last executing test programs: 1.841371486s ago: executing program 2: r0 = socket$inet6(0xa, 0x3, 0xff) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = dup2(r1, r1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x655e, 0x4) r3 = dup2(r0, r0) writev(r3, 0x0, 0x0) recvmmsg(r3, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}], 0x1, 0x2000, 0x0) 1.828942998s ago: executing program 2: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000280)={&(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}, 0x0) close(r1) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0) memfd_create(0x0, 0x0) mknodat$null(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x103) mount(&(0x7f0000000280)=@filename='\x00', &(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='tmpfs\x00', 0x0, 0x0) syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000640)='./file0\x00', 0x1000a0, &(0x7f0000000880)=ANY=[], 0x0, 0x0, 0x0) 1.299579729s ago: executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000040000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f0000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='ext4_begin_ordered_truncate\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000900)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) 1.284812172s ago: executing program 4: r0 = socket$inet(0x2, 0x801, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f0000000580)='J', 0x1, 0x0, 0x0, 0x0) pipe2(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) splice(r0, 0x0, r1, 0x0, 0x7ffff000, 0x0) 1.265907605s ago: executing program 4: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x2000480, &(0x7f0000000100), 0x5, 0x764, &(0x7f0000000f80)="$eJzs3c1rHGUYAPBnNknTptVEEbSeAoIGSjemxlbBQ8WDCBYKerZdNttQs8mW7KY0IVCLCF4EFQ+CXnr2o968+nHV/8KDtFRNixUPEpnNbLptdtNNm2TF/f1g2uedj7zz7My877s7w24APWs0/ScXcTAiPkwihrP5SUQM1KP+iONr691aWS6mUxKrq2/8ntTXubmyXIymbVL7s8ITEfHDexGHchvrrS4uzRTK5dJ8Vh6vzZ4bry4uHT47W5guTZfmjk5MTh459vyxo9uX6J8/Lx249tGrz3x9/O93H7/ywY9JHI8D2eLmPLbLaIxmr8lA+hLe4ZXtrqzLkm7vAPclvTT71q7yOBjD0VePAID/s4sRsQoA9JhE/w8APabxOcDNleViY+ruJxK76/rLEbF3Lf/G/c21Jf3ZPbu99fugQzeTO+6MJBExsg31j0bE59++9WU6xQ7dhwRo5Z1LEXF6ZHRj+59seGZhq57tYJ3Ru8raP9g936Xjnxdajf9y6+OfaDH+GWxx7d6Pe1//uavbUE1b6fjvpaZn22415Z8Z6ctKD9XHfAPJmbPlUtq2PRwRYzEwmJYnNqlj7MY/N9otax7//fHx21+k9af/314jd7V/8M5tpgq1woPk3Oz6pYgn+1vln6wf/6TN+Pdkh3W89uL7n2Xho3cvS/NP821MG/PfWauXI55uefxvP9GWbPp84nj9dBhvnBQtfPPLp0Pt6m8+/umU1t94L7Ab0uM/tHn+I0nz85rVrdfx0+Xh79stu3f+rc//Pcmb9XhPNu9CoVabn4jYk7y+cf6RerivqbwvsvXT/Meean39b3b+p+8JT3eYf/+13766//x3Vpr/1JaO/9aDK7dm+trV39nxn6xHY9mcTtq/TnfwQV47AAAAAAAAAAAAAAAAAAAAAAAAAOhULiIORJLLr8e5XD6/9hvej8VQrlyp1g6dqSzMTUX9t7JHYiDX+KrL4abvQ53Ivg+/UT5yV/m5iHgkIj4Z3Fcv54uV8lS3kwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzP42v/+f+nWw23sHAOyYvd3eAQBg1+n/AaD36P8BoPfo/wGg9+j/AaD36P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYYSdPnEin1b9Wlotpeer84sJM5fzhqVJ1Jj+7UMwXK/Pn8tOVynS5lC9WZm9vOdDy75UrlXOTMbdwYbxWqtbGq4tLp2YrC3O1U2dnC9OlU6XWWwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAd1UXl2YK5XJpXiAQCNaDtHW42O3mCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA/798AAAD//+TuKn8=") r0 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x0) ftruncate(r0, 0xcd98) r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r1, 0x0, 0x0, 0x1000f4) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r2 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f00000030c0)={0x0, 0x0, 0x0}, 0x0) write$binfmt_script(r2, &(0x7f0000000080), 0x208e24b) 1.032290841s ago: executing program 3: mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='mm_page_alloc\x00', r1}, 0x10) mount$incfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000340), 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0) r2 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.log\x00', 0x0, 0x0) read$FUSE(r2, 0x0, 0x1f00) 1.022541652s ago: executing program 4: r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x80) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2, 0x25, 0x2}, 0x40) syz_emit_ethernet(0xd81, &(0x7f00000004c0)=ANY=[], 0x0) 972.76917ms ago: executing program 2: r0 = socket$inet6(0xa, 0x3, 0xff) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = dup2(r1, r1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x655e, 0x4) r3 = dup2(r0, r0) writev(r3, &(0x7f0000000400)=[{&(0x7f00000001c0)="d848aa11ee80a1e8f7d33041fc", 0xd}], 0x1) recvmmsg(r3, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}], 0x1, 0x2000, 0x0) 953.341713ms ago: executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004c8]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[], 0x0, 0x82310}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 940.553605ms ago: executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x3, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x89b0, &(0x7f0000000140)={'gretap0\x00'}) 891.559352ms ago: executing program 3: pipe2(&(0x7f0000000200)={0xffffffffffffffff}, 0x1000004) read(r0, &(0x7f0000000440)=""/47, 0x2f) 884.262254ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, &(0x7f0000000380), 0x20000000}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff020000000000000000000000000001"], 0x0) 876.984945ms ago: executing program 3: pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x0, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r3, 0x26, &(0x7f0000000380)={0x1}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r4, 0x26, &(0x7f0000000380)) close_range(r0, 0xffffffffffffffff, 0x0) 865.554577ms ago: executing program 4: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000180)=0xc) timer_create(0x4, &(0x7f0000000080)={0x0, 0x0, 0x0, @thr={&(0x7f0000000280)="cb7e7ac3d66492fc086f7c4da27a2e933614e97f3ff84419f313c708ce515cd59ba3f4f83262d9c483eb7cea631598ff10422c27c9ec9808eeb028c24d5dcea1ddba94af562a52c502222886d4d42644adb5998185a21efea2d966c8260a93dfb58974c87600bac2bfbea94b49fa7b2cea459543f42c99a5d85efd32cd6e3fa78a43d034d41d3b67d2cf03209b9ee72894da7bfd332f35ffe029f576839b79b8f29b1e358e54db443ca36cde9c9fce483a3d97da42", &(0x7f00000001c0)}}, &(0x7f0000000140)) r0 = eventfd(0x0) r1 = fcntl$dupfd(r0, 0x0, r0) write$P9_RSTATFS(r1, &(0x7f0000000200)={0x43, 0x9, 0x0, {0x1ff}}, 0x43) write$9p(r1, &(0x7f0000000080)="f442c8b71bb51715", 0x8) close(r1) socket$unix(0x1, 0x1, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) epoll_create1(0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x12, &(0x7f0000000080)=0x1, 0x4) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r2, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) r3 = fcntl$dupfd(r2, 0x0, r2) writev(r3, 0x0, 0x0) rt_sigreturn() r4 = memfd_create(&(0x7f0000000500)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o8\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xeae)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HOA\xc8\x80kR\xfc\xcb%u3\xec\xde%\x00]\xd8\xebD\x82S\x17?\xd6As\xc2\xb1\x9aF\xe2\xba[\xc7%\x88 \xeeQ\x17\xd8\xda@4\x9f\xc5*T\x1e^\xf7o\xff\xff\xff\xffwI\x02\xf3\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x8c\xef\xbf\xb7\xb1*\x91R\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\x9d\xb8\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D\x82`\xea\x16\xc6\xce\x83\xab\x05\x19-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d`+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x82Xa2\x02\x00\x00\x00G\x0e.\xce\x01\x00\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc99\t&\xbdq\x06`T\xc8\x92\xaf\xad\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x03D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\xf1\x1b\xe6\xb9\xe7\xff\xc5H\x04\x8d\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6/`\xab>\xcf\x7f\b\x94 2.{\xc1\xbe\x9bth~\xcb\xb9E\x10W\xed\xed51[\xc5\xeb\xb1ux\x94\x92\x03\v\xf4@\x84\x1d\xc8&^Q\xcf&\xf2\x9f\xf4\x83\xac]S\xce\xa55\x98\xa5\x97\xb3\xa6\r:L\x10\xb3;\x18G\r\xd8\xee4\xa3\xacI\xfc\xf6a\xde\rL\xcb\xbbE\xfe&&xL\xc49\x02\xe8A\x91\xfd\x15\xaeY:^E^>a\xd8\xdcJu\x16B!\x0et\xf0c\xc3W\x9c\xb8\xc2c\xbc\x99\xcb\x91xA2^\xe3\xfeq\xac2X\xd1\x1cG\x1b\xe0\x8d\x1a\x11\xddX\x16H\xae\x00#\x92\nW9C\v\xbf\xe7Q\xe7\x06\x81v\x15Y\x1bY\x0f+b\xb5\xa63\xc4\x1bx\xfd< \a\x01\x00\x00\x00^f\x11]&\"\xd5\x84/\xab\xac\xeaB\xa2V3\xdd.\x8c\xe0\xb8\xf8\x8c\xf4\r\t\xcd9\xacNW:\xcauJ\x1b\xf3\xefj\xac\xf3\a\xdc\x9a\x05\x14\xa6\xc1\xe9\xe1\xab\xb7\xe0\x95\xa0U\xa1\x1e\xb5\xc5gw\x9cpk4\'en\xc28\xd2\x00\x00\x00\x00&\x82\xe9:;\xa9(xf\x9b\xd3a\x15\xb4W\"Y\x8f5Q\x13R\x84\x83H\xb2n\xbc\\\x11\xd4\xb4}O*\xab6\xf5Ym\xe3\xdf\x17\xcc\xb0o9\x12\xe8G\x0e\x1d\xfcH\xe9J\xeefu\x04\xfb\x9b\xc1\xfa\xff\x03\x00\x00\\\xfd\x00NX\x1e\x97\x911m\xa3\x15\x8e_\xda\x8f\x06\x8fA^\xc2\x05\xf4\x8b\x02[\xa4jR\x96%&\xdf\xf9c\x8a4\x00\xa4tA\n\xfb\x7f\xf1S\xfd<\v\x18\xeb\xfb\xd6\xcb:\xbb\xb0\xe6,\x89\vcU\x00\x1e\xa0\x8b\xae\xe3M\xa6l\x15\x9c\x96\xf6\xbeXU\x17,\x94\x97\f\xfbl\xfc5\xaf\x91\x9cH\'\x95g\xb9P\xb8\"R\xcc\x1e\x02\x96\x83\xf87\xfb\x8dG@\x12\"\xb8\xeb\xa2\x1fN~\xd6\tr\xf5*8\xc5\x92VF9,$\xf1\xcb2@\xdc\xafLP-\xc4W\xc0\ro\xfc\xff\n\xad\xecyq.\xd0)\x8f\xb1\x8ef\x9a\x15\x94\xe8\xac\xd41i\xd9\xa7\xcc\x90DK\x98\xdcBo\x01\x8f\xdf\n\x1a\vT\x05}\xf4\x9b\x83\xa9u\x84\xa7`bW\b\x8c\xc82\a\n:\x9a$\x19\xaa\v\xe6\f1\xf8\x1ed\x15\xf6t\x1c\xf2\x95+u\xb5\x1c\x95\x8d\xdd\xf3\x9c={\t*\x0e\xa7k\xbb\xc3\xf4!\n/\xb7\xed\x80\x18\xc4\x04\xa9_[\x14\x13C\xd3\xd9i\xc0\xdc\xb3\xecJ\xf7/\"\xfb\xe8\xb6\xb7\x1f(\xe5O/-,\xc8\xb5\xdaV\x9f\xae}(xG\xe4m\x15\x14`\x0e\xba:~\x12\xd4\x1d5\x96F\x833!:\xc0wg\x1e\x89\xd2o\xad-\xde\a\x91\x19\x02\x92g\x92!\xbd$\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x200000c, 0x12, r4, 0x0) fallocate(r4, 0x0, 0x0, 0x800800b) syz_mount_image$fuse(0x0, &(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 859.815887ms ago: executing program 2: bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d) r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0) ftruncate(r0, 0x8800000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r2, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0) sendfile(r1, r0, 0x0, 0x100000000) 834.976291ms ago: executing program 4: pipe2(&(0x7f0000000200)={0xffffffffffffffff}, 0x1000004) read(r0, 0x0, 0x0) 804.946956ms ago: executing program 3: r0 = socket$inet6(0x18, 0x3, 0x0) sendto$inet6(r0, &(0x7f0000000000)="89", 0x328, 0x2, &(0x7f0000000040)={0x18, 0x3}, 0x1c) 776.41498ms ago: executing program 3: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x5, {0x5, 0x0, "a8c6df"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, &(0x7f0000000380)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, &(0x7f00000004c0)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0003"], 0x0, 0x0}, 0x0) 686.594684ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_opts(r2, 0x29, 0x40, &(0x7f0000000340)=ANY=[@ANYBLOB="000a0000000000000730000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000720000000000600000000000000000000000000000000000000fe"], 0x60) 649.95265ms ago: executing program 1: r0 = socket(0x18, 0x2, 0x0) setsockopt(r0, 0x1000000000029, 0xa, &(0x7f0000000040)='\x00\x00\x00\x00', 0x4) 625.958113ms ago: executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004c8]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[], 0x0, 0x82310}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 570.876012ms ago: executing program 1: r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000000000000000009500160000000000e2bac15d3b6641a215f099e26603a050337b2ccc70a9f928ba3c529bb6e7365e7e246317380f5884d79663e7fcaa89795d7b10e88378c33265a7af06040e3d0bbc6a5864dfa023c6ac1da574242785bbb4ece12b11da52496875e1e384042aad63a3094bf3bc0e40a79960f9f1610940e67e30611d9873d1e6cb9c4cce44c999c49ff52a6400192fd021d7158438d7686a6f66778022c93c544189b684754e7e0f77a4f498609e53104c8aa70632fcc58c757bbc06f6472622dce2729d7296959ce003ec84acd015e352484c42fc29e5aea62fb7977813f7254fd6f62fec638abf292e6c33925b29"], &(0x7f0000000000)='syzkaller\x00'}, 0x80) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) close(r3) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$MAP_GET_NEXT_KEY(0x22, 0x0, 0x0) bpf$BPF_GET_MAP_INFO(0x22, 0x0, 0x0) 506.921821ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000080850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='signal_generate\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r3}, 0x10) 471.062857ms ago: executing program 1: ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0) fstat(0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) r6 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'rose0\x00', 0x0}) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r7], 0x20}}, 0x0) 289.706475ms ago: executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x4547, 0x4) bind$inet(r0, &(0x7f0000000640)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) 147.663597ms ago: executing program 0: unshare(0x4000400) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) unshare(0x0) 128.52131ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f00000003c0), &(0x7f0000000580)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) unshare(0x60600) unshare(0x20020000) 121.706761ms ago: executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='mm_page_alloc\x00', r1}, 0x10) mount$incfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000340), 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0) r3 = openat$incfs(r2, 0x0, 0x0, 0x0) read$FUSE(r3, 0x0, 0x1f00) 19.460517ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_opts(r2, 0x29, 0x40, &(0x7f0000000340)=ANY=[@ANYBLOB="000a0000000000000730000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000720000000000600000000000000000000000000000000000000fe"], 0x60) 0s ago: executing program 0: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) kernel console output (not intermixed with test programs): comes ready [ 21.174853][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.182973][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.195115][ T307] device veth1_macvtap entered promiscuous mode [ 21.206523][ T311] device veth0_vlan entered promiscuous mode [ 21.215841][ T310] device veth0_vlan entered promiscuous mode [ 21.221901][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.230025][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.237962][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.245276][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.253431][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.261469][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.269024][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.276543][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.284192][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.304661][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.311979][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.319776][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.326862][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.334024][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.341960][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.350030][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.357938][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.365920][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.373828][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.381864][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.389866][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.397898][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.405752][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.416751][ T311] device veth1_macvtap entered promiscuous mode [ 21.428200][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.435578][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.443603][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.452463][ T310] device veth1_macvtap entered promiscuous mode [ 21.467048][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.474414][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.486675][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.496274][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.506491][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.548424][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.556414][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.569098][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.577277][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.750019][ T341] loop3: detected capacity change from 0 to 40427 [ 21.811733][ T341] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 21.819504][ T341] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 21.830571][ T341] F2FS-fs (loop3): Found nat_bits in checkpoint [ 21.906543][ T341] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 21.921577][ T341] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 21.929716][ T341] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 21.939403][ T363] input: syz0 as /devices/virtual/input/input4 [ 21.981730][ T341] attempt to access beyond end of device [ 21.981730][ T341] loop3: rw=10241, want=45104, limit=40427 [ 22.018034][ T308] attempt to access beyond end of device [ 22.018034][ T308] loop3: rw=2049, want=40968, limit=40427 [ 22.128024][ T39] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 22.364397][ T393] input: syz0 as /devices/virtual/input/input5 [ 22.497065][ T39] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 22.506955][ T39] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 22.515885][ T39] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 22.569423][ T395] loop1: detected capacity change from 0 to 40427 [ 22.608559][ T395] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 22.616179][ T395] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 22.626162][ T415] 9pnet: Insufficient options for proto=fd [ 22.633747][ T395] F2FS-fs (loop1): Found nat_bits in checkpoint [ 22.663218][ T395] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 22.675026][ T395] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 22.682808][ T395] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 22.707115][ T39] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 22.715956][ T39] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 22.723888][ T39] usb 3-1: Product: syz [ 22.727838][ T39] usb 3-1: Manufacturer: syz [ 22.732699][ T39] usb 3-1: SerialNumber: syz [ 22.740467][ T395] attempt to access beyond end of device [ 22.740467][ T395] loop1: rw=10241, want=45104, limit=40427 [ 22.772449][ T307] attempt to access beyond end of device [ 22.772449][ T307] loop1: rw=2049, want=40968, limit=40427 [ 22.859144][ T435] loop4: detected capacity change from 0 to 512 [ 22.915797][ T439] input: syz0 as /devices/virtual/input/input6 [ 22.939739][ T435] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 22.950793][ T435] ext4 filesystem being mounted at /root/syzkaller-testdir2440416007/syzkaller.p0JKNJ/19/file0 supports timestamps until 2038 (0x7fffffff) [ 22.967809][ T435] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz-executor.4: corrupted inode contents [ 22.979912][ T435] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #2: comm syz-executor.4: mark_inode_dirty error [ 23.046114][ T446] syz-executor.0 (pid 446) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 23.178207][ T435] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz-executor.4: corrupted inode contents [ 23.192653][ T450] 9pnet: Insufficient options for proto=fd [ 23.205972][ T451] mmap: syz-executor.1 (451) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 23.223870][ T435] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz-executor.4: mark_inode_dirty error [ 23.258476][ T39] usb 3-1: USB disconnect, device number 2 [ 23.681840][ T469] loop1: detected capacity change from 0 to 131072 [ 23.729983][ T469] F2FS-fs (loop1): Test dummy encryption mode enabled [ 23.742329][ T469] F2FS-fs (loop1): Found nat_bits in checkpoint [ 23.778544][ T469] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 23.789175][ T469] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 23.796699][ T30] kauditd_printk_skb: 2643 callbacks suppressed [ 23.796710][ T30] audit: type=1400 audit(1716899895.415:2716): avc: denied { write } for pid=468 comm="syz-executor.1" path="/root/syzkaller-testdir1153989889/syzkaller.6bBTLq/14/file0/bus" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 23.842083][ T486] 9pnet: Insufficient options for proto=fd [ 23.865604][ T30] audit: type=1326 audit(1716899895.485:2717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=488 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 23.893215][ T30] audit: type=1326 audit(1716899895.515:2718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=488 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 23.924994][ T30] audit: type=1326 audit(1716899895.515:2719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=488 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 23.950488][ T491] loop2: detected capacity change from 0 to 512 [ 23.957594][ T30] audit: type=1326 audit(1716899895.515:2720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=488 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 23.984654][ T30] audit: type=1326 audit(1716899895.515:2721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=488 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 24.008480][ T30] audit: type=1326 audit(1716899895.515:2722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=488 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 24.032840][ T30] audit: type=1326 audit(1716899895.515:2723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=488 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 24.033703][ T491] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 24.057634][ T30] audit: type=1326 audit(1716899895.515:2724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=488 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 24.091189][ T491] ext4 filesystem being mounted at /root/syzkaller-testdir1179055957/syzkaller.yyBR8W/5/file0 supports timestamps until 2038 (0x7fffffff) [ 24.112745][ T491] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #2: comm syz-executor.2: corrupted inode contents [ 24.125057][ T491] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #2: comm syz-executor.2: mark_inode_dirty error [ 24.136703][ T491] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #2: comm syz-executor.2: corrupted inode contents [ 24.153451][ T491] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #2: comm syz-executor.2: mark_inode_dirty error [ 24.175761][ T30] audit: type=1400 audit(1716899895.795:2725): avc: denied { unmount } for pid=308 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 24.180393][ T491] syz-executor.2 (491) used greatest stack depth: 21640 bytes left [ 24.211949][ T469] syz-executor.1 (469) used greatest stack depth: 21192 bytes left [ 24.317251][ T505] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 24.657010][ T331] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 24.672650][ T503] loop3: detected capacity change from 0 to 40427 [ 24.717936][ T503] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 24.725810][ T503] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 24.746281][ T517] 9pnet: Insufficient options for proto=fd [ 24.768375][ T503] F2FS-fs (loop3): Found nat_bits in checkpoint [ 24.841368][ T503] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 24.862704][ T503] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 24.869607][ T503] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 24.884034][ T531] loop1: detected capacity change from 0 to 512 [ 24.895985][ T503] attempt to access beyond end of device [ 24.895985][ T503] loop3: rw=10241, want=45104, limit=40427 [ 24.931979][ T308] attempt to access beyond end of device [ 24.931979][ T308] loop3: rw=2049, want=40968, limit=40427 [ 24.948539][ T531] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 24.959427][ T531] ext4 filesystem being mounted at /root/syzkaller-testdir1153989889/syzkaller.6bBTLq/16/file0 supports timestamps until 2038 (0x7fffffff) [ 24.976164][ T531] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #2: comm syz-executor.1: corrupted inode contents [ 24.988265][ T531] EXT4-fs error (device loop1): ext4_dirty_inode:6024: inode #2: comm syz-executor.1: mark_inode_dirty error [ 24.999995][ T531] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #2: comm syz-executor.1: corrupted inode contents [ 25.012066][ T531] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #2: comm syz-executor.1: mark_inode_dirty error [ 25.027051][ T331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 25.037550][ T331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 25.046547][ T331] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 25.247038][ T331] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 25.255889][ T331] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 25.277004][ T331] usb 3-1: Product: syz [ 25.280975][ T331] usb 3-1: Manufacturer: syz [ 25.285408][ T331] usb 3-1: SerialNumber: syz [ 25.397237][ T20] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 25.549980][ T541] loop1: detected capacity change from 0 to 131072 [ 25.587839][ T541] F2FS-fs (loop1): Test dummy encryption mode enabled [ 25.596573][ T541] F2FS-fs (loop1): Found nat_bits in checkpoint [ 25.619692][ T541] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 25.657616][ T331] usb 3-1: USB disconnect, device number 3 [ 25.767049][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 25.777920][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 25.788372][ T20] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 25.798763][ T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 25.807215][ T20] usb 4-1: config 0 descriptor?? [ 26.181031][ T555] loop4: detected capacity change from 0 to 40427 [ 26.238181][ T555] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 26.249038][ T555] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 26.281719][ T555] F2FS-fs (loop4): Found nat_bits in checkpoint [ 26.297269][ T20] hid (null): bogus close delimiter [ 26.327004][ T555] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 26.336341][ T557] loop2: detected capacity change from 0 to 40427 [ 26.341449][ T555] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 26.349482][ T555] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 26.374356][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 26.374373][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 26.377652][ T557] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 26.381852][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 26.396715][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 26.396883][ T557] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 26.404115][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 26.419510][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 26.426923][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 26.447559][ T557] F2FS-fs (loop2): Found nat_bits in checkpoint [ 26.512860][ T557] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 26.521884][ T20] usb 4-1: language id specifier not provided by device, defaulting to English [ 26.539748][ T557] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 26.546582][ T557] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 26.718891][ T573] attempt to access beyond end of device [ 26.718891][ T573] loop2: rw=10241, want=45104, limit=40427 [ 26.772336][ T576] overlayfs: failed to resolve './file2': -2 [ 26.906206][ T311] attempt to access beyond end of device [ 26.906206][ T311] loop2: rw=2049, want=40968, limit=40427 [ 26.997342][ T20] uclogic 0003:256C:006D.0001: failed retrieving string descriptor #200: -71 [ 27.067657][ T20] uclogic 0003:256C:006D.0001: failed retrieving pen parameters: -71 [ 27.076571][ T20] uclogic 0003:256C:006D.0001: failed probing pen v2 parameters: -71 [ 27.087577][ T20] uclogic 0003:256C:006D.0001: failed probing parameters: -71 [ 27.100005][ T20] uclogic: probe of 0003:256C:006D.0001 failed with error -71 [ 27.220385][ T20] usb 4-1: USB disconnect, device number 2 [ 27.303054][ T590] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 27.576618][ T618] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 27.585965][ T605] loop1: detected capacity change from 0 to 40427 [ 27.627748][ T605] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 27.642473][ T605] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 27.728140][ T605] F2FS-fs (loop1): Found nat_bits in checkpoint [ 27.816459][ T605] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 27.865602][ T605] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 27.882010][ T605] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 27.935815][ T307] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 27.935831][ T307] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 27.943471][ T307] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 27.952950][ T648] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 28.400776][ T668] loop1: detected capacity change from 0 to 512 [ 28.469404][ T668] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 28.501115][ T668] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #16: comm syz-executor.1: casefold flag without casefold feature [ 28.514265][ T668] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #3: comm syz-executor.1: corrupted inode contents [ 28.526471][ T668] EXT4-fs error (device loop1): ext4_dirty_inode:6024: inode #3: comm syz-executor.1: mark_inode_dirty error [ 28.538244][ T668] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 64: padding at end of block bitmap is not set [ 28.554044][ T668] EXT4-fs (loop1): 1 truncate cleaned up [ 28.559600][ T668] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 28.570462][ T668] ext4 filesystem being mounted at /root/syzkaller-testdir1153989889/syzkaller.6bBTLq/26/file1 supports timestamps until 2038 (0x7fffffff) [ 28.589323][ T668] syz-executor.1 (668) used greatest stack depth: 18240 bytes left [ 28.648126][ T684] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 28.750475][ T680] loop0: detected capacity change from 0 to 40427 [ 28.787613][ T680] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 28.795179][ T680] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 28.807594][ T680] F2FS-fs (loop0): Found nat_bits in checkpoint [ 28.867444][ T680] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 28.879094][ T680] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 28.887530][ T680] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 29.010664][ T30] kauditd_printk_skb: 45 callbacks suppressed [ 29.010677][ T30] audit: type=1326 audit(1716899900.635:2769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=713 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 29.040961][ T30] audit: type=1326 audit(1716899900.635:2770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=713 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 29.073509][ T30] audit: type=1326 audit(1716899900.665:2771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=713 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 29.100513][ T30] audit: type=1326 audit(1716899900.665:2772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=713 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 29.106688][ T720] loop0: detected capacity change from 0 to 512 [ 29.124441][ T30] audit: type=1326 audit(1716899900.665:2773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=713 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 29.164241][ T722] EXT4-fs (sda1): re-mounted. Opts: (null). Quota mode: none. [ 29.182369][ T720] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #16: comm syz-executor.0: casefold flag without casefold feature [ 29.197445][ T720] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #3: comm syz-executor.0: corrupted inode contents [ 29.209514][ T720] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #3: comm syz-executor.0: mark_inode_dirty error [ 29.224523][ T30] audit: type=1326 audit(1716899900.845:2774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=727 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de47abee9 code=0x7ffc0000 [ 29.248644][ T720] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 64: padding at end of block bitmap is not set [ 29.271872][ T30] audit: type=1326 audit(1716899900.845:2775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=727 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de47abee9 code=0x7ffc0000 [ 29.285350][ T720] Quota error (device