last executing test programs: 8.546330014s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) creat(&(0x7f0000000340)='./file0/file0\x00', 0x0) chdir(&(0x7f0000000140)='./bus\x00') lsetxattr$security_capability(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500), 0x0, 0x0, 0x0) listxattr(&(0x7f0000001e80)='./file0\x00', 0x0, 0x91) 8.352853254s ago: executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r0 = getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)) prlimit64(r0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x0, 0x0) getpid() sched_setscheduler(0x0, 0x1, &(0x7f0000001700)=0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)) stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000480)) write$FUSE_ATTR(0xffffffffffffffff, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000007580), 0xffffffffffffffff) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000000), 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) close(0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r4, @ANYBLOB="030704707900000000000100040004000180"], 0x18}}, 0x0) 7.291662227s ago: executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x4e, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 7.127053172s ago: executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6) sched_setscheduler(0x0, 0x1, &(0x7f0000001700)=0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000480)) keyctl$chown(0x4, 0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000007580), 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="030704707900000000000100040004000180"], 0x18}}, 0x0) 6.269534624s ago: executing program 0: syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080), 0x18) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000180)=@v1={0x0, @adiantum, 0x0, @desc1}) r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000000c0)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c9d064bbd27b2aa57459cff33a3a9831ac46b8829b48fff3d63520d260804d0"}, 0x48, 0xfffffffffffffffd) keyctl$setperm(0x5, r1, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000440)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x0, 0x0) unlinkat(r2, &(0x7f0000000200)='./file1\x00', 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r2, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @adiantum, 0x0, @desc1}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x5e, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x0, 0x0) renameat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', r5, &(0x7f0000000140)='./file1\x00') 6.254639967s ago: executing program 0: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r4, 0x400455c8, 0x0) ioctl$sock_bt_hci(r3, 0x400448e0, &(0x7f00000003c0)) 1.1002407s ago: executing program 3: r0 = memfd_create(&(0x7f0000000380)='\x00\xac=\x9d\xd2\xdb\xe6\x9bt\b\xedcJ\x8e\x84\xd4N\x13\x9b\x1f\t\xbd\x11+\x86T\x16\xa3\xb3\xac0\x9f9J\xefo\xa4k\x012>\xa1\x9c\x86x\x1c\x9f\x84\x195\xde\x97M\t~\xf3Y\x12\"P^\xc1\x0f\x02\x00\x00\x00,\b&\xbe\'.\x81\x96F\xa5\x89\xd1*1\x8c\x02A\x9c\x9f\x04HH\xf1\x00\xe4a\x92s\xcfr\x1d\aC\xc2WYG\x9bh\xa5\xec\xa5b\xe4kx\xd2\xdd\xd2\x87\xd2\x1c\x9a\x19\xcd\xe0\xce\xc8\xb3/\x96\x1e\x80U\x0e\xdaL%\"\xa1\xfd\xc6\x9b\x1a\xc0\tekM\x8f\x8c\xb7\xd1\x8b\xc7G\xe7\x04\x11\xd0\x16O\x17o\xeeK\x1d\xd2#\xb9Bg w\x90\xe3V\xadE\x8dQ\xbd\x0f\x97%;\x0f[@\xdc\r\xebI\x85,=\x0f\xab\xc5\xf7\xd19pr>\xdd\xdd\xec\x1b\x8dvi)Q\"p\xf80by\xbe\xc7\x1a\xa9\x95\x87e\xafnJ\xa7F\x92\xc2\xefl\xd9%\x82\xb0O\x1c: \xd4\x9c\xc9\x1b\x13\xae\xf5\xb3\b\x99\xa9~\xe4\xd5\x88\xc4\xff\ae\v\x13\x04\x00\x00\x00\x00\x00\xfb6E\xbf\xa8\xb7\x9b\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xcd.\xdf\x8f\xb0:!\xffF\xc4-J\xddKDw[', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000001000), 0xfec) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3000005, 0x11, r0, 0x0) openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) 1.038576s ago: executing program 3: pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r0, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838) nanosleep(&(0x7f0000000180)={0x77359400}, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x989680}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) write$binfmt_script(r2, &(0x7f0000000340), 0xffffff46) sendmsg$unix(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000001c0)='D', 0x1}], 0x1}, 0x0) rt_sigreturn() write$P9_RSYMLINK(r0, 0x0, 0x0) write$P9_RRENAME(r0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) getrandom(&(0x7f0000000240)=""/256, 0xfffffffffffffed3, 0x0) 914.064029ms ago: executing program 3: open(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)) r0 = socket(0x18, 0x2, 0x0) r1 = dup(r0) setsockopt(r1, 0x1000000000029, 0xb, &(0x7f0000000080), 0x4) 896.996992ms ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_pid(r3, &(0x7f0000000980), 0x12) 848.710539ms ago: executing program 3: pipe2$9p(0x0, 0x0) write$P9_RSETATTR(0xffffffffffffffff, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x26, &(0x7f0000000000)) fcntl$lock(r0, 0x7, &(0x7f00000006c0)={0x1}) 777.11775ms ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='ext4_begin_ordered_truncate\x00'}, 0x10) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 756.878453ms ago: executing program 4: syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080), 0x18) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000180)=@v1={0x0, @adiantum, 0x0, @desc1}) r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000000c0)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c9d064bbd27b2aa57459cff33a3a9831ac46b8829b48fff3d63520d260804d0"}, 0x48, 0xfffffffffffffffd) keyctl$setperm(0x5, r1, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000440)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x0, 0x0) unlinkat(r2, &(0x7f0000000200)='./file1\x00', 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r2, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @adiantum, 0x0, @desc1}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x5e, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) renameat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000140)='./file1\x00') 686.202894ms ago: executing program 4: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='ext4_ext_handle_unwritten_extents\x00', r1}, 0x9) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}}) 634.108023ms ago: executing program 4: bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$key(0xf, 0x3, 0x2) r2 = dup3(r1, r0, 0x0) sendmsg$key(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020700000700000000000000000000000500180000000020"], 0x38}}, 0x0) 589.468409ms ago: executing program 4: r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000100)={'ipvlan0\x00', 0x2}) preadv2(r1, 0x0, 0x0, 0x0, 0x0, 0x0) close(r1) rt_sigreturn() futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) write$binfmt_script(r3, &(0x7f0000000340), 0xffffff46) dup3(r3, r2, 0x0) sendmmsg$sock(r2, &(0x7f0000004680)=[{{0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000080)="94", 0x1}], 0x1}}], 0x1, 0x0) 583.45495ms ago: executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00060000000000120000f1850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0) finit_module(r1, 0x0, 0x0) 537.956627ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) creat(&(0x7f0000000340)='./file0/file0\x00', 0x0) lsetxattr$security_capability(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500), 0x0, 0x0, 0x0) 533.986638ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00', r1}, 0x10) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) 494.796364ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='ext4_begin_ordered_truncate\x00'}, 0x10) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 494.439094ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x5, 0x8, 0x1}, 0x48) r1 = socket$inet_udp(0x2, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000940)={r0, &(0x7f0000000780)="d9", &(0x7f0000000900)=@udp=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000300)='kfree\x00', r2}, 0x10) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r3, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32, @ANYBLOB="ac1414aaac14140000000b0014000000000000000000000007"], 0x38}, 0x0) 478.947846ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10) pipe2(&(0x7f0000000080)={0xffffffffffffffff}, 0x0) syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002880)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0) 448.343811ms ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_pid(r3, &(0x7f0000000980), 0x12) 400.889838ms ago: executing program 1: syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080), 0x18) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000180)=@v1={0x0, @adiantum, 0x0, @desc1}) r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000000c0)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c9d064bbd27b2aa57459cff33a3a9831ac46b8829b48fff3d63520d260804d0"}, 0x48, 0xfffffffffffffffd) keyctl$setperm(0x5, r1, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000440)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x0, 0x0) unlinkat(r2, &(0x7f0000000200)='./file1\x00', 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r2, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @adiantum, 0x0, @desc1}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x5e, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x0, 0x0) renameat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', r4, &(0x7f0000000140)='./file1\x00') 389.23206ms ago: executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) syz_open_procfs(0x0, &(0x7f0000000bc0)='environ\x00') r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="000000f500000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) ioctl$KVM_HYPERV_EVENTFD(0xffffffffffffffff, 0x4018aebd, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0) 370.814343ms ago: executing program 2: bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$key(0xf, 0x3, 0x2) r2 = dup3(r1, r0, 0x0) sendmsg$key(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020700000700000000000000000000000500180000000020"], 0x38}}, 0x0) 339.824178ms ago: executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='mm_page_alloc\x00', r1}, 0x10) getdents64(r0, &(0x7f0000002f40)=""/4098, 0x1002) 287.640446ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x5, 0x8, 0x1}, 0x48) r1 = socket$inet_udp(0x2, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000940)={r0, &(0x7f0000000780), &(0x7f0000000900)=@udp=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000300)='kfree\x00', r2}, 0x10) socket$inet_icmp_raw(0x2, 0x3, 0x1) 20.603596ms ago: executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00060000000000120000f1850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0) finit_module(r1, 0x0, 0x0) 0s ago: executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, 0x0, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}}) inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x2000080) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f3, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000140)={'tunl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2}}}}) kernel console output (not intermixed with test programs): 33.503189][ T30] audit: type=1400 audit(1717005014.933:151): avc: denied { open } for pid=541 comm="syz-executor.3" path="/root/syzkaller-testdir2510801080/syzkaller.dGLclL/28/file0/file1" dev="loop3" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 33.607188][ T26] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 34.017274][ T26] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 34.026247][ T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 34.035932][ T26] usb 2-1: config 0 descriptor?? [ 34.577234][ T26] usb 2-1: Cannot read MAC address [ 34.582311][ T26] MOSCHIP usb-ethernet driver: probe of 2-1:0.0 failed with error -71 [ 34.594633][ T26] usb 2-1: USB disconnect, device number 4 [ 34.765485][ T581] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 34.812514][ T30] audit: type=1400 audit(1717005016.263:152): avc: denied { create } for pid=582 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 34.833574][ T30] audit: type=1400 audit(1717005016.263:153): avc: denied { write } for pid=582 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 34.855038][ T30] audit: type=1400 audit(1717005016.263:154): avc: denied { nlmsg_read } for pid=582 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 34.876009][ T30] audit: type=1400 audit(1717005016.323:155): avc: denied { read write } for pid=584 comm="syz-executor.3" name="fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 34.899628][ T30] audit: type=1400 audit(1717005016.323:156): avc: denied { open } for pid=584 comm="syz-executor.3" path="/dev/fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 35.068162][ T595] overlayfs: missing 'lowerdir' [ 35.118891][ T30] audit: type=1400 audit(1717005016.573:157): avc: denied { write } for pid=601 comm="syz-executor.1" name="raw" dev="proc" ino=4026532491 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 35.457196][ T39] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 35.703671][ T30] audit: type=1400 audit(1717005017.153:158): avc: denied { unmount } for pid=309 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 35.801059][ T625] input: syz1 as /devices/virtual/input/input4 [ 35.837272][ T39] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 35.846168][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 35.855774][ T39] usb 2-1: config 0 descriptor?? [ 36.357264][ T60] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 36.397254][ T39] usb 2-1: Cannot read MAC address [ 36.402334][ T39] MOSCHIP usb-ethernet driver: probe of 2-1:0.0 failed with error -71 [ 36.411466][ T39] usb 2-1: USB disconnect, device number 5 [ 36.727335][ T60] usb 1-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 36.736252][ T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 36.747684][ T60] usb 1-1: config 0 descriptor?? [ 36.960526][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 36.960542][ T30] audit: type=1400 audit(1717005018.413:168): avc: denied { read } for pid=676 comm="syz-executor.3" name="ptp0" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 36.995170][ T30] audit: type=1400 audit(1717005018.443:169): avc: denied { open } for pid=676 comm="syz-executor.3" path="/dev/ptp0" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 36.996174][ T312] usb 1-1: USB disconnect, device number 2 [ 37.026714][ T30] audit: type=1400 audit(1717005018.443:170): avc: denied { ioctl } for pid=676 comm="syz-executor.3" path="/dev/ptp0" dev="devtmpfs" ino=168 ioctlcmd=0x3d0c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 37.181268][ T668] loop2: detected capacity change from 0 to 40427 [ 37.263276][ T688] loop1: detected capacity change from 0 to 40427 [ 37.271943][ T668] F2FS-fs (loop2): Small segment_count (9 < 1 * 24) [ 37.279165][ T668] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 37.290120][ T668] F2FS-fs (loop2): Found nat_bits in checkpoint [ 37.308453][ T688] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 37.316142][ T688] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 37.325851][ T688] F2FS-fs (loop1): invalid crc value [ 37.332869][ T688] F2FS-fs (loop1): Found nat_bits in checkpoint [ 37.340327][ T668] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 37.347349][ T668] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 37.362747][ T30] audit: type=1400 audit(1717005018.813:171): avc: denied { append open } for pid=667 comm="syz-executor.2" path="/root/syzkaller-testdir800086226/syzkaller.gH4BgQ/9/file2/memory.events" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 37.394969][ T30] audit: type=1400 audit(1717005018.813:172): avc: denied { read write } for pid=667 comm="syz-executor.2" name="memory.events" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 37.415967][ T688] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 37.418809][ T30] audit: type=1400 audit(1717005018.813:173): avc: denied { ioctl } for pid=667 