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 478.956547][T16606] ext4 filesystem being mounted at /root/syzkaller-testdir2412164184/syzkaller.2P6fy8/604/file0 supports timestamps until 2038 (0x7fffffff) [ 478.977878][ T8654] EXT4-fs (loop2): unmounting filesystem. [ 479.032233][T16620] device vlan2 entered promiscuous mode [ 479.039531][T16621] netlink: 25 bytes leftover after parsing attributes in process `syz-executor.2'. [ 479.611653][ T313] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 479.861599][ T313] usb 1-1: Using ep0 maxpacket: 8 [ 479.988326][T16637] input: syz0 as /devices/virtual/input/input69 [ 480.041752][ T332] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 480.481772][ T313] usb 1-1: unable to get BOS descriptor or descriptor too short [ 480.561783][ T313] usb 1-1: config 0 has no interfaces? [ 480.776187][T16644] bridge0: port 3(veth1_macvtap) entered blocking state [ 480.783083][T16644] bridge0: port 3(veth1_macvtap) entered disabled state [ 480.871682][ T313] usb 1-1: language id specifier not provided by device, defaulting to English [ 480.991775][ T332] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 481.003301][ T332] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 481.014627][ T332] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 481.165357][ T332] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.173856][ T332] usb 4-1: config 0 descriptor?? [ 481.191663][ T313] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 481.200736][ T313] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 481.208510][ T313] usb 1-1: Product: syz [ 481.212513][ T313] usb 1-1: Manufacturer: 尯த绦鉎ھ坍퍁⴮쇡 [ 481.219164][ T313] usb 1-1: SerialNumber: syz [ 481.224210][ T313] usb 1-1: config 0 descriptor?? [ 481.291773][T11122] usb 3-1: new high-speed USB device number 50 using dummy_hcd [ 481.465590][ T39] usb 1-1: USB disconnect, device number 41 [ 481.531622][T11122] usb 3-1: Using ep0 maxpacket: 16 [ 481.652589][ T332] arvo 0003:1E7D:30D4.005C: unknown main item tag 0x0 [ 481.659302][ T332] arvo 0003:1E7D:30D4.005C: item fetching failed at offset 5/7 [ 481.666764][ T332] arvo 0003:1E7D:30D4.005C: parse failed [ 481.672546][ T332] arvo: probe of 0003:1E7D:30D4.005C failed with error -22 [ 481.676690][T11122] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 481.690674][T11122] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 481.701700][T11122] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 481.714734][T11122] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 481.723641][T11122] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.732104][T11122] usb 3-1: config 0 descriptor?? [ 481.941307][T16660] device ip6gre0 entered promiscuous mode [ 481.947121][T16660] device vlan2 entered promiscuous mode [ 481.953606][T16660] device ip6gre0 left promiscuous mode [ 482.194511][T16650] loop2: detected capacity change from 0 to 512 [ 482.211812][T16650] EXT4-fs: old and new quota format mixing [ 482.277743][T11122] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.005D/input/input70 [ 482.416717][T11122] microsoft 0003:045E:07DA.005D: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 482.480486][T11122] usb 3-1: USB disconnect, device number 50 [ 482.871459][ T39] usb 4-1: USB disconnect, device number 33 [ 483.057042][T16691] xt_CT: You must specify a L4 protocol and not use inversions on it [ 483.434776][T16696] device vlan0 entered promiscuous mode [ 484.029693][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 484.029711][ T28] audit: type=1326 audit(2134217903.513:11945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16709 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 484.059501][ T28] audit: type=1326 audit(2134217903.513:11946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16709 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 484.083481][ T28] audit: type=1326 audit(2134217903.513:11947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16709 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 