loop0): write_blk: dquota write failed [ 29.307115][ T720] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 29.313989][ T30] audit: type=1326 audit(1716899900.845:2776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=727 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0de47abee9 code=0x7ffc0000 [ 29.342303][ T720] EXT4-fs (loop0): 1 truncate cleaned up [ 29.352200][ T720] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 29.367312][ T720] ext4 filesystem being mounted at /root/syzkaller-testdir884918946/syzkaller.YTOnfu/17/file1 supports timestamps until 2038 (0x7fffffff) [ 29.444003][ T741] xt_bpf: check failed: parse error [ 29.503843][ T749] EXT4-fs (sda1): re-mounted. Opts: (null). Quota mode: none. [ 29.552595][ T737] loop3: detected capacity change from 0 to 40427 [ 29.579016][ T737] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 29.586654][ T737] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 29.597793][ T737] F2FS-fs (loop3): Found nat_bits in checkpoint [ 29.632491][ T737] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 29.735161][ T737] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 29.742318][ T737] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 29.887099][ T737] overlayfs: failed to resolve './file0': -2 [ 29.937116][ T312] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 29.955055][ T772] loop1: detected capacity change from 0 to 1024 [ 30.011742][ T772] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 30.027012][ T328] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 30.087506][ T782] EXT4-fs (sda1): re-mounted. Opts: (null). Quota mode: none. [ 30.192825][ T798] loop3: detected capacity change from 0 to 512 [ 30.248629][ T798] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #16: comm syz-executor.3: casefold flag without casefold feature [ 30.261675][ T798] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #3: comm syz-executor.3: corrupted inode contents [ 30.273979][ T798] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #3: comm syz-executor.3: mark_inode_dirty error [ 30.285684][ T798] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 64: padding at end of block bitmap is not set [ 30.300630][ T798] EXT4-fs (loop3): 1 truncate cleaned up [ 30.306066][ T798] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 30.316903][ T798] ext4 filesystem being mounted at /root/syzkaller-testdir3361011744/syzkaller.Jha6iT/43/file1 supports timestamps until 2038 (0x7fffffff) [ 30.357069][ T312] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 30.367284][ T312] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 30.375976][ T312] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 30.427087][ T328] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 30.437152][ T328] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 30.445925][ T328] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 30.527784][ T808] EXT4-fs (sda1): re-mounted. Opts: (null). Quota mode: none. [ 30.567132][ T312] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 30.576090][ T312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 30.584125][ T312] usb 1-1: Product: syz [ 30.588353][ T312] usb 1-1: Manufacturer: syz [ 30.592879][ T312] usb 1-1: SerialNumber: syz [ 30.627157][ T328] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 30.636125][ T328] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 30.643976][ T328] usb 5-1: Product: syz [ 30.648197][ T328] usb 5-1: Manufacturer: syz [ 30.652656][ T328] usb 5-1: SerialNumber: syz [ 31.168081][ T328] usb 5-1: USB disconnect, device number 2 [ 31.173752][ T312] usb 1-1: USB disconnect, device number 2 [ 31.656321][ T864] loop0: detected capacity change from 0 to 512 [ 31.708469][ T864] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 31.719500][ T864] ext4 filesystem being mounted at /root/syzkaller-testdir884918946/syzkaller.YTOnfu/22/file0 supports timestamps until 2038 (0x7fffffff) [ 31.735501][ T864] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #2: comm syz-executor.0: corrupted inode contents [ 31.748308][ T864] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #2: comm syz-executor.0: mark_inode_dirty error [ 31.759926][ T864] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #2: comm syz-executor.0: corrupted inode contents [ 31.771993][ T864] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz-executor.0: mark_inode_dirty error [ 32.360630][ T894] loop3: detected capacity change from 0 to 512 [ 32.378573][ T894] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #16: comm syz-executor.3: casefold flag without casefold feature [ 32.391629][ T894] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #3: comm syz-executor.3: corrupted inode contents [ 32.403772][ T894] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #3: comm syz-executor.3: mark_inode_dirty error [ 32.415524][ T894] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 64: padding at end of block bitmap is not set [ 32.430439][ T894] EXT4-fs (loop3): 1 truncate cleaned up [ 32.435940][ T894] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 32.446758][ T894] ext4 filesystem being mounted at /root/syzkaller-testdir3361011744/syzkaller.Jha6iT/57/file1 supports timestamps until 2038 (0x7fffffff) [ 32.973594][ T948] loop1: detected capacity change from 0 to 512 [ 33.008452][ T948] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 33.019305][ T948] ext4 filesystem being mounted at /root/syzkaller-testdir1153989889/syzkaller.6bBTLq/55/file0 supports timestamps until 2038 (0x7fffffff) [ 33.034936][ T948] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #2: comm syz-executor.1: corrupted inode contents [ 33.047047][ T948] EXT4-fs error (device loop1): ext4_dirty_inode:6024: inode #2: comm syz-executor.1: mark_inode_dirty error [ 33.058672][ T948] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #2: comm syz-executor.1: corrupted inode contents [ 33.070744][ T948] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #2: comm syz-executor.1: mark_inode_dirty error [ 33.278599][ T963] loop1: detected capacity change from 0 to 512 [ 33.308796][ T963] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 33.320223][ T963] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 33.330153][ T963] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 33.347986][ T963] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 33.355889][ T963] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.1: corrupted in-inode xattr [ 33.369350][ T963] EXT4-fs (loop1): Remounting filesystem read-only [ 33.375779][ T963] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 33.388463][ T963] EXT4-fs (loop1): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,dioread_lock,init_itable,auto_da_alloc,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 33.411526][ T963] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 33.422871][ T963] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 33.432932][ T963] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 33.519746][ T963] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 33.531655][ T963] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 33.542233][ T963] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 33.555920][ T963] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #2: block 3: comm syz-executor.1: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 33.576785][ T963] EXT4-fs (loop1): Remounting filesystem read-only [ 33.768713][ T990] loop3: detected capacity change from 0 to 512 [ 33.819137][ T990] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 33.848380][ T990] ext4 filesystem being mounted at /root/syzkaller-testdir3361011744/syzkaller.Jha6iT/67/file0 supports timestamps until 2038 (0x7fffffff) [ 33.891346][ T990] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents [ 33.917071][ T990] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #2: comm syz-executor.3: mark_inode_dirty error [ 33.929556][ T990] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents [ 33.957021][ T990] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz-executor.3: mark_inode_dirty error [ 34.209691][ T1009] loop2: detected capacity change from 0 to 512 [ 34.269096][ T1009] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 34.280530][ T1009] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it [ 34.290408][ T1009] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 34.309851][ T1009] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 34.318648][ T1009] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.2: corrupted in-inode xattr [ 34.334338][ T1009] EXT4-fs (loop2): Remounting filesystem read-only [ 34.340737][ T1009] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 34.354352][ T1009] EXT4-fs (loop2): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,dioread_lock,init_itable,auto_da_alloc,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 34.398181][ T1006] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 34.409538][ T1006] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it [ 34.419480][ T1006] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 34.437733][ T1006] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 34.449039][ T1006] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it [ 34.458952][ T1006] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 34.472076][ T1006] EXT4-fs error (device loop2): ext4_find_dest_de:2112: inode #2: block 3: comm syz-executor.2: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 34.491282][ T1006] EXT4-fs (loop2): Remounting filesystem read-only [ 34.717737][ T30] kauditd_printk_skb: 72 callbacks suppressed [ 34.717749][ T30] audit: type=1400 audit(1716899906.345:2845): avc: denied { create } for pid=1030 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 34.743482][ T30] audit: type=1400 audit(1716899906.355:2846): avc: denied { read } for pid=1030 comm="syz-executor.1" path="socket:[16208]" dev="sockfs" ino=16208 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 34.904734][ T30] audit: type=1400 audit(1716899906.525:2847): avc: denied { ioctl } for pid=1034 comm="syz-executor.3" path="socket:[16555]" dev="sockfs" ino=16555 ioctlcmd=0x9362 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 35.161068][ T1046] loop0: detected capacity change from 0 to 512 [ 35.270159][ T1046] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 35.281545][ T1046] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it [ 35.291781][ T1046] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 35.310520][ T1046] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 35.318466][ T1046] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.0: corrupted in-inode xattr [ 35.330789][ T1046] EXT4-fs (loop0): Remounting filesystem read-only [ 35.337165][ T1046] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 35.349447][ T1046] EXT4-fs (loop0): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,dioread_lock,init_itable,auto_da_alloc,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 35.402762][ T1042] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 35.414159][ T1042] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it [ 35.424119][ T1042] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 35.445209][ T1042] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 35.456564][ T1042] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it [ 35.466460][ T1042] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 35.479522][ T1042] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #2: block 3: comm syz-executor.0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 35.498697][ T1042] EXT4-fs (loop0): Remounting filesystem read-only [ 35.587968][ T30] audit: type=1400 audit(1716899907.215:2848): avc: denied { read } for pid=1061 comm="syz-executor.0" name=".log" dev="incremental-fs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 35.612772][ T30] audit: type=1400 audit(1716899907.215:2849): avc: denied { open } for pid=1061 comm="syz-executor.0" path="/root/syzkaller-testdir884918946/syzkaller.YTOnfu/38/file0/.log" dev="incremental-fs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 35.733207][ T1058] loop2: detected capacity change from 0 to 40427 [ 35.777681][ T1058] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 35.786205][ T1058] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 35.796809][ T1058] F2FS-fs (loop2): Found nat_bits in checkpoint [ 35.832359][ T1058] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 35.843464][ T1058] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 35.850464][ T1058] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 35.871810][ T311] f2fs_fill_dentries: 11 callbacks suppressed [ 35.871821][ T311] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 35.877924][ T311] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 35.885432][ T311] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 35.893085][ T311] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 35.900585][ T311] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 35.908098][ T311] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 35.915571][ T311] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 35.997340][ T30] audit: type=1400 audit(1716899907.625:2850): avc: denied { setattr } for pid=1086 comm="syz-executor.3" name="" dev="pipefs" ino=16622 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 36.101486][ T1089] loop3: detected capacity change from 0 to 512 [ 36.168765][ T1089] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 36.180118][ T1089] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 36.189992][ T1089] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 36.212039][ T1089] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 36.220260][ T1089] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.3: corrupted in-inode xattr [ 36.232794][ T1089] EXT4-fs (loop3): Remounting filesystem read-only [ 36.239346][ T1089] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 36.251946][ T1089] EXT4-fs (loop3): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,dioread_lock,init_itable,auto_da_alloc,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 36.374009][ T1089] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 36.385419][ T1089] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 36.395295][ T1089] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 36.437145][ T1089] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 36.445930][ T1098] loop4: detected capacity change from 0 to 32768 [ 36.454924][ T1089] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 36.465310][ T1089] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 36.478449][ T1089] EXT4-fs error (device loop3): ext4_find_dest_de:2112: inode #2: block 3: comm syz-executor.3: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 36.497848][ T1089] EXT4-fs (loop3): Remounting filesystem read-only [ 36.746377][ T1115] loop1: detected capacity change from 0 to 512 [ 37.675762][ T1115] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #16: comm syz-executor.1: casefold flag without casefold feature [ 37.696919][ T1115] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #3: comm syz-executor.1: corrupted inode contents [ 37.709099][ T1115] EXT4-fs error (device loop1): ext4_dirty_inode:6024: inode #3: comm syz-executor.1: mark_inode_dirty error [ 37.740980][ T1115] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 64: padding at end of block bitmap is not set [ 37.757149][ T1115] Quota error (device loop1): write_blk: dquota write failed [ 37.764426][ T1115] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 37.793351][ T1115] EXT4-fs (loop1): 1 truncate cleaned up [ 37.798916][ T1115] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 37.816823][ T1115] ext4 filesystem being mounted at /root/syzkaller-testdir1153989889/syzkaller.6bBTLq/76/file1 supports timestamps until 2038 (0x7fffffff) [ 37.855631][ T1141] loop0: detected capacity change from 0 to 512 [ 37.920587][ T1141] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 37.952480][ T1141] ext4 filesystem being mounted at /root/syzkaller-testdir884918946/syzkaller.YTOnfu/44/file0 supports timestamps until 2038 (0x7fffffff) [ 37.986490][ T1141] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #2: comm syz-executor.0: corrupted inode contents [ 38.000577][ T1137] loop3: detected capacity change from 0 to 40427 [ 38.001909][ T1141] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #2: comm syz-executor.0: mark_inode_dirty error [ 38.020123][ T1141] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #2: comm syz-executor.0: corrupted inode contents [ 38.032291][ T1141] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz-executor.0: mark_inode_dirty error [ 38.043815][ T1137] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 38.053641][ T1137] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 38.067838][ T1137] F2FS-fs (loop3): Found nat_bits in checkpoint [ 38.089129][ T1137] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 38.100082][ T1137] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 38.108473][ T1137] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 38.297380][ T308] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 38.297416][ T308] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 38.347906][ T308] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 38.422680][ T30] audit: type=1400 audit(1716899910.045:2851): avc: denied { read } for pid=1163 comm="syz-executor.0" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 38.453486][ T1164] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 38.457028][ T30] audit: type=1400 audit(1716899910.045:2852): avc: denied { open } for pid=1163 comm="syz-executor.0" path="/dev/kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 38.546181][ T1173] loop3: detected capacity change from 0 to 512 [ 38.578852][ T1173] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #16: comm syz-executor.3: casefold flag without casefold feature [ 38.594106][ T1173] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #3: comm syz-executor.3: corrupted inode contents [ 38.607124][ T1173] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #3: comm syz-executor.3: mark_inode_dirty error [ 38.620680][ T1173] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 64: padding at end of block bitmap is not set [ 38.649099][ T1173] EXT4-fs (loop3): 1 truncate cleaned up [ 38.667983][ T1173] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 38.697901][ T1173] ext4 filesystem being mounted at /root/syzkaller-testdir3361011744/syzkaller.Jha6iT/82/file1 supports timestamps until 2038 (0x7fffffff) [ 38.958865][ T1208] incfs: Backing dir is not set, filesystem can't be mounted. [ 39.094032][ T1208] incfs: mount failed -2 [ 39.160441][ T1223] loop4: detected capacity change from 0 to 512 [ 39.206515][ T1223] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #16: comm syz-executor.4: casefold flag without casefold feature [ 39.220172][ T1223] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #3: comm syz-executor.4: corrupted inode contents [ 39.239561][ T1223] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #3: comm syz-executor.4: mark_inode_dirty error [ 39.251576][ T1223] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 64: padding at end of block bitmap is not set [ 39.266483][ T1223] EXT4-fs (loop4): 1 truncate cleaned up [ 39.272047][ T1223] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 39.282888][ T1223] ext4 filesystem being mounted at /root/syzkaller-testdir2440416007/syzkaller.p0JKNJ/63/file1 supports timestamps until 2038 (0x7fffffff) [ 40.021962][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 40.021975][ T30] audit: type=1326 audit(1716899911.645:2859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1261 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 40.051797][ T30] audit: type=1326 audit(1716899911.655:2860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1261 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 40.076466][ T30] audit: type=1326 audit(1716899911.655:2861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1261 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 40.100046][ T30] audit: type=1326 audit(1716899911.675:2862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1261 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 40.124375][ T30] audit: type=1326 audit(1716899911.675:2863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1261 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 40.148294][ T30] audit: type=1326 audit(1716899911.675:2864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1261 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 40.169366][ T1266] loop1: detected capacity change from 0 to 512 [ 40.172238][ T30] audit: type=1326 audit(1716899911.745:2865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1263 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 40.201773][ T30] audit: type=1326 audit(1716899911.755:2866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1263 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 40.225677][ T30] audit: type=1326 audit(1716899911.755:2867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1263 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 40.269200][ T1266] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #16: comm syz-executor.1: casefold flag without casefold feature [ 40.282383][ T1266] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #3: comm syz-executor.1: corrupted inode contents [ 40.299646][ T1266] EXT4-fs error (device loop1): ext4_dirty_inode:6024: inode #3: comm syz-executor.1: mark_inode_dirty error [ 40.313902][ T1266] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 64: padding at end of block bitmap is not set [ 40.328610][ T1266] Quota error (device loop1): write_blk: dquota write failed [ 40.336262][ T1266] EXT4-fs (loop1): 1 truncate cleaned up [ 40.341820][ T1266] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 40.352721][ T1266] ext4 filesystem being mounted at /root/syzkaller-testdir1153989889/syzkaller.6bBTLq/86/file1 supports timestamps until 2038 (0x7fffffff) [ 40.678573][ T1287] loop2: detected capacity change from 0 to 1024 [ 40.707308][ T1292] loop4: detected capacity change from 0 to 128 [ 40.748548][ T1292] FAT-fs (loop4): Directory bread(block 11554) failed [ 40.755173][ T1292] FAT-fs (loop4): Directory bread(block 11555) failed [ 40.761820][ T1292] FAT-fs (loop4): Directory bread(block 11556) failed [ 40.768493][ T1292] FAT-fs (loop4): Directory bread(block 11557) failed [ 40.775214][ T1292] FAT-fs (loop4): Directory bread(block 11558) failed [ 40.897305][ T1292] FAT-fs (loop4): Directory bread(block 11559) failed [ 40.909991][ T1287] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,max_dir_size_kb=0x0000000000000001,dioread_lock,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 40.939085][ T1292] FAT-fs (loop4): Directory bread(block 11560) failed [ 40.952331][ T1292] FAT-fs (loop4): Directory bread(block 11561) failed [ 40.959829][ T1292] FAT-fs (loop4): Directory bread(block 11562) failed [ 40.966812][ T1292] FAT-fs (loop4): Directory bread(block 11563) failed [ 40.971241][ T1287] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: writeback. [ 41.052764][ T1309] loop2: detected capacity change from 0 to 512 [ 41.172645][ T1318] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 41.182968][ T1318] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 41.192767][ T1318] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 41.192765][ T1309] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #16: comm syz-executor.2: casefold flag without casefold feature [ 41.214954][ T1309] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #3: comm syz-executor.2: corrupted inode contents [ 41.234089][ T1309] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #3: comm syz-executor.2: mark_inode_dirty error [ 41.246905][ T1309] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 64: padding at end of block bitmap is not set [ 41.262217][ T1309] EXT4-fs (loop2): 1 truncate cleaned up [ 41.267785][ T1309] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 41.280180][ T1309] ext4 filesystem being mounted at /root/syzkaller-testdir1179055957/syzkaller.yyBR8W/60/file1 supports timestamps until 2038 (0x7fffffff) [ 41.387611][ T1331] loop2: detected capacity change from 0 to 1024 [ 41.437858][ T1324] loop4: detected capacity change from 0 to 40427 [ 41.451321][ T1331] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,max_dir_size_kb=0x0000000000000001,dioread_lock,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 41.484995][ T1331] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: writeback. [ 41.497626][ T1324] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 41.506801][ T1324] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 41.530616][ T1324] F2FS-fs (loop4): Found nat_bits in checkpoint [ 41.543980][ T1339] loop2: detected capacity change from 0 to 128 [ 41.576501][ T1324] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 41.596400][ T1324] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 41.603394][ T1324] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 41.614826][ T1339] FAT-fs (loop2): Directory bread(block 11554) failed [ 41.621701][ T1339] FAT-fs (loop2): Directory bread(block 11555) failed [ 41.628762][ T1339] FAT-fs (loop2): Directory bread(block 11556) failed [ 41.635549][ T1339] FAT-fs (loop2): Directory bread(block 11557) failed [ 41.645811][ T1339] FAT-fs (loop2): Directory bread(block 11558) failed [ 41.652546][ T1339] FAT-fs (loop2): Directory bread(block 11559) failed [ 41.659284][ T1339] FAT-fs (loop2): Directory bread(block 11560) failed [ 41.663244][ T309] f2fs_fill_dentries: 4 callbacks suppressed [ 41.663256][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 41.666699][ T1339] FAT-fs (loop2): Directory bread(block 11561) failed [ 41.671833][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 41.679870][ T1339] FAT-fs (loop2): Directory bread(block 11562) failed [ 41.686025][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 41.696176][ T1339] FAT-fs (loop2): Directory bread(block 11563) failed [ 41.702330][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 41.713793][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 41.721748][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 41.736314][ T309] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 41.984150][ T1354] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 42.007053][ T1354] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 42.016177][ T1354] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 42.066491][ T1360] loop3: detected capacity change from 0 to 512 [ 42.095779][ T1368] loop4: detected capacity change from 0 to 1024 [ 42.103968][ T1360] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #16: comm syz-executor.3: casefold flag without casefold feature [ 42.117313][ T1360] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #3: comm syz-executor.3: corrupted inode contents [ 42.130323][ T1360] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #3: comm syz-executor.3: mark_inode_dirty error [ 42.141393][ T1368] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,max_dir_size_kb=0x0000000000000001,dioread_lock,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 42.166816][ T1360] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 64: padding at end of block bitmap is not set [ 42.183956][ T1368] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback. [ 42.192909][ T1360] EXT4-fs (loop3): 1 truncate cleaned up [ 42.198585][ T1360] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 42.213149][ T1360] ext4 filesystem being mounted at /root/syzkaller-testdir3361011744/syzkaller.Jha6iT/93/file1 supports timestamps until 2038 (0x7fffffff) [ 42.809905][ T1392] loop3: detected capacity change from 0 to 256 [ 42.852572][ T1392] FAT-fs (loop3): Directory bread(block 64) failed [ 42.859041][ T1392] FAT-fs (loop3): Directory bread(block 65) failed [ 42.865498][ T1392] FAT-fs (loop3): Directory bread(block 66) failed [ 42.872330][ T1392] FAT-fs (loop3): Directory bread(block 67) failed [ 42.878788][ T1392] FAT-fs (loop3): Directory bread(block 68) failed [ 42.885243][ T1392] FAT-fs (loop3): Directory bread(block 69) failed [ 42.891715][ T1392] FAT-fs (loop3): Directory bread(block 70) failed [ 42.898164][ T1392] FAT-fs (loop3): Directory bread(block 71) failed [ 42.904620][ T1392] FAT-fs (loop3): Directory bread(block 72) failed [ 42.911103][ T1392] FAT-fs (loop3): Directory bread(block 73) failed [ 43.163328][ T1380] loop4: detected capacity change from 0 to 131072 [ 43.221096][ T1380] F2FS-fs (loop4): Test dummy encryption mode enabled [ 43.457357][ T1380] F2FS-fs (loop4): Found nat_bits in checkpoint [ 43.493008][ T1380] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 43.510689][ T1421] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 43.539199][ T1404] loop0: detected capacity change from 0 to 40427 [ 43.577609][ T1404] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 43.585248][ T1404] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 43.595660][ T1404] F2FS-fs (loop0): Found nat_bits in checkpoint [ 43.629225][ T1404] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 43.641087][ T1404] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 43.648046][ T1404] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 43.661124][ T1404] overlayfs: failed to resolve './file1': -2 [ 43.741466][ T1430] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 43.750714][ T1430] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 43.759842][ T1430] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 43.787011][ T1118] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 44.197093][ T1118] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 44.205898][ T1450] loop0: detected capacity change from 0 to 40427 [ 44.216219][ T1118] usb 5-1: New USB device found, idVendor=046d, idProduct=c52b, bcdDevice= 0.00 [ 44.225285][ T1118] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 44.234969][ T1118] usb 5-1: config 0 descriptor?? [ 44.249405][ T1450] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 44.257109][ T1450] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 44.274359][ T1450] F2FS-fs (loop0): Found nat_bits in checkpoint [ 44.287750][ T1118] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 44.320388][ T1450] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 44.338410][ T1450] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 44.345444][ T1450] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 44.371757][ T1450] overlayfs: failed to resolve './file1': -2 [ 44.491289][ T1118] usb 5-1: USB disconnect, device number 3 [ 45.327693][ T30] kauditd_printk_skb: 29 callbacks suppressed [ 45.327710][ T30] audit: type=1326 audit(1716899916.955:2892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1480 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 45.361567][ T30] audit: type=1326 audit(1716899916.955:2893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1480 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 45.375632][ T1485] Zero length message leads to an empty skb [ 45.392464][ T30] audit: type=1326 audit(1716899916.955:2894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1480 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 45.416746][ T30] audit: type=1326 audit(1716899916.955:2895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1480 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 45.441746][ T30] audit: type=1326 audit(1716899916.955:2896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1480 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 45.557048][ T510] Bluetooth: hci0: command 0x1003 tx timeout [ 45.562953][ T1423] Bluetooth: hci0: sending frame failed (-49) [ 45.571451][ T1487] loop4: detected capacity change from 0 to 40427 [ 45.617487][ T1487] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 45.625062][ T1487] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 45.635253][ T1487] F2FS-fs (loop4): Found nat_bits in checkpoint [ 45.655625][ T1487] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 45.666401][ T1487] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 45.673294][ T1487] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 45.685110][ T1487] overlayfs: failed to resolve './file1': -2 [ 45.749363][ T1499] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 45.861481][ T30] audit: type=1326 audit(1716899917.485:2897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1509 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 45.895428][ T30] audit: type=1326 audit(1716899917.505:2898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1509 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 45.923826][ T30] audit: type=1400 audit(1716899917.505:2899): avc: denied { create } for pid=1512 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 45.952182][ T30] audit: type=1400 audit(1716899917.505:2900): avc: denied { write } for pid=1512 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 45.973508][ T30] audit: type=1400 audit(1716899917.505:2901): avc: denied { nlmsg_write } for pid=1512 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 46.415252][ T1529] tipc: Failed to remove unknown binding: 66,1,1/0:1110084207/1110084209 [ 46.423575][ T1529] tipc: Failed to remove unknown binding: 66,1,1/0:1110084207/1110084209 [ 46.457032][ T1531] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 46.457978][ T1520] loop4: detected capacity change from 0 to 40427 [ 46.488353][ T1520] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 46.496040][ T1520] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 46.511265][ T1520] F2FS-fs (loop4): Found nat_bits in checkpoint [ 46.563694][ T1520] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 46.582072][ T1520] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 46.588973][ T1520] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 47.019069][ T1562] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 47.157050][ T1455] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 47.266295][ T1565] loop3: detected capacity change from 0 to 40427 [ 47.307858][ T1565] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 47.315508][ T1565] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 47.326288][ T1565] F2FS-fs (loop3): Found nat_bits in checkpoint [ 47.361241][ T1565] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 47.373126][ T1565] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 47.380130][ T1565] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 47.537053][ T1455] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 47.549882][ T1455] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 47.562319][ T1455] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 47.573472][ T1455] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 47.584909][ T1455] usb 3-1: config 0 descriptor?? [ 47.637050][ T510] Bluetooth: hci0: command 0x1001 tx timeout [ 47.642992][ T1423] Bluetooth: hci0: sending frame failed (-49) [ 48.047232][ T1455] hid (null): bogus close delimiter [ 48.153215][ T1598] loop4: detected capacity change from 0 to 40427 [ 48.209596][ T1598] F2FS-fs (loop4): Found nat_bits in checkpoint [ 48.267073][ T1455] usb 3-1: language id specifier not provided by device, defaulting to English [ 48.276009][ T1598] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 48.315799][ T309] attempt to access beyond end of device [ 48.315799][ T309] loop4: rw=2049, want=45104, limit=40427 [ 48.364276][ T1595] loop0: detected capacity change from 0 to 131072 [ 48.379372][ T1604] loop3: detected capacity change from 0 to 512 [ 48.408838][ T1595] F2FS-fs (loop0): invalid crc value [ 48.417892][ T1595] F2FS-fs (loop0): Mismatch valid blocks 0 vs. 1 [ 48.424100][ T1595] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-117) [ 48.437704][ T1604] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable,norecovery,journal_ioprio=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 48.453678][ T1604] ext4 filesystem being mounted at /root/syzkaller-testdir3361011744/syzkaller.Jha6iT/117/file0 supports timestamps until 2038 (0x7fffffff) [ 48.527514][ T1614] tipc: Started in network mode [ 48.537119][ T1614] tipc: Node identity fc, cluster identity 4711 [ 48.555160][ T1614] tipc: Enabling of bearer rejected, failed to enable media [ 48.608144][ T1612] loop4: detected capacity change from 0 to 40427 [ 48.627792][ T1612] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 48.636697][ T1612] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 48.659665][ T1612] F2FS-fs (loop4): Found nat_bits in checkpoint [ 48.700019][ T1612] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 48.704056][ T1633] loop3: detected capacity change from 0 to 512 [ 48.711762][ T1612] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 48.721814][ T1612] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 48.752046][ T1633] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 48.762850][ T1455] uclogic 0003:256C:006D.0002: failed retrieving Huion firmware version: -71 [ 48.777092][ T1633] ext4 filesystem being mounted at /root/syzkaller-testdir3361011744/syzkaller.Jha6iT/125/file0 supports timestamps until 2038 (0x7fffffff) [ 48.782451][ T1455] uclogic 0003:256C:006D.0002: failed probing parameters: -71 [ 48.800747][ T1633] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents [ 48.812966][ T1633] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #2: comm syz-executor.3: mark_inode_dirty error [ 48.814921][ T1455] uclogic: probe of 0003:256C:006D.0002 failed with error -71 [ 48.824522][ T1633] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents [ 48.847190][ T1633] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz-executor.3: mark_inode_dirty error [ 48.860859][ T1455] usb 3-1: USB disconnect, device number 4 [ 49.250795][ T1648] request_module fs-ceph succeeded, but still no fs? [ 49.561041][ T1660] loop2: detected capacity change from 0 to 256 [ 49.601004][ T1660] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 49.717403][ T60] Bluetooth: hci0: command 0x1009 tx timeout [ 49.746597][ T1645] loop3: detected capacity change from 0 to 131072 [ 49.779081][ T1669] loop4: detected capacity change from 0 to 512 [ 49.817933][ T1645] F2FS-fs (loop3): Test dummy encryption mode enabled [ 49.826574][ T1645] F2FS-fs (loop3): Found nat_bits in checkpoint [ 49.851011][ T1669] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #16: comm syz-executor.4: casefold flag without casefold feature [ 49.860226][ T1645] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 49.872535][ T1669] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #3: comm syz-executor.4: corrupted inode contents [ 49.885819][ T1669] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #3: comm syz-executor.4: mark_inode_dirty error [ 49.896501][ T1664] loop2: detected capacity change from 0 to 40427 [ 49.897486][ T1669] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 64: padding at end of block bitmap is not set [ 49.918319][ T1669] EXT4-fs (loop4): 1 truncate cleaned up [ 49.923752][ T1669] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 49.934588][ T1669] ext4 filesystem being mounted at /root/syzkaller-testdir2440416007/syzkaller.p0JKNJ/91/file1 supports timestamps until 2038 (0x7fffffff) [ 49.957619][ T1664] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 49.965149][ T1664] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 49.975176][ T1664] F2FS-fs (loop2): Found nat_bits in checkpoint [ 49.995223][ T1664] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 50.009959][ T1664] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 50.016847][ T1664] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 50.077140][ T1455] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 50.153945][ T60] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 50.517936][ T60] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 50.530554][ T60] usb 4-1: New USB device found, idVendor=046d, idProduct=c52b, bcdDevice= 0.00 [ 50.539400][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 50.547755][ T60] usb 4-1: config 0 descriptor?? [ 50.587125][ T1455] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 50.597862][ T1455] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 50.598219][ T60] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 50.607413][ T1455] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 50.623334][ T1455] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 50.631717][ T1455] usb 1-1: config 0 descriptor?? [ 50.789904][ T60] usb 4-1: USB disconnect, device number 3 [ 51.293108][ T1455] hid (null): bogus close delimiter [ 51.337086][ T1455] usb 1-1: language id specifier not provided by device, defaulting to English [ 51.837138][ T1455] uclogic 0003:256C:006D.0003: failed retrieving Huion firmware version: -71 [ 51.859135][ T1455] uclogic 0003:256C:006D.0003: failed probing parameters: -71 [ 51.883540][ T1455] uclogic: probe of 0003:256C:006D.0003 failed with error -71 [ 51.893859][ T1455] usb 1-1: USB disconnect, device number 3 [ 51.967925][ T30] kauditd_printk_skb: 34 callbacks suppressed [ 51.967960][ T30] audit: type=1326 audit(1716899923.595:2934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 52.007954][ T30] audit: type=1326 audit(1716899923.595:2935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 52.032281][ T30] audit: type=1326 audit(1716899923.595:2936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 52.058503][ T30] audit: type=1326 audit(1716899923.595:2937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 52.099411][ T30] audit: type=1326 audit(1716899923.595:2938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee22f49ee9 code=0x7ffc0000 [ 52.317414][ T1725] loop2: detected capacity change from 0 to 40427 [ 52.372403][ T1725] F2FS-fs (loop2): Found nat_bits in checkpoint [ 52.453062][ T1725] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 52.482347][ T311] attempt to access beyond end of device [ 52.482347][ T311] loop2: rw=2049, want=45104, limit=40427 [ 52.502328][ T1736] loop4: detected capacity change from 0 to 512 [ 52.569731][ T1736] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #16: comm syz-executor.4: casefold flag without casefold feature [ 52.583153][ T1736] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #3: comm syz-executor.4: corrupted inode contents [ 52.595675][ T1736] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #3: comm syz-executor.4: mark_inode_dirty error [ 52.608330][ T1736] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 64: padding at end of block bitmap is not set [ 52.623391][ T1736] Quota error (device loop4): write_blk: dquota write failed [ 52.634522][ T1736] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 52.768658][ T1736] EXT4-fs (loop4): 1 truncate cleaned up [ 52.794770][ T1736] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 52.809103][ T1736] ext4 filesystem being mounted at /root/syzkaller-testdir2440416007/syzkaller.p0JKNJ/101/file1 supports timestamps until 2038 (0x7fffffff) [ 52.823581][ T30] audit: type=1326 audit(1716899924.435:2939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1751 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 52.866569][ T1759] loop2: detected capacity change from 0 to 512 [ 52.867041][ T30] audit: type=1326 audit(1716899924.435:2940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1751 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 52.896635][ T30] audit: type=1326 audit(1716899924.435:2941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1751 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 52.938231][ T1759] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 52.949146][ T1759] ext4 filesystem being mounted at /root/syzkaller-testdir1179055957/syzkaller.yyBR8W/94/file0 supports timestamps until 2038 (0x7fffffff) [ 52.982095][ T1759] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #2: comm syz-executor.2: corrupted inode contents [ 53.008429][ T1759] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #2: comm syz-executor.2: mark_inode_dirty error [ 53.020178][ T1759] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #2: comm syz-executor.2: corrupted inode contents [ 53.032290][ T1759] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #2: comm syz-executor.2: mark_inode_dirty error [ 53.257694][ T1785] loop4: detected capacity change from 0 to 512 [ 53.294690][ T1785] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #16: comm syz-executor.4: casefold flag without casefold feature [ 53.308022][ T1785] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #3: comm syz-executor.4: corrupted inode contents [ 53.448962][ T1785] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #3: comm syz-executor.4: mark_inode_dirty error [ 53.490534][ T1785] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 64: padding at end of block bitmap is not set [ 53.571866][ T1785] EXT4-fs (loop4): 1 truncate cleaned up [ 53.604733][ T1785] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 53.632051][ T1785] ext4 filesystem being mounted at /root/syzkaller-testdir2440416007/syzkaller.p0JKNJ/111/file1 supports timestamps until 2038 (0x7fffffff) [ 53.809273][ T1800] device syzkaller0 entered promiscuous mode [ 53.847542][ T1800] syzkaller0: tun_net_xmit 1280 [ 53.860431][ T1800] syzkaller0: create flow: hash 1262831790 index 1 [ 53.883220][ T1799] syzkaller0: delete flow: hash 1262831790 index 1 [ 53.917080][ T26] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 54.133216][ T1824] loop1: detected capacity change from 0 to 512 [ 54.144967][ T1826] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 54.177035][ T26] usb 4-1: Using ep0 maxpacket: 8 [ 54.347911][ T26] usb 4-1: unable to get BOS descriptor or descriptor too short [ 54.361254][ T1824] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #16: comm syz-executor.1: casefold flag without casefold feature [ 54.374505][ T1824] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #3: comm syz-executor.1: corrupted inode contents [ 54.386608][ T1824] EXT4-fs error (device loop1): ext4_dirty_inode:6024: inode #3: comm syz-executor.1: mark_inode_dirty error [ 54.398367][ T1824] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 64: padding at end of block bitmap is not set [ 54.413476][ T1824] EXT4-fs (loop1): 1 truncate cleaned up [ 54.418967][ T1824] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 54.429794][ T26] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 54.435335][ T1824] ext4 filesystem being mounted at /root/syzkaller-testdir1153989889/syzkaller.6bBTLq/98/file1 supports timestamps until 2038 (0x7fffffff) [ 54.438255][ T26] usb 4-1: config 1 has an invalid descriptor of length 53, skipping remainder of the config [ 54.462225][ T26] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 54.470967][ T26] usb 4-1: config 1 has no interface number 1 [ 54.476938][ T26] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 54.489732][ T26] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x2 has an invalid bInterval 52, changing to 7 [ 54.500436][ T26] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x2 has invalid maxpacket 9272, setting to 1024 [ 54.667052][ T26] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 54.676001][ T26] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 54.683786][ T26] usb 4-1: Product: syz [ 54.687734][ T26] usb 4-1: Manufacturer: syz [ 54.692172][ T26] usb 4-1: SerialNumber: syz [ 54.918822][ T1840] loop0: detected capacity change from 0 to 512 [ 54.949542][ T1842] fuse: Bad value for 'fd' [ 54.968686][ T1840] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 54.979537][ T1840] ext4 filesystem being mounted at /root/syzkaller-testdir884918946/syzkaller.YTOnfu/113/file0 supports timestamps until 2038 (0x7fffffff) [ 54.988269][ T1846] loop2: detected capacity change from 0 to 512 [ 54.996040][ T1840] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #2: comm syz-executor.0: corrupted inode contents [ 55.012048][ T1840] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #2: comm syz-executor.0: mark_inode_dirty error [ 55.023667][ T1840] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #2: comm syz-executor.0: corrupted inode contents [ 55.027866][ T1846] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 55.035743][ T26] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor [ 55.045279][ T1846] EXT4-fs (loop2): 1 truncate cleaned up [ 55.051248][ T26] usb 