comm="syz-executor.2" path="/root/syzkaller-testdir800086226/syzkaller.gH4BgQ/9/file2/memory.current" dev="loop2" ino=14 ioctlcmd=0x5839 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 37.425359][ T688] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 37.468837][ T30] audit: type=1400 audit(1717005018.923:174): avc: denied { map } for pid=687 comm="syz-executor.1" path="/root/syzkaller-testdir1037093908/syzkaller.NMt7wl/52/file0/cpu.stat" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 37.496166][ T332] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 37.503732][ T313] attempt to access beyond end of device [ 37.503732][ T313] loop2: rw=2049, want=45112, limit=40427 [ 37.515645][ T30] audit: type=1400 audit(1717005018.923:175): avc: denied { execute } for pid=687 comm="syz-executor.1" path="/root/syzkaller-testdir1037093908/syzkaller.NMt7wl/52/file0/cpu.stat" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 37.544679][ T701] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 37.561397][ T30] audit: type=1400 audit(1717005018.963:176): avc: denied { create } for pid=698 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 37.608247][ T310] attempt to access beyond end of device [ 37.608247][ T310] loop1: rw=2049, want=45112, limit=40427 [ 37.648317][ T6] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 37.672297][ T701] syz-executor.3 (701) used greatest stack depth: 20864 bytes left [ 37.689821][ T6] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 37.706444][ T707] xt_l2tp: missing protocol rule (udp|l2tpip) [ 37.725925][ T30] audit: type=1400 audit(1717005019.173:177): avc: denied { create } for pid=710 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 37.746033][ T6] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 37.827495][ T6] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 37.857258][ T6] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 37.947379][ T332] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 37.956434][ T332] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 37.965345][ T332] usb 5-1: config 0 descriptor?? [ 37.993703][ T734] loop3: detected capacity change from 0 to 256 [ 37.998445][ T733] input: syz1 as /devices/virtual/input/input5 [ 38.010838][ T734] exfat: Deprecated parameter 'namecase' [ 38.013075][ T721] loop0: detected capacity change from 0 to 40427 [ 38.027422][ T6] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 38.052786][ T734] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0x01284b2f, utbl_chksum : 0xe619d30d) [ 38.068108][ T721] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 38.074720][ T721] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 38.093243][ T721] F2FS-fs (loop0): Found nat_bits in checkpoint [ 38.131436][ T721] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 38.138366][ T721] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 38.159170][ T739] netlink: 'syz-executor.1': attribute type 22 has an invalid length. [ 38.187868][ T315] attempt to access beyond end of device [ 38.187868][ T315] loop0: rw=2049, want=45112, limit=40427 [ 38.187874][ T6] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 38.237368][ T6] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 38.297431][ T6] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 38.345509][ T765] input: syz1 as /devices/virtual/input/input6 [ 38.387338][ T312] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 38.517238][ T332] usb 5-1: Cannot read MAC address [ 38.522237][ T332] MOSCHIP usb-ethernet driver: probe of 5-1:0.0 failed with error -71 [ 38.540440][ T332] usb 5-1: USB disconnect, device number 3 [ 38.547674][ T763] loop1: detected capacity change from 0 to 32768 [ 38.649853][ T773] loop0: detected capacity change from 0 to 40427 [ 38.687799][ T773] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 38.694294][ T773] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 38.705433][ T773] F2FS-fs (loop0): Found nat_bits in checkpoint [ 38.744622][ T773] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 38.751565][ T773] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 38.807601][ T315] attempt to access beyond end of device [ 38.807601][ T315] loop0: rw=2049, want=45112, limit=40427 [ 38.877116][ T799] input: syz1 as /devices/virtual/input/input7 [ 38.979389][ T803] loop4: detected capacity change from 0 to 256 [ 38.990078][ T806] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 39.047740][ T815] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.3'. [ 39.079242][ T803] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 39.228185][ T813] loop2: detected capacity change from 0 to 40427 [ 39.294923][ T813] F2FS-fs (loop2): Small segment_count (9 < 1 * 24) [ 39.307186][ T813] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 39.324907][ T830] input: syz1 as /devices/virtual/input/input8 [ 39.325484][ T813] F2FS-fs (loop2): Found nat_bits in checkpoint [ 39.371358][ T834] loop4: detected capacity change from 0 to 256 [ 39.387224][ T26] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 39.394404][ T813] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 39.408594][ T39] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 39.448803][ T834] FAT-fs (loop4): Unrecognized mount option "./file0" or missing value [ 39.472636][ T813] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 39.667222][ T39] usb 1-1: Using ep0 maxpacket: 16 [ 39.681685][ T313] attempt to access beyond end of device [ 39.681685][ T313] loop2: rw=2049, want=45112, limit=40427 [ 39.777301][ T26] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 39.786265][ T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.794517][ T39] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 39.817570][ T26] usb 4-1: config 0 descriptor?? [ 39.822602][ T39] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 39.987385][ T39] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 40.002420][ T39] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 40.027745][ T39] usb 1-1: Product: syz [ 40.040707][ T39] usb 1-1: Manufacturer: syz [ 40.054979][ T39] usb 1-1: SerialNumber: syz [ 40.135522][ T853] loop2: detected capacity change from 0 to 512 [ 40.183573][ T853] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 40.188683][ T848] loop1: detected capacity change from 0 to 40427 [ 40.201554][ T853] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it [ 40.211677][ T853] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 40.225662][ T853] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 40.233982][ T853] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.2: corrupted in-inode xattr [ 40.239157][ T848] F2FS-fs (loop1): Unrecognized mount option "errors=remount-ro" or missing value [ 40.270503][ T853] EXT4-fs (loop2): Remounting filesystem read-only [ 40.277691][ T853] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 40.290500][ T853] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,init_itable,stripe=0x0000000000000003,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 40.347406][ T26] usb 4-1: Cannot read MAC address [ 40.352811][ T26] MOSCHIP usb-ethernet driver: probe of 4-1:0.0 failed with error -71 [ 40.381946][ T859] loop1: detected capacity change from 0 to 256 [ 40.388699][ T39] usb 1-1: cannot find UAC_HEADER [ 40.393983][ T39] snd-usb-audio: probe of 1-1:1.0 failed with error -22 [ 40.415269][ T26] usb 4-1: USB disconnect, device number 4 [ 40.456338][ T39] usb 1-1: USB disconnect, device number 3 [ 40.514329][ T859] FAT-fs (loop1): Directory bread(block 64) failed [ 40.522721][ T859] FAT-fs (loop1): Directory bread(block 65) failed [ 40.529460][ T859] FAT-fs (loop1): Directory bread(block 66) failed [ 40.535921][ T859] FAT-fs (loop1): Directory bread(block 67) failed [ 40.542883][ T859] FAT-fs (loop1): Directory bread(block 68) failed [ 40.549806][ T859] FAT-fs (loop1): Directory bread(block 69) failed [ 40.556261][ T859] FAT-fs (loop1): Directory bread(block 70) failed [ 40.562851][ T859] FAT-fs (loop1): Directory bread(block 71) failed [ 40.569481][ T859] FAT-fs (loop1): Directory bread(block 72) failed [ 40.575880][ T859] FAT-fs (loop1): Directory bread(block 73) failed [ 40.649426][ T866] loop2: detected capacity change from 0 to 128 [ 40.738816][ T866] FAT-fs (loop2): Directory bread(block 11554) failed [ 40.745785][ T866] FAT-fs (loop2): Directory bread(block 11555) failed [ 40.752492][ T866] FAT-fs (loop2): Directory bread(block 11556) failed [ 40.759320][ T866] FAT-fs (loop2): Directory bread(block 11557) failed [ 40.765898][ T866] FAT-fs (loop2): Directory bread(block 11558) failed [ 40.772664][ T866] FAT-fs (loop2): Directory bread(block 11559) failed [ 40.779422][ T866] FAT-fs (loop2): Directory bread(block 11560) failed [ 40.786043][ T866] FAT-fs (loop2): Directory bread(block 11561) failed [ 40.798296][ T866] FAT-fs (loop2): Directory bread(block 11562) failed [ 40.805182][ T866] FAT-fs (loop2): Directory bread(block 11563) failed [ 40.830408][ T878] process 'syz-executor.1' launched '/dev/fd/-1' with NULL argv: empty string added [ 41.818206][ T889] loop1: detected capacity change from 0 to 512 [ 41.892774][ T889] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 41.927224][ T889] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 41.948650][ T889] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 41.962186][ T889] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 41.970301][ T889] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.1: corrupted in-inode xattr [ 41.982750][ T889] EXT4-fs (loop1): Remounting filesystem read-only [ 41.989306][ T889] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 41.990702][ T892] loop2: detected capacity change from 0 to 512 [ 42.002183][ T889] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,init_itable,stripe=0x0000000000000003,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 42.033570][ T897] loop0: detected capacity change from 0 to 512 [ 42.093696][ T892] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 42.105596][ T897] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 42.123541][ T892] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it [ 42.129848][ T877] loop4: detected capacity change from 0 to 40427 [ 42.136844][ T897] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it [ 42.152556][ T901] loop1: detected capacity change from 0 to 256 [ 42.158455][ T892] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 42.160940][ T897] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 42.185034][ T892] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 42.193484][ T892] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.2: corrupted in-inode xattr [ 42.205908][ T877] F2FS-fs (loop4): Small segment_count (9 < 1 * 24) [ 42.206134][ T897] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 42.217041][ T877] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 42.228577][ T892] EXT4-fs (loop2): Remounting filesystem read-only [ 42.238299][ T892] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 42.256532][ T901] FAT-fs (loop1): Directory bread(block 64) failed [ 42.263064][ T897] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.0: corrupted in-inode xattr [ 42.266865][ T892] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,init_itable,stripe=0x0000000000000003,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 42.275585][ T901] FAT-fs (loop1): Directory bread(block 65) failed [ 42.303266][ T897] EXT4-fs (loop0): Remounting filesystem read-only [ 42.309931][ T877] F2FS-fs (loop4): Found nat_bits in checkpoint [ 42.310065][ T901] FAT-fs (loop1): Directory bread(block 66) failed [ 42.322672][ T897] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 42.334923][ T901] FAT-fs (loop1): Directory bread(block 67) failed [ 42.335842][ T880] loop3: detected capacity change from 0 to 40427 [ 42.341822][ T901] FAT-fs (loop1): Directory bread(block 68) failed [ 42.354287][ T901] FAT-fs (loop1): Directory bread(block 69) failed [ 42.364051][ T897] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,init_itable,stripe=0x0000000000000003,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 42.386578][ T901] FAT-fs (loop1): Directory bread(block 70) failed [ 42.393370][ T901] FAT-fs (loop1): Directory bread(block 71) failed [ 42.401193][ T901] FAT-fs (loop1): Directory bread(block 72) failed [ 42.408179][ T901] FAT-fs (loop1): Directory bread(block 73) failed [ 42.409496][ T877] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 42.422687][ T877] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 42.457773][ T880] F2FS-fs (loop3): Unrecognized mount option "errors=remount-ro" or missing value [ 42.517615][ T308] attempt to access beyond end of device [ 42.517615][ T308] loop4: rw=2049, want=45112, limit=40427 [ 42.537484][ T908] loop3: detected capacity change from 0 to 128 [ 42.599011][ T908] FAT-fs (loop3): Directory bread(block 11554) failed [ 42.605630][ T908] FAT-fs (loop3): Directory bread(block 11555) failed [ 42.622909][ T908] FAT-fs (loop3): Directory bread(block 11556) failed [ 42.635982][ T908] FAT-fs (loop3): Directory bread(block 11557) failed [ 42.643345][ T30] kauditd_printk_skb: 16 callbacks suppressed [ 42.643358][ T30] audit: type=1400 audit(1717005024.103:194): avc: denied { write } for pid=915 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 42.644601][ T908] FAT-fs (loop3): Directory bread(block 11558) failed [ 42.652814][ T30] audit: type=1400 audit(1717005024.103:195): avc: denied { nlmsg_write } for pid=915 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 42.672468][ T908] FAT-fs (loop3): Directory bread(block 11559) failed [ 42.705776][ T908] FAT-fs (loop3): Directory bread(block 11560) failed [ 42.713877][ T908] FAT-fs (loop3): Directory bread(block 11561) failed [ 42.714072][ T30] audit: type=1400 audit(1717005024.173:196): avc: denied { ioctl } for pid=917 comm="syz-executor.0" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=16607 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 42.720904][ T908] FAT-fs (loop3): Directory bread(block 11562) failed [ 42.769350][ T908] FAT-fs (loop3): Directory bread(block 11563) failed [ 42.811518][ T30] audit: type=1400 audit(1717005024.263:197): avc: denied { getopt } for pid=923 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 42.831498][ T333] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 42.928619][ T926] loop4: detected capacity change from 0 to 512 [ 42.959570][ T926] EXT4-fs warning (device loop4): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 42.974006][ T926] EXT4-fs warning (device loop4): dx_probe:880: Enable large directory feature to access it [ 42.984238][ T926] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz-executor.4: Corrupt directory, running e2fsck is recommended [ 42.997644][ T926] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 43.006060][ T926] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.4: corrupted in-inode xattr [ 43.023674][ T926] EXT4-fs (loop4): Remounting filesystem read-only [ 43.031161][ T926] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 43.037208][ T332] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 43.050616][ T926] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,init_itable,stripe=0x0000000000000003,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 43.051598][ T932] loop0: detected capacity change from 0 to 512 [ 43.138403][ T932] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 43.153767][ T932] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it [ 43.164898][ T932] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 43.178518][ T932] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 43.186537][ T932] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.0: corrupted in-inode xattr [ 43.199301][ T932] EXT4-fs (loop0): Remounting filesystem read-only [ 43.205720][ T932] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 43.218801][ T932] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,init_itable,stripe=0x0000000000000003,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 43.257363][ T333] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 43.272156][ T333] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 43.289710][ T333] usb 3-1: config 0 descriptor?? [ 43.297351][ T332] usb 2-1: Using ep0 maxpacket: 16 [ 43.340777][ T939] capability: warning: `syz-executor.4' uses deprecated v2 capabilities in a way that may be insecure [ 43.415208][ T941] loop4: detected capacity change from 0 to 256 [ 43.447298][ T332] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 43.463543][ T941] FAT-fs (loop4): Directory bread(block 64) failed [ 43.481159][ T332] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 43.491520][ T941] FAT-fs (loop4): Directory bread(block 65) failed [ 43.498908][ T941] FAT-fs (loop4): Directory bread(block 66) failed [ 43.505340][ T941] FAT-fs (loop4): Directory bread(block 67) failed [ 43.512466][ T941] FAT-fs (loop4): Directory bread(block 68) failed [ 43.519444][ T941] FAT-fs (loop4): Directory bread(block 69) failed [ 43.525976][ T941] FAT-fs (loop4): Directory bread(block 70) failed [ 43.533225][ T941] FAT-fs (loop4): Directory bread(block 71) failed [ 43.546794][ T941] FAT-fs (loop4): Directory bread(block 72) failed [ 43.554415][ T941] FAT-fs (loop4): Directory bread(block 73) failed [ 43.642036][ T943] loop0: detected capacity change from 0 to 512 [ 43.657260][ T332] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 43.679332][ T332] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.688235][ T332] usb 2-1: Product: syz [ 43.746682][ T332] usb 2-1: Manufacturer: syz [ 43.755143][ T332] usb 2-1: SerialNumber: syz [ 43.812579][ T943] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 43.834761][ T943] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it [ 43.854535][ T943] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 43.887323][ T943] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 43.897612][ T943] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.0: corrupted in-inode xattr [ 43.914621][ T943] EXT4-fs (loop0): Remounting filesystem read-only [ 43.921211][ T943] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 43.923306][ T333] usb 3-1: Cannot read MAC address [ 43.938450][ T333] MOSCHIP usb-ethernet driver: probe of 3-1:0.0 failed with error -71 [ 43.940753][ T943] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,init_itable,stripe=0x0000000000000003,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 43.956253][ T333] usb 3-1: USB disconnect, device number 2 [ 44.092756][ T30] audit: type=1400 audit(1717005025.543:198): avc: denied { create } for pid=952 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 44.121815][ T30] audit: type=1400 audit(1717005025.573:199): avc: denied { getopt } for pid=952 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 44.128889][ T947] loop3: detected capacity change from 0 to 40427 [ 44.141339][ T332] usb 2-1: cannot find UAC_HEADER [ 44.155922][ T332] snd-usb-audio: probe of 2-1:1.0 failed with error -22 [ 44.158163][ T957] loop4: detected capacity change from 0 to 128 [ 44.170569][ T947] F2FS-fs (loop3): Unrecognized mount option "errors=remount-ro" or missing value [ 44.177862][ T332] usb 2-1: USB disconnect, device number 6 [ 44.192382][ T957] FAT-fs (loop4): Directory bread(block 11554) failed [ 44.199212][ T957] FAT-fs (loop4): Directory bread(block 11555) failed [ 44.205817][ T957] FAT-fs (loop4): Directory bread(block 11556) failed [ 44.212965][ T957] FAT-fs (loop4): Directory bread(block 11557) failed [ 44.219584][ T957] FAT-fs (loop4): Directory bread(block 11558) failed [ 44.226134][ T957] FAT-fs (loop4): Directory bread(block 11559) failed [ 44.232835][ T957] FAT-fs (loop4): Directory bread(block 11560) failed [ 44.239430][ T957] FAT-fs (loop4): Directory bread(block 11561) failed [ 44.246027][ T957] FAT-fs (loop4): Directory bread(block 11562) failed [ 44.252612][ T957] FAT-fs (loop4): Directory bread(block 11563) failed [ 44.385018][ T967] device veth0_macvtap entered promiscuous mode [ 44.404316][ T967] device vlan2 entered promiscuous mode [ 44.416514][ T963] loop2: detected capacity change from 0 to 512 [ 44.480635][ T963] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 44.490508][ T975] loop4: detected capacity change from 0 to 256 [ 44.497459][ T963] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it [ 44.506408][ T969] loop3: detected capacity change from 0 to 512 [ 44.515698][ T963] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 44.534881][ T963] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 44.543110][ T963] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.2: corrupted in-inode xattr [ 44.555584][ T963] EXT4-fs (loop2): Remounting filesystem read-only [ 44.562079][ T963] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 44.574530][ T963] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,init_itable,stripe=0x0000000000000003,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 44.591499][ T975] FAT-fs (loop4): Directory bread(block 64) failed [ 44.608323][ T969] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 44.617295][ T975] FAT-fs (loop4): Directory bread(block 65) failed [ 44.619648][ T969] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 44.638085][ T969] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 44.639470][ T975] FAT-fs (loop4): Directory bread(block 66) failed [ 44.680405][ T961] loop0: detected capacity change from 0 to 40427 [ 44.686787][ T975] FAT-fs (loop4): Directory bread(block 67) failed [ 44.693318][ T975] FAT-fs (loop4): Directory bread(block 68) failed [ 44.699705][ T975] FAT-fs (loop4): Directory bread(block 69) failed [ 44.706075][ T975] FAT-fs (loop4): Directory bread(block 70) failed [ 44.712411][ T975] FAT-fs (loop4): Directory bread(block 71) failed [ 44.718730][ T975] FAT-fs (loop4): Directory bread(block 72) failed [ 44.725039][ T975] FAT-fs (loop4): Directory bread(block 73) failed [ 44.728062][ T969] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 44.742928][ T969] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.3: corrupted in-inode xattr [ 44.755399][ T969] EXT4-fs (loop3): Remounting filesystem read-only [ 44.762211][ T969] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 44.777992][ T961] F2FS-fs (loop0): invalid crc value [ 44.780809][ T969] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,init_itable,stripe=0x0000000000000003,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 44.805522][ T961] F2FS-fs (loop0): Found nat_bits in checkpoint [ 44.904288][ T961] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 45.036640][ T988] loop2: detected capacity change from 0 to 128 [ 45.048111][ T315] attempt to access beyond end of device [ 45.048111][ T315] loop0: rw=2049, want=45104, limit=40427 [ 45.121467][ T988] FAT-fs (loop2): Directory bread(block 11554) failed [ 45.178923][ T988] FAT-fs (loop2): Directory bread(block 11555) failed [ 45.196008][ T993] loop4: detected capacity change from 0 to 512 [ 45.224719][ T993] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 45.231559][ T988] FAT-fs (loop2): Directory bread(block 11556) failed [ 45.259366][ T988] FAT-fs (loop2): Directory bread(block 11557) failed [ 45.262726][ T993] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 45.276916][ T990] loop3: detected capacity change from 0 to 512 [ 45.286276][ T993] EXT4-fs (loop4): 1 orphan inode deleted [ 45.291963][ T988] FAT-fs (loop2): Directory bread(block 11558) failed [ 45.292125][ T993] EXT4-fs (loop4): 1 truncate cleaned up [ 45.304217][ T993] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 45.304688][ T988] FAT-fs (loop2): Directory bread(block 11559) failed [ 45.333290][ T993] EXT4-fs error (device loop4): ext4_search_dir:1548: inode #12: block 7: comm syz-executor.4: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0 [ 45.341793][ T990] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 45.363577][ T988] FAT-fs (loop2): Directory bread(block 11560) failed [ 45.370435][ T990] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 45.370750][ T988] FAT-fs (loop2): Directory bread(block 11561) failed [ 45.388651][ T988] FAT-fs (loop2): Directory bread(block 11562) failed [ 45.395685][ T988] FAT-fs (loop2): Directory bread(block 11563) failed [ 45.395891][ T990] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 45.424007][ T990] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 45.432771][ T990] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.3: corrupted in-inode xattr [ 45.445414][ T990] EXT4-fs (loop3): Remounting filesystem read-only [ 45.451928][ T990] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 45.464416][ T990] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,abort,init_itable,stripe=0x0000000000000003,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback. [ 45.623384][ T30] audit: type=1326 audit(1717005027.043:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=999 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8460e95ee9 code=0x0 [ 45.663012][ T1006] device veth0_macvtap entered promiscuous mode [ 45.671669][ T1006] device vlan2 entered promiscuous mode [ 45.782707][ T30] audit: type=1400 audit(1717005027.233:201): avc: denied { name_bind } for pid=1013 comm="syz-executor.3" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 45.806761][ T1001] loop0: detected capacity change from 0 to 40427 [ 45.831325][ T1001] F2FS-fs (loop0): Unrecognized mount option "errors=remount-ro" or missing value [ 45.833648][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 45.917211][ T860] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 46.072343][ T1019] loop3: detected capacity change from 0 to 40427 [ 46.110561][ T1021] loop0: detected capacity change from 0 to 40427 [ 46.131390][ T1019] F2FS-fs (loop3): invalid crc value [ 46.138476][ T1019] F2FS-fs (loop3): Found nat_bits in checkpoint [ 46.167300][ T860] usb 2-1: Using ep0 maxpacket: 16 [ 46.173945][ T1021] F2FS-fs (loop0): invalid crc value [ 46.180581][ T1021] F2FS-fs (loop0): Found nat_bits in checkpoint [ 46.187372][ T1019] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 46.228573][ T1021] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 46.237834][ T309] attempt to access beyond end of device [ 46.237834][ T309] loop3: rw=2049, want=45104, limit=40427 [ 46.277763][ T315] attempt to access beyond end of device [ 46.277763][ T315] loop0: rw=2049, want=45104, limit=40427 [ 46.288850][ T860] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 46.298776][ T860] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 46.445843][ T1028] loop4: detected capacity change from 0 to 512 [ 46.467294][ T860] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 46.478285][ T860] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 46.490253][ T860] usb 2-1: Product: syz [ 46.496345][ T860] usb 2-1: Manufacturer: syz [ 46.502860][ T860] usb 2-1: SerialNumber: syz [ 46.514418][ T1032] loop0: detected capacity change from 0 to 512 [ 46.569443][ T1028] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 46.582092][ T1034] loop2: detected capacity change from 0 to 128 [ 46.590917][ T1028] EXT4-fs (loop4): 1 orphan inode deleted [ 46.596718][ T1028] EXT4-fs (loop4): 1 truncate cleaned up [ 46.602710][ T1028] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 46.616022][ T1028] EXT4-fs error (device loop4): ext4_search_dir:1548: inode #12: block 7: comm syz-executor.4: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0 [ 46.621224][ T1032] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 46.649568][ T1032] EXT4-fs (loop0): 1 orphan inode deleted [ 46.655371][ T1032] EXT4-fs (loop0): 1 truncate cleaned up [ 46.665845][ T1034] FAT-fs (loop2): Directory bread(block 11554) failed [ 46.679191][ T1034] FAT-fs (loop2): Directory bread(block 11555) failed [ 46.685797][ T1034] FAT-fs (loop2): Directory bread(block 11556) failed [ 46.692659][ T1032] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 46.704234][ T1034] FAT-fs (loop2): Directory bread(block 11557) failed [ 46.717590][ T1032] EXT4-fs error (device loop0): ext4_search_dir:1548: inode #12: block 7: comm syz-executor.0: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0 [ 46.718799][ T1034] FAT-fs (loop2): Directory bread(block 11558) failed [ 46.754917][ T1030] loop3: detected capacity change from 0 to 40427 [ 46.761470][ T1034] FAT-fs (loop2): Directory bread(block 11559) failed [ 46.768806][ T1034] FAT-fs (loop2): Directory bread(block 11560) failed [ 46.775674][ T1034] FAT-fs (loop2): Directory bread(block 11561) failed [ 46.782602][ T1034] FAT-fs (loop2): Directory bread(block 11562) failed [ 46.789514][ T1034] FAT-fs (loop2): Directory bread(block 11563) failed [ 46.818216][ T1030] F2FS-fs (loop3): invalid crc value [ 46.827264][ T860] usb 2-1: cannot find UAC_HEADER [ 46.833308][ T860] snd-usb-audio: probe of 2-1:1.0 failed with error -22 [ 46.836642][ T1030] F2FS-fs (loop3): Found nat_bits in checkpoint [ 46.842502][ T860] usb 2-1: USB disconnect, device number 7 [ 46.924622][ T1030] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 46.977698][ T309] attempt to access beyond end of device [ 46.977698][ T309] loop3: rw=2049, want=45104, limit=40427 [ 47.819921][ T1069] loop1: detected capacity change from 0 to 512 [ 47.834603][ T1071] loop3: detected capacity change from 0 to 512 [ 47.878499][ T1069] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 47.892217][ T1071] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 47.917103][ T1071] EXT4-fs (loop3): 1 orphan inode deleted [ 47.922983][ T1069] EXT4-fs (loop1): 1 orphan inode deleted [ 47.932537][ T1071] EXT4-fs (loop3): 1 truncate cleaned up [ 47.938204][ T1071] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 47.958962][ T1069] EXT4-fs (loop1): 1 truncate cleaned up [ 47.964482][ T1069] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 47.982146][ T1071] EXT4-fs error (device loop3): ext4_search_dir:1548: inode #12: block 7: comm syz-executor.3: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0 [ 47.987678][ T1058] loop4: detected capacity change from 0 to 40427 [ 48.001097][ T1069] EXT4-fs error (device loop1): ext4_search_dir:1548: inode #12: block 7: comm syz-executor.1: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0 [ 48.034350][ T1082] ------------[ cut here ]------------ [ 48.044563][ T1082] trace type BPF program uses run-time allocation [ 48.051292][ T1056] loop2: detected capacity change from 0 to 40427 [ 48.051500][ T1082] WARNING: CPU: 0 PID: 1082 at kernel/bpf/verifier.c:11655 check_map_prog_compatibility+0x6f1/0x890 [ 48.068994][ T1082] Modules linked in: [ 48.073058][ T1058] F2FS-fs (loop4): invalid crc value [ 48.074530][ T1082] CPU: 1 PID: 1082 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 48.088509][ T1082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 48.093148][ T1058] F2FS-fs (loop4): Found nat_bits in checkpoint [ 48.099723][ T1082] RIP: 0010:check_map_prog_compatibility+0x6f1/0x890 [ 48.112403][ T1056] F2FS-fs (loop2): invalid crc value [ 48.118114][ T1082] Code: db e9 f9 fc ff ff e8 0e 3a ed ff 31 db e9 ed fc ff ff e8 02 3a ed ff c6 05 0d 7e 80 05 01 48 c7 c7 e0 bf 67 85 e8 3f 7b be ff <0f> 0b e9 5a fb ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 84 f9 ff [ 48.138655][ T1056] F2FS-fs (loop2): Found nat_bits in checkpoint [ 48.155678][ T1082] RSP: 0018:ffffc900058a7348 EFLAGS: 00010246 [ 48.161699][ T1082] RAX: 09fce21a4ddc0600 RBX: 0000000000000001 RCX: 0000000000040000 [ 48.170466][ T1082] RDX: ffffc90002566000 RSI: 0000000000000948 RDI: 0000000000000949 [ 48.178555][ T1082] RBP: ffffc900058a7390 R08: ffffffff81576125 R09: ffffed103ee04e93 [ 48.183272][ T1058] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 48.186627][ T1082] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000011 [ 48.194219][ T1056] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 48.227389][ T1089] device veth0_macvtap entered promiscuous mode [ 48.231360][ T1082] R13: ffff88812a073000 R14: ffffc90000205000 R15: dffffc0000000000 [ 48.241331][ T1089] device vlan2 entered promiscuous mode [ 48.247892][ T1082] FS: 00007f230cb356c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 48.276489][ T1082] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 48.286003][ T1082] CR2: 