484.107448][ T28] audit: type=1326 audit(2134217903.513:11948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16709 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 484.131347][ T28] audit: type=1326 audit(2134217903.513:11949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16709 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 484.155280][ T28] audit: type=1326 audit(2134217903.513:11950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16709 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 484.179137][ T28] audit: type=1326 audit(2134217903.573:11951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16709 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 484.203107][ T28] audit: type=1326 audit(2134217903.573:11952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16709 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc2d587a627 code=0x7ffc0000 [ 484.227058][ T28] audit: type=1326 audit(2134217903.573:11953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16709 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc2d5840309 code=0x7ffc0000 [ 484.250879][T11122] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 484.250971][ T28] audit: type=1326 audit(2134217903.573:11954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16709 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fc2d587cea9 code=0x7ffc0000 [ 484.383855][T16714] overlayfs: statfs failed on './file0' [ 485.063865][ T332] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 485.181711][T11122] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 485.193377][T11122] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 485.202951][T11122] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 485.211828][T11122] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 485.221227][T11122] usb 4-1: config 0 descriptor?? [ 485.275940][T16741] overlayfs: statfs failed on './file0' [ 485.441707][ T332] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 485.452559][ T332] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 485.462195][ T332] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 485.471112][ T332] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 485.480134][ T332] usb 1-1: config 0 descriptor?? [ 485.692446][T11122] arvo 0003:1E7D:30D4.005E: unknown main item tag 0x0 [ 485.699112][T11122] arvo 0003:1E7D:30D4.005E: item fetching failed at offset 5/7 [ 485.706630][T11122] arvo 0003:1E7D:30D4.005E: parse failed [ 485.712111][T11122] arvo: probe of 0003:1E7D:30D4.005E failed with error -22 [ 485.905168][ T510] usb 4-1: USB disconnect, device number 34 [ 485.962657][ T332] arvo 0003:1E7D:30D4.005F: unknown main item tag 0x0 [ 485.970498][ T332] arvo 0003:1E7D:30D4.005F: unknown main item tag 0x0 [ 485.980181][ T332] arvo 0003:1E7D:30D4.005F: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.0-1/input0 [ 486.261882][T16763] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 486.376933][ T332] usb 1-1: USB disconnect, device number 42 [ 486.394327][T16769] device pim6reg1 entered promiscuous mode [ 487.064352][T16772] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 487.074088][T16772] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 487.157077][T16790] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 487.258560][T16799] device pim6reg1 entered promiscuous mode [ 487.427296][T16819] device ip6erspan0 entered promiscuous mode [ 487.545465][T16825] tipc: Started in network mode [ 487.550148][T16825] tipc: Node identity f0, cluster identity 4711 [ 487.556435][T16825] tipc: Node number set to 240 [ 487.661615][ T313] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 487.671595][T11122] usb 3-1: new high-speed USB device number 51 using dummy_hcd [ 487.921611][T11122] usb 3-1: Using ep0 maxpacket: 8 [ 488.041673][ T313] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 488.051640][T11122] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 488.064277][ T313] usb 4-1: config 0 has no interfaces? [ 488.069555][ T313] usb 4-1: New USB device