4-1: 2:1 : unknown format tag 0x5 is detected. processed as MPEG. [ 55.056770][ T1846] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,abort,noload,noquota,block_validity,init_itable=0x0000000000000006,auto_da_alloc=0x0000000000000008,,errors=continue. Quota mode: none. [ 55.064889][ T1840] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz-executor.0: mark_inode_dirty error [ 55.064969][ T26] usb 4-1: found format II with max.bitrate = 0, frame size=39301 [ 55.105322][ T26] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor [ 55.113256][ T26] usb 4-1: 2:1 : unknown format tag 0x5 is detected. processed as MPEG. [ 55.121595][ T26] usb 4-1: found format II with max.bitrate = 0, frame size=39301 [ 55.229771][ T26] usb 4-1: USB disconnect, device number 4 [ 56.487841][ T1455] Bluetooth: hci0: command 0x1003 tx timeout [ 56.502709][ T1423] Bluetooth: hci0: sending frame failed (-49) [ 56.676307][ T1878] loop0: detected capacity change from 0 to 512 [ 56.771507][ T1878] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #16: comm syz-executor.0: casefold flag without casefold feature [ 56.784757][ T1878] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #3: comm syz-executor.0: corrupted inode contents [ 56.797282][ T1878] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #3: comm syz-executor.0: mark_inode_dirty error [ 56.804684][ T1864] loop3: detected capacity change from 0 to 40427 [ 56.808950][ T1878] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 64: padding at end of block bitmap is not set [ 56.829836][ T1878] EXT4-fs (loop0): 1 truncate cleaned up [ 56.835293][ T1878] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 56.846248][ T1878] ext4 filesystem being mounted at /root/syzkaller-testdir884918946/syzkaller.YTOnfu/116/file1 supports timestamps until 2038 (0x7fffffff) [ 56.867044][ T1864] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 56.874645][ T1864] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 56.894791][ T1864] F2FS-fs (loop3): Found nat_bits in checkpoint [ 56.915447][ T1864] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 56.926417][ T1864] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 56.933312][ T1864] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 56.945591][ T1864] overlayfs: missing 'lowerdir' [ 57.157046][ T26] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 57.397021][ T26] usb 2-1: Using ep0 maxpacket: 8 [ 57.557264][ T26] usb 2-1: unable to get BOS descriptor or descriptor too short [ 57.637082][ T26] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 57.648737][ T26] usb 2-1: config 1 has an invalid descriptor of length 53, skipping remainder of the config [ 57.660537][ T26] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 57.669330][ T26] usb 2-1: config 1 has no interface number 1 [ 57.675242][ T26] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 57.687840][ T26] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x2 has an invalid bInterval 52, changing to 7 [ 57.698502][ T26] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x2 has invalid maxpacket 9272, setting to 1024 [ 57.766391][ T1922] loop0: detected capacity change from 0 to 512 [ 57.799413][ T30] kauditd_printk_skb: 36 callbacks suppressed [ 57.799424][ T30] audit: type=1326 audit(1716899929.425:2972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 57.829143][ T30] audit: type=1326 audit(1716899929.425:2973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 57.848202][ T1922] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #16: comm syz-executor.0: casefold flag without casefold feature [ 57.853332][ T30] audit: type=1326 audit(1716899929.425:2974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 57.866528][ T1922] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #3: comm syz-executor.0: corrupted inode contents [ 57.892606][ T30] audit: type=1326 audit(1716899929.425:2975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 57.902217][ T1922] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #3: comm syz-executor.0: mark_inode_dirty error [ 57.924884][ T26] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 57.936848][ T1922] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 64: padding at end of block bitmap is not set [ 57.945199][ T30] audit: type=1326 audit(1716899929.425:2976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b5578ee9 code=0x7ffc0000 [ 57.960295][ T1922] Quota error (device loop0): write_blk: dquota write failed [ 57.983125][ T26] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.998133][ T26] usb 2-1: Product: syz [ 57.998531][ T1922] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 58.002127][ T26] usb 2-1: Manufacturer: syz [ 58.016193][ T26] usb 2-1: SerialNumber: syz [ 58.025089][ T1922] EXT4-fs (loop0): 1 truncate cleaned up [ 58.032096][ T1922] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 58.043034][ T1922] ext4 filesystem being mounted at /root/syzkaller-testdir884918946/syzkaller.YTOnfu/118/file1 supports timestamps until 2038 (0x7fffffff) [ 58.065066][ T30] audit: type=1326 audit(1716899929.685:2977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1932 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de47abee9 code=0x7ffc0000 [ 58.088923][ T30] audit: type=1326 audit(1716899929.685:2978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1932 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0de47abee9 code=0x7ffc0000 [ 58.113250][ T30] audit: type=1326 audit(1716899929.745:2979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1932 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de47abee9 code=0x7ffc0000 [ 58.884984][ T26] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 58.893559][ T26] usb 2-1: 2:1 : unknown format tag 0x5 is detected. processed as MPEG. [ 58.901991][ T26] usb 2-1: found format II with max.bitrate = 0, frame size=39301 [ 58.910243][ T26] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 58.918467][ T26] usb 2-1: 2:1 : unknown format tag 0x5 is detected. processed as MPEG. [ 58.926864][ T26] usb 2-1: found format II with max.bitrate = 0, frame size=39301 [ 58.938211][ T331] Bluetooth: hci0: command 0x1001 tx timeout [ 58.944408][ T1423] Bluetooth: hci0: sending frame failed (-49) [ 59.012989][ T26] usb 2-1: USB disconnect, device number 2 [ 59.130778][ T1973] loop3: detected capacity change from 0 to 512 [ 59.189018][ T1973] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #16: comm syz-executor.3: casefold flag without casefold feature [ 59.202364][ T1973] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #3: comm syz-executor.3: corrupted inode contents [ 59.219645][ T1973] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #3: comm syz-executor.3: mark_inode_dirty error [ 59.237573][ T1973] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 64: padding at end of block bitmap is not set [ 59.253993][ T1973] EXT4-fs (loop3): 1 truncate cleaned up [ 59.261219][ T1973] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 59.272110][ T1973] ext4 filesystem being mounted at /root/syzkaller-testdir3361011744/syzkaller.Jha6iT/143/file1 supports timestamps until 2038 (0x7fffffff) [ 59.345838][ T1997] loop3: detected capacity change from 0 to 512 [ 59.389570][ T1997] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 59.400523][ T1997] ext4 filesystem being mounted at /root/syzkaller-testdir3361011744/syzkaller.Jha6iT/144/file0 supports timestamps until 2038 (0x7fffffff) [ 59.417347][ T1997] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents [ 59.429538][ T1997] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #2: comm syz-executor.3: mark_inode_dirty error [ 59.441170][ T1997] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents [ 59.453541][ T1997] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz-executor.3: mark_inode_dirty error [ 60.997202][ T331] Bluetooth: hci0: command 0x1009 tx timeout [ 61.540702][ T2139] process 'syz-executor.3' launched '/dev/fd/4' with NULL argv: empty string added [ 61.932776][ T2163] loop3: detected capacity change from 0 to 512 [ 61.968361][ T2163] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 61.979381][ T2163] ext4 filesystem being mounted at /root/syzkaller-testdir3361011744/syzkaller.Jha6iT/171/file0 supports timestamps until 2038 (0x7fffffff) [ 61.995409][ T2163] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents [ 62.007839][ T2163] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #2: comm syz-executor.3: mark_inode_dirty error [ 62.014714][ T2172] loop0: detected capacity change from 0 to 512 [ 62.019490][ T2163] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents [ 62.038245][ T2163] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz-executor.3: mark_inode_dirty error [ 62.068951][ T2172] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #16: comm syz-executor.0: casefold flag without casefold feature [ 62.082154][ T2172] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #3: comm syz-executor.0: corrupted inode contents [ 62.094300][ T2172] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #3: comm syz-executor.0: mark_inode_dirty error [ 62.106006][ T2172] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 64: padding at end of block bitmap is not set [ 62.121013][ T2172] EXT4-fs (loop0): 1 truncate cleaned up [ 62.126474][ T2172] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 62.137324][ T2172] ext4 filesystem being mounted at /root/syzkaller-testdir884918946/syzkaller.YTOnfu/136/file1 supports timestamps until 2038 (0x7fffffff) [ 62.278706][ T2192] incfs: Backing dir is not set, filesystem can't be mounted. [ 62.286042][ T2192] incfs: mount failed -2 [ 62.465697][ T2184] loop0: detected capacity change from 0 to 40427 [ 62.519975][ T2184] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 62.530280][ T2184] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 62.556746][ T2184] F2FS-fs (loop0): Found nat_bits in checkpoint [ 62.602904][ T2184] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 62.614868][ T2184] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 62.621988][ T2184] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 62.642449][ T2184] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 62.654432][ T2184] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 62.677366][ T2220] ------------[ cut here ]------------ [ 62.708173][ T2220] trace type BPF program uses run-time allocation [ 62.717107][ T2220] WARNING: CPU: 1 PID: 2220 at kernel/bpf/verifier.c:11655 check_map_prog_compatibility+0x6f1/0x890 [ 62.742602][ T2220] Modules linked in: [ 62.746328][ T2220] CPU: 1 PID: 2220 Comm: syz-executor.1 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 62.758323][ T2220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 62.768392][ T2220] RIP: 0010:check_map_prog_compatibility+0x6f1/0x890 [ 62.774884][ T2220] Code: db e9 f9 fc ff ff e8 0e 3a ed ff 31 db e9 ed fc ff ff e8 02 3a ed ff c6 05 0d 7e 80 05 01 48 c7 c7 e0 bf 67 85 e8 3f 7b be ff <0f> 0b e9 5a fb ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 84 f9 ff [ 62.794363][ T2220] RSP: 0018:ffffc900053b7348 EFLAGS: 00010246 [ 62.800252][ T2220] RAX: 07a192e214d3cc00 RBX: 0000000000000001 RCX: 0000000000040000 [ 62.808084][ T2220] RDX: ffffc90000b49000 RSI: 0000000000000f0e RDI: 0000000000000f0f [ 62.816116][ T2220] RBP: ffffc900053b7390 R08: ffffffff81576125 R09: fffff52000a76d91 [ 62.823973][ T2220] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000011 [ 62.831803][ T2220] R13: ffff8881115df800 R14: ffffc900000c9000 R15: dffffc0000000000 [ 62.839613][ T2220] FS: 00007f91f5dee6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 62.848357][ T2220] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 62.854751][ T2220] CR2: 0000001b2ea22000 CR3: 00000001113e4000 CR4: 00000000003506a0 [ 62.862579][ T2220] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 62.870428][ T2220] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 62.878388][ T2220] Call Trace: [ 62.881580][ T2220] [ 62.884336][ T2220] ? show_regs+0x58/0x60 [ 62.888411][ T2220] ? __warn+0x160/0x2f0 [ 62.892387][ T2220] ? check_map_prog_compatibility+0x6f1/0x890 [ 62.898524][ T2220] ? report_bug+0x3d9/0x5b0 [ 62.902842][ T2220] ? check_map_prog_compatibility+0x6f1/0x890 [ 62.908762][ T2220] ? handle_bug+0x41/0x70 [ 62.912901][ T2220] ? exc_invalid_op+0x1b/0x50 [ 62.917550][ T2220] ? asm_exc_invalid_op+0x1b/0x20 [ 62.922397][ T2220] ? __wake_up_klogd+0xd5/0x110 [ 62.927096][ T2220] ? check_map_prog_compatibility+0x6f1/0x890 [ 62.932991][ T2220] ? check_map_prog_compatibility+0x6f1/0x890 [ 62.938920][ T2220] resolve_pseudo_ldimm64+0x671/0x1240 [ 62.944190][ T2220] ? check_attach_btf_id+0xef0/0xef0 [ 62.949322][ T2220] ? __mark_reg_known+0x1b0/0x1b0 [ 62.954167][ T2220] ? security_capable+0x87/0xb0 [ 62.958877][ T2220] bpf_check+0x3174/0x12bf0 [ 62.963209][ T2220] ? 0xffffffffa002c000 [ 62.967219][ T2220] ? is_bpf_text_address+0x172/0x190 [ 62.972313][ T2220] ? stack_trace_save+0x1c0/0x1c0 [ 62.977797][ T2220] ? __kernel_text_address+0x9b/0x110 [ 62.982998][ T2220] ? unwind_get_return_address+0x4d/0x90 [ 62.988476][ T2220] ? bpf_get_btf_vmlinux+0x60/0x60 [ 62.993406][ T2220] ? arch_stack_walk+0xf3/0x140 [ 62.998299][ T2220] ? stack_trace_save+0x113/0x1c0 [ 63.003139][ T2220] ? stack_trace_snprint+0xf0/0xf0 [ 63.008112][ T2220] ? stack_trace_snprint+0xf0/0xf0 [ 63.013041][ T2220] ? __stack_depot_save+0x34/0x470 [ 63.018006][ T2220] ? ____kasan_kmalloc+0xed/0x110 [ 63.022841][ T2220] ? ____kasan_kmalloc+0xdb/0x110 [ 63.027739][ T2220] ? __kasan_kmalloc+0x9/0x10 [ 63.032214][ T2220] ? kmem_cache_alloc_trace+0x115/0x210 [ 63.037612][ T2220] ? selinux_bpf_prog_alloc+0x51/0x140 [ 63.042889][ T2220] ? security_bpf_prog_alloc+0x62/0x90 [ 63.048200][ T2220] ? bpf_prog_load+0x9ee/0x1b50 [ 63.052879][ T2220] ? __sys_bpf+0x4bc/0x760 [ 63.057138][ T2220] ? __x64_sys_bpf+0x7c/0x90 [ 63.061552][ T2220] ? do_syscall_64+0x3d/0xb0 [ 63.065977][ T2220] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 63.071913][ T2220] ? __kasan_kmalloc+0x9/0x10 [ 63.076396][ T2220] ? memset+0x35/0x40 [ 63.080321][ T2220] ? bpf_obj_name_cpy+0x196/0x1e0 [ 63.085172][ T2220] bpf_prog_load+0x12ac/0x1b50 [ 63.089745][ T2220] ? map_freeze+0x370/0x370 [ 63.094075][ T2220] ? selinux_bpf+0xcb/0x100 [ 63.098493][ T2220] ? security_bpf+0x82/0xb0 [ 63.102868][ T2220] __sys_bpf+0x4bc/0x760 [ 63.106923][ T2220] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 63.112150][ T2220] ? __kasan_check_read+0x11/0x20 [ 63.123471][ T2220] __x64_sys_bpf+0x7c/0x90 [ 63.127808][ T2220] do_syscall_64+0x3d/0xb0 [ 63.132940][ T2220] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 63.139034][ T2220] RIP: 0033:0x7f91f7079ee9 [ 63.143448][ T2220] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 63.163050][ T2220] RSP: 002b:00007f91f5dee0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 63.171328][ T2220] RAX: ffffffffffffffda RBX: 00007f91f71b0f80 RCX: 00007f91f7079ee9 [ 63.179248][ T2220] RDX: 0000000000000090 RSI: 0000000020000200 RDI: 0000000000000005 [ 63.193718][ T2220] RBP: 00007f91f70c647f R08: 0000000000000000 R09: 0000000000000000 [ 63.209630][ T2220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 63.218926][ T2220] R13: 000000000000000b R14: 00007f91f71b0f80 R15: 00007ffecee873b8 [ 63.228106][ T2220] [ 63.231829][ T2220] ---[ end trace dd25c6a845526ec4 ]--- [ 63.267165][ T30] kauditd_printk_skb: 59 callbacks suppressed [ 63.267177][ T30] audit: type=1400 audit(1716899934.895:3035): avc: denied { name_bind } for pid=2243 comm="syz-executor.1" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 63.346422][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 63.373563][ T30] audit: type=1326 audit(1716899934.995:3036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2250 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 63.400201][ T30] audit: type=1326 audit(1716899934.995:3037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2250 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 63.424067][ T30] audit: type=1326 audit(1716899934.995:3038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2250 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 63.458151][ T30] audit: type=1326 