00007f8460fc9000 CR3: 000000010e995000 CR4: 00000000003506b0 [ 48.294177][ T1082] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 48.303501][ T308] attempt to access beyond end of device [ 48.303501][ T308] loop4: rw=2049, want=45104, limit=40427 [ 48.307393][ T313] attempt to access beyond end of device [ 48.307393][ T313] loop2: rw=2049, want=45104, limit=40427 [ 48.314713][ T1082] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 48.376973][ T1082] Call Trace: [ 48.384050][ T1082] [ 48.390253][ T1082] ? show_regs+0x58/0x60 [ 48.399570][ T1082] ? __warn+0x160/0x2f0 [ 48.410507][ T1082] ? check_map_prog_compatibility+0x6f1/0x890 [ 48.421453][ T1082] ? report_bug+0x3d9/0x5b0 [ 48.425849][ T1082] ? check_map_prog_compatibility+0x6f1/0x890 [ 48.431963][ T1082] ? handle_bug+0x41/0x70 [ 48.436173][ T1082] ? exc_invalid_op+0x1b/0x50 [ 48.440903][ T1082] ? asm_exc_invalid_op+0x1b/0x20 [ 48.445808][ T1082] ? __wake_up_klogd+0xd5/0x110 [ 48.450688][ T1082] ? check_map_prog_compatibility+0x6f1/0x890 [ 48.456634][ T1082] ? check_map_prog_compatibility+0x6f1/0x890 [ 48.462850][ T1082] resolve_pseudo_ldimm64+0x671/0x1240 [ 48.469421][ T1082] ? check_attach_btf_id+0xef0/0xef0 [ 48.474580][ T1082] ? __mark_reg_known+0x1b0/0x1b0 [ 48.479612][ T1082] ? security_capable+0x87/0xb0 [ 48.484337][ T1082] bpf_check+0x3174/0x12bf0 [ 48.493919][ T1082] ? is_bpf_text_address+0x172/0x190 [ 48.504606][ T1082] ? stack_trace_save+0x1c0/0x1c0 [ 48.524821][ T1082] ? __kernel_text_address+0x9b/0x110 [ 48.541176][ T1082] ? unwind_get_return_address+0x4d/0x90 [ 48.553236][ T1082] ? bpf_get_btf_vmlinux+0x60/0x60 [ 48.559792][ T1082] ? arch_stack_walk+0xf3/0x140 [ 48.564552][ T1082] ? stack_trace_save+0x113/0x1c0 [ 48.569633][ T1082] ? stack_trace_snprint+0xf0/0xf0 [ 48.574636][ T1082] ? stack_trace_snprint+0xf0/0xf0 [ 48.588570][ T1082] ? __stack_depot_save+0x34/0x470 [ 48.601198][ T1082] ? ____kasan_kmalloc+0xed/0x110 [ 48.612837][ T1082] ? ____kasan_kmalloc+0xdb/0x110 [ 48.621247][ T1082] ? __kasan_kmalloc+0x9/0x10 [ 48.625845][ T1082] ? kmem_cache_alloc_trace+0x115/0x210 [ 48.631931][ T1082] ? selinux_bpf_prog_alloc+0x51/0x140 [ 48.637469][ T1082] ? security_bpf_prog_alloc+0x62/0x90 [ 48.650590][ T1082] ? bpf_prog_load+0x9ee/0x1b50 [ 48.659707][ T1082] ? __sys_bpf+0x4bc/0x760 [ 48.667410][ T1082] ? __x64_sys_bpf+0x7c/0x90 [ 48.675298][ T1082] ? do_syscall_64+0x3d/0xb0 [ 48.683127][ T1082] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 48.693446][ T1091] loop1: detected capacity change from 0 to 40427 [ 48.697370][ T1082] ? __kasan_kmalloc+0x9/0x10 [ 48.704239][ T1082] ? memset+0x35/0x40 [ 48.708456][ T30] audit: type=1400 audit(1717005030.163:202): avc: denied { remove_name } for pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 48.709501][ T1082] ? bpf_obj_name_cpy+0x196/0x1e0 [ 48.736758][ T1091] F2FS-fs (loop1): invalid crc value [ 48.742347][ T1082] bpf_prog_load+0x12ac/0x1b50 [ 48.744429][ T30] audit: type=1400 audit(1717005030.163:203): avc: denied { rename } for pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 48.768961][ T30] audit: type=1400 audit(1717005030.163:204): avc: denied { create } for pid=82 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 48.771745][ T1082] ? map_freeze+0x370/0x370 [ 48.792372][ T1091] F2FS-fs (loop1): Found nat_bits in checkpoint [ 48.803989][ T1082] ? selinux_bpf+0xcb/0x100 [ 48.812681][ T1082] ? security_bpf+0x82/0xb0 [ 48.817401][ T1082] __sys_bpf+0x4bc/0x760 [ 48.821642][ T1082] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 48.827053][ T1082] ? __kasan_check_read+0x11/0x20 [ 48.833752][ T1082] __x64_sys_bpf+0x7c/0x90 [ 48.838116][ T1082] do_syscall_64+0x3d/0xb0 [ 48.842510][ T1082] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 48.851443][ T1082] RIP: 0033:0x7f230ddc0ee9 [ 48.855757][ T1082] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 48.879201][ T1082] RSP: 002b:00007f230cb350c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 48.888755][ T1082] RAX: ffffffffffffffda RBX: 00007f230def7fa0 RCX: 00007f230ddc0ee9 [ 48.891834][ T1091] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 48.896698][ T1082] RDX: 0000000000000090 RSI: 00000000200007c0 RDI: 0000000000000005 [ 48.919691][ T1082] RBP: 00007f230de0d47f R08: 0000000000000000 R09: 0000000000000000 [ 48.937528][ T1082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 48.945388][ T1082] R13: 000000000000000b R14: 00007f230def7fa0 R15: 00007ffeff475158 [ 48.956878][ T1082] [ 48.959832][ T333] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 48.970815][ T310] attempt to access beyond end of device [ 48.970815][ T310] loop1: rw=2049, want=45104, limit=40427 [ 48.982356][ T1082] ---[ end trace fcc7cd391c601289 ]--- [ 49.030266][ T1117] loop4: detected capacity change from 0 to 512 [ 49.035319][ T1115] loop3: detected capacity change from 0 to 512 [ 49.072247][ T1115] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 49.084270][ T1117] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 49.101211][ T1115] EXT4-fs (loop3): 1 orphan inode deleted [ 49.106742][ T1115] EXT4-fs (loop3): 1 truncate cleaned up [ 49.112776][ T1115] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 49.124654][ T1117] EXT4-fs (loop4): 1 orphan inode deleted [ 49.130223][ T1117] EXT4-fs (loop4): 1 truncate cleaned up [ 49.139206][ T1115] EXT4-fs error (device loop3): ext4_search_dir:1548: inode #12: block 7: comm syz-executor.3: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0 [ 49.157972][ T1117] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 49.199235][ T1117] EXT4-fs error (device loop4): ext4_search_dir:1548: inode #12: block 7: comm syz-executor.4: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0 [ 49.219545][ T333] usb 3-1: Using ep0 maxpacket: 16 [ 49.300775][ T1121] loop0: detected capacity change from 0 to 40427 [ 49.321591][ T1121] F2FS-fs (loop0): invalid crc value [ 49.334704][ T1121] F2FS-fs (loop0): Found nat_bits in checkpoint [ 49.337288][ T333] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 49.352360][ T333] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 49.442875][ T1121] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 49.527534][ T315] attempt to access beyond end of device [ 49.527534][ T315] loop0: rw=2049, want=45104, limit=40427 [ 49.537302][ T333] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 49.556783][ T1128] loop3: detected capacity change from 0 to 40427 [ 49.561554][ T333] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 49.578545][ T333] usb 3-1: Product: syz [ 49.586988][ T333] usb 3-1: Manufacturer: syz [ 49.594876][ T333] usb 3-1: SerialNumber: syz [ 49.679187][ T1128] F2FS-fs (loop3): invalid crc value [ 49.682021][ T1137] loop4: detected capacity change from 0 to 40427 [ 49.698298][ T1128] F2FS-fs (loop3): Found nat_bits in checkpoint [ 49.698880][ T1137] F2FS-fs (loop4): invalid crc value [ 49.711351][ T1137] F2FS-fs (loop4): Found nat_bits in checkpoint [ 49.753157][ T1137] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 49.813663][ T1128] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 49.817418][ T308] attempt to access beyond end of device [ 49.817418][ T308] loop4: rw=2049, want=45104, limit=40427 [ 49.917295][ T333] usb 3-1: cannot find UAC_HEADER [ 49.922386][ T333] snd-usb-audio: probe of 3-1:1.0 failed with error -22 [ 49.930820][ T309] attempt to access beyond end of device [ 49.930820][ T309] loop3: rw=2049, want=45104, limit=40427 [ 49.931443][ T333] usb 3-1: USB disconnect, device number 3 [ 50.240835][ T1194] loop1: detected capacity change from 0 to 1024 [ 50.279065][ T1194] EXT4-fs (loop1): Ignoring removed nobh option [ 50.294982][ T1194] EXT4-fs (loop1): test_dummy_encryption requires encrypt feature [ 50.307199][ T30] audit: type=1400 audit(1717005031.763:205): avc: denied { create } for pid=1190 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 50.331602][ T30] audit: type=1400 audit(1717005031.783:206): avc: denied { shutdown } for pid=1190 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 50.554387][ T30] audit: type=1400 audit(1717005032.003:207): avc: denied { remount } for pid=1208 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 50.647205][ T39] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 50.686798][ T1219] loop1: detected capacity change from 0 to 512 [ 50.809524][ T1219] EXT4-fs (loop1): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback. [ 50.827306][ T1219] ext4 filesystem being mounted at /root/syzkaller-testdir1037093908/syzkaller.NMt7wl/95/file1 supports timestamps until 2038 (0x7fffffff) [ 50.867214][ T333] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 50.903090][ T30] audit: type=1400 audit(1717005032.353:208): avc: denied { read } for pid=1218 comm="syz-executor.1" name="usbmon0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 50.917228][ T39] usb 5-1: Using ep0 maxpacket: 32 [ 50.934038][ T1225] loop0: detected capacity change from 0 to 256 [ 50.944356][ T30] audit: type=1400 audit(1717005032.353:209): avc: denied { open } for pid=1218 comm="syz-executor.1" path="/dev/usbmon0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 50.968807][ T30] audit: type=1400 audit(1717005032.363:210): avc: denied { ioctl } for pid=1218 comm="syz-executor.1" path="/dev/usbmon0" dev="devtmpfs" ino=135 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 51.018116][ T1225] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 51.050098][ T30] audit: type=1400 audit(1717005032.503:211): avc: denied { add_name } for pid=1224 comm="syz-executor.0" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 51.087237][ T39] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 51.098300][ T39] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 51.107237][ T1225] loop_set_status: loop0 () has still dirty pages (nrpages=3) [ 51.108136][ T39] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 51.134908][ T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 51.147805][ T333] usb 4-1: Using ep0 maxpacket: 8 [ 51.178411][ T39] hub 5-1:4.0: USB hub found [ 51.267234][ T333] usb 4-1: config 1 descriptor has 1 excess byte, ignoring [ 51.274375][ T333] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 51.283339][ T333] usb 4-1: config 1 has no interface number 1 [ 51.289222][ T333] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 229, changing to 7 [ 51.437256][ T39] hub 5-1:4.0: config failed, can't read hub descriptor (err -22) [ 51.447387][ T20] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 51.457238][ T333] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 51.466418][ T333] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 51.474597][ T333] usb 4-1: Product: syz [ 51.479330][ T39] usb 5-1: USB disconnect, device number 4 [ 51.485761][ T333] usb 4-1: Manufacturer: syz [ 51.490279][ T333] usb 4-1: SerialNumber: syz [ 51.585306][ T1240] device bridge1 entered promiscuous mode [ 51.597193][ T860] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 51.807319][ T333] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor [ 51.815138][ T333] usb 4-1: 2:1 : format type 0 is detected, processed as PCM [ 51.822312][ T333] usb 4-1: 2:1 : unsupported sample bitwidth 0 in 0 bytes [ 51.837199][ T860] usb 1-1: Using ep0 maxpacket: 16 [ 51.849197][ T1242] loop2: detected capacity change from 0 to 1024 [ 51.857097][ T333] usb 4-1: USB disconnect, device number 5 [ 51.867350][ T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 51.878196][ T1242] EXT4-fs (loop2): Ignoring removed nobh option [ 51.884609][ T1242] EXT4-fs (loop2): test_dummy_encryption requires encrypt feature [ 51.889053][ T391] udevd[391]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 51.909656][ T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 51.925810][ T20] usb 2-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 0.00 [ 51.957267][ T860] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 51.967510][ T860] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 51.989523][ T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 51.999510][ T20] usb 2-1: config 0 descriptor?? [ 52.167409][ T860] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 52.178563][ T860] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 52.188967][ T860] usb 1-1: Product: syz [ 52.193127][ T860] usb 1-1: Manufacturer: syz [ 52.198061][ T860] usb 1-1: SerialNumber: syz [ 52.527568][ T860] usb 1-1: cannot find UAC_HEADER [ 52.532993][ T860] snd-usb-audio: probe of 1-1:1.0 failed with error -22 [ 52.535420][ T20] wacom 0003:056A:00F8.0001: hidraw0: USB HID v0.00 Device [HID 056a:00f8] on usb-dummy_hcd.1-1/input0 [ 52.554108][ T860] usb 1-1: USB disconnect, device number 4 [ 52.740286][ T333] usb 2-1: USB disconnect, device number 8 [ 52.846151][ T1258] loop4: detected capacity change from 0 to 512 [ 52.985012][ T1258] EXT4-fs (loop4): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback. [ 52.988498][ T1261] loop0: detected capacity change from 0 to 512 [ 53.002015][ T1258] ext4 filesystem being mounted at /root/syzkaller-testdir3575999368/syzkaller.DkxIss/55/file1 supports timestamps until 2038 (0x7fffffff) [ 53.069242][ T1265] loop2: detected capacity change from 0 to 256 [ 53.082748][ T1265] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 53.108833][ T1261] EXT4-fs (loop0): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback. [ 53.125785][ T1261] ext4 filesystem being mounted at /root/syzkaller-testdir300911910/syzkaller.ErY8ZK/50/file1 supports timestamps until 2038 (0x7fffffff) [ 53.127622][ T1265] loop_set_status: loop2 () has still dirty pages (nrpages=3) [ 53.226557][ T1275] device bridge1 entered promiscuous mode [ 53.256261][ T1277] loop4: detected capacity change from 0 to 1024 [ 53.268205][ T1279] loop2: detected capacity change from 0 to 256 [ 53.312547][ T1279] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 53.361780][ T1277] EXT4-fs (loop4): Ignoring removed nobh option [ 53.368170][ T1279] loop_set_status: loop2 () has still dirty pages (nrpages=3) [ 53.368252][ T1277] EXT4-fs (loop4): test_dummy_encryption requires encrypt feature [ 53.494963][ T1288] loop3: detected capacity change from 0 to 512 [ 53.577202][ T1247] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 53.638196][ T1292] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 53.708583][ T860] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 53.737171][ T332] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 53.837173][ T1247] usb 2-1: Using ep0 maxpacket: 32 [ 53.947279][ T860] usb 1-1: Using ep0 maxpacket: 8 [ 53.957271][ T1247] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 53.987166][ T1247] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 53.996734][ T1247] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 54.005591][ T332] usb 5-1: Using ep0 maxpacket: 8 [ 54.067249][ T860] usb 1-1: config 1 descriptor has 1 excess byte, ignoring [ 54.074491][ T860] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 54.086236][ T860] usb 1-1: config 1 has no interface number 1 [ 54.093380][ T860] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 229, changing to 7 [ 54.259092][ T860] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 54.268183][ T860] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 54.276309][ T860] usb 1-1: Product: syz [ 54.281577][ T860] usb 1-1: Manufacturer: syz [ 54.286094][ T860] usb 1-1: SerialNumber: syz [ 54.360701][ T1247] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 54.399517][ T1288] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback. [ 54.416412][ T1288] ext4 filesystem being mounted at /root/syzkaller-testdir2510801080/syzkaller.dGLclL/99/file1 supports timestamps until 2038 (0x7fffffff) [ 54.431800][ T1247] hub 2-1:4.0: USB hub found [ 54.507276][ T332] usb 5-1: config 1 descriptor has 1 excess byte, ignoring [ 54.514332][ T332] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 54.523511][ T332] usb 5-1: config 1 has no interface number 1 [ 54.529728][ T332] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 229, changing to 7 [ 54.607285][ T860] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor [ 54.615005][ T860] usb 1-1: 2:1 : format type 0 is detected, processed as PCM [ 54.622602][ T860] usb 1-1: 2:1 : unsupported sample bitwidth 0 in 0 bytes [ 54.659602][ T860] usb 1-1: USB disconnect, device number 5 [ 54.677254][ T1247] hub 2-1:4.0: config failed, can't read hub descriptor (err -22) [ 54.685071][ T1301] loop3: detected capacity change from 0 to 256 [ 54.707616][ T1247] usb 2-1: USB disconnect, device number 9 [ 54.711898][ T1301] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 54.728446][ T332] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 54.741154][ T332] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 54.753042][ T332] usb 5-1: Product: syz [ 54.757083][ T332] usb 5-1: Manufacturer: syz [ 54.761525][ T332] usb 5-1: SerialNumber: syz [ 54.768291][ T1301] loop_set_status: loop3 () has still dirty pages (nrpages=3) [ 55.087250][ T332] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor [ 55.095104][ T332] usb 5-1: 2:1 : format type 0 is detected, processed as PCM [ 55.102850][ T332] usb 5-1: 2:1 : unsupported sample bitwidth 0 in 0 bytes [ 55.129944][ T332] usb 5-1: USB disconnect, device number 5 [ 55.173259][ T1315] loop0: detected capacity change from 0 to 512 [ 55.285304][ T1317] loop2: detected capacity change from 0 to 256 [ 55.294040][ T1315] EXT4-fs (loop0): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback. [ 55.311107][ T1315] ext4 filesystem being mounted at /root/syzkaller-testdir300911910/syzkaller.ErY8ZK/55/file1 supports timestamps until 2038 (0x7fffffff) [ 55.370083][ T1317] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 55.417286][ T1317] loop_set_status: loop2 () has still dirty pages (nrpages=3) [ 55.427287][ T26] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 55.526932][ T1323] loop4: detected capacity change from 0 to 16 [ 55.543525][ T1325] loop0: detected capacity change from 0 to 1024 [ 55.563096][ T1325] EXT4-fs (loop0): Ignoring removed nobh option [ 55.570057][ T1325] EXT4-fs (loop0): test_dummy_encryption requires encrypt feature [ 55.572484][ T1323] erofs: (device loop4): mounted with root inode @ nid 36. [ 55.579476][ T1327] device bridge1 entered promiscuous mode [ 55.648681][ T1329] loop0: detected capacity change from 0 to 512 [ 55.705719][ T1331] loop4: detected capacity change from 0 to 256 [ 55.738248][ T1329] EXT4-fs (loop0): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback. [ 55.755615][ T1329] ext4 filesystem being mounted at /root/syzkaller-testdir300911910/syzkaller.ErY8ZK/57/file1 supports timestamps until 2038 (0x7fffffff) [ 55.781271][ T1331] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 55.794047][ T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 55.805562][ T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 55.815338][ T26] usb 2-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 0.00 [ 55.824446][ T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.833385][ T26] usb 2-1: config 0 descriptor?? [ 55.847711][ T1331] loop_set_status: loop4 () has still dirty pages (nrpages=3) [ 55.874875][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 55.874889][ T30] audit: type=1400 audit(1717005037.323:217): avc: denied { write } for pid=1336 comm="syz-executor.2" name="001" dev="devtmpfs" ino=161 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 55.875176][ T1337] usb usb8: usbfs: process 1337 (syz-executor.2) did not claim interface 0 before use [ 56.018664][ T1347] loop0: detected capacity change from 0 to 512 [ 56.077234][ T20] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 56.129814][ T1347] EXT4-fs (loop0): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback. [ 56.146747][ T1347] ext4 filesystem being mounted at /root/syzkaller-testdir300911910/syzkaller.ErY8ZK/59/file1 supports timestamps until 2038 (0x7fffffff) [ 56.287231][ T1247] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 56.327177][ T20] usb 4-1: Using ep0 maxpacket: 8 [ 56.332660][ T26] wacom 0003:056A:00F8.0002: hidraw0: USB HID v0.00 Device [HID 056a:00f8] on usb-dummy_hcd.1-1/input0 [ 56.369622][ T1353] loop0: detected capacity change from 0 to 256 [ 56.403334][ T1353] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 56.457304][ T1353] loop_set_status: loop0 () has still dirty pages (nrpages=3) [ 56.487257][ T20] usb 4-1: config 1 descriptor has 1 excess byte, ignoring [ 56.494527][ T20] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 56.503384][ T20] usb 4-1: config 1 has no interface number 1 [ 56.509515][ T20] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 229, changing to 7 [ 56.535047][ T311] usb 2-1: USB disconnect, device number 10 [ 56.547175][ T1247] usb 5-1: Using ep0 maxpacket: 32 [ 56.687261][ T20] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 56.696129][ T20] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 56.704018][ T1247] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 56.715055][ T1247] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 56.724849][ T20] usb 4-1: Product: syz [ 56.728974][ T1247] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 56.737962][ T20] usb 4-1: Manufacturer: syz [ 56.742419][ T20] usb 4-1: SerialNumber: syz [ 56.747315][ T1247] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.808670][ T1247] hub 5-1:4.0: USB hub found [ 57.022543][ T1370] device bridge1 entered promiscuous mode [ 57.059067][ T1247] hub 5-1:4.0: config failed, can't read hub descriptor (err -22) [ 57.063871][ T1372] loop1: detected capacity change from 0 to 512 [ 57.077292][ T20] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor [ 57.085116][ T20] usb 4-1: 2:1 : format type 0 is detected, processed as PCM [ 57.092746][ T1247] usb 5-1: USB disconnect, device number 6 [ 57.099712][ T20] usb 4-1: 2:1 : unsupported sample bitwidth 0 in 0 bytes [ 57.119685][ T20] usb 4-1: USB disconnect, device number 6 [ 57.151132][ T1372] EXT4-fs (loop1): Ignoring removed bh option [ 57.158857][ T382] udevd[382]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 57.163251][ T1372] EXT4-fs (loop1): Ignoring removed oldalloc option [ 57.189170][ T1372] EXT4-fs (loop1): mounted filesystem without journal. Opts: minixdf,bh,minixdf,errors=continue,oldalloc,,errors=continue. Quota mode: writeback. [ 57.204768][ T1372] ext4 filesystem being mounted at /root/syzkaller-testdir1037093908/syzkaller.NMt7wl/99/file0 supports timestamps until 2038 (0x7fffffff) [ 57.225908][ T1372] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #2: comm syz-executor.1: corrupted inode contents [ 57.238150][ T1372] EXT4-fs error (device loop1): ext4_dirty_inode:6024: inode #2: comm syz-executor.1: mark_inode_dirty error [ 57.249874][ T1372] EXT4-fs error (device loop1): ext4_do_update_inode:5191: inode #2: comm syz-executor.1: corrupted inode contents [ 57.262078][ T1372] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #2: comm syz-executor.1: mark_inode_dirty error [ 57.280659][ T30] audit: type=1400 audit(1717005038.733:218): avc: denied { create } for pid=1371 comm="syz-executor.1" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 57.282836][ T1372] EXT4-fs error (device loop1): ext4_get_first_dir_block:3565: inode #18: comm syz-executor.1: directory missing '.' [ 57.314248][ T30] audit: type=1400 audit(1717005038.733:219): avc: denied { remove_name } for pid=1371 comm="syz-executor.1" name="file0" dev="loop1" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 57.348569][ T30] audit: type=1400 audit(1717005038.733:220): avc: denied { rename } for pid=1371 comm="syz-executor.1" name="file0" dev="loop1" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 57.370746][ T30] audit: type=1400 audit(1717005038.733:221): avc: denied { rmdir } for pid=1371 comm="syz-executor.1" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 57.527496][ T30] audit: type=1400 audit(1717005038.983:222): avc: denied { append } for pid=1384 comm="syz-executor.4" name="rtc0" dev="devtmpfs" ino=167 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 57.553743][ T30] audit: type=1400 audit(1717005038.983:223): avc: denied { write } for pid=1384 comm="syz-executor.4" name="rtc0" dev="devtmpfs" ino=167 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 57.628623][ T1392] loop2: detected capacity change from 0 to 512 [ 57.660200][ T1392] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #15: comm syz-executor.2: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 57.680170][ T1392] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 57.692439][ T1392] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 57.702926][ T1392] ext4 filesystem being mounted at /root/syzkaller-testdir800086226/syzkaller.gH4BgQ/61/file2 supports timestamps until 2038 (0x7fffffff) [ 57.801563][ T30] audit: type=1400 audit(1717005039.253:224): avc: denied { bind } for pid=1402 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 57.932412][ T1410] loop3: detected capacity change from 0 to 512 [ 57.986449][ T30] audit: type=1326 audit(1717005039.433:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1413 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff161396ee9 code=0x7ffc0000 [ 58.010698][ T30] audit: type=1326 audit(1717005039.433:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1413 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff161396ee9 code=0x7ffc0000 [ 58.049182][ T1410] EXT4-fs (loop3): Ignoring removed bh option [ 58.055178][ T1410] EXT4-fs (loop3): Ignoring removed oldalloc option [ 58.096644][ T1410] EXT4-fs (loop3): mounted filesystem without journal. Opts: minixdf,bh,minixdf,errors=continue,oldalloc,,errors=continue. Quota mode: writeback. [ 58.116054][ T1410] ext4 filesystem being mounted at /root/syzkaller-testdir2510801080/syzkaller.dGLclL/104/file0 supports timestamps until 2038 (0x7fffffff) [ 58.134672][ T1410] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents [ 58.146919][ T1410] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #2: comm syz-executor.3: mark_inode_dirty error [ 58.158891][ T1410] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents [ 58.167227][ T20] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 58.175326][ T1410] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz-executor.3: mark_inode_dirty error [ 58.194312][ T1410] EXT4-fs error (device loop3): ext4_get_first_dir_block:3565: inode #18: comm syz-executor.3: directory missing '.' [ 58.277236][ T860] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 58.367265][ T1247] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 58.517272][ T860] usb 5-1: Using ep0 maxpacket: 32 [ 58.587300][ T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 58.598341][ T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 58.607983][ T20] usb 1-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 0.00 [ 58.617046][ T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.624927][ T1247] usb 2-1: Using ep0 maxpacket: 8 [ 58.630288][ T20] usb 1-1: config 0 descriptor?? [ 58.637417][ T860] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 58.648377][ T860] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 58.658248][ T860] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 58.667357][ T860] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.707621][ T860] hub 5-1:4.0: USB hub found [ 58.767228][ T1247] usb 2-1: config 1 descriptor has 1 excess byte, ignoring [ 58.774480][ T1247] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 58.783198][ T1247] usb 2-1: config 1 has no interface number 1 [ 58.789246][ T1247] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 229, changing to 7 [ 58.967280][ T860] hub 5-1:4.0: config failed, can't read hub descriptor (err -22) [ 58.967304][ T1247] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 58.975314][ T1247] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 58.992410][ T1247] usb 2-1: Product: syz [ 58.996543][ T1247] usb 2-1: Manufacturer: syz [ 59.001195][ T1247] usb 2-1: SerialNumber: syz [ 59.015152][ T860] usb 5-1: USB disconnect, device number 7 [ 59.119070][ T20] wacom 0003:056A:00F8.0003: hidraw0: USB HID v0.00 Device [HID 056a:00f8] on usb-dummy_hcd.0-1/input0 [ 59.137004][ T1443] loop2: detected capacity change from 0 to 512 [ 59.180088][ T1443] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #15: comm syz-executor.2: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 59.198568][ T1443] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 59.210906][ T1443] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 59.221929][ T1443] ext4 filesystem being mounted at /root/syzkaller-testdir800086226/syzkaller.gH4BgQ/66/file2 supports timestamps until 2038 (0x7fffffff) [ 59.323867][ T333] usb 1-1: USB disconnect, device number 6 [ 59.367878][ T1247] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 59.375587][ T1247] usb 2-1: 2:1 : format type 0 is detected, processed as PCM [ 59.397425][ T1247] usb 2-1: 2:1 : unsupported sample bitwidth 0 in 0 bytes [ 59.419352][ T1247] usb 2-1: USB disconnect, device number 11 [ 59.468827][ T1453] loop4: detected capacity change from 0 to 1024 [ 59.476466][ T1453] EXT4-fs (loop4): Ignoring removed orlov option [ 59.505737][ T1453] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal [ 59.571386][ T1458] loop3: detected capacity change from 0 to 512 [ 59.596306][ T1456] loop2: detected capacity change from 0 to 512 [ 59.602489][ T1458] EXT4-fs (loop3): Ignoring removed bh option [ 59.608477][ T1458] EXT4-fs (loop3): Ignoring removed oldalloc option [ 59.619817][ T1456] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #15: comm syz-executor.2: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 59.619954][ T1458] EXT4-fs (loop3): mounted filesystem without journal. Opts: minixdf,bh,minixdf,errors=continue,oldalloc,,errors=continue. Quota mode: writeback. [ 59.652847][ T1456] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 59.652909][ T1458] ext4 filesystem being mounted at /root/syzkaller-testdir2510801080/syzkaller.dGLclL/109/file0 supports timestamps until 2038 (0x7fffffff) [ 59.669714][ T1468] loop4: detected capacity change from 0 to 512 [ 59.679417][ T1456] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 59.695501][ T1456] ext4 filesystem being mounted at /root/syzkaller-testdir800086226/syzkaller.gH4BgQ/67/file2 supports timestamps until 2038 (0x7fffffff) [ 59.714091][ T1458] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents [ 59.726533][ T1458] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #2: comm syz-executor.3: mark_inode_dirty error [ 59.738366][ T1458] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents [ 59.750609][ T1458] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz-executor.3: mark_inode_dirty error [ 59.766255][ T1458] EXT4-fs error (device loop3): ext4_get_first_dir_block:3565: inode #18: comm syz-executor.3: directory missing '.' [ 59.875398][ T1477] loop0: detected capacity change from 0 to 1024 [ 59.935680][ T1477] EXT4-fs error (device loop0): ext4_fill_super:4831: inode #2: comm syz-executor.0: casefold flag without casefold feature [ 59.948651][ T1477] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 59.959159][ T1477] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 60.082194][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 60.118524][ T1506] loop4: detected capacity change from 0 to 512 [ 60.118801][ T1500] loop0: detected capacity change from 0 to 512 [ 60.151185][ T1506] EXT4-fs (loop4): Ignoring removed bh option [ 60.159140][ T1506] EXT4-fs (loop4): Ignoring removed oldalloc option [ 60.166548][ T1500] EXT4-fs error (device loop0): ext4_ext_check_inode:501: inode #15: comm syz-executor.0: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 60.186908][ T1500] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 60.199509][ T1500] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 60.210765][ T1500] ext4 filesystem being mounted at /root/syzkaller-testdir300911910/syzkaller.ErY8ZK/67/file2 supports timestamps until 2038 (0x7fffffff) [ 60.226026][ T1506] EXT4-fs (loop4): mounted filesystem without journal. Opts: minixdf,bh,minixdf,errors=continue,oldalloc,,errors=continue. Quota mode: writeback. [ 60.240923][ T1506] ext4 filesystem being mounted at /root/syzkaller-testdir3575999368/syzkaller.DkxIss/76/file0 supports timestamps until 2038 (0x7fffffff) [ 60.259643][ T1506] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz-executor.4: corrupted inode contents [ 60.271869][ T1506] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #2: comm syz-executor.4: mark_inode_dirty error [ 60.283600][ T1506] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz-executor.4: corrupted inode contents [ 60.295809][ T1506] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz-executor.4: mark_inode_dirty error [ 60.311338][ T1506] EXT4-fs error (device loop4): ext4_get_first_dir_block:3565: inode #18: comm syz-executor.4: directory missing '.' [ 60.488821][ T1514] loop4: detected capacity change from 0 to 512 [ 60.497195][ T332] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 60.509520][ T1519] loop0: detected capacity change from 0 to 1024 [ 60.529795][ T1514] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #15: comm syz-executor.4: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 60.548289][ T1514] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 60.560611][ T1514] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 60.564451][ T1519] EXT4-fs error (device loop0): ext4_fill_super:4831: inode #2: comm syz-executor.0: casefold flag without casefold feature [ 60.571411][ T1514] ext4 filesystem being mounted at /root/syzkaller-testdir3575999368/syzkaller.DkxIss/77/file2 supports timestamps until 2038 (0x7fffffff) [ 60.584222][ T1519] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 60.607531][ T1519] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 60.879813][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 60.917230][ T332] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 60.941976][ T332] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 60.963387][ T332] usb 3-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 0.00 [ 60.978861][ T332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.995178][ T1543] loop3: detected capacity change from 0 to 512 [ 61.009208][ T332] usb 3-1: config 0 descriptor?? [ 61.064457][ T1543] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #15: comm syz-executor.3: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 61.083045][ T1543] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 61.095310][ T1543] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 61.105814][ T1543] ext4 filesystem being mounted at /root/syzkaller-testdir2510801080/syzkaller.dGLclL/115/file2 supports timestamps until 2038 (0x7fffffff) [ 61.499256][ T332] wacom 0003:056A:00F8.0004: hidraw0: USB HID v0.00 Device [HID 056a:00f8] on usb-dummy_hcd.2-1/input0 [ 61.701073][ T860] usb 3-1: USB disconnect, device number 4 [ 62.248623][ T1561] loop2: detected capacity change from 0 to 1024 [ 62.306935][ T1561] EXT4-fs error (device loop2): ext4_fill_super:4831: inode #2: comm syz-executor.2: casefold flag without casefold feature [ 62.327611][ T1561] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 62.352108][ T1561] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 62.398199][ T1567] loop1: detected capacity change from 0 to 512 [ 62.454275][ T1567] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #15: comm syz-executor.1: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 62.488550][ T1567] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 62.525586][ T1567] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 62.540085][ T1567] ext4 filesystem being mounted at /root/syzkaller-testdir1037093908/syzkaller.NMt7wl/110/file2 supports timestamps until 2038 (0x7fffffff) [ 62.560601][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 62.615376][ T30] kauditd_printk_skb: 37 callbacks suppressed [ 62.615393][ T30] audit: type=1400 audit(1717005044.063:264): avc: denied { read } for pid=1586 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 62.882966][ T1602] loop1: detected capacity change from 0 to 1024 [ 62.934430][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 62.955956][ T1602] EXT4-fs error (device loop1): ext4_fill_super:4831: inode #2: comm syz-executor.1: casefold flag without casefold feature [ 62.981159][ T1602] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 62.998116][ T1602] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 63.293661][ T30] audit: type=1400 audit(1717005044.743:265): avc: denied { write } for pid=1637 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 63.363246][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 64.152769][ T1685] loop0: detected capacity change from 0 to 2048 [ 64.208860][ T1685] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 64.220897][ T1685] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 65.317400][ T1668] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.325047][ T1668] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.332877][ T1668] device bridge_slave_0 entered promiscuous mode [ 65.339883][ T1668] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.347279][ T1668] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.354568][ T1668] device bridge_slave_1 entered promiscuous mode [ 67.079034][ T30] audit: type=1400 audit(1717005048.533:266): avc: denied { execute } for pid=1802 comm="syz-executor.0" path=2F6D656D66643A202864656C6574656429 dev="tmpfs" ino=67 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 68.871617][ T30] audit: type=1400 audit(1717005050.323:267): avc: denied { ioctl } for pid=1918 comm="syz-executor.0" path="socket:[19753]" dev="sockfs" ino=19753 ioctlcmd=0x48d4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 68.900881][ T30] audit: type=1400 audit(1717005050.353:268): avc: denied { write } for pid=1920 comm="syz-executor.0" path="socket:[19762]" dev="sockfs" ino=19762 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 68.941401][ T30] audit: type=1400 audit(1717005050.393:269): avc: denied { bind } for pid=1925 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 68.968355][ T1924] Invalid ELF header magic: != ELF [ 68.968387][ T30] audit: type=1400 audit(1717005050.423:270): avc: denied { sys_module } for pid=1923 comm="syz-executor.1" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 68.994992][ T30] audit: type=1400 audit(1717005050.423:271): avc: denied { module_load } for pid=1923 comm="syz-executor.1" path="/sys/kernel/notes" dev="sysfs" ino=1140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1 [ 69.177442][ T1932] x_tables: duplicate underflow at hook 2 [ 69.331010][ T860] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.338649][ T860] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.547675][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.555854][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.577401][ T333] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.584242][ T333] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.597281][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.605389][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.624594][ T333] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.631473][ T333] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.638911][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 69.646756][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 69.654577][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 69.662658][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 69.707674][ T10] device bridge_slave_1 left promiscuous mode [ 69.713644][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.757425][ T10] device bridge_slave_0 left promiscuous mode [ 69.763642][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.857609][ T10] device veth0_macvtap left promiscuous mode [ 69.863493][ T10] device veth1_macvtap left promiscuous mode [ 69.869664][ T10] device veth0_vlan left promiscuous mode [ 69.929427][ T702] Bluetooth: hci0: Frame reassembly failed (-84) [ 70.104594][ T1958] Invalid ELF header magic: != ELF [ 70.313671][ T1964] syz-executor.4[1964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 70.313730][ T1964] syz-executor.4[1964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 71.327725][ T1988] Invalid ELF header magic: != ELF [ 71.400379][ T30] audit: type=1400 audit(1717005052.853:272): avc: denied { unlink } for pid=1990 comm="syz-executor.3" name="#3" dev="sda1" ino=1964 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1 [ 71.947213][ T26] Bluetooth: hci0: command 0x1003 tx timeout [ 71.953131][ T410] Bluetooth: hci0: sending frame failed (-49) [ 72.899223][ T860] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 72.966116][ T2005] syz-executor.1[2005] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.966174][ T2005] syz-executor.1[2005] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.126672][ T2010] syz-executor.1[2010] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.138333][ T2010] syz-executor.1[2010] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.173807][ T1668] device veth0_vlan entered promiscuous mode [ 73.191576][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 73.199838][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 73.208158][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 73.216123][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 73.224697][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 73.232625][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 73.250345][ T1668] device veth1_macvtap entered promiscuous mode [ 73.266433][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 73.275037][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 73.285724][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 73.373505][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 73.382533][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 73.396227][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 73.405007][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 73.415235][ T2020] Invalid ELF header magic: != ELF [ 73.435020][ T30] audit: type=1400 audit(1717005054.883:273): avc: denied { mounton } for pid=1668 comm="syz-executor.2" path="/dev/binderfs" dev="devtmpfs" ino=362 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 73.682541][ T2035] syz-executor.4[2035] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.682618][ T2035] syz-executor.4[2035] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.861587][ T2041] syz-executor.4[2041] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.877394][ T2041] syz-executor.4[2041] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.027212][ T860] Bluetooth: hci0: command 0x1001 tx timeout [ 74.044779][ T410] Bluetooth: hci0: sending frame failed (-49) [ 74.197187][ T26] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 74.437195][ T26] usb 2-1: Using ep0 maxpacket: 32 [ 74.576941][ T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 74.588355][ T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 74.597965][ T26] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 74.606771][ T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.615230][ T26] usb 2-1: config 0 descriptor?? [ 74.627264][ T20] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 74.657629][ T26] hub 2-1:0.0: USB hub found [ 74.917194][ T26] hub 2-1:0.0: config failed, can't read hub descriptor (err -22) [ 75.017211][ T20] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 75.017324][ T26] usbhid 2-1:0.0: can't add hid device: -71 [ 75.028427][ T20] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 75.034129][ T26] usbhid: probe of 2-1:0.0 failed with error -71 [ 75.045554][ T20] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 75.060106][ T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.077697][ T26] usb 2-1: USB disconnect, device number 12 [ 75.097310][ T2057] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 75.380530][ T2073] bpf_get_probe_write_proto: 2 callbacks suppressed [ 75.380552][ T2073] syz-executor.3[2073] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 75.392214][ T2073] syz-executor.3[2073] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 75.877153][ T850] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 76.027236][ T20] aiptek 5-1:17.0: Aiptek using 400 ms programming speed [ 76.034989][ T20] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input21 [ 76.107240][ T860] Bluetooth: hci0: command 0x1009 tx timeout [ 76.229571][ T860] usb 5-1: USB disconnect, device number 8 [ 76.247265][ T850] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 76.258040][ T850] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 76.267743][ T850] usb 3-1: New USB device found, idVendor=04b4, idProduct=0001, bcdDevice= 0.00 [ 76.276605][ T850] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.284970][ T850] usb 3-1: config 0 descriptor?? [ 76.828090][ T850] cypress 0003:04B4:0001.0005: item fetching failed at offset 1/5 [ 76.835885][ T850] cypress 0003:04B4:0001.0005: parse failed [ 76.841865][ T850] cypress: probe of 0003:04B4:0001.0005 failed with error -22 [ 77.035215][ T850] usb 3-1: USB disconnect, device number 5 [ 77.767188][ T1247] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 77.787800][ T30] audit: type=1400 audit(1717005059.243:274): avc: denied { mount } for pid=2134 comm="syz-executor.1" name="/" dev="ramfs" ino=20945 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 77.847250][ T850] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 78.057170][ T1247] usb 4-1: Using ep0 maxpacket: 16 [ 78.207206][ T850] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 78.227159][ T850] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 78.236901][ T850] usb 3-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00 [ 78.267333][ T850] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.275817][ T850] usb 3-1: config 0 descriptor?? [ 78.357246][ T1247] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 78.366388][ T1247] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.374292][ T1247] usb 4-1: Product: syz [ 78.378459][ T1247] usb 4-1: Manufacturer: syz [ 78.385848][ T1247] usb 4-1: SerialNumber: syz [ 78.392376][ T1247] r8152-cfgselector 4-1: config 0 descriptor?? [ 78.642566][ T2126] loop3: detected capacity change from 0 to 512 [ 78.717747][ T2126] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 78.737395][ T2126] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor.3: invalid indirect mapped block 2683928664 (level 1) [ 78.753377][ T2126] EXT4-fs (loop3): Remounting filesystem read-only [ 78.761048][ T850] petalynx 0003:18B1:0037.0006: item fetching failed at offset 1/5 [ 78.769070][ T2126] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 78.769262][ T850] petalynx 0003:18B1:0037.0006: parse failed [ 78.792971][ T2126] EXT4-fs (loop3): 1 truncate cleaned up [ 78.798537][ T2126] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,errors=continue,errors=remount-ro,minixdf,jqfmt=vfsv0,usrjquota=.smackfsfloor=ext4. Quota mode: writeback. [ 78.802533][ T850] petalynx: probe of 0003:18B1:0037.0006 failed with error -22 [ 78.839355][ T30] audit: type=1400 audit(1717005060.293:275): avc: denied { mounton } for pid=2125 comm="syz-executor.3" path="/root/syzkaller-testdir2510801080/syzkaller.dGLclL/161/file0/file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 78.867456][ T2126] incfs: Options parsing error. -22 [ 78.872747][ T2126] incfs: mount failed -22 [ 78.877105][ T30] audit: type=1400 audit(1717005060.323:276): avc: denied { remount } for pid=2151 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 78.907302][ T1247] r8152-cfgselector 4-1: Unknown version 0x0000 [ 78.927244][ T1247] r8152-cfgselector 4-1: Unknown version 0x0000 [ 78.933710][ T1247] r8152-cfgselector 4-1: bad CDC descriptors [ 78.964361][ T332] usb 3-1: USB disconnect, device number 6 [ 78.970124][ T1247] r8152-cfgselector 4-1: Unknown version 0x0000 [ 78.970832][ T1247] r8152-cfgselector 4-1: USB disconnect, device number 7 [ 79.933183][ T332] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 79.965814][ T2171] loop0: detected capacity change from 0 to 512 [ 79.997194][ T1247] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 