found, idVendor=056a, idProduct=4001, bcdDevice= 0.00 [ 488.078432][T11122] usb 3-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 488.087271][T11122] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.095076][ T313] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.103602][T11122] usb 3-1: config 0 descriptor?? [ 488.109051][ T313] usb 4-1: config 0 descriptor?? [ 488.142185][T11122] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 488.232851][T16835] device pim6reg1 entered promiscuous mode [ 488.356418][T11122] usb 4-1: USB disconnect, device number 35 [ 488.365405][T16841] netlink: 'syz-executor.4': attribute type 15 has an invalid length. [ 488.375017][T16841] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 488.539611][T16844] input: syz0 as /devices/virtual/input/input72 [ 488.661769][T16848] device ip6erspan0 entered promiscuous mode [ 488.725755][T16852] tipc: Started in network mode [ 488.730434][T16852] tipc: Node identity f0, cluster identity 4711 [ 488.736584][T16852] tipc: Node number set to 240 [ 488.847036][ T313] usb 3-1: USB disconnect, device number 51 [ 489.006362][T16862] device pim6reg1 entered promiscuous mode [ 489.041589][T11122] usb 5-1: new full-speed USB device number 40 using dummy_hcd [ 489.190602][T16873] loop3: detected capacity change from 0 to 512 [ 489.203768][T16873] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 489.212788][T16873] ext4 filesystem being mounted at /root/syzkaller-testdir4131987708/syzkaller.84oahx/211/file0 supports timestamps until 2038 (0x7fffffff) [ 489.231802][T16873] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #19: comm syz-executor.3: corrupted inode contents [ 489.244144][T16873] EXT4-fs error (device loop3): ext4_dirty_inode:6074: inode #19: comm syz-executor.3: mark_inode_dirty error [ 489.255796][T16873] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #19: comm syz-executor.3: corrupted inode contents [ 489.268629][T16873] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2955: inode #19: comm syz-executor.3: mark_inode_dirty error [ 489.280931][T16873] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2958: inode #19: comm syz-executor.3: mark inode dirty (error -117) [ 489.293806][T16873] EXT4-fs warning (device loop3): ext4_evict_inode:299: xattr delete (err -117) [ 489.411652][T11122] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 489.420537][T11122] usb 5-1: Duplicate descriptor for config 0 interface 0 altsetting 0, skipping [ 489.429338][T11122] usb 5-1: config 0 interface 0 has no altsetting 1 [ 489.491615][ T300] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 489.601684][T11122] usb 5-1: New USB device found, idVendor=1266, idProduct=100a, bcdDevice=80.4b [ 489.610716][T11122] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 489.618485][T11122] usb 5-1: Product: syz [ 489.622481][T11122] usb 5-1: Manufacturer: syz [ 489.626886][T11122] usb 5-1: SerialNumber: syz [ 489.632029][T11122] usb 5-1: config 0 descriptor?? [ 489.845217][T16892] device pim6reg1 entered promiscuous mode [ 489.851697][ T300] usb 1-1: New USB device found, idVendor=0d49, idProduct=7000, bcdDevice=16.ba [ 489.860731][ T300] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 489.869339][ T300] usb 1-1: config 0 descriptor?? [ 489.885686][T11122] usb 5-1: USB disconnect, device number 40 [ 489.912057][ T300] ums-onetouch 1-1:0.0: USB Mass Storage device detected [ 489.936798][T16896] loop2: detected capacity change from 0 to 256 [ 489.978718][T14259] EXT4-fs (loop3): unmounting filesystem. [ 490.113775][T11122] usb 1-1: USB disconnect, device number 43 [ 490.462180][T16904] netem: change failed [ 490.643736][T16922] loop2: detected capacity change from 0 to 16 [ 490.650534][T16922] erofs: (device loop2): erofs_read_inode: unsupported chunk format ffff of nid 36 [ 490.672961][T16922] usb usb8: usbfs: process 16922 (syz-executor.2) did not claim interface 0 before use [ 490.723786][T16933] loop4: detected capacity change from 0 to 128 [ 490.756377][ T28] kauditd_printk_skb: 19299 callbacks suppressed [ 