last executing test programs: 4.527372386s ago: executing program 4 (id=3114): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1c4d5eeb1253e8"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x16, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x91}, [@call]}, &(0x7f0000000000)='GPL\x00'}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000022c0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ef5070000000000000480000000820000095000000000000002ba7e1d30c04aa8b3382022ce2a1d97411a0f6b599e83f24a3aa81d36bb7019c13bd23212fb56f040026fbfefc4a056bdc17487902317142fac7e7be168c1869d0d4d94f2f4eb45c652fbc1626cca2a28d67893547db51ee988e6e06c8cedf7ceb9fc40400ae5e4aa74c92c6a51cbf9b0a4def23d410f6accd3641130bfc4e90a6341865c3f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0c18ce7400dae15cb7947c491b8bea3fd2f73902ebcfcf4982277d9800011b405bbf7b02433a9bcd715f5888b2007f000000001c000000010000000000000600000000309329170ee5b567e70f000006a10f58fa64533500000000000000000000000031000000000000001208e75a89faffbfb11b7dc6ea31001e846c12423a169f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617de7a6520655a80d0900f4d433623c850af895abba14f6fbd7fbad1f98e26ad4deaf1a4f294b2a431ab9142f3a06d54740a4bc5e3abd378af7c9676a08e774c48785f895b4ec8d1141d5e8744d7f09ab4df6027bf48cabecead649f96ea24d32872c494160cb7f33ce680eeb80157eb23f9902519ac655fa73103170cbc496d7122034b85e7e87a2db762cbb253fbd76b9117c1a11d18aa2040c5f0c289906000000000000005ffe94ff799a29459aff1374df5c49ca11d9b219c00c369a12bf8685b862d0dbdd956cbda1bae489bcef5ae59136aaadc59609f4d42617c0e6066938b521a0f2e2467a6c435ad5b800262a5da053ced5e95394e500000072737638ac44fb61310e2df511c60b3c88113996a81fb64bce5eb95ce91738640ff7ae6ed6b62086e699955926934389cdf9bcffff3ffd86fe9ce05268bf8a3958f2206cdc7095682c14f10be1075832956762b2dcc6251e7b74cb1da627e332765511c58215bf84d263e8778e6e8ffe4ea50b076446f35efffc006b340658342d2d9e06008c6ef3e98407d2fcefb34a0000000000000000895ddbb76122b1222e4da37177fe833e4fcaa67997e9dffd8918de33aed5bb09cb2a206ebd085bd9f90008d3fdd528efe6c1dca17f45ba5e8bd311a40030f9ffce75ffff996a80153a0077bb43f8a63dd390d18f0239b41da1a52383a4c6768ca1bb66b8fb3c5000f6f246fd20356a60769b461b6cdf133de073b1df08ae09268b0073bb97d88d741a5546e76caf4b6b1387ff37ec13d262dae0260be74cdf7bb6d3107597430ef5bbd476bb9d69b2aef9f3cb644b4bf01ccf16d40720939daf422b7473c24b93085c51e02af469bdfb361b9c015dd026fd0fffe3c66f5c343afb78a7cfd852f3e05c089887d7df2ff4f9982030019421af6b78ff9c444a17091875cfe4eab0e7f50eb69c860b1613a6b4f5af04f9c635d8d646c89f8b85f820ce7464c731deba39f9ff7b815f7b0acba754c01ed8bf1bba0010a8c6a2b966d861f9dd547abf2e9b23e5607f00bb02000000000000c84799aa792cdaeb607ba513250e13ae696cd6ed7d318190a93b9ee07927efca6b8d1f5980994690bbe002db5146439d906a0d4aef065214b15666cdca81091b69acee127ce0821fc19e0891f0b53469f935c5ac420100010000000000fb53faf4420638489e6a1c696d8c414a87b60000000000080000b6be1557951854c01dbc2d061827ae6349a045b780893771524a424335b9fc34616ee9f09141057262530b7c2f7c9b969938779736ece7b470078ac0b1b4b528000000009866e9994ca9096672ec9f3800c2fc35ba6516e542624c47bdba76a816c3a3dd6c3fa87a3ec91df199a9af91a7babf2b8d0e7b77e6dfb4bbc9817847b705000000a1000000000000ab8353f3800f045b90b0eaab6d731199c9447eabbc8c740183aff5389742e47de5000000826a570d14310700cf2ae3366ebdb7f1000000000000333c00e6addbf4c71ffad6bfb5babb49109f92a5a52042c435c98ce7616355493d280f2d0be99e18fd0900c769e7eb4edc1c03a33676590bd2047229e0237c1e34641848531712ff09e89fb062a3e66f4fceea0691f0b4e0b33194404e643243c3841e1e7fe301f7f47a7f89512d92e83624e3de705bdfbfe089e381398e9d5428a00cc8a6d097d97e6ac8bd09b1a5577920a650114a522c1e2dcdc4f606fcbcee91770a9fada34d38cd7976a9228a0a0dd8661be8162e966aac26bea4c11458cd6ce22ddf7054cdd0a60ef3ec000000000000000000425cb75dc7ec92e9a5d29f9c99697d2a98ae0a9f35e4196c3faeb7a60a0290bf897846f6f0f1c163d6075119169d55d10da9ad0e4b2c636d200000009baaf94e2b2c48e70d8453f832eecfb1de2a3f38a5c986de9e37737dac74db251d5e9ea2b8ed39e91a7a17d01b49f7aaff7c4c73c3484bdcab362838ed940035b239a3646ef55b9f070ae14466b3acef9f8b28fb938a237e2e068ae4a6bce4407b54cc14614c2cdf877f000000000000000000000000bdcf23144e6c16b9235552aed83b6428f34d88c258a9ad16386bba51b60838fb11bc193a206b5a25b7233b222e4e68e0d1e88f26b9a45b6c29469530a37ea92aaf421cf594ecfaff9a79b56f8b38038002d29b3193cea9cd0a0ef4f5bce1cdaa99705a8fa48f61071f548d411353965615c24c1860790dfae0f4cdf8c8f8645a289a79f9b919b674f0325d81eacaa8399324a304885da01733bb7917ec5e52718eb05f9c1ffd69f834150e9100c215968e8fb31c83526e6f66897569e28d01ca6135a2acca398c1415e0f9b58b63ee9dc33608ba7e5c4bdf3f37d8e4f4f424be263d9c2a5204f41e9b0ee01ad4cc0519395b69c310c98d3c8edc7d07b30617f3535634257f5472d9f3263a6f04778a920c12000721bb82f9884780ac294b8bb07ebf6e3f16584e95607e319b2ea9776f89c19fb775514246159bbfa9dc0fdf711d3efa316a3323c915a40e6d7c8f8d7daf98824fd0bc955dc9731cc8c7a600d94b8049af764688c7ffdd26a741b03b065ba9c586914d8beb94c8a265ace34172ed003357ddd400557230b2caba26bb91d7b1b98f11fb7a77b03206c151b00015305af815f7da19872085b503a21cbe722842c26ad8dd6b83018300000000000000000000f4ffffffffffffff000000000000000000000000000000000000798d011c62dbfdbad9e58e07d371e3a2399f2369631138ad4fb3aeb3f51233922b4c700fb163efbc55c912276685a774f2dce9bb9c54fd1f505eccf06323fad86c37adafb5e80b96ba9f925a6fd57de5fedf691e8b41c9835a840d12a224ed233c93ed92603401e5a61298294e9cab078c231121d4e32fb8286478fb12f5804d13c7bcff5dcffccd1d520dc04910239efc397b7736682e1c0ef0d001c17ec1441026ed4b1395b8e88a58d667a65cec1ddee1b30bcc96652a238c990a2701e2ee0915335fa4b8c33372bd00021f17c012451519ad56594c9469f164bb915edb1fd4ce76fb37bb9512632e9c9e7dcc772128c280c6e6cc0e859bd65c666e8b7732a2c2d517af56f4cde502f364922f3c2bbf9f4ced5c6f3d33428775b7399e6c6cf52bc8d5b48079700db251c7cdad3836c1e137b11917cff00e0ecc5e93fd7e8bdd83313a27197651c92f2f9be4a6f83662fa948c46632a979e8c66d22777a06601c5f5d3ab28b9f9e39543d2bb9de6ce57a6c1c3a635a0515c87abd11988cae405b9495f54b8d89503a8c9e96bdf08eb563e4cffe00e27272ca6e392ffca16b172ce8b6ee542ec9135e969b7b029beaeba12836110fcb686d82c066d0fc67fee8a00acda99a302a7aac9e920e34174323e7c6aeefd0a092545274fb164f21ac2f46849a6d0b51ad5a230a5ffab7a66e7dde5a335aeaa9736678319f344a32c99ac748bf200368963de24c237873ff5a01f14335de9a6d06c8b49ff27ddf0f13d5fe0901355765c397ce52791339d666eec141f0d33ca51f7b8aa6e9937631269b064d9c7323df8b7154f76708b912e"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x57, 0x10, &(0x7f0000000000), 0xffffffffffffffc9}, 0x48) ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000200)=r1) ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000280)) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0xda00) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8b26, &(0x7f0000000000)={'wlan1\x00', @multicast}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) close(r4) close(0xffffffffffffffff) openat$tun(0xffffffffffffff9c, &(0x7f00000017c0), 0x0, 0x0) ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x8923, 0x20000000) ioctl$SIOCSIFHWADDR(r4, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"}) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001680)={0x0, 0x6, 0x4}, 0xc) 4.140433791s ago: executing program 4 (id=3117): r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049e9) write$binfmt_elf64(r0, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3e, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x2}, [{}, {0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x8}]}, 0xb0) close(r0) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 4.129467451s ago: executing program 4 (id=3118): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f00000001c0)={[{@dioread_lock}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@grpquota}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==") open(&(0x7f0000000000)='./bus\x00', 0x14d35e, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x1261, 0x0) 3.924218009s ago: executing program 4 (id=3122): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x4031, 0xffffffffffffffff, 0x0) madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf) madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe) 3.63438819s ago: executing program 0 (id=3130): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x2e, &(0x7f00000004c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0xc, 0x0, @opaque="97d22108"}}}}}, 0x0) 3.519952715s ago: executing program 4 (id=3132): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x328, 0x140, 0x0, 0xfeffffff, 0xa8, 0xa8, 0x290, 0x290, 0xffffffff, 0x290, 0xa8, 0x5, 0x0, {[{{@ip={@broadcast, @remote, 0x0, 0x0, 'geneve1\x00', 'geneve0\x00'}, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @port, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1e8}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @local, @gre_key, @gre_key}}}}, {{@ip={@private, @local, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pim6reg0\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @local, @loopback, @port, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388) 2.978540606s ago: executing program 0 (id=3136): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) unshare(0x20600) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000004c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) 2.86395626s ago: executing program 0 (id=3138): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1c4d5eeb1253e8"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x16, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x91}, [@call]}, &(0x7f0000000000)='GPL\x00'}, 0x80) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000022c0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ef5070000000000000480000000820000095000000000000002ba7e1d30c04aa8b3382022ce2a1d97411a0f6b599e83f24a3aa81d36bb7019c13bd23212fb56f040026fbfefc4a056bdc17487902317142fac7e7be168c1869d0d4d94f2f4eb45c652fbc1626cca2a28d67893547db51ee988e6e06c8cedf7ceb9fc40400ae5e4aa74c92c6a51cbf9b0a4def23d410f6accd3641130bfc4e90a6341865c3f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0c18ce7400dae15cb7947c491b8bea3fd2f73902ebcfcf4982277d9800011b405bbf7b02433a9bcd715f5888b2007f000000001c000000010000000000000600000000309329170ee5b567e70f000006a10f58fa64533500000000000000000000000031000000000000001208e75a89faffbfb11b7dc6ea31001e846c12423a169f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617de7a6520655a80d0900f4d433623c850af895abba14f6fbd7fbad1f98e26ad4deaf1a4f294b2a431ab9142f3a06d54740a4bc5e3abd378af7c9676a08e774c48785f895b4ec8d1141d5e8744d7f09ab4df6027bf48cabecead649f96ea24d32872c494160cb7f33ce680eeb80157eb23f9902519ac655fa73103170cbc496d7122034b85e7e87a2db762cbb253fbd76b9117c1a11d18aa2040c5f0c289906000000000000005ffe94ff799a29459aff1374df5c49ca11d9b219c00c369a12bf8685b862d0dbdd956cbda1bae489bcef5ae59136aaadc59609f4d42617c0e6066938b521a0f2e2467a6c435ad5b800262a5da053ced5e95394e500000072737638ac44fb61310e2df511c60b3c88113996a81fb64bce5eb95ce91738640ff7ae6ed6b62086e699955926934389cdf9bcffff3ffd86fe9ce05268bf8a3958f2206cdc7095682c14f10be1075832956762b2dcc6251e7b74cb1da627e332765511c58215bf84d263e8778e6e8ffe4ea50b076446f35efffc006b340658342d2d9e06008c6ef3e98407d2fcefb34a0000000000000000895ddbb76122b1222e4da37177fe833e4fcaa67997e9dffd8918de33aed5bb09cb2a206ebd085bd9f90008d3fdd528efe6c1dca17f45ba5e8bd311a40030f9ffce75ffff996a80153a0077bb43f8a63dd390d18f0239b41da1a52383a4c6768ca1bb66b8fb3c5000f6f246fd20356a60769b461b6cdf133de073b1df08ae09268b0073bb97d88d741a5546e76caf4b6b1387ff37ec13d262dae0260be74cdf7bb6d3107597430ef5bbd476bb9d69b2aef9f3cb644b4bf01ccf16d40720939daf422b7473c24b93085c51e02af469bdfb361b9c015dd026fd0fffe3c66f5c343afb78a7cfd852f3e05c089887d7df2ff4f9982030019421af6b78ff9c444a17091875cfe4eab0e7f50eb69c860b1613a6b4f5af04f9c635d8d646c89f8b85f820ce7464c731deba39f9ff7b815f7b0acba754c01ed8bf1bba0010a8c6a2b966d861f9dd547abf2e9b23e5607f00bb02000000000000c84799aa792cdaeb607ba513250e13ae696cd6ed7d318190a93b9ee07927efca6b8d1f5980994690bbe002db5146439d906a0d4aef065214b15666cdca81091b69acee127ce0821fc19e0891f0b53469f935c5ac420100010000000000fb53faf4420638489e6a1c696d8c414a87b60000000000080000b6be1557951854c01dbc2d061827ae6349a045b780893771524a424335b9fc34616ee9f09141057262530b7c2f7c9b969938779736ece7b470078ac0b1b4b528000000009866e9994ca9096672ec9f3800c2fc35ba6516e542624c47bdba76a816c3a3dd6c3fa87a3ec91df199a9af91a7babf2b8d0e7b77e6dfb4bbc9817847b705000000a1000000000000ab8353f3800f045b90b0eaab6d731199c9447eabbc8c740183aff5389742e47de5000000826a570d14310700cf2ae3366ebdb7f1000000000000333c00e6addbf4c71ffad6bfb5babb49109f92a5a52042c435c98ce7616355493d280f2d0be99e18fd0900c769e7eb4edc1c03a33676590bd2047229e0237c1e34641848531712ff09e89fb062a3e66f4fceea0691f0b4e0b33194404e643243c3841e1e7fe301f7f47a7f89512d92e83624e3de705bdfbfe089e381398e9d5428a00cc8a6d097d97e6ac8bd09b1a5577920a650114a522c1e2dcdc4f606fcbcee91770a9fada34d38cd7976a9228a0a0dd8661be8162e966aac26bea4c11458cd6ce22ddf7054cdd0a60ef3ec000000000000000000425cb75dc7ec92e9a5d29f9c99697d2a98ae0a9f35e4196c3faeb7a60a0290bf897846f6f0f1c163d6075119169d55d10da9ad0e4b2c636d200000009baaf94e2b2c48e70d8453f832eecfb1de2a3f38a5c986de9e37737dac74db251d5e9ea2b8ed39e91a7a17d01b49f7aaff7c4c73c3484bdcab362838ed940035b239a3646ef55b9f070ae14466b3acef9f8b28fb938a237e2e068ae4a6bce4407b54cc14614c2cdf877f000000000000000000000000bdcf23144e6c16b9235552aed83b6428f34d88c258a9ad16386bba51b60838fb11bc193a206b5a25b7233b222e4e68e0d1e88f26b9a45b6c29469530a37ea92aaf421cf594ecfaff9a79b56f8b38038002d29b3193cea9cd0a0ef4f5bce1cdaa99705a8fa48f61071f548d411353965615c24c1860790dfae0f4cdf8c8f8645a289a79f9b919b674f0325d81eacaa8399324a304885da01733bb7917ec5e52718eb05f9c1ffd69f834150e9100c215968e8fb31c83526e6f66897569e28d01ca6135a2acca398c1415e0f9b58b63ee9dc33608ba7e5c4bdf3f37d8e4f4f424be263d9c2a5204f41e9b0ee01ad4cc0519395b69c310c98d3c8edc7d07b30617f3535634257f5472d9f3263a6f04778a920c12000721bb82f9884780ac294b8bb07ebf6e3f16584e95607e319b2ea9776f89c19fb775514246159bbfa9dc0fdf711d3efa316a3323c915a40e6d7c8f8d7daf98824fd0bc955dc9731cc8c7a600d94b8049af764688c7ffdd26a741b03b065ba9c586914d8beb94c8a265ace34172ed003357ddd400557230b2caba26bb91d7b1b98f11fb7a77b03206c151b00015305af815f7da19872085b503a21cbe722842c26ad8dd6b83018300000000000000000000f4ffffffffffffff000000000000000000000000000000000000798d011c62dbfdbad9e58e07d371e3a2399f2369631138ad4fb3aeb3f51233922b4c700fb163efbc55c912276685a774f2dce9bb9c54fd1f505eccf06323fad86c37adafb5e80b96ba9f925a6fd57de5fedf691e8b41c9835a840d12a224ed233c93ed92603401e5a61298294e9cab078c231121d4e32fb8286478fb12f5804d13c7bcff5dcffccd1d520dc04910239efc397b7736682e1c0ef0d001c17ec1441026ed4b1395b8e88a58d667a65cec1ddee1b30bcc96652a238c990a2701e2ee0915335fa4b8c33372bd00021f17c012451519ad56594c9469f164bb915edb1fd4ce76fb37bb9512632e9c9e7dcc772128c280c6e6cc0e859bd65c666e8b7732a2c2d517af56f4cde502f364922f3c2bbf9f4ced5c6f3d33428775b7399e6c6cf52bc8d5b48079700db251c7cdad3836c1e137b11917cff00e0ecc5e93fd7e8bdd83313a27197651c92f2f9be4a6f83662fa948c46632a979e8c66d22777a06601c5f5d3ab28b9f9e39543d2bb9de6ce57a6c1c3a635a0515c87abd11988cae405b9495f54b8d89503a8c9e96bdf08eb563e4cffe00e27272ca6e392ffca16b172ce8b6ee542ec9135e969b7b029beaeba12836110fcb686d82c066d0fc67fee8a00acda99a302a7aac9e920e34174323e7c6aeefd0a092545274fb164f21ac2f46849a6d0b51ad5a230a5ffab7a66e7dde5a335aeaa9736678319f344a32c99ac748bf200368963de24c237873ff5a01f14335de9a6d06c8b49ff27ddf0f13d5fe0901355765c397ce52791339d666eec141f0d33ca51f7b8aa6e9937631269b064d9c7323df8b7154f76708b912e"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x57, 0x10, &(0x7f0000000000), 0xffffffffffffffc9}, 0x48) ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000200)=r1) ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000280)) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0xda00) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8b26, &(0x7f0000000000)={'wlan1\x00', @multicast}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) close(r4) close(0xffffffffffffffff) openat$tun(0xffffffffffffff9c, &(0x7f00000017c0), 0x0, 0x0) ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x8923, 0x20000000) ioctl$SIOCSIFHWADDR(r4, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"}) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001680)={0x0, 0x6, 0x4}, 0xc) 2.119694079s ago: executing program 2 (id=3139): r0 = socket(0x11, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x3, 0x4) r1 = epoll_create1(0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0xa0179e08}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000140)) 2.09121135s ago: executing program 2 (id=3140): r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x1000004, 0x13, r0, 0x0) mmap(&(0x7f0000b6a000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x812, r0, 