79.998888][ T2171] EXT4-fs (loop0): Ignoring removed nobh option [ 80.019386][ T2171] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,nogrpid,,errors=continue. Quota mode: writeback. [ 80.031500][ T2171] ext4 filesystem being mounted at /root/syzkaller-testdir300911910/syzkaller.ErY8ZK/112/bus supports timestamps until 2038 (0x7fffffff) [ 80.327303][ T332] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.338194][ T332] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.348488][ T332] usb 5-1: New USB device found, idVendor=04b4, idProduct=0001, bcdDevice= 0.00 [ 80.357606][ T20] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 80.365074][ T332] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.373624][ T332] usb 5-1: config 0 descriptor?? [ 80.417240][ T1247] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 80.428132][ T1247] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 80.459425][ T1247] usb 3-1: New USB device found, idVendor=1d34, idProduct=0008, bcdDevice= 0.00 [ 80.469873][ T1247] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.479319][ T1247] usb 3-1: config 0 descriptor?? [ 80.647199][ T20] usb 2-1: Using ep0 maxpacket: 8 [ 80.777302][ T20] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 80.785387][ T20] usb 2-1: config 179 has no interface number 0 [ 80.808716][ T20] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 80.839497][ T20] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 80.858018][ T332] cypress 0003:04B4:0001.0007: item fetching failed at offset 1/5 [ 80.865800][ T332] cypress 0003:04B4:0001.0007: parse failed [ 80.871701][ T1247] usb 3-1: string descriptor 0 read error: -71 [ 80.878140][ T1247] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 80.899101][ T20] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 80.911154][ T1247] usb 3-1: USB disconnect, device number 7 [ 80.917868][ T332] cypress: probe of 0003:04B4:0001.0007 failed with error -22 [ 80.933898][ T20] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 80.945421][ T20] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 80.958690][ T20] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 80.967734][ T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.987217][ T2177] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 81.061212][ T850] usb 5-1: USB disconnect, device number 9 [ 81.237968][ T1247] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input22 [ 81.419099][ T1247] usb 2-1: USB disconnect, device number 13 [ 81.447174][ C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 81.455332][ T1247] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 81.617181][ T850] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 81.857158][ T850] usb 3-1: Using ep0 maxpacket: 16 [ 82.137206][ T850] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 82.146233][ T850] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.154296][ T850] usb 3-1: Product: syz [ 82.158447][ T850] usb 3-1: Manufacturer: syz [ 82.163033][ T850] usb 3-1: SerialNumber: syz [ 82.169297][ T850] r8152-cfgselector 3-1: config 0 descriptor?? [ 82.400039][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 82.411456][ T2192] loop2: detected capacity change from 0 to 512 [ 82.441458][ T2192] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 82.449670][ T2192] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor.2: invalid indirect mapped block 2683928664 (level 1) [ 82.464066][ T2192] EXT4-fs (loop2): Remounting filesystem read-only [ 82.470664][ T2192] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 82.486236][ T2224] syz-executor.4[2224] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 82.486316][ T2224] syz-executor.4[2224] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 82.486997][ T2192] EXT4-fs (loop2): 1 truncate cleaned up [ 82.515106][ T2192] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,errors=continue,errors=remount-ro,minixdf,jqfmt=vfsv0,usrjquota=.smackfsfloor=ext4. Quota mode: writeback. [ 82.540801][ T2192] incfs: Options parsing error. -22 [ 82.546077][ T2192] incfs: mount failed -22 [ 82.567209][ T850] r8152-cfgselector 3-1: Unknown version 0x0000 [ 82.587381][ T850] r8152-cfgselector 3-1: Unknown version 0x0000 [ 82.593739][ T850] r8152-cfgselector 3-1: bad CDC descriptors [ 82.617206][ T850] r8152-cfgselector 3-1: Unknown version 0x0000 [ 82.623827][ T850] r8152-cfgselector 3-1: USB disconnect, device number 8 [ 83.077196][ T1247] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 83.317176][ T1247] usb 2-1: Using ep0 maxpacket: 16 [ 83.424374][ T2237] loop4: detected capacity change from 0 to 512 [ 83.507961][ T2237] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 83.520314][ T2237] ext4 filesystem being mounted at /root/syzkaller-testdir3575999368/syzkaller.DkxIss/142/file0 supports timestamps until 2038 (0x7fffffff) [ 83.628294][ T1247] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 83.637197][ T1247] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.645045][ T1247] usb 2-1: Product: syz [ 83.649624][ T1247] usb 2-1: Manufacturer: syz [ 83.654041][ T1247] usb 2-1: SerialNumber: syz [ 83.667366][ T1247] r8152-cfgselector 2-1: config 0 descriptor?? [ 84.046333][ T2229] loop1: detected capacity change from 0 to 512 [ 84.100058][ T2229] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 84.108603][ T2229] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz-executor.1: invalid indirect mapped block 2683928664 (level 1) [ 84.123105][ T2229] EXT4-fs (loop1): Remounting filesystem read-only [ 84.129777][ T2229] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 84.144465][ T2229] EXT4-fs (loop1): 1 truncate cleaned up [ 84.150027][ T2229] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,errors=continue,errors=remount-ro,minixdf,jqfmt=vfsv0,usrjquota=.smackfsfloor=ext4. Quota mode: writeback. [ 84.171480][ T2229] incfs: Options parsing error. -22 [ 84.176557][ T2229] incfs: mount failed -22 [ 84.187226][ T1247] r8152-cfgselector 2-1: Unknown version 0x0000 [ 84.217462][ T1247] r8152-cfgselector 2-1: Unknown version 0x0000 [ 84.223632][ T1247] r8152-cfgselector 2-1: bad CDC descriptors [ 84.257267][ T1247] r8152-cfgselector 2-1: Unknown version 0x0000 [ 84.265044][ T1247] r8152-cfgselector 2-1: USB disconnect, device number 14 [ 84.427440][ T20] Bluetooth: hci0: command 0x1003 tx timeout [ 84.433309][ T410] Bluetooth: hci0: sending frame failed (-49) [ 84.766614][ T2273] Invalid ELF header magic: != ELF [ 85.034011][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 85.047165][ T26] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 85.527198][ T26] usb 5-1: Using ep0 maxpacket: 8 [ 85.647221][ T26] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 85.655467][ T26] usb 5-1: config 179 has no interface number 0 [ 85.661550][ T26] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 85.672363][ T26] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 85.683565][ T26] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 85.694863][ T26] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 85.706092][ T26] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 85.719796][ T26] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 85.728870][ T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.757412][ T2275] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 85.997965][ T26] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input23 [ 86.180632][ T20] usb 5-1: USB disconnect, device number 10 [ 86.197153][ C1] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 86.204614][ T2311] loop3: detected capacity change from 0 to 32768 [ 86.211523][ T20] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 86.507192][ T26] Bluetooth: hci0: command 0x1001 tx timeout [ 86.513086][ T410] Bluetooth: hci0: sending frame failed (-49) [ 86.880424][ T30] audit: type=1400 audit(1717005068.333:277): avc: denied { setopt } for pid=2326 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 86.993736][ T2329] loop2: detected capacity change from 0 to 32768 [ 87.848155][ T2395] fuse: Bad value for 'fd' [ 87.893998][ T2401] loop1: detected capacity change from 0 to 2048 [ 87.937603][ T2401] loop1: p1 < > p4 [ 87.941835][ T2401] loop1: p4 size 8388608 extends beyond EOD, truncated [ 88.044672][ T2415] Invalid ELF header magic: != ELF [ 88.050074][ T2413] mmap: syz-executor.2 (2413) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 88.219107][ T2428] fuse: Bad value for 'fd' [ 88.588867][ T2443] Invalid ELF header magic: != ELF [ 88.594393][ T333] Bluetooth: hci0: command 0x1009 tx timeout [ 188.597127][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 188.603671][ C0] rcu: 0-...!: (10000 ticks this GP) idle=ea1/1/0x4000000000000000 softirq=12215/12215 fqs=0 last_accelerate: ad00/d431 dyntick_enabled: 1 [ 188.617719][ C0] (t=10002 jiffies g=12565 q=2342) [ 188.622745][ C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10001 jiffies! g12565 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 188.634916][ C0] rcu: Possible timer handling issue on cpu=0 timer-softirq=3350 [ 188.642537][ C0] rcu: rcu_preempt kthread starved for 10004 jiffies! g12565 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 188.653736][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 188.663539][ C0] rcu: RCU grace-period kthread stack dump: [ 188.669278][ C0] task:rcu_preempt state:I stack:28288 pid: 14 ppid: 2 flags:0x00004000 [ 188.678305][ C0] Call Trace: [ 188.681425][ C0] [ 188.684205][ C0] __schedule+0xccc/0x1590 [ 188.688447][ C0] ? __sched_text_start+0x8/0x8 [ 188.693133][ C0] ? __kasan_check_write+0x14/0x20 [ 188.698168][ C0] schedule+0x11f/0x1e0 [ 188.702171][ C0] schedule_timeout+0x18c/0x370 [ 188.706849][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 188.711885][ C0] ? console_conditional_schedule+0x30/0x30 [ 188.717611][ C0] ? update_process_times+0x200/0x200 [ 188.722817][ C0] ? prepare_to_swait_event+0x308/0x320 [ 188.728322][ C0] rcu_gp_fqs_loop+0x2af/0xf80 [ 188.732917][ C0] ? debug_smp_processor_id+0x17/0x20 [ 188.738123][ C0] ? __note_gp_changes+0x4ab/0x920 [ 188.743073][ C0] ? rcu_gp_init+0xc30/0xc30 [ 188.747513][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 188.752536][ C0] ? rcu_gp_init+0x9cf/0xc30 [ 188.756957][ C0] rcu_gp_kthread+0xa4/0x350 [ 188.761385][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 188.766070][ C0] ? wake_nocb_gp+0x1e0/0x1e0 [ 188.770585][ C0] ? __kasan_check_read+0x11/0x20 [ 188.775468][ C0] ? __kthread_parkme+0xb2/0x200 [ 188.780217][ C0] kthread+0x421/0x510 [ 188.784119][ C0] ? wake_nocb_gp+0x1e0/0x1e0 [ 188.788644][ C0] ? kthread_blkcg+0xd0/0xd0 [ 188.793146][ C0] ret_from_fork+0x1f/0x30 [ 188.797404][ C0] [ 188.800267][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 188.806442][ C0] NMI backtrace for cpu 0 [ 188.810609][ C0] CPU: 0 PID: 2440 Comm: syz-executor.2 Tainted: G W 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 188.822047][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 188.831944][ C0] Call Trace: [ 188.835065][ C0] [ 188.837757][ C0] dump_stack_lvl+0x151/0x1b7 [ 188.842270][ C0] ? io_uring_drop_tctx_refs+0x190/0x190 [ 188.847745][ C0] dump_stack+0x15/0x17 [ 188.851735][ C0] nmi_cpu_backtrace+0x2f7/0x300 [ 188.856504][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 188.862497][ C0] ? panic+0x751/0x751 [ 188.866402][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 188.872327][ C0] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 188.878128][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 188.884021][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 188.889834][ C0] rcu_check_gp_kthread_starvation+0x1e3/0x250 [ 188.895829][ C0] ? rcu_check_gp_kthread_expired_fqs_timer+0x18e/0x230 [ 188.902596][ C0] print_cpu_stall+0x310/0x5f0 [ 188.907194][ C0] rcu_sched_clock_irq+0x989/0x12f0 [ 188.912226][ C0] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 188.918217][ C0] ? hrtimer_run_queues+0x15f/0x440 [ 188.923249][ C0] update_process_times+0x198/0x200 [ 188.928284][ C0] tick_sched_timer+0x188/0x240 [ 188.932968][ C0] ? tick_setup_sched_timer+0x480/0x480 [ 188.938351][ C0] __hrtimer_run_queues+0x41a/0xad0 [ 188.943389][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 188.948334][ C0] ? clockevents_program_event+0x22f/0x300 [ 188.953973][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 188.959882][ C0] hrtimer_interrupt+0x40c/0xaa0 [ 188.964656][ C0] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 188.970378][ C0] sysvec_apic_timer_interrupt+0x95/0xc0 [ 188.975843][ C0] [ 188.978621][ C0] [ 188.981398][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 188.987224][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 188.991992][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 189.011428][ C0] RSP: 0018:ffffc90001e17500 EFLAGS: 00000246 [ 189.017331][ C0] RAX: 0000000000000001 RBX: 1ffff920003c2ea4 RCX: 1ffffffff0d1aa9c [ 189.025161][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 189.032960][ C0] RBP: ffffc90001e175b0 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 189.040767][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 189.048574][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff920003c2ea8 [ 189.056393][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 189.062376][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 189.067325][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 189.073230][ C0] ? get_futex_key+0x7ce/0xce0 [ 189.077825][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 189.084076][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 189.088852][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 189.093882][ C0] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 189.099177][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 189.104211][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 189.109588][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9c8 [ 189.114969][ C0] bpf_trace_run2+0xec/0x210 [ 189.119395][ C0] ? context_to_sid+0x5a8/0x600 [ 189.124082][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 189.128769][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 189.134150][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 189.139532][ C0] __bpf_trace_kfree+0x6f/0x90 [ 189.144129][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 189.149517][ C0] kfree+0x1f3/0x220 [ 189.153335][ C0] ? policydb_context_isvalid+0x1de/0x430 [ 189.158892][ C0] security_compute_sid+0x1d7d/0x1f40 [ 189.164100][ C0] ? security_transition_sid+0x90/0x90 [ 189.169392][ C0] ? alloc_file_pseudo+0x280/0x2f0 [ 189.174338][ C0] ? __kasan_check_write+0x14/0x20 [ 189.179284][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 189.184145][ C0] ? fd_install+0x144/0x250 [ 189.188486][ C0] ? bpf_raw_tracepoint_open+0x8a0/0x950 [ 189.193952][ C0] security_transition_sid+0x7d/0x90 [ 189.199077][ C0] selinux_socket_create+0x204/0x330 [ 189.204194][ C0] ? selinux_socket_unix_may_send+0x2f0/0x2f0 [ 189.210102][ C0] security_socket_create+0x77/0xb0 [ 189.215218][ C0] __sock_create+0xd6/0x760 [ 189.219559][ C0] __sys_socket+0x132/0x370 [ 189.223897][ C0] ? sock_create_kern+0x50/0x50 [ 189.228700][ C0] ? __kasan_check_read+0x11/0x20 [ 189.233536][ C0] __x64_sys_socket+0x7a/0x90 [ 189.238042][ C0] do_syscall_64+0x3d/0xb0 [ 189.242295][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 189.248023][ C0] RIP: 0033:0x7efc1260bee9 [ 189.252298][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 189.271717][ C0] RSP: 002b:00007efc113800c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 189.279966][ C0] RAX: ffffffffffffffda RBX: 00007efc12742fa0 RCX: 00007efc1260bee9 [ 189.287774][ C0] RDX: 0000000000000001 RSI: 0000000000000003 RDI: 0000000000000002 [ 189.295586][ C0] RBP: 00007efc1265847f R08: 0000000000000000 R09: 0000000000000000 [ 189.303395][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 189.311208][ C0] R13: 000000000000000b R14: 00007efc12742fa0 R15: 00007ffcb748ac08 [ 189.319027][ C0] [ 189.321916][ C0] NMI backtrace for cpu 0 [ 189.326048][ C0] CPU: 0 PID: 2440 Comm: syz-executor.2 Tainted: G W 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 