490.756396][ T28] audit: type=1400 audit(2134217910.243:31254): avc: denied { read } for pid=16938 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 490.858973][T16949] loop3: detected capacity change from 0 to 1024 [ 490.865526][T16949] EXT4-fs: Ignoring removed orlov option [ 490.870979][T16949] EXT4-fs: Ignoring removed nomblk_io_submit option [ 490.883082][T16949] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 490.894343][ T28] audit: type=1400 audit(2134217910.383:31255): avc: denied { map } for pid=16948 comm="syz-executor.3" path="/root/syzkaller-testdir4131987708/syzkaller.84oahx/214/file1/file0/bus" dev="devtmpfs" ino=1016 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 490.928011][T16949] EXT4-fs error (device loop3): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.3: corrupt xattr in inline inode [ 490.941510][T16949] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.3: corrupted in-inode xattr [ 490.960956][T14259] EXT4-fs (loop3): unmounting filesystem. [ 490.991659][ T332] usb 3-1: new full-speed USB device number 52 using dummy_hcd [ 491.071621][ T300] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 491.181226][T16957] loop3: detected capacity change from 0 to 128 [ 491.187843][T16957] FAT-fs (loop3): Unrecognized mount option "@-" or missing value [ 491.225749][T16957] input: syz0 as /devices/virtual/input/input73 [ 491.351683][ T332] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 491.360914][ T332] usb 3-1: Duplicate descriptor for config 0 interface 0 altsetting 0, skipping [ 491.369857][ T332] usb 3-1: config 0 interface 0 has no altsetting 1 [ 491.431673][ T300] usb 5-1: New USB device found, idVendor=0d49, idProduct=7000, bcdDevice=16.ba [ 491.440780][ T300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 491.449587][ T300] usb 5-1: config 0 descriptor?? [ 491.492288][ T300] ums-onetouch 5-1:0.0: USB Mass Storage device detected [ 491.531698][ T332] usb 3-1: New USB device found, idVendor=1266, idProduct=100a, bcdDevice=80.4b [ 491.547398][ T332] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 491.561658][ T332] usb 3-1: Product: syz [ 491.565732][ T332] usb 3-1: Manufacturer: syz [ 491.570784][ T332] usb 3-1: SerialNumber: syz [ 491.576561][ T332] usb 3-1: config 0 descriptor?? [ 491.773862][ T332] usb 5-1: USB disconnect, device number 41 [ 491.816764][ T300] usb 3-1: USB disconnect, device number 52 [ 492.330937][ T28] audit: type=1400 audit(2134217911.813:31256): avc: denied { setopt } for pid=16981 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 492.331798][T16982] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 492.397299][T16989] loop3: detected capacity change from 0 to 128 [ 492.409520][T16989] FAT-fs (loop3): Unrecognized mount option "@-" or missing value [ 492.445913][T16989] input: syz0 as /devices/virtual/input/input74 [ 492.572134][T17010] loop3: detected capacity change from 0 to 512 [ 492.714016][T17010] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 492.734305][T17010] ext4 filesystem being mounted at /root/syzkaller-testdir4131987708/syzkaller.84oahx/222/file0 supports timestamps until 2038 (0x7fffffff) [ 492.759737][T17010] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #19: comm syz-executor.3: corrupted inode contents [ 492.773987][T17010] EXT4-fs error (device loop3): ext4_dirty_inode:6074: inode #19: comm syz-executor.3: mark_inode_dirty error [ 492.777505][T17021] usb usb8: usbfs: process 17021 (syz-executor.0) did not claim interface 0 before use [ 492.785978][T17010] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #19: comm syz-executor.3: corrupted inode contents [ 492.812432][T17010] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2955: inode #19: comm syz-executor.3: mark_inode_dirty error [ 492.827674][T17010] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2958: inode #19: comm syz-executor.3: mark inode dirty (error -117) [ 492.841503][T17010] EXT4-fs warning (device loop3): ext4_evict_inode:299: xattr delete (err -117) [ 493.372655][T14259] EXT4-fs (loop3): unmounting filesystem. [ 493.418227][T17038] loop3: detected capacity change from 0 to 512 [ 493.440282][T17038] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 97: padding at end of block bitmap is not set [ 493.461389][T17038] Quota error (device loop3): write_blk: dquota write failed [ 493.468812][T17038] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 493.481056][T17038] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2926: inode #15: comm syz-executor.3: corrupted xattr block 19 [ 493.494112][T17038] EXT4-fs warning (device loop3): ext4_evict_inode:299: xattr delete (err -117) [ 493.503274][T17038] EXT4-fs (loop3): 1 orphan inode deleted [ 493.509013][T17038] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 493.518073][T17038] ext4 filesystem being mounted at /root/syzkaller-testdir4131987708/syzkaller.84oahx/223/file0 supports timestamps until 2038 (0x7fffffff) [ 493.532428][ T10] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-5 [ 493.553620][ T10] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 493.564839][T14259] EXT4-fs (loop3): unmounting filesystem. [ 493.627058][T17044] loop3: detected capacity change from 0 to 512 [ 493.634166][T17044] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 493.649607][T17044] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 493.659229][T17044] System zones: 0-2, 18-18, 34-34 [ 493.666710][T17044] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 493.682260][T17044] EXT4-fs (loop3): 1 truncate cleaned up [ 493.687891][T17044] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 493.830134][T17052] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 493.917091][T17056] loop2: detected capacity change from 0 to 1024 [ 493.931531][T17056] EXT4-fs: Ignoring removed orlov option [ 493.945341][T17056] EXT4-fs: Ignoring removed nomblk_io_submit option [ 493.982689][T17056] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 494.014461][T17056] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.2: corrupt xattr in inline inode [ 494.038282][T17056] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.2: corrupted in-inode xattr [ 494.061049][ T8654] ================================================================== [ 494.069062][ T8654] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0 [ 494.076871][ T8654] Read of size 4 at addr ffff88813eff3000 by task syz-executor.2/8654 [ 494.084862][ T8654] [ 494.087113][ T8654] CPU: 0 PID: 8654 Comm: syz-executor.2 Tainted: G W 6.1.78-syzkaller-00007-g7c734edeaafd #0 [ 494.098481][ T8654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 494.108375][ T8654] Call Trace: [ 494.111504][ T8654] [ 494.114279][ T8654] dump_stack_lvl+0x151/0x1b7 [ 494.118791][ T8654] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 494.124087][ T8654] ? _printk+0xd1/0x111 [ 494.128079][ T8654] ? __virt_addr_valid+0x242/0x2f0 [ 494.133025][ T8654] print_report+0x158/0x4e0 [ 494.137366][ T8654] ? __virt_addr_valid+0x242/0x2f0 [ 494.142312][ T8654] ? kasan_addr_to_slab+0xd/0x80 [ 494.147085][ T8654] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 494.152560][ T8654] kasan_report+0x13c/0x170 [ 494.156891][ T8654] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 494.162363][ T8654] __asan_report_load4_noabort+0x14/0x20 [ 494.167830][ T8654] ext4_xattr_delete_inode+0xcd0/0xce0 [ 494.173126][ T8654] ? sb_end_intwrite+0x130/0x130 [ 494.177898][ T8654] ? ext4_expand_extra_isize_ea+0x1c40/0x1c40 [ 494.183803][ T8654] ? __kasan_check_read+0x11/0x20 [ 494.188656][ T8654] ? ext4_inode_is_fast_symlink+0x295/0x3d0 [ 494.194386][ T8654] ? ext4_evict_inode+0xbc2/0x1550 [ 494.199336][ T8654] ext4_evict_inode+0xef9/0x1550 [ 494.204108][ T8654] ? _raw_spin_unlock+0x4c/0x70 [ 494.208801][ T8654] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 494.214525][ T8654] ? _raw_spin_unlock+0x4c/0x70 [ 494.219208][ T8654] ? inode_io_list_del+0x18b/0x1a0 [ 494.224158][ T8654] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 494.229886][ T8654] evict+0x2a3/0x630 [ 494.233617][ T8654] iput+0x642/0x870 [ 494.237265][ T8654] vfs_rmdir+0x3c2/0x500 [ 494.241342][ T8654] do_rmdir+0x3ab/0x630 [ 494.245335][ T8654] ? d_delete_notify+0x160/0x160 [ 494.250110][ T8654] __x64_sys_unlinkat+0xdf/0xf0 [ 494.254795][ T8654] do_syscall_64+0x3d/0xb0 [ 494.259047][ T8654] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 494.264776][ T8654] RIP: 0033:0x7fc2d587c687 [ 494.269117][ T8654] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 494.288559][ T8654] RSP: 002b:00007ffcd341f1a8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107 [ 494.296803][ T8654] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007fc2d587c687 [ 494.301617][ T300] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 494.304611][ T8654] RDX: 0000000000000200 RSI: 00007ffcd3420350 RDI: 00000000ffffff9c [ 494.304629][ T8654] RBP: 00007fc2d58d9636 R08: 0000000000000000 R09: 0000000000000000 [ 494.304645][ T8654] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffcd3420350 [ 494.335427][ T8654] R13: 00007fc2d58d9636 R14: 0000000000078931 R15: 0000000000000007 [ 494.343242][ T8654] [ 494.346098][ T8654] [ 494.348271][ T8654] The buggy address belongs to the physical page: [ 494.354552][ T8654] page:ffffea0004fbfcc0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x13eff3 [ 494.364672][ T8654] flags: 0x4000000000000000(zone=1) [ 494.369714][ T8654] raw: 4000000000000000 ffffea0004fbfd88 ffffea0004fbfc08 0000000000000000 [ 494.378132][ T8654] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 494.386545][ T8654] page dumped because: kasan: bad access detected [ 494.392830][ T8654] page_owner tracks the page as freed [ 494.398003][ T8654] page last allocated via order 0, migratetype Movable, gfp_mask 0x8140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO|__GFP_CMA), pid 17065, tgid 17065 (syz-executor.0), ts 493994981208, free_ts 494007280683 [ 494.417964][ T8654] post_alloc_hook+0x213/0x220 [ 494.422567][ T8654] prep_new_page+0x1b/0x110 [ 494.426904][ T8654] get_page_from_freelist+0x27ea/0x2870 [ 494.432283][ T8654] __alloc_pages+0x3a1/0x780 [ 494.436713][ T8654] __folio_alloc+0x15/0x40 [ 494.440966][ T8654] wp_page_copy+0x23b/0x1690 [ 494.445392][ T8654] do_wp_page+0xc25/0xdf0 [ 494.449554][ T8654] handle_mm_fault+0x15a2/0x2f40 [ 494.454329][ T8654] exc_page_fault+0x3b3/0x700 [ 494.458841][ T8654] asm_exc_page_fault+0x27/0x30 [ 494.463537][ T8654] page last free stack trace: [ 494.468042][ T8654] free_unref_page_prepare+0x83d/0x850 [ 494.473337][ T8654] free_unref_page_list+0xf1/0x7b0 [ 494.478282][ T8654] release_pages+0xf7f/0xfe0 [ 494.482711][ T8654] free_pages_and_swap_cache+0x8a/0xa0 [ 494.488003][ T8654] tlb_finish_mmu+0x1e0/0x3f0 [ 494.492533][ T8654] exit_mmap+0x421/0x940 [ 494.496596][ T8654] __mmput+0x95/0x310 [ 494.500418][ T8654] mmput+0x56/0x170 [ 494.504059][ T8654] do_exit+0xb29/0x2b80 [ 494.508054][ T8654] do_group_exit+0x21a/0x2d0 [ 494.512485][ T8654] get_signal+0x169d/0x1820 [ 494.516819][ T8654] arch_do_signal_or_restart+0xb0/0x16f0 [ 494.522284][ T8654] exit_to_user_mode_loop+0x74/0xa0 [ 494.527323][ T8654] exit_to_user_mode_prepare+0x5a/0xa0 [ 494.532617][ T8654] syscall_exit_to_user_mode+0x26/0x140 [ 494.537998][ T8654] do_syscall_64+0x49/0xb0 [ 494.542250][ T8654] [ 494.544417][ T8654] Memory state around the buggy address: [ 494.549890][ T8654] ffff88813eff2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 494.557789][ T8654] ffff88813eff2f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 494.565692][ T8654] >ffff88813eff3000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 494.573582][ T8654] ^ [ 494.577490][ T8654] ffff88813eff3080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 2037/08/18 14:18:34 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 494.585387][ T8654] ffff88813eff3100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 494.593286][ T8654] ================================================================== [ 494.601447][ T8654] Disabling lock debugging due to kernel taint [ 494.610440][T14259] EXT4-fs (loop3): unmounting filesystem.