audit(1716899934.995:3039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2250 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 63.459864][ T2258] loop1: detected capacity change from 0 to 512 [ 63.482957][ T30] audit: type=1326 audit(1716899934.995:3040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2250 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 63.512971][ T30] audit: type=1326 audit(1716899934.995:3041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2250 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 63.536701][ T30] audit: type=1326 audit(1716899934.995:3042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2250 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 63.560865][ T30] audit: type=1326 audit(1716899934.995:3043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2250 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91f7079ee9 code=0x7ffc0000 [ 63.585975][ T2258] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #16: comm syz-executor.1: casefold flag without casefold feature [ 63.603317][ T2258] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #3: comm syz-executor.1: corrupted inode contents [ 63.615672][ T2258] EXT4-fs error (device loop1): ext4_dirty_inode:6024: inode #3: comm syz-executor.1: mark_inode_dirty error [ 63.627382][ T2258] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 64: padding at end of block bitmap is not set [ 63.642033][ T2258] Quota error (device loop1): write_blk: dquota write failed [ 63.649830][ T2258] EXT4-fs (loop1): 1 truncate cleaned up [ 63.655314][ T2258] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 63.666940][ T2258] ext4 filesystem being mounted at /root/syzkaller-testdir1153989889/syzkaller.6bBTLq/144/file1 supports timestamps until 2038 (0x7fffffff) [ 63.747367][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 63.903862][ T2282] loop0: detected capacity change from 0 to 40427 [ 63.947500][ T2282] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 63.955048][ T2282] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 63.965502][ T2282] F2FS-fs (loop0): Found nat_bits in checkpoint [ 63.989737][ T2297] loop1: detected capacity change from 0 to 512 [ 63.997604][ T2282] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 64.008748][ T2297] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 64.014285][ T2282] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 64.019616][ T2297] ext4 filesystem being mounted at /root/syzkaller-testdir1153989889/syzkaller.6bBTLq/151/file0 supports timestamps until 2038 (0x7fffffff) [ 64.040465][ T2282] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 64.045585][ T2297] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #2: comm syz-executor.1: corrupted inode contents [ 64.059881][ T2297] EXT4-fs error (device loop1): ext4_dirty_inode:6024: inode #2: comm syz-executor.1: mark_inode_dirty error [ 64.066174][ T2282] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 64.071515][ T2297] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #2: comm syz-executor.1: corrupted inode contents [ 64.079817][ T2282] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 64.091920][ T2297] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #2: comm syz-executor.1: mark_inode_dirty error [ 64.515591][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 64.608291][ T2338] syz-executor.4[2338] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.608352][ T2338] syz-executor.4[2338] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.950653][ T2328] loop2: detected capacity change from 0 to 40427 [ 65.047990][ T2328] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 65.064277][ T2328] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 65.119398][ T2328] F2FS-fs (loop2): Found nat_bits in checkpoint [ 65.210708][ T2328] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 65.235940][ T2328] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 65.246292][ T2328] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 65.276338][ T2328] overlayfs: missing 'lowerdir' [ 65.337268][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 65.508896][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 66.093034][ T2393] syz-executor.0[2393] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.093072][ T2393] syz-executor.0[2393] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.264430][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 66.614087][ T2420] syz-executor.2[2420] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.614153][ T2420] syz-executor.2[2420] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.726680][ T2424] loop2: detected capacity change from 0 to 512 [ 66.774986][ T2424] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 66.786134][ T2424] ext4 filesystem being mounted at /root/syzkaller-testdir1179055957/syzkaller.yyBR8W/164/file0 supports timestamps until 2038 (0x7fffffff) [ 66.807863][ T2424] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #2: comm syz-executor.2: corrupted inode contents [ 66.825847][ T2424] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #2: comm syz-executor.2: mark_inode_dirty error [ 66.837838][ T2424] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #2: comm syz-executor.2: corrupted inode contents [ 66.850553][ T2424] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #2: comm syz-executor.2: mark_inode_dirty error [ 66.881071][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 66.938680][ T2447] loop4: detected capacity change from 0 to 512 [ 66.959893][ T2450] syz-executor.3[2450] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.959933][ T2450] syz-executor.3[2450] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.999038][ T2447] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #16: comm syz-executor.4: casefold flag without casefold feature [ 67.028063][ T2447] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #3: comm syz-executor.4: corrupted inode contents [ 67.041617][ T2447] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #3: comm syz-executor.4: mark_inode_dirty error [ 67.053383][ T2447] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 64: padding at end of block bitmap is not set [ 67.068354][ T2447] EXT4-fs (loop4): 1 truncate cleaned up [ 67.073881][ T2447] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 67.088234][ T2447] ext4 filesystem being mounted at /root/syzkaller-testdir2440416007/syzkaller.p0JKNJ/126/file1 supports timestamps until 2038 (0x7fffffff) [ 67.107044][ T6] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 67.283265][ T2483] fuse: Unknown parameter 'grou00000000000000000000' [ 67.295839][ T2487] loop0: detected capacity change from 0 to 512 [ 67.378243][ T2487] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #16: comm syz-executor.0: casefold flag without casefold feature [ 67.403520][ T2487] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #3: comm syz-executor.0: corrupted inode contents [ 67.415773][ T2487] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #3: comm syz-executor.0: mark_inode_dirty error [ 67.428372][ T2487] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 64: padding at end of block bitmap is not set [ 67.448468][ T2487] EXT4-fs (loop0): 1 truncate cleaned up [ 67.472465][ T2487] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 67.497085][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 67.509300][ T2487] ext4 filesystem being mounted at /root/syzkaller-testdir884918946/syzkaller.YTOnfu/159/file1 supports timestamps until 2038 (0x7fffffff) [ 67.534190][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 67.572120][ T6] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 67.581078][ T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.592506][ T6] usb 2-1: config 0 descriptor?? [ 67.720366][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 67.762995][ T2540] loop0: detected capacity change from 0 to 512 [ 67.798776][ T2540] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #16: comm syz-executor.0: casefold flag without casefold feature [ 67.811947][ T2540] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #3: comm syz-executor.0: corrupted inode contents [ 67.824098][ T2540] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #3: comm syz-executor.0: mark_inode_dirty error [ 67.835887][ T2540] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 64: padding at end of block bitmap is not set [ 67.851110][ T2540] EXT4-fs (loop0): 1 truncate cleaned up [ 67.856677][ T2540] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 67.868866][ T2540] ext4 filesystem being mounted at /root/syzkaller-testdir884918946/syzkaller.YTOnfu/165/file1 supports timestamps until 2038 (0x7fffffff) [ 68.067279][ T6] hid (null): bogus close delimiter [ 68.287113][ T6] usb 2-1: language id specifier not provided by device, defaulting to English [ 68.577133][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 68.703718][ T30] kauditd_printk_skb: 48 callbacks suppressed [ 68.703732][ T30] audit: type=1400 audit(1716899940.325:3085): avc: denied { mount } for pid=2601 comm="syz-executor.2" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 68.753025][ T30] audit: type=1400 audit(1716899940.325:3086): avc: denied { remount } for pid=2601 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 68.797079][ T6] uclogic 0003:256C:006D.0004: interface is invalid, ignoring [ 68.998394][ T6] usb 2-1: USB disconnect, device number 3 [ 69.212480][ T2619] loop4: detected capacity change from 0 to 2048 [ 69.288340][ T2619] EXT4-fs error (device loop4): ext4_orphan_get:1423: comm syz-executor.4: bad orphan inode 8192 [ 69.298960][ T2619] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 69.311039][ T30] audit: type=1400 audit(1716899940.935:3087): avc: denied { map } for pid=2618 comm="syz-executor.4" path="/root/syzkaller-testdir2440416007/syzkaller.p0JKNJ/149/file0/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 69.343874][ T2619] EXT4-fs error (device loop4): ext4_map_blocks:602: inode #18: block 320: comm syz-executor.4: lblock 64 mapped to illegal pblock 320 (length 64) [ 69.359342][ T2619] EXT4-fs error (device loop4): ext4_map_blocks:602: inode #18: block 384: comm syz-executor.4: lblock 128 mapped to illegal pblock 384 (length 64) [ 69.367013][ T30] audit: type=1400 audit(1716899940.965:3088): avc: denied { execute } for pid=2618 comm="syz-executor.4" path="/root/syzkaller-testdir2440416007/syzkaller.p0JKNJ/149/file0/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 69.381573][ T2619] EXT4-fs error (device loop4): ext4_map_blocks:602: inode #18: block 320: comm syz-executor.4: lblock 64 mapped to illegal pblock 320 (length 2) [ 69.416207][ T2619] EXT4-fs error (device loop4): ext4_map_blocks:602: inode #18: block 320: comm syz-executor.4: lblock 64 mapped to illegal pblock 320 (length 2) [ 69.445917][ T309] EXT4-fs error (device loop4): ext4_map_blocks:602: inode #2: block 16: comm syz-executor.4: lblock 0 mapped to illegal pblock 16 (length 1) [ 69.459879][ T30] audit: type=1400 audit(1716899940.965:3089): avc: denied { mounton } for pid=2618 comm="syz-executor.4" path="/root/syzkaller-testdir2440416007/syzkaller.p0JKNJ/149/file0/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 69.853626][ T2650] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.878027][ T2650] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.885204][ T2650] device bridge_slave_0 entered promiscuous mode [ 69.912080][ T2650] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.928834][ T2650] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.942628][ T2650] device bridge_slave_1 entered promiscuous mode [ 69.977008][ T328] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 70.042082][ T2650] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.048923][ T2650] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.056015][ T2650] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.062814][ T2650] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.088247][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 70.095933][ T6] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.103260][ T6] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.127532][ T1455] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 70.135851][ T1455] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.142720][ T1455] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.150424][ T1455] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.161917][ T1455] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.168788][ T1455] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.195613][ T1455] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.203400][ T1455] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.212910][ T666] device bridge_slave_1 left promiscuous mode [ 70.219154][ T666] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.226567][ T666] device bridge_slave_0 left promiscuous mode [ 70.232664][ T666] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.240690][ T666] device veth1_macvtap left promiscuous mode [ 70.246560][ T666] device veth0_vlan left promiscuous mode [ 70.323511][ T2682] syz-executor.0[2682] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 70.323550][ T2682] syz-executor.0[2682] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 70.356352][ T1455] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 70.375748][ T328] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 70.387296][ T328] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 70.390847][ T2650] device veth0_vlan entered promiscuous mode [ 70.396879][ T328] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 70.411538][ T328] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.419882][ T328] usb 4-1: config 0 descriptor?? [ 70.420807][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 70.432567][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 70.439928][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 70.456883][ T1455] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 70.469221][ T2650] device veth1_macvtap entered promiscuous mode [ 170.487011][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 170.493764][ C1] (detected by 1, t=10002 jiffies, g=10961, q=249) [ 170.500183][ C1] rcu: All QSes seen, last rcu_preempt kthread activity 10002 (4294954269-4294944267), jiffies_till_next_fqs=1, root ->qsmask 0x0 [ 170.513389][ C1] rcu: rcu_preempt kthread starved for 10002 jiffies! g10961 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 170.524435][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 170.534214][ C1] rcu: RCU grace-period kthread stack dump: [ 170.539934][ C1] task:rcu_preempt state:R running task stack:28288 pid: 14 ppid: 2 flags:0x00004000 [ 170.550536][ C1] Call Trace: [ 170.553649][ C1] [ 170.556440][ C1] __schedule+0xccc/0x1590 [ 170.560678][ C1] ? __sched_text_start+0x8/0x8 [ 170.565372][ C1] ? __kasan_check_write+0x14/0x20 [ 170.570336][ C1] schedule+0x11f/0x1e0 [ 170.574304][ C1] schedule_timeout+0x18c/0x370 [ 170.578999][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 170.584025][ C1] ? console_conditional_schedule+0x30/0x30 [ 170.589754][ C1] ? update_process_times+0x200/0x200 [ 170.594970][ C1] ? prepare_to_swait_event+0x308/0x320 [ 170.600343][ C1] rcu_gp_fqs_loop+0x2af/0xf80 [ 170.604963][ C1] ? debug_smp_processor_id+0x17/0x20 [ 170.610150][ C1] ? __note_gp_changes+0x4ab/0x920 [ 170.615098][ C1] ? rcu_gp_init+0xc30/0xc30 [ 170.619524][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 170.624560][ C1] ? rcu_gp_init+0x9cf/0xc30 [ 170.628986][ C1] rcu_gp_kthread+0xa4/0x350 [ 170.633413][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 170.638109][ C1] ? wake_nocb_gp+0x1e0/0x1e0 [ 170.642614][ C1] ? __kasan_check_read+0x11/0x20 [ 170.647472][ C1] ? __kthread_parkme+0xb2/0x200 [ 170.652248][ C1] kthread+0x421/0x510 [ 170.656151][ C1] ? wake_nocb_gp+0x1e0/0x1e0 [ 170.660666][ C1] ? kthread_blkcg+0xd0/0xd0 [ 170.665092][ C1] ret_from_fork+0x1f/0x30 [ 170.669347][ C1] [ 170.672218][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 170.678373][ C1] NMI backtrace for cpu 1 [ 170.682571][ C1] CPU: 1 PID: 25 Comm: ksoftirqd/1 Tainted: G W 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 