189.337507][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 189.347401][ C0] Call Trace: [ 189.350524][ C0] [ 189.353213][ C0] dump_stack_lvl+0x151/0x1b7 [ 189.357738][ C0] ? io_uring_drop_tctx_refs+0x190/0x190 [ 189.363197][ C0] ? ttwu_do_wakeup+0x187/0x430 [ 189.367974][ C0] dump_stack+0x15/0x17 [ 189.371963][ C0] nmi_cpu_backtrace+0x2f7/0x300 [ 189.376738][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 189.382725][ C0] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 189.388023][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 189.392717][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 189.398608][ C0] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 189.404421][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 189.410323][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 189.416060][ C0] rcu_dump_cpu_stacks+0x1d8/0x330 [ 189.421001][ C0] print_cpu_stall+0x315/0x5f0 [ 189.425701][ C0] rcu_sched_clock_irq+0x989/0x12f0 [ 189.430720][ C0] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 189.436707][ C0] ? hrtimer_run_queues+0x15f/0x440 [ 189.441743][ C0] update_process_times+0x198/0x200 [ 189.446777][ C0] tick_sched_timer+0x188/0x240 [ 189.451463][ C0] ? tick_setup_sched_timer+0x480/0x480 [ 189.456848][ C0] __hrtimer_run_queues+0x41a/0xad0 [ 189.461879][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 189.466836][ C0] ? clockevents_program_event+0x22f/0x300 [ 189.472465][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 189.478370][ C0] hrtimer_interrupt+0x40c/0xaa0 [ 189.483153][ C0] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 189.488870][ C0] sysvec_apic_timer_interrupt+0x95/0xc0 [ 189.494336][ C0] [ 189.497116][ C0] [ 189.499977][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 189.505792][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 189.510656][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 189.530197][ C0] RSP: 0018:ffffc90001e17500 EFLAGS: 00000246 [ 189.536099][ C0] RAX: 0000000000000001 RBX: 1ffff920003c2ea4 RCX: 1ffffffff0d1aa9c [ 189.543912][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 189.551719][ C0] RBP: ffffc90001e175b0 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 189.559530][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 189.567344][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff920003c2ea8 [ 189.575157][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 189.581144][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 189.586094][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 189.591995][ C0] ? get_futex_key+0x7ce/0xce0 [ 189.596595][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 189.602843][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 189.607618][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 189.612653][ C0] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 189.617946][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 189.622983][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 189.628361][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9c8 [ 189.633739][ C0] bpf_trace_run2+0xec/0x210 [ 189.638175][ C0] ? context_to_sid+0x5a8/0x600 [ 189.642854][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 189.647544][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 189.652922][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 189.658313][ C0] __bpf_trace_kfree+0x6f/0x90 [ 189.662901][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 189.668283][ C0] kfree+0x1f3/0x220 [ 189.672014][ C0] ? policydb_context_isvalid+0x1de/0x430 [ 189.677574][ C0] security_compute_sid+0x1d7d/0x1f40 [ 189.682783][ C0] ? security_transition_sid+0x90/0x90 [ 189.688071][ C0] ? alloc_file_pseudo+0x280/0x2f0 [ 189.693022][ C0] ? __kasan_check_write+0x14/0x20 [ 189.697974][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 189.702830][ C0] ? fd_install+0x144/0x250 [ 189.707168][ C0] ? bpf_raw_tracepoint_open+0x8a0/0x950 [ 189.712635][ C0] security_transition_sid+0x7d/0x90 [ 189.717758][ C0] selinux_socket_create+0x204/0x330 [ 189.722875][ C0] ? selinux_socket_unix_may_send+0x2f0/0x2f0 [ 189.728784][ C0] security_socket_create+0x77/0xb0 [ 189.733941][ C0] __sock_create+0xd6/0x760 [ 189.738285][ C0] __sys_socket+0x132/0x370 [ 189.742620][ C0] ? sock_create_kern+0x50/0x50 [ 189.747310][ C0] ? __kasan_check_read+0x11/0x20 [ 189.752168][ C0] __x64_sys_socket+0x7a/0x90 [ 189.756682][ C0] do_syscall_64+0x3d/0xb0 [ 189.760933][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 189.766663][ C0] RIP: 0033:0x7efc1260bee9 [ 189.770915][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 189.790357][ C0] RSP: 002b:00007efc113800c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 189.798604][ C0] RAX: ffffffffffffffda RBX: 00007efc12742fa0 RCX: 00007efc1260bee9 [ 189.806413][ C0] RDX: 0000000000000001 RSI: 0000000000000003 RDI: 0000000000000002 [ 189.814223][ C0] RBP: 00007efc1265847f R08: 0000000000000000 R09: 0000000000000000 [ 189.822035][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 189.829845][ C0] R13: 000000000000000b R14: 00007efc12742fa0 R15: 00007ffcb748ac08 [ 189.837755][ C0] [ 221.017368][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 143s! [syz-executor.3:2444] [ 221.026081][ C1] Modules linked in: [ 221.029808][ C1] CPU: 1 PID: 2444 Comm: syz-executor.3 Tainted: G W 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 221.041269][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 221.051161][ C1] RIP: 0010:__pv_queued_spin_lock_slowpath+0x5ba/0xc40 [ 221.057940][ C1] Code: 00 00 49 89 dc c6 03 00 48 8b 44 24 10 0f b6 04 10 84 c0 0f 85 48 01 00 00 48 8b 44 24 08 c6 00 01 bb 00 80 ff ff eb 06 f3 90 c3 74 5e 41 0f b6 44 15 00 84 c0 75 36 41 80 3f 00 75 ea 4c 89 [ 221.077902][ C1] RSP: 0018:ffffc90001d7f0c0 EFLAGS: 00000206 [ 221.083802][ C1] RAX: 0000000000000000 RBX: 00000000ffff91be RCX: ffffffff8154fa7f [ 221.091616][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888107dee6a8 [ 221.099424][ C1] RBP: ffffc90001d7f1b0 R08: dffffc0000000000 R09: ffffed1020fbdcd6 [ 221.107404][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881f7137ed4 [ 221.115299][ C1] R13: 1ffff11020fbdcd5 R14: 1ffff1103ee20001 R15: ffff888107dee6a8 [ 221.123111][ C1] FS: 0000555556ffb480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 221.131879][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.138303][ C1] CR2: 00007fb0d7aa7723 CR3: 000000010e5ac000 CR4: 00000000003506a0 [ 221.146122][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 221.153923][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 221.161740][ C1] Call Trace: [ 221.164864][ C1] [ 221.167557][ C1] ? show_regs+0x58/0x60 [ 221.171631][ C1] ? watchdog_timer_fn+0x4b1/0x5f0 [ 221.176577][ C1] ? proc_watchdog_cpumask+0xd0/0xd0 [ 221.181697][ C1] ? __hrtimer_run_queues+0x41a/0xad0 [ 221.186906][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 221.191853][ C1] ? clockevents_program_event+0x22f/0x300 [ 221.197495][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 221.203422][ C1] ? hrtimer_interrupt+0x40c/0xaa0 [ 221.208350][ C1] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 221.214246][ C1] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 221.219891][ C1] [ 221.222663][ C1] [ 221.225441][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 221.231431][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 221.237510][ C1] ? __pv_queued_spin_lock_slowpath+0x5ba/0xc40 [ 221.243581][ C1] ? inode_init_always+0x76d/0x9d0 [ 221.248529][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 221.254774][ C1] ? do_syscall_64+0x3d/0xb0 [ 221.259206][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 221.263975][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 221.269013][ C1] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 221.274303][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 221.279339][ C1] ? sock_map_unref+0x352/0x4d0 [ 221.284023][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9c8 [ 221.289407][ C1] bpf_trace_run2+0xec/0x210 [ 221.293831][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 221.298518][ C1] ? sock_map_unref+0x352/0x4d0 [ 221.303205][ C1] ? remove_wait_queue+0x140/0x140 [ 221.308165][ C1] ? inode_doinit_with_dentry+0x10f/0x1070 [ 221.313794][ C1] ? sock_map_unref+0x352/0x4d0 [ 221.318482][ C1] __bpf_trace_kfree+0x6f/0x90 [ 221.323079][ C1] ? sock_map_unref+0x352/0x4d0 [ 221.327769][ C1] kfree+0x1f3/0x220 [ 221.331508][ C1] sock_map_unref+0x352/0x4d0 [ 221.336015][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 221.341140][ C1] ? kfree_link+0x15/0x20 [ 221.345318][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9c8 [ 221.350682][ C1] bpf_trace_run2+0xec/0x210 [ 221.355109][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 221.359792][ C1] ? kfree_link+0x15/0x20 [ 221.363957][ C1] ? __lookup_slow+0x2fe/0x400 [ 221.368560][ C1] ? kfree_link+0x15/0x20 [ 221.372727][ C1] __bpf_trace_kfree+0x6f/0x90 [ 221.377330][ C1] ? kfree_link+0x15/0x20 [ 221.381490][ C1] ? noop_direct_IO+0x20/0x20 [ 221.386005][ C1] kfree+0x1f3/0x220 [ 221.389740][ C1] ? up_read+0x55/0x170 [ 221.393726][ C1] ? noop_direct_IO+0x20/0x20 [ 221.398247][ C1] kfree_link+0x15/0x20 [ 221.402232][ C1] walk_component+0x23a/0x610 [ 221.406746][ C1] ? nd_alloc_stack+0xf0/0xf0 [ 221.411259][ C1] ? security_inode_permission+0xb0/0xf0 [ 221.416822][ C1] link_path_walk+0x642/0xd90 [ 221.421336][ C1] ? handle_lookup_down+0x130/0x130 [ 221.426365][ C1] path_openat+0x271/0x2f40 [ 221.430701][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 221.435653][ C1] ? __kasan_slab_alloc+0xb1/0xe0 [ 221.440510][ C1] ? slab_post_alloc_hook+0x53/0x2c0 [ 221.445629][ C1] ? kmem_cache_alloc+0xf5/0x200 [ 221.450403][ C1] ? getname_flags+0xba/0x520 [ 221.454918][ C1] ? __x64_sys_openat+0x243/0x290 [ 221.459777][ C1] ? do_filp_open+0x460/0x460 [ 221.464291][ C1] do_filp_open+0x21c/0x460 [ 221.468630][ C1] ? vfs_tmpfile+0x2c0/0x2c0 [ 221.473069][ C1] ? noop_direct_IO+0x20/0x20 [ 221.477574][ C1] do_sys_openat2+0x13f/0x830 [ 221.482083][ C1] ? __kasan_slab_free+0x11/0x20 [ 221.486858][ C1] ? slab_free_freelist_hook+0xbd/0x190 [ 221.492238][ C1] ? do_sys_open+0x220/0x220 [ 221.496664][ C1] ? kmem_cache_free+0x116/0x2e0 [ 221.501439][ C1] ? do_symlinkat+0x4ca/0x5a0 [ 221.505951][ C1] __x64_sys_openat+0x243/0x290 [ 221.510638][ C1] ? __ia32_sys_open+0x270/0x270 [ 221.515414][ C1] ? debug_smp_processor_id+0x17/0x20 [ 221.520618][ C1] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 221.526520][ C1] ? exit_to_user_mode_prepare+0x39/0xa0 [ 221.531988][ C1] do_syscall_64+0x3d/0xb0 [ 221.536240][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 221.542054][ C1] RIP: 0033:0x7fb0d7a21a61 [ 221.546310][ C1] Code: 75 57 89 f0 25 00 00 41 00 3d 00 00 41 00 74 49 80 3d aa c4 10 00 00 74 6d 89 da 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 93 00 00 00 48 8b 54 24 28 64 48 2b 14 25 [ 221.565840][ C1] RSP: 002b:00007ffd33c7df10 EFLAGS: 00000202 ORIG_RAX: 0000000000000101 [ 221.574080][ C1] RAX: ffffffffffffffda RBX: 0000000000080001 RCX: 00007fb0d7a21a61 [ 221.581891][ C1] RDX: 0000000000080001 RSI: 00007fb0d7a6f507 RDI: 00000000ffffff9c [ 221.589704][ C1] RBP: 00007fb0d7a6f507 R08: 0000000000000000 R09: 0000000000000000 [ 221.597515][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000004 [ 221.605334][ C1] R13: 00007ffd33c7dfb0 R14: 0000000000000001 R15: 0000000000000001 [ 221.613141][ C1] [ 221.616002][ C1] Sending NMI from CPU 1 to CPUs 0: [ 221.621070][ C0] NMI backtrace for cpu 0 [ 221.621080][ C0] CPU: 0 PID: 2440 Comm: syz-executor.2 Tainted: G W 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 221.621100][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 221.621110][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 221.621131][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 221.621146][ C0] RSP: 0018:ffffc90001e17500 EFLAGS: 00000246 [ 221.621161][ C0] RAX: 0000000000000001 RBX: 1ffff920003c2ea4 RCX: 1ffffffff0d1aa9c [ 221.621173][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 221.621184][ C0] RBP: ffffc90001e175b0 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 221.621198][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 221.621210][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff920003c2ea8 [ 221.621223][ C0] FS: 00007efc113806c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 221.621239][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.621251][ C0] CR2: 0000001b2bd23000 CR3: 00000001101d5000 CR4: 00000000003506b0 [ 221.621266][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 221.621276][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 221.621287][ C0] Call Trace: [ 221.621292][ C0] [ 221.621298][ C0] ? show_regs+0x58/0x60 [ 221.621316][ C0] ? nmi_cpu_backtrace+0x29f/0x300 [ 221.621336][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 221.621358][ C0] ? kvm_wait+0x147/0x180 [ 221.621373][ C0] ? kvm_wait+0x147/0x180 [ 221.621388][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 221.621407][ C0] ? nmi_handle+0xa8/0x280 [ 221.621424][ C0] ? kvm_wait+0x147/0x180 [ 221.621440][ C0] ? default_do_nmi+0x69/0x160 [ 221.621458][ C0] ? exc_nmi+0xaf/0x120 [ 221.621474][ C0] ? end_repeat_nmi+0x16/0x31 [ 221.621493][ C0] ? kvm_wait+0x147/0x180 [ 221.621508][ C0] ? kvm_wait+0x147/0x180 [ 221.621524][ C0] ? kvm_wait+0x147/0x180 [ 221.621539][ C0] [ 221.621544][ C0] [ 221.621549][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 221.621566][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 221.621585][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 221.621607][ C0] ? get_futex_key+0x7ce/0xce0 [ 221.621627][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 221.621654][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 221.621674][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 221.621694][ C0] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 221.621715][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 221.621734][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 221.621752][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9c8 [ 221.621766][ C0] bpf_trace_run2+0xec/0x210 [ 221.621784][ C0] ? context_to_sid+0x5a8/0x600 [ 221.621803][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 221.621820][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 221.621838][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 221.621855][ C0] __bpf_trace_kfree+0x6f/0x90 [ 221.621871][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 221.621888][ C0] kfree+0x1f3/0x220 [ 221.621905][ C0] ? policydb_context_isvalid+0x1de/0x430 [ 221.621926][ C0] security_compute_sid+0x1d7d/0x1f40 [ 221.621951][ C0] ? security_transition_sid+0x90/0x90 [ 221.621967][ C0] ? alloc_file_pseudo+0x280/0x2f0 [ 221.621988][ C0] ? __kasan_check_write+0x14/0x20 [ 221.622006][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 221.622026][ C0] ? fd_install+0x144/0x250 [ 221.622043][ C0] ? bpf_raw_tracepoint_open+0x8a0/0x950 [ 221.622063][ C0] security_transition_sid+0x7d/0x90 [ 221.622081][ C0] selinux_socket_create+0x204/0x330 [ 221.622098][ C0] ? selinux_socket_unix_may_send+0x2f0/0x2f0 [ 221.622117][ C0] security_socket_create+0x77/0xb0 [ 221.622134][ C0] __sock_create+0xd6/0x760 [ 221.622152][ C0] __sys_socket+0x132/0x370 [ 221.622168][ C0] ? sock_create_kern+0x50/0x50 [ 221.622183][ C0] ? __kasan_check_read+0x11/0x20 [ 221.622202][ C0] __x64_sys_socket+0x7a/0x90 [ 221.622218][ C0] do_syscall_64+0x3d/0xb0 [ 221.622235][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 221.622251][ C0] RIP: 0033:0x7efc1260bee9 [ 221.622265][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 221.622280][ C0] RSP: 002b:00007efc113800c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 221.622295][ C0] RAX: ffffffffffffffda RBX: 00007efc12742fa0 RCX: 00007efc1260bee9 [ 221.622308][ C0] RDX: 0000000000000001 RSI: 0000000000000003 RDI: 0000000000000002 [ 221.622318][ C0] RBP: 00007efc1265847f R08: 0000000000000000 R09: 0000000000000000 [ 221.622329][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.622339][ C0] R13: 000000000000000b R14: 00007efc12742fa0 R15: 00007ffcb748ac08 [ 221.622354][ C0]