0x0) mmap(&(0x7f0000de4000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0xea478000) r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x13, r1, 0x0) 2.0807632s ago: executing program 2 (id=3141): r0 = memfd_create(&(0x7f0000000200)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\x91\xfdy\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0`\xaa8\xc7\xc8\x9d\xfdA\b\x10\x92(c\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdI\x83\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7 \x1d\xa1\xce\x8b\xac \xe8\x88\xdc\x02\xd7\x04\x9b\x9aL\x9f([4\x81\xf6\xb6\xdf\x16J\xab\xecC\xe2{\xfd\x8a\xb4\x8e\x9c\xfb\xf6\xe9\xd8]B6{\xf0(\xaeW;)\x9f\x9cR\xae\x12G\xd8\xa4y', 0x0) r1 = dup(r0) write$cgroup_pid(r1, &(0x7f0000000040)=0xffffffffffffffff, 0xe) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0) sendfile(r0, r1, &(0x7f0000000100), 0x6c03) r2 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_MMAP_OFFSETS(r2, 0x11b, 0x1, &(0x7f00000028c0), &(0x7f0000000380)=0x60) 1.988972614s ago: executing program 3 (id=3144): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0xf) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_blackhole={0xe}]}, 0x34}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@gettfilter={0x24, 0x28, 0x78318894947b7de5, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}}, 0x0) 1.964348055s ago: executing program 0 (id=3145): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x2e, &(0x7f00000004c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0xc, 0x0, @opaque="97d22108"}}}}}, 0x0) 1.922032636s ago: executing program 0 (id=3147): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) unshare(0x22000600) pipe2(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) fcntl$addseals(r1, 0xf, 0x0) syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000040)='./file1\x00', 0xa18c14, &(0x7f0000000080)=ANY=[@ANYBLOB="756e695f786c6174653d312c696f636861727365743d63703433372c73686f72746e616d65050000006e742c636f6465706167653d313235302c757466383d302c73686f72746e616d653d77696e39352c73686f72746e616d653d773d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d8437b155781f73a96469722c726f6469722c6e6f6e756d7461696c3d302c00"], 0x81, 0x29b, &(0x7f0000000580)="$eJzs3c9qK1UYAPBv0iRNVEgWrkRwQBeuwr33CW6QChezUrLQjV5sC5KEQgMB/2Dsyr3gynfwHXwAN76BC5eCO7sQR5KZSdI0bY3EVOrvt5kvc74v509OWyjMyUevjgbHZ+PTiy9+jkYjicrTeBqXSbSjEqWvAgB4SC6zLH7LcnflVqMeEVmreFXZw/AAgH/BNn//AYCH4b33P3in2+sdvZumjYjR15N+Evk1b++exicxjJN4FK34IyJbyOOXnvWOopqm5T8DJs3oR4w+/LF43f01Yl7/OFrRXq+vF1npXLwxmk76s55n11q8kER0syRPeRKteDkiq0XxJvnl7We9oyfp9fro1+PN178rxv/nSXSiFT99HGcxjOP5Wyzrv3ycpm9l3/7+eT6DfkQynfQP53lL2cFePhAAAAAAAAAAAAAAAAAAAAAAAP4XOulCe/X8nPI0wE5nc/uN5wMVJ/xMV87XeZSmaXmMz6Rfi7y+Gq9Uo3p/MwcAAAAAAAAAAAAAAAAAAID/jvGnnw2eD4cn51eCH7JZ0Lw1Zz2ortwpH+u/u2pzMPg+YvuqvxPEQTG0YXKti6Rs2kFfh9skNzd1GpWb1rA6jHzw32w/sNd2NcFbg3J3DZ4ncUdyY/MmWdl15TY8HydbbMhsw9Id3FhV39Hc6y/+0/LmxoWazbi2WMyrVY3ZJ7lyp7bjn5Q1yc5/9wAAAAAAAAAAAAAAAAAAAFctH/qNX641XtzLkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg75bf/78Ior1+Zz2YFsXzO5Xbkw/Pxxu6be95mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxwfwUAAP//5OlVhQ==") socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r3, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000004f80)) dup2(r2, r3) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0xfffffffc, 0x0, 0x9, 0x0, 0x1}) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r4 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r4, 0x4b31, &(0x7f0000000000)) r5 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) fallocate(r5, 0x0, 0x0, 0x1000f4) write$binfmt_script(r3, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000800)='./file2\x00', 0x404a, &(0x7f0000000880), 0x1, 0x751, &(0x7f0000000000)="$eJzs3c1rXFUfB/DfvZNJ0pfnSSqlWhEccFFBnTS19W3VVlGoIqLiukM6LaXTpiQRTOwidelCBAWX6n9RcNONa8FF1a2uFIpUu6koI3demiGZSWKYzEXv5wN3cs49k5zzzSU5984d5gRQWJXsIY04HBFnk4ipzv4kIsqt0ljEyfbz7t25NvfHnWtzSTSbb/2atJ6T7Yue78ns61QmI+Lb00k8UNrY7+LyyqVao1Ff6NRnli5fnVlcXnnq4uXahfqF+pVjx0/MPnviuWeOPz+sqKVDZ558/dAHL976qvnmKy99c2I1yYKNtRt7cwxLJSr3fye9si5fHnZnOSl18vTmTMZyHBD/SNpzDA/FVJRi7eBNxdff5To4AGBXNEsRTQCgYBLzPwAUTPd1gHt3rs11t3xfkRit26eidaNyY/6xONn6OtUsR8Te35O1OyOV9v2u6SH0X4mIG3ffuZVtsUv3ITezej0iHuqXv3V3NKZbd3HX5e/cMzo6hP4r6+r/pvwnh9B/3vkBKKabp9oT2cb5L+3Mb/3nv8k+c9dO5D3/DT7/W8tf6pM/O/97Y5t9fPHRIw8Oaus9/8u2rP/uueAo3L4e8fDY4POfLH8yIP/ZbfZx4+f3a4Pa8s7f/DLiSN/rn7V3tCWbvz9x5vzFRv1o+7FvH5/MnPlwUP9558+O/94B+bc6/le32cdfB388Paht6/zpL+PJ263SeGfPe7WlpYXZiPHktY37j20+lu5zuj8jy//4Y5v//ffLn10Trm4z/+ev/vbZzvPvriz/uR0e/4+32cef8z9NDmrLOz8AAAAAAAAAAAAAAAAAAAAAAAAAjEIaEfsjSav3y2larbbX8D4Ye9PG/OLSE+fn371yLmuLmI5y2v2ky6l2Pcnqs53Pw+/Wj62rPx0RByLi04k9rXp1br5xLu/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCxb936/3cn2uv/AwD/cZN5DwAAGDnzPwAUj/kfAIrH/A8AxWP+B4DiMf8DQPGY/wEAAAAAAAAAAAAAAAAAAAAAYKQOPHrzhyQiVl/Y09oy4522cq4jA3ZbmvcAgNyU8h4AkJuxvAcA5MY1PpBs0T7wI8JXXUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAcRw5b/x+Kyvr/UFxW74Tisv4/FJdrfMD6/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsLX9rS1Jq521wPdHmlarEf+LiOkoJ+cvNupHI+L/EfH9RHkiq8/mPWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGLLF5ZVLtUajvqCgoKBwv5D3fyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYvbVFv/MeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHlaXF65VGs06gu7WMg7IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAw/R0AAP//8lssMw==") r6 = userfaultfd(0x1) ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000400)={0xaa, 0x13}) r7 = syz_open_dev$tty1(0xc, 0x4, 0x1) r8 = dup(r7) write$UHID_INPUT(r8, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b48090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f3b0063090890e0878f0e1ac6e7049b074a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000095802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 1.875572578s ago: executing program 3 (id=3148): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x328, 0x140, 0x0, 0xfeffffff, 0xa8, 0xa8, 0x290, 0x290, 0xffffffff, 0x290, 0xa8, 0x5, 0x0, {[{{@ip={@broadcast, @remote, 0x0, 0x0, 'geneve1\x00', 'geneve0\x00'}, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @port, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1e8}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @local, @gre_key, @gre_key}}}}, {{@ip={@private, @local, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pim6reg0\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @local, @loopback, @port, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388) 1.870285758s ago: executing program 1 (id=3149): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) ioctl(0xffffffffffffffff, 0x8b32, &(0x7f0000000040)) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)={0x24, r5, 0xc4fc9e906872338b, 0x0, 0x0, {{0x15}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x8, 0x117, 0x0, 0x1, [{0x4, 0x2}]}]}, 0x24}}, 0x0) 1.865754998s ago: executing program 2 (id=3150): r0 = socket(0x11, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x3, 0x4) r1 = epoll_create1(0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0xa0179e08}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000140)) 1.773827562s ago: executing program 3 (id=3151): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000000)=0x200, 0x4) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1e, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140), 0x4) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000340)=[@window, @mss, @window, @timestamp, @sack_perm, @timestamp, @timestamp, @sack_perm], 0x8) write$binfmt_elf64(r1, &(0x7f0000000280)=ANY=[], 0x40) sendmsg$BATADV_CMD_GET_MESH(r1, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r1, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6) ppoll(&(0x7f0000000080)=[{r1}], 0x1, 0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) 1.681179506s ago: executing program 2 (id=3152): unshare(0x68040200) unshare(0x0) r0 = socket(0x10, 0x3, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x0) 1.204989794s ago: executing program 3 (id=3153): mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = userfaultfd(0x81801) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000500)={&(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x3000, 