170.693560][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 170.703456][ C1] Call Trace: [ 170.706582][ C1] [ 170.709271][ C1] dump_stack_lvl+0x151/0x1b7 [ 170.713785][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 170.719253][ C1] dump_stack+0x15/0x17 [ 170.723246][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 170.728035][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 170.734008][ C1] ? panic+0x751/0x751 [ 170.737915][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 170.743822][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 170.749631][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 170.755534][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 170.761261][ C1] rcu_check_gp_kthread_starvation+0x1e3/0x250 [ 170.767252][ C1] print_other_cpu_stall+0x112d/0x1340 [ 170.772545][ C1] ? print_cpu_stall+0x5f0/0x5f0 [ 170.777321][ C1] rcu_sched_clock_irq+0xaec/0x12f0 [ 170.782362][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 170.788370][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 170.793375][ C1] update_process_times+0x198/0x200 [ 170.798410][ C1] tick_sched_timer+0x188/0x240 [ 170.803096][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 170.808479][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 170.813522][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 170.818458][ C1] ? clockevents_program_event+0x22f/0x300 [ 170.824104][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 170.830006][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 170.834786][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 170.840506][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 170.845974][ C1] [ 170.848749][ C1] [ 170.851527][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 170.857343][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 170.862126][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 170.881558][ C1] RSP: 0018:ffffc900001a73c0 EFLAGS: 00000246 [ 170.887459][ C1] RAX: 0000000000000003 RBX: 1ffff92000034e7c RCX: ffffffff8154fa7f [ 170.895271][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88811503cd98 [ 170.903083][ C1] RBP: ffffc900001a7470 R08: dffffc0000000000 R09: ffffed1022a079b4 [ 170.910896][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 170.918706][ C1] R13: ffff88811503cd98 R14: 0000000000000003 R15: 1ffff92000034e80 [ 170.926539][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 170.932595][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 170.938608][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 170.943530][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 170.949614][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 170.955544][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 170.961758][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 170.966618][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 170.971652][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 170.976971][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 170.981983][ C1] ? sock_map_unref+0x352/0x4d0 [ 170.986669][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x758 [ 170.992049][ C1] bpf_trace_run2+0xec/0x210 [ 170.996476][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 171.001424][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 171.006110][ C1] ? sock_map_unref+0x352/0x4d0 [ 171.010798][ C1] ? __stack_depot_save+0x34/0x470 [ 171.015744][ C1] ? kmem_cache_free+0x116/0x2e0 [ 171.020519][ C1] ? sock_map_unref+0x352/0x4d0 [ 171.025209][ C1] __bpf_trace_kfree+0x6f/0x90 [ 171.029808][ C1] ? sock_map_unref+0x352/0x4d0 [ 171.034490][ C1] kfree+0x1f3/0x220 [ 171.038229][ C1] sock_map_unref+0x352/0x4d0 [ 171.042738][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 171.047859][ C1] ? security_task_free+0x9a/0xc0 [ 171.052718][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x758 [ 171.058109][ C1] bpf_trace_run2+0xec/0x210 [ 171.062526][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 171.067213][ C1] ? security_task_free+0x9a/0xc0 [ 171.072075][ C1] ? kasan_quarantine_put+0x34/0x1a0 [ 171.077194][ C1] ? security_task_free+0x9a/0xc0 [ 171.082055][ C1] __bpf_trace_kfree+0x6f/0x90 [ 171.086655][ C1] ? security_task_free+0x9a/0xc0 [ 171.091517][ C1] kfree+0x1f3/0x220 [ 171.095268][ C1] security_task_free+0x9a/0xc0 [ 171.099936][ C1] __put_task_struct+0xed/0x3e0 [ 171.104630][ C1] ? delayed_put_task_struct+0x61/0x1a0 [ 171.110004][ C1] delayed_put_task_struct+0x69/0x1a0 [ 171.115218][ C1] ? put_task_struct_rcu_user+0x90/0x90 [ 171.120591][ C1] rcu_do_batch+0x57a/0xc10 [ 171.124933][ C1] ? local_bh_enable+0x20/0x20 [ 171.129532][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 171.134835][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 171.140470][ C1] ? rcu_report_qs_rnp+0x381/0x390 [ 171.145415][ C1] rcu_core+0x517/0x1020 [ 171.149496][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 171.154547][ C1] ? __schedule+0xcd4/0x1590 [ 171.158958][ C1] ? irqtime_account_irq+0x79/0x3c0 [ 171.163989][ C1] rcu_core_si+0x9/0x10 [ 171.167981][ C1] __do_softirq+0x26d/0x5bf [ 171.172337][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 171.177355][ C1] run_ksoftirqd+0x23/0x30 [ 171.181608][ C1] smpboot_thread_fn+0x466/0x8d0 [ 171.186386][ C1] kthread+0x421/0x510 [ 171.190287][ C1] ? cpu_report_death+0x1a0/0x1a0 [ 171.195148][ C1] ? kthread_blkcg+0xd0/0xd0 [ 171.199593][ C1] ret_from_fork+0x1f/0x30 [ 171.203836][ C1] [ 199.029369][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 123s! [kworker/0:0:6] [ 199.037288][ C0] Modules linked in: [ 199.040992][ C0] CPU: 0 PID: 6 Comm: kworker/0:0 Tainted: G W 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 199.051940][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 199.061824][ C0] Workqueue: mld mld_ifc_work [ 199.066359][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 199.071104][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 199.090989][ C0] RSP: 0018:ffffc90000007500 EFLAGS: 00000246 [ 199.096883][ C0] RAX: 0000000000000001 RBX: 1ffff92000000ea4 RCX: 1ffffffff0d1aa9c [ 199.104693][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 199.112505][ C0] RBP: ffffc900000075b0 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 199.120353][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 199.128128][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff92000000ea8 [ 199.135939][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 199.144706][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.151137][ C0] CR2: 0000001b2ea25000 CR3: 0000000116134000 CR4: 00000000003506b0 [ 199.158948][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 199.166770][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 199.174572][ C0] Call Trace: [ 199.177709][ C0] [ 199.180382][ C0] ? show_regs+0x58/0x60 [ 199.184458][ C0] ? watchdog_timer_fn+0x4b1/0x5f0 [ 199.189417][ C0] ? proc_watchdog_cpumask+0xd0/0xd0 [ 199.194526][ C0] ? __hrtimer_run_queues+0x41a/0xad0 [ 199.199735][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 199.204682][ C0] ? clockevents_program_event+0x22f/0x300 [ 199.210323][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 199.216226][ C0] ? hrtimer_interrupt+0x40c/0xaa0 [ 199.221174][ C0] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 199.227084][ C0] ? sysvec_apic_timer_interrupt+0x44/0xc0 [ 199.232717][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 199.239028][ C0] ? kvm_wait+0x147/0x180 [ 199.243194][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 199.248152][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 199.254044][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 199.260292][ C0] ? ip_list_rcv+0x470/0x470 [ 199.264719][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 199.269492][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 199.274526][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 199.279829][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 199.284854][ C0] ? skb_release_data+0x8a9/0xa80 [ 199.289750][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x758 [ 199.295098][ C0] bpf_trace_run2+0xec/0x210 [ 199.299523][ C0] ? stack_trace_save+0x1c0/0x1c0 [ 199.304384][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 199.309070][ C0] ? skb_release_data+0x8a9/0xa80 [ 199.313932][ C0] ? unwind_get_return_address+0x4d/0x90 [ 199.319399][ C0] ? arch_stack_walk+0xf3/0x140 [ 199.324085][ C0] ? skb_release_data+0x8a9/0xa80 [ 199.328955][ C0] __bpf_trace_kfree+0x6f/0x90 [ 199.333547][ C0] ? skb_release_data+0x8a9/0xa80 [ 199.338410][ C0] kfree+0x1f3/0x220 [ 199.342140][ C0] skb_release_data+0x8a9/0xa80 [ 199.346826][ C0] ? ip6_rcv_core+0xa58/0x1300 [ 199.351427][ C0] kfree_skb+0xba/0x360 [ 199.355428][ C0] ip6_rcv_core+0xa58/0x1300 [ 199.359849][ C0] ipv6_rcv+0xca/0x270 [ 199.363750][ C0] ? exit_to_user_mode_prepare+0x5a/0xa0 [ 199.369259][ C0] ? syscall_exit_to_user_mode+0x26/0x160 [ 199.374781][ C0] ? do_syscall_64+0x49/0xb0 [ 199.379201][ C0] ? ip6_rcv_finish+0x350/0x350 [ 199.383890][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 199.389529][ C0] ? try_to_wake_up+0x697/0x1160 [ 199.394304][ C0] ? ip6_rcv_finish+0x350/0x350 [ 199.398990][ C0] __netif_receive_skb+0x1c6/0x530 [ 199.403936][ C0] ? __kasan_check_write+0x14/0x20 [ 199.408891][ C0] ? deliver_ptype_list_skb+0x3b0/0x3b0 [ 199.414266][ C0] ? __kasan_check_write+0x14/0x20 [ 199.419214][ C0] ? _raw_spin_lock+0xa4/0x1b0 [ 199.423812][ C0] ? _raw_spin_trylock_bh+0x190/0x190 [ 199.429021][ C0] ? __queue_work+0x94d/0xcd0 [ 199.433535][ C0] process_backlog+0x31c/0x650 [ 199.438136][ C0] __napi_poll+0xc4/0x5a0 [ 199.442310][ C0] net_rx_action+0x47d/0xc50 [ 199.446729][ C0] ? net_tx_action+0x550/0x550 [ 199.451327][ C0] ? kvm_sched_clock_read+0x18/0x40 [ 199.456370][ C0] ? sched_clock+0x9/0x10 [ 199.460536][ C0] ? irqtime_account_irq+0x79/0x3c0 [ 199.465562][ C0] __do_softirq+0x26d/0x5bf [ 199.469902][ C0] do_softirq+0xf6/0x150 [ 199.473980][ C0] [ 199.476757][ C0] [ 199.479561][ C0] ? __local_bh_enable_ip+0x80/0x80 [ 199.484572][ C0] __local_bh_enable_ip+0x75/0x80 [ 199.489432][ C0] local_bh_enable+0x1f/0x30 [ 199.493856][ C0] ip6_finish_output2+0xf9c/0x16e0 [ 199.498806][ C0] ? __ip6_finish_output+0x7c0/0x7c0 [ 199.503965][ C0] __ip6_finish_output+0x60f/0x7c0 [ 199.508895][ C0] ip6_finish_output+0x31/0x210 [ 199.513561][ C0] ? ip6_output+0x486/0x4d0 [ 199.517900][ C0] ip6_output+0x1f7/0x4d0 [ 199.522065][ C0] ? ac6_seq_show+0xf0/0xf0 [ 199.526407][ C0] ? xfrm_lookup+0x38/0x50 [ 199.530684][ C0] ? ip6_output+0x4d0/0x4d0 [ 199.534996][ C0] ? icmp6_dst_alloc+0x4f0/0x560 [ 199.539787][ C0] mld_sendpack+0x662/0xbb0 [ 199.544112][ C0] ? add_grec+0x13a0/0x13a0 [ 199.548451][ C0] ? igmp6_send+0x10a0/0x10a0 [ 199.552999][ C0] ? add_grec+0x112/0x13a0 [ 199.557219][ C0] ? finish_task_switch+0x167/0x7b0 [ 199.562251][ C0] mld_ifc_work+0x7dc/0xbb0 [ 199.566590][ C0] ? __kasan_check_read+0x11/0x20 [ 199.571451][ C0] ? strscpy+0x9c/0x260 [ 199.575444][ C0] process_one_work+0x6bb/0xc10 [ 199.580133][ C0] worker_thread+0xad5/0x12a0 [ 199.584647][ C0] kthread+0x421/0x510 [ 199.588550][ C0] ? worker_clr_flags+0x180/0x180 [ 199.593410][ C0] ? kthread_blkcg+0xd0/0xd0 [ 199.597836][ C0] ret_from_fork+0x1f/0x30 [ 199.602092][ C0] [ 199.604961][ C0] Sending NMI from CPU 0 to CPUs 1: [ 199.610016][ C1] NMI backtrace for cpu 1 [ 199.610025][ C1] CPU: 1 PID: 25 Comm: ksoftirqd/1 Tainted: G W 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 199.610043][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 199.610052][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 199.610070][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 199.610084][ C1] RSP: 0018:ffffc900001a73c0 EFLAGS: 00000246 [ 199.610099][ C1] RAX: 0000000000000003 RBX: 1ffff92000034e7c RCX: ffffffff8154fa7f [ 199.610111][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88811503cd98 [ 199.610123][ C1] RBP: ffffc900001a7470 R08: dffffc0000000000 R09: ffffed1022a079b4 [ 199.610135][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 199.610147][ C1] R13: ffff88811503cd98 R14: 0000000000000003 R15: 1ffff92000034e80 [ 199.610159][ C1] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 199.610174][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.610185][ C1] CR2: 0000001b2e924000 CR3: 0000000117714000 CR4: 00000000003506a0 [ 199.610200][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 199.610210][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 199.610221][ C1] Call Trace: [ 199.610225][ C1] [ 199.610230][ C1] ? show_regs+0x58/0x60 [ 199.610246][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 199.610265][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 199.610285][ C1] ? kvm_wait+0x147/0x180 [ 199.610299][ C1] ? kvm_wait+0x147/0x180 [ 199.610314][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 199.610331][ C1] ? nmi_handle+0xa8/0x280 [ 199.610348][ C1] ? kvm_wait+0x147/0x180 [ 199.610362][ C1] ? default_do_nmi+0x69/0x160 [ 199.610379][ C1] ? exc_nmi+0xaf/0x120 [ 199.610394][ C1] ? end_repeat_nmi+0x16/0x31 [ 199.610410][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 199.610430][ C1] ? kvm_wait+0x147/0x180 [ 199.610448][ C1] ? kvm_wait+0x147/0x180 [ 199.610463][ C1] ? kvm_wait+0x147/0x180 [ 199.610478][ C1] [ 199.610482][ C1] [ 199.610487][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 199.610504][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 199.610520][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 199.610538][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 199.610558][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 199.610578][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 199.610596][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 199.610614][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 199.610633][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 199.610650][ C1] ? sock_map_unref+0x352/0x4d0 [ 199.610666][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x758 [ 199.610680][ C1] bpf_trace_run2+0xec/0x210 [ 199.610697][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 199.610714][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 199.610730][ C1] ? sock_map_unref+0x352/0x4d0 [ 199.610746][ C1] ? __stack_depot_save+0x34/0x470 [ 199.610765][ C1] ? kmem_cache_free+0x116/0x2e0 [ 199.610781][ C1] ? sock_map_unref+0x352/0x4d0 [ 199.610798][ C1] __bpf_trace_kfree+0x6f/0x90 [ 199.610813][ C1] ? sock_map_unref+0x352/0x4d0 [ 199.610829][ C1] kfree+0x1f3/0x220 [ 199.610846][ C1] sock_map_unref+0x352/0x4d0 [ 199.610864][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 199.610881][ C1] ? security_task_free+0x9a/0xc0 [ 199.610899][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x758 [ 199.610912][ C1] bpf_trace_run2+0xec/0x210 [ 199.610929][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 199.610946][ C1] ? security_task_free+0x9a/0xc0 [ 199.610963][ C1] ? kasan_quarantine_put+0x34/0x1a0 [ 199.610980][ C1] ? security_task_free+0x9a/0xc0 [ 199.610998][ C1] __bpf_trace_kfree+0x6f/0x90 [ 199.611013][ C1] ? security_task_free+0x9a/0xc0 [ 199.611030][ C1] kfree+0x1f3/0x220 [ 199.611047][ C1] security_task_free+0x9a/0xc0 [ 199.611064][ C1] __put_task_struct+0xed/0x3e0 [ 199.611081][ C1] ? delayed_put_task_struct+0x61/0x1a0 [ 199.611098][ C1] delayed_put_task_struct+0x69/0x1a0 [ 199.611114][ C1] ? put_task_struct_rcu_user+0x90/0x90 [ 199.611130][ C1] rcu_do_batch+0x57a/0xc10 [ 199.611150][ C1] ? local_bh_enable+0x20/0x20 [ 199.611166][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 199.611184][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 199.611203][ C1] ? rcu_report_qs_rnp+0x381/0x390 [ 199.611221][ C1] rcu_core+0x517/0x1020 [ 199.611239][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 199.611256][ C1] ? __schedule+0xcd4/0x1590 [ 199.611272][ C1] ? irqtime_account_irq+0x79/0x3c0 [ 199.611289][ C1] rcu_core_si+0x9/0x10 [ 199.611304][ C1] __do_softirq+0x26d/0x5bf [ 199.611320][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 199.611338][ C1] run_ksoftirqd+0x23/0x30 [ 199.611354][ C1] smpboot_thread_fn+0x466/0x8d0 [ 199.611374][ C1] kthread+0x421/0x510 [ 199.611388][ C1] ? cpu_report_death+0x1a0/0x1a0 [ 199.611406][ C1] ? kthread_blkcg+0xd0/0xd0 [ 199.611422][ C1] ret_from_fork+0x1f/0x30 [ 199.611443][ C1]