0x2}) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40000) mount$9p_fd(0x0, &(0x7f0000000380)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f0000000440)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@privport}, {@privport}, {@fscache}], [{@dont_measure}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@dont_measure}, {@subj_user={'subj_user', 0x3d, 'workdir'}}, {@dont_appraise}]}}) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) socket$netlink(0x10, 0x3, 0x12) symlinkat(&(0x7f0000000140)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r0, &(0x7f0000000000)='./file0\x00') mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000580)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00') link(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='./bus\x00') syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW(0xffffffffffffffff, 0x5432, 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) 1.195587504s ago: executing program 0 (id=3154): syz_usb_connect$uac1(0x0, 0xb3, &(0x7f00000008c0)=ANY=[@ANYBLOB="12010000000000406b1d01014000010203010902a10003010000000904000000010300000a2401"], 0x0) 1.004034302s ago: executing program 2 (id=3155): syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) r0 = fsmount(0xffffffffffffffff, 0x0, 0x88) connect$unix(r0, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) symlink(0x0, &(0x7f00000002c0)='.\x02\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x42) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15) mlock2(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) mremap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) mlock2(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x1) 744.547371ms ago: executing program 1 (id=3156): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x2e, &(0x7f00000004c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0xc, 0x0, @opaque="97d22108"}}}}}, 0x0) 685.357224ms ago: executing program 1 (id=3157): socket$inet6_tcp(0xa, 0x1, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, 0xffffffffffffffff, 0x0) dup(r0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x63}) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000000)=0x2) 608.030587ms ago: executing program 1 (id=3158): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0xf) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_blackhole={0xe}]}, 0x34}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@gettfilter={0x24, 0x28, 0x78318894947b7de5, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}}, 0x0) 287.530949ms ago: executing program 3 (id=3159): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_XCRS(r3, 0x4188aea7, &(0x7f0000000240)={0x1, 0x0, [{}]}) 251.50029ms ago: executing program 1 (id=3160): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x328, 0x140, 0x0, 0xfeffffff, 0xa8, 0xa8, 0x290, 0x290, 0xffffffff, 0x290, 0xa8, 0x5, 0x0, {[{{@ip={@broadcast, @remote, 0x0, 0x0, 'geneve1\x00', 'geneve0\x00'}, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @port, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1e8}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @local, @gre_key, @gre_key}}}}, {{@ip={@private, @local, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pim6reg0\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @local, @loopback, @port, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388) 193.080443ms ago: executing program 1 (id=3161): io_setup(0x8, &(0x7f0000000180)) io_setup(0xff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x3, 0x300) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x2, &(0x7f00000001c0)=0x7ff, 0x4) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c) sendto$inet6(r3, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r3, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0) splice(r3, 0x0, r2, 0x0, 0x406f413, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) 131.997425ms ago: executing program 3 (id=3162): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454da, &(0x7f00000001c0)={'bond_slave_0\x00'}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@struct, @union={0x0, 0x2, 0x0, 0x5, 0x0, 0x0, [{0x0, 0x1}, {0x0, 0x1}]}]}}, 0x0, 0x4a}, 0x20) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) ioctl$TUNSETIFF(r1, 0x400454da, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x2, 0x3, 0x1, 0x0, 0x5}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13}, 0x80) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'veth1_to_hsr\x00'}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454da, &(0x7f0000000140)={'bond0\x00'}) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'nicvf0\x00', 0x1}) 0s ago: executing program 4 (id=3133): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f00000001c0)={[{@dioread_lock}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@grpquota}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==") open(&(0x7f0000000000)='./bus\x00', 0x14d35e, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x1261, 0x0) kernel console output (not intermixed with test programs): 1 PID: 7445 Comm: syz.3.2288 Tainted: G W 5.4.276-syzkaller-00021-g58de09405d1e #0 [ 243.132108][ T7445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 243.142011][ T7445] RIP: 0010:z_erofs_lz4_decompress+0x910/0xc70 [ 243.147994][ T7445] Code: b6 04 03 84 c0 0f 85 da 02 00 00 45 8b 0f 48 89 ef 48 c7 c6 32 00 5b 85 48 c7 c2 60 c6 f7 84 44 89 e9 45 89 f0 e8 80 ec fe ff <0f> 0b 44 89 e8 48 c7 c7 c0 c6 f7 84 48 c7 c6 e0 c6 f7 84 ba 02 00 [ 243.164651][ T383] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 243.167427][ T7445] RSP: 0018:ffff8881e3c16cd8 EFLAGS: 00010246 [ 243.167456][ T7445] RAX: 656c94ff5f1b6c00 RBX: 1ffff1103c782e58 RCX: 656c94ff5f1b6c00 [ 243.167463][ T7445] RDX: ffffc90001347000 RSI: 00000000000155be RDI: 00000000000155bf [ 243.167477][ T7445] RBP: ffff8881e4edb000 R08: ffffffff814d59b2 R09: 0000000000000003 [ 243.204593][ T7445] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881da6a5fc0 [ 243.212392][ T7445] R13: 0000000000000040 R14: 0000000000000fc0 R15: ffff8881e3c172c0 [ 243.220201][ T7445] FS: 00007ffae4ee16c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 243.221816][ T7456] erofs: (device loop3): z_erofs_vle_normalaccess_readpage: failed to read, err [-117] [ 243.228962][ T7445] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.228970][ T7445] CR2: 00007fff5a579b28 CR3: 00000001e72d1000 CR4: 00000000003406a0 [ 243.228997][ T7445] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 243.229004][ T7445] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 243.229007][ T7445] Call Trace: [ 243.229023][ T7445] ? __warn+0x162/0x250 [ 243.229041][ T7445] ? report_bug+0x3a1/0x4e0 [ 243.279740][ T7445] ? z_erofs_lz4_decompress+0x910/0xc70 [ 243.285120][ T7445] ? z_erofs_lz4_decompress+0x910/0xc70 [ 243.290496][ T7445] ? do_invalid_op+0x6e/0x110 [ 243.295011][ T7445] ? invalid_op+0x1e/0x30 [ 243.299183][ T7445] ? wake_up_klogd+0xb2/0xf0 [ 243.303616][ T7445] ? z_erofs_lz4_decompress+0x910/0xc70 [ 243.308990][ T7445] ? z_erofs_lz4_decompress+0x910/0xc70 [ 243.314388][ T7445] ? z_erofs_lz4_prepare_destpages+0x690/0x690 [ 243.320353][ T7445] z_erofs_decompress+0xba6/0xfc0 [ 243.325219][ T7445] z_erofs_vle_unzip_all+0x1147/0x1bf0 [ 243.330517][ T7445] ? z_erofs_onlinepage_endio+0x140/0x140 [ 243.336091][ T7445] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 243.341356][ T7445] ? _raw_spin_lock+0x1b0/0x1b0 [ 243.346144][ T7445] z_erofs_submit_and_unzip+0x115d/0x13d0 [ 243.351687][ T7445] ? z_erofs_attach_page+0x4fa/0x710 [ 243.356810][ T7445] ? z_erofs_do_read_page+0x2580/0x2580 [ 243.362200][ T7445] ? z_erofs_vle_normalaccess_readpages+0xc70/0xc70 [ 243.368612][ T7445] ? __schedule+0xb0d/0x1320 [ 243.373036][ T7445] ? schedule+0x143/0x1d0 [ 243.377207][ T7445] z_erofs_vle_normalaccess_readpage+0x30b/0x630 [ 243.383369][ T7445] ? z_erofs_rcu_callback+0x20/0x20 [ 243.388403][ T7445] ? retint_kernel+0x1b/0x1b [ 243.392826][ T7445] ? do_read_cache_page+0x531/0xa10 [ 243.397864][ T7445] ? do_read_cache_page+0x5f0/0xa10 [ 243.402892][ T7445] ? z_erofs_rcu_callback+0x20/0x20 [ 243.407928][ T7445] do_read_cache_page+0x649/0xa10 [ 243.412797][ T7445] erofs_namei+0x160/0xf90 [ 243.417054][ T7445] erofs_lookup+0x145/0x450 [ 243.421390][ T7445] ? erofs_namei+0xf90/0xf90 [ 243.425809][ T7445] ? __init_rwsem+0x210/0x210 [ 243.430320][ T7445] ? erofs_namei+0xf90/0xf90 [ 243.434741][ T7445] path_openat+0x15c9/0x34b0 [ 243.436904][ T383] usb 2-1: Using ep0 maxpacket: 16 [ 243.439183][ T7445] ? do_filp_open+0x450/0x450 [ 243.439191][ T7445] ? do_sys_open+0x357/0x810 [ 243.439206][ T7445] ? do_syscall_64+0xca/0x1c0 [ 243.457573][ T7445] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 243.463479][ T7445] do_filp_open+0x20b/0x450 [ 243.467815][ T7445] ? vfs_tmpfile+0x2c0/0x2c0 [ 243.472254][ T7445] ? _raw_spin_unlock+0x49/0x60 [ 243.476930][ T7445] ? __alloc_fd+0x4c1/0x560 [ 243.481265][ T7445] do_sys_open+0x39c/0x810 [ 243.485518][ T7445] ? file_open_root+0x490/0x490 [ 243.490202][ T7445] ? switch_fpu_return+0x1d4/0x410 [ 243.495151][ T7445] ? do_syscall_64+0x7f/0x1c0 [ 243.499663][ T7445] do_syscall_64+0xca/0x1c0 [ 243.504006][ T7445] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 243.509730][ T7445] RIP: 0033:0x7ffae5c5ff19 [ 243.513984][ T7445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.533432][ T7445] RSP: 002b:00007ffae4ee1048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 243.541670][ T7445] RAX: ffffffffffffffda RBX: 00007ffae5dedf60 RCX: 00007ffae5c5ff19 [ 243.549479][ T7445] RDX: 0000000000100002 RSI: 0000000020000100 RDI: ffffffffffffff9c [ 243.557299][ T7445] RBP: 00007ffae5ccebcd R08: 0000000000000000 R09: 0000000000000000 [ 243.565105][ T7445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 243.572930][ T7445] R13: 000000000000000b R14: 00007ffae5dedf60 R15: 00007ffc7162aea8 [ 243.580727][ T7445] ---[ end trace 998b65da7a032ae8 ]--- [ 243.586250][ T383] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.597162][ T383] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.597182][ T383] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 243.619384][ T383] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 243.619398][ T383] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.646916][ T7445] erofs: (device loop3): z_erofs_vle_normalaccess_readpage: failed to read, err [-117] [ 243.653398][ T5144] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 243.671159][ T383] usb 2-1: config 0 descriptor?? [ 244.028458][ T7477] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.035537][ T7477] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.077401][ T342] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 244.172020][ T383] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0031/input/input23 [ 244.187100][ T383] microsoft 0003:045E:07DA.0031: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 244.247105][ T5144] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 244.256819][ T5144] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 244.267283][ T5144] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid maxpacket 16384, setting to 1024 [ 244.278177][ T5144] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1024 [ 244.387095][ T1963] usb 2-1: USB disconnect, device number 24 [ 244.540072][ T342] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 189, changing to 11 [ 244.552140][ T342] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 58801, setting to 1024 [ 244.565201][ T342] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 244.579552][ T342] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 244.589749][ T342] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.608318][ T342] usb 1-1: config 0 descriptor?? [ 244.646948][ T7468] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 244.756932][ T5144] usb 4-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 244.768288][ T5144] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 244.776114][ T5144] usb 4-1: Product: syz [ 244.780235][ T5144] usb 4-1: Manufacturer: syz [ 244.788498][ T5144] usb 4-1: config 0 descriptor?? [ 244.807094][ T5144] usb 4-1: can't set config #0, error -71 [ 244.816231][ T5144] usb 4-1: USB disconnect, device number 33 [ 245.071908][ T7493] EXT4-fs (loop3): INFO: recovery required on readonly filesystem [ 245.079656][ T7493] EXT4-fs (loop3): write access will be enabled during recovery [ 245.087018][ T7493] EXT4-fs (loop3): barriers disabled [ 245.092361][ T7493] JBD2: no valid journal superblock found [ 245.097942][ T7493] EXT4-fs (loop3): error loading journal [ 245.178973][ T342] plantronics 0003:047F:FFFF.0032: unknown main item tag 0x0 [ 245.195623][ T342] plantronics 0003:047F:FFFF.0032: unknown main item tag 0x0 [ 245.211563][ T342] plantronics 0003:047F:FFFF.0032: item fetching failed at offset 14/15 [ 245.314093][ T342] plantronics 0003:047F:FFFF.0032: parse failed [ 245.320234][ T342] plantronics: probe of 0003:047F:FFFF.0032 failed with error -22 [ 245.676217][ T383] usb 1-1: USB disconnect, device number 26 [ 246.292008][ T7540] EXT4-fs (loop4): INFO: recovery required on readonly filesystem [ 246.306966][ T7540] EXT4-fs (loop4): write access will be enabled during recovery [ 246.315481][ T7540] EXT4-fs (loop4): barriers disabled [ 246.320746][ T7540] JBD2: no valid journal superblock found [ 246.326344][ T7540] EXT4-fs (loop4): error loading journal [ 246.336794][ T7545] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.343821][ T7545] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.370226][ T7547] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 246.888456][ T7557] FAT-fs (loop1): Unrecognized mount option "" or missing value [ 247.105907][ T7573] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=1008 sclass=netlink_audit_socket pid=7573 comm=syz.2.2327 [ 248.190175][ T7590] EXT4-fs (loop3): INFO: recovery required on readonly filesystem [ 248.222382][ T7590] EXT4-fs (loop3): write access will be enabled during recovery [ 248.230456][ T7590] EXT4-fs (loop3): barriers disabled [ 248.313481][ T7590] JBD2: no valid journal superblock found [ 248.319411][ T7590] EXT4-fs (loop3): error loading journal [ 248.919977][ T7620] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=1008 sclass=netlink_audit_socket pid=7620 comm=syz.3.2343 [ 248.946920][ T372] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 249.028798][ T7612] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 249.126928][ T7612] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 249.151962][ T7612] F2FS-fs (loop2): invalid crc value [ 249.159484][ T7612] F2FS-fs (loop2): Found nat_bits in checkpoint [ 249.232988][ T7612] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 249.240474][ T7612] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 249.256983][ T372] usb 2-1: Using ep0 maxpacket: 16 [ 249.297583][ T23] kauditd_printk_skb: 30 callbacks suppressed [ 249.297593][ T23] audit: type=1400 audit(1719914220.958:5621): avc: denied { setopt } for pid=7611 comm="syz.2.2340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 249.370098][ T23] audit: type=1400 audit(1719914220.988:5622): avc: denied { bind } for pid=7611 comm="syz.2.2340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 249.397110][ T372] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 249.408092][ T23] audit: type=1400 audit(1719914220.988:5623): avc: denied { write } for pid=7611 comm="syz.2.2340" path="socket:[75477]" dev="sockfs" ino=75477 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 249.436410][ T372] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 249.446664][ T4781] attempt to access beyond end of device [ 249.446664][ T4781] loop2: rw=2049, want=40968, limit=40427 [ 249.451285][ T372] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 249.486920][ T372] usb 2-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00 [ 249.506021][ T372] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 249.521211][ T372] usb 2-1: config 0 descriptor?? [ 249.908707][ T7671] input input24: cannot allocate more than FF_MAX_EFFECTS effects [ 250.118533][ T372] elecom 0003:056E:00FB.0033: unknown main item tag 0x0 [ 250.127500][ T372] elecom 0003:056E:00FB.0033: unbalanced delimiter at end of report description [ 250.137923][ T372] elecom: probe of 0003:056E:00FB.0033 failed with error -22 [ 250.342704][ T7685] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=1008 sclass=netlink_audit_socket pid=7685 comm=syz.4.2366 [ 250.466193][ T372] usb 2-1: USB disconnect, device number 25 [ 251.066936][ T7723] input input26: cannot allocate more than FF_MAX_EFFECTS effects [ 251.296223][ T7727] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 251.744066][ T7753] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=1008 sclass=netlink_audit_socket pid=7753 comm=syz.1.2393 [ 252.084722][ T7730] F2FS-fs (loop2): Test dummy encryption mode enabled [ 252.107471][ T7730] F2FS-fs (loop2): Found nat_bits in checkpoint [ 252.138801][ T7730] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 252.183406][ T7730] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 252.217180][ T1963] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 252.486991][ T1963] usb 4-1: Using ep0 maxpacket: 16 [ 252.607258][ T1963] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 252.618250][ T1963] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 252.629517][ T1963] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 252.643608][ T1963] usb 4-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00 [ 252.655601][ T1963] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.669827][ T1963] usb 4-1: config 0 descriptor?? [ 252.905408][ T7817] erofs: (device loop4): mounted with opts: noacl, root inode @ nid 36. [ 253.164324][ T1963] elecom 0003:056E:00FB.0034: unknown main item tag 0x0 [ 253.178615][ T1963] elecom 0003:056E:00FB.0034: unbalanced delimiter at end of report description [ 253.203362][ T1963] elecom: probe of 0003:056E:00FB.0034 failed with error -22 [ 253.234593][ T23] audit: type=1107 audit(1719914224.888:5624): pid=7822 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='ӫY1' [ 253.356691][ T7828] device syzkaller0 entered promiscuous mode [ 253.370990][ T342] usb 4-1: USB disconnect, device number 34 [ 253.425969][ T7837] netlink: 'syz.2.2426': attribute type 4 has an invalid length. [ 253.436716][ T7837] netlink: 'syz.2.2426': attribute type 4 has an invalid length. [ 253.588381][ T7851] erofs: (device loop4): mounted with opts: noacl, root inode @ nid 36. [ 253.878287][ T7863] EXT4-fs (loop4): INFO: recovery required on readonly filesystem [ 253.892007][ T7863] EXT4-fs (loop4): write access will be enabled during recovery [ 253.909426][ T7863] EXT4-fs (loop4): barriers disabled [ 253.914637][ T7863] JBD2: no valid journal superblock found [ 253.935860][ T7863] EXT4-fs (loop4): error loading journal [ 253.944598][ T7872] device syzkaller0 entered promiscuous mode [ 253.951100][ T7871] netlink: 'syz.2.2439': attribute type 4 has an invalid length. [ 253.963615][ T7871] netlink: 'syz.2.2439': attribute type 4 has an invalid length. [ 254.382420][ T23] audit: type=1400 audit(1719914226.038:5625): avc: denied { connect } for pid=7918 comm="syz.3.2457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 254.464203][ T23] audit: type=1326 audit(1719914226.118:5626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7912 comm="syz.2.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f314e7f19 code=0x7ffc0000 [ 254.524990][ T23] audit: type=1326 audit(1719914226.118:5627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7912 comm="syz.2.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f314e7f19 code=0x7ffc0000 [ 254.569870][ T23] audit: type=1326 audit(1719914226.148:5628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7912 comm="syz.2.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0f314e7f19 code=0x7ffc0000 [ 254.613584][ T23] audit: type=1326 audit(1719914226.148:5629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7912 comm="syz.2.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f314e7f19 code=0x7ffc0000 [ 254.659936][ T23] audit: type=1326 audit(1719914226.148:5630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7912 comm="syz.2.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f314e7f19 code=0x7ffc0000 [ 254.716876][ T1963] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 254.718606][ T23] audit: type=1326 audit(1719914226.148:5631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7912 comm="syz.2.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0f314e7f19 code=0x7ffc0000 [ 254.748606][ T23] audit: type=1326 audit(1719914226.148:5632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7912 comm="syz.2.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f314e7f19 code=0x7ffc0000 [ 254.772547][ T23] audit: type=1326 audit(1719914226.148:5633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7912 comm="syz.2.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f314e7f19 code=0x7ffc0000 [ 254.816921][ T23] audit: type=1326 audit(1719914226.148:5634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7912 comm="syz.2.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0f314e7f19 code=0x7ffc0000 [ 254.956909][ T342] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 254.976906][ T1963] usb 1-1: Using ep0 maxpacket: 16 [ 255.028169][ T7954] device syzkaller0 entered promiscuous mode [ 255.106985][ T1963] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.126963][ T1963] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.136581][ T1963] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 255.150483][ T1963] usb 1-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00 [ 255.159649][ T1963] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.179037][ T1963] usb 1-1: config 0 descriptor?? [ 255.271201][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.280225][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.288147][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.295423][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.302696][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.310149][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.317399][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.324650][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.326998][ T342] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.331839][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.349744][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.351238][ T342] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.356890][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.373716][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.376539][ T342] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 255.380949][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.394465][ T342] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.397072][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.412095][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.419521][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.419785][ T342] usb 2-1: config 0 descriptor?? [ 255.429859][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.438809][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.446008][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.453351][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.460603][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.468252][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.475465][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.482967][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.490339][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.497640][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.504855][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.512194][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.519429][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.526706][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.533988][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.541624][ T384] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 255.550534][ T384] hid-generic 0000:0000:0000.0035: hidraw0: HID v0.00 Device [syz0] on syz0 [ 255.658313][ T1963] elecom 0003:056E:00FB.0036: unknown main item tag 0x0 [ 255.668578][ T1963] elecom 0003:056E:00FB.0036: unbalanced delimiter at end of report description [ 255.678054][ T1963] elecom: probe of 0003:056E:00FB.0036 failed with error -22 [ 255.836884][ T384] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 255.887023][ T1963] usb 1-1: USB disconnect, device number 27 [ 255.909538][ T342] holtek_kbd 0003:04D9:A055.0037: hidraw1: USB HID v0.00 Device [HID 04d9:a055] on usb-dummy_hcd.1-1/input0 [ 256.214927][ T342] usb 2-1: USB disconnect, device number 26 [ 256.436933][ T384] usb 3-1: config 0 has no interfaces? [ 256.442241][ T384] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 256.451581][ T384] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.460851][ T384] usb 3-1: config 0 descriptor?? [ 256.976315][ T1963] usb 3-1: USB disconnect, device number 26 [ 257.196877][ T342] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 257.437258][ T342] usb 5-1: Using ep0 maxpacket: 16 [ 257.556984][ T342] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 257.569153][ T342] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 257.579915][ T342] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 257.592792][ T342] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 257.601656][ T342] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.610062][ T342] usb 5-1: config 0 descriptor?? [ 257.680811][ T8023] loop0: p1 < > p3 [ 257.685292][ T8023] loop0: p3 size 134217728 extends beyond EOD, truncated [ 257.896991][ T5144] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 257.958323][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 257.965535][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 257.973118][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 257.980373][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 257.987758][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 257.994933][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.002178][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.009362][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.016541][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.024851][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.032215][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.039598][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.046783][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.054237][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.061573][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.068989][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.077751][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.084961][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.097630][ T342] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0039/input/input28 [ 258.108945][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.116135][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.173534][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.180773][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.187963][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.196500][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.203999][ T342] microsoft 0003:045E:07DA.0039: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 258.215782][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.224349][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.231628][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.238755][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.245950][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.246877][ T384] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 258.253543][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.267901][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.275176][ T1963] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 258.403507][ T1963] hid-generic 0000:0000:0000.0038: hidraw1: HID v0.00 Device [syz0] on syz0 [ 258.413723][ T5144] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 189, changing to 11 [ 258.470282][ T13] usb 5-1: USB disconnect, device number 24 [ 258.473426][ T5144] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 58801, setting to 1024 [ 258.487571][ T5144] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 258.500399][ T5144] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 258.509359][ T5144] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.518070][ T5144] usb 3-1: config 0 descriptor?? [ 258.536917][ T8021] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 258.668025][ T8059] loop3: p1 < > p3 [ 258.672508][ T8059] loop3: p3 size 134217728 extends beyond EOD, truncated [ 258.826969][ T384] usb 1-1: config 0 has no interfaces? [ 258.832448][ T384] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 258.841576][ T384] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.850343][ T384] usb 1-1: config 0 descriptor?? [ 258.868679][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 258.868785][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 258.879833][ T6847] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 258.891103][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 258.898681][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 258.948067][ T2711] Buffer I/O error on dev loop3p3, logical block 8, async page read [ 258.956026][ T2711] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 258.967200][ T2711] Buffer I/O error on dev loop3p3, logical block 9, async page read [ 258.975055][ T2711] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 258.993026][ T2711] Buffer I/O error on dev loop3p3, logical block 10, async page read [ 259.001598][ T2711] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 259.001606][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 259.001734][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 259.012672][ T2711] Buffer I/O error on dev loop3p3, logical block 11, async page read [ 259.037002][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 259.040603][ T5144] plantronics 0003:047F:FFFF.003A: unknown main item tag 0x0 [ 259.056945][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 259.068162][ T8067] 9pnet: Insufficient options for proto=fd [ 259.071496][ T5144] plantronics 0003:047F:FFFF.003A: unknown main item tag 0x0 [ 259.073862][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 259.084719][ T5144] plantronics 0003:047F:FFFF.003A: item fetching failed at offset 14/15 [ 259.104895][ T2711] blk_update_request: I/O error, dev loop3, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 259.115692][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 259.115741][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 259.136801][ T5144] plantronics 0003:047F:FFFF.003A: parse failed [ 259.148827][ T5144] plantronics: probe of 0003:047F:FFFF.003A failed with error -22 [ 259.159350][ T2711] Buffer I/O error on dev loop3p3, logical block 12, async page read [ 259.168341][ T13] usb 1-1: USB disconnect, device number 28 [ 259.274437][ T8081] EXT4-fs (loop4): Mount option "dioread_nolock" incompatible with ext2 [ 259.349730][ T383] usb 3-1: USB disconnect, device number 27 [ 259.390636][ T8087] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 259.409285][ T8087] EXT4-fs error (device loop4): ext4_empty_dir:3002: inode #12: block 80: comm syz.4.2516: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=3774873612, rec_len=65535, size=4096 fake=0 [ 259.442765][ T8087] EXT4-fs warning (device loop4): ext4_empty_dir:3004: inode #12: comm syz.4.2516: directory missing '.' [ 259.461839][ T8087] EXT4-fs error (device loop4): ext4_validate_block_bitmap:418: comm syz.4.2516: bg 0: block 186: padding at end of block bitmap is not set [ 259.504956][ T8087] EXT4-fs error (device loop4) in ext4_free_blocks:5019: Corrupt filesystem [ 259.687087][ T8097] erofs: (device loop3): mounted with opts: noacl, root inode @ nid 36. [ 260.201275][ T8105] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 260.224561][ T8105] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 260.240765][ T8105] F2FS-fs (loop1): invalid crc value [ 260.271810][ T8105] F2FS-fs (loop1): Found nat_bits in checkpoint [ 260.291439][ T8124] EXT4-fs (loop2): Mount option "dioread_nolock" incompatible with ext2 [ 260.340546][ T8105] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 260.347535][ T8105] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 260.525998][ T8130] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 260.550823][ T8141] 9pnet: Insufficient options for proto=fd [ 260.595858][ T8130] EXT4-fs error (device loop3): ext4_empty_dir:3002: inode #12: block 80: comm syz.3.2529: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=3774873612, rec_len=65535, size=4096 fake=0 [ 260.637126][ T8130] EXT4-fs warning (device loop3): ext4_empty_dir:3004: inode #12: comm syz.3.2529: directory missing '.' [ 260.677235][ T8130] EXT4-fs error (device loop3): ext4_validate_block_bitmap:418: comm syz.3.2529: bg 0: block 186: padding at end of block bitmap is not set [ 260.701422][ T8130] EXT4-fs error (device loop3) in ext4_free_blocks:5019: Corrupt filesystem [ 260.715235][ T5523] attempt to access beyond end of device [ 260.715235][ T5523] loop1: rw=2049, want=40968, limit=40427 [ 261.056989][ T5144] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 261.226333][ T8170] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 261.293439][ T23] kauditd_printk_skb: 28 callbacks suppressed [ 261.293450][ T23] audit: type=1400 audit(1719914232.948:5663): avc: denied { execute } for pid=8169 comm="syz.0.2543" path="/253/file0/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 261.325283][ T8170] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz.0.2543: bg 0: block 234: padding at end of block bitmap is not set [ 261.344005][ T8170] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 31 with max blocks 2 with error 117 [ 261.356781][ T8170] EXT4-fs (loop0): This should not happen!! Data will be lost [ 261.356781][ T8170] [ 261.367754][ T8183] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 261.378447][ T8189] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 261.397019][ T8189] EXT4-fs (loop0): This should not happen!! Data will be lost [ 261.397019][ T8189] [ 261.409950][ T8183] EXT4-fs error (device loop3): ext4_empty_dir:3002: inode #12: block 80: comm syz.3.2548: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=3774873612, rec_len=65535, size=4096 fake=0 [ 261.432898][ T8191] 9pnet: Insufficient options for proto=fd [ 261.437256][ T8189] EXT4-fs (loop0): Total free blocks count 0 [ 261.444427][ T8189] EXT4-fs (loop0): Free/Dirty block details [ 261.454550][ T8189] EXT4-fs (loop0): free_blocks=0 [ 261.467048][ T5144] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 189, changing to 11 [ 261.479740][ T8189] EXT4-fs (loop0): dirty_blocks=16 [ 261.487113][ T8189] EXT4-fs (loop0): Block reservation details [ 261.492991][ T5144] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 58801, setting to 1024 [ 261.494730][ T8189] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 261.516043][ T8183] EXT4-fs warning (device loop3): ext4_empty_dir:3004: inode #12: comm syz.3.2548: directory missing '.' [ 261.520323][ T5144] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 261.553158][ T8183] EXT4-fs error (device loop3): ext4_validate_block_bitmap:418: comm syz.3.2548: bg 0: block 186: padding at end of block bitmap is not set [ 261.565684][ T5144] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 261.569228][ T8183] EXT4-fs error (device loop3) in ext4_free_blocks:5019: Corrupt filesystem [ 261.588366][ T5144] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.600726][ T5144] usb 3-1: config 0 descriptor?? [ 261.627109][ T8152] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 261.665578][ T8200] device syzkaller0 entered promiscuous mode [ 261.743117][ T8186] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 261.750736][ T8186] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 261.761614][ T8186] F2FS-fs (loop4): invalid crc value [ 261.768336][ T8186] F2FS-fs (loop4): Found nat_bits in checkpoint [ 261.805820][ T8205] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 261.826543][ T8205] ext4 filesystem being mounted at /255/bus supports timestamps until 2038 (0x7fffffff) [ 261.840233][ T8186] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 261.849638][ T8186] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 261.860276][ T23] audit: type=1400 audit(1719914233.518:5664): avc: denied { mounton } for pid=8203 comm="syz.0.2557" path="/255/bus/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 261.908322][ T8205] loop_set_status: loop0 () has still dirty pages (nrpages=2) [ 261.937810][ T4851] EXT4-fs error (device loop0): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /255/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 261.970697][ T6810] attempt to access beyond end of device [ 261.970697][ T6810] loop4: rw=2049, want=40968, limit=40427 [ 262.128243][ T5144] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0 [ 262.135532][ T5144] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0 [ 262.156934][ T5144] plantronics 0003:047F:FFFF.003B: item fetching failed at offset 14/15 [ 262.165368][ T5144] plantronics 0003:047F:FFFF.003B: parse failed [ 262.186911][ T5144] plantronics: probe of 0003:047F:FFFF.003B failed with error -22 [ 262.206872][ T1388] usb 2-1: new full-speed USB device number 27 using dummy_hcd [ 262.398873][ T5144] usb 3-1: USB disconnect, device number 28 [ 262.857093][ T1388] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 262.921843][ T1388] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 262.956206][ T23] audit: type=1326 audit(1719914234.608:5665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.3.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffae5c5ff19 code=0x7fc00000 [ 262.982380][ T1388] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 262.995226][ T23] audit: type=1326 audit(1719914234.638:5666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.3.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ffae5c5ff19 code=0x7fc00000 [ 263.186963][ T1388] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 263.200026][ T1388] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.211087][ T1388] usb 2-1: Product: syz [ 263.215118][ T1388] usb 2-1: Manufacturer: syz [ 263.219807][ T1388] usb 2-1: SerialNumber: syz [ 263.513143][ T23] audit: type=1326 audit(1719914235.168:5667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.3.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffae5c5ff19 code=0x7fc00000 [ 263.537037][ T1388] cdc_ncm 2-1:1.0: bind() failure [ 263.557072][ T1388] usb 2-1: USB disconnect, device number 27 [ 263.583995][ T23] audit: type=1326 audit(1719914235.168:5668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.3.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7ffae5c5ff19 code=0x7fc00000 [ 263.608387][ T23] audit: type=1326 audit(1719914235.168:5669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.3.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffae5c5ff19 code=0x7fc00000 [ 263.631984][ T23] audit: type=1326 audit(1719914235.168:5670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.3.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffae5c5ff19 code=0x7fc00000 [ 263.668649][ T8247] loop4: p1 < > p3 [ 263.677147][ T23] audit: type=1326 audit(1719914235.168:5671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.3.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffae5c5ff19 code=0x7fc00000 [ 263.687309][ T8247] loop4: p3 size 134217728 extends beyond EOD, truncated [ 263.727016][ T23] audit: type=1326 audit(1719914235.168:5672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.3.2566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffae5c5ff19 code=0x7fc00000 [ 264.014196][ T8251] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 264.072117][ T8251] EXT4-fs error (device loop3): ext4_empty_dir:3002: inode #12: block 80: comm syz.3.2570: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=3774873612, rec_len=65535, size=4096 fake=0 [ 264.091157][ T8251] EXT4-fs warning (device loop3): ext4_empty_dir:3004: inode #12: comm syz.3.2570: directory missing '.' [ 264.102491][ T8251] EXT4-fs error (device loop3): ext4_validate_block_bitmap:418: comm syz.3.2570: bg 0: block 186: padding at end of block bitmap is not set [ 264.116741][ T8251] EXT4-fs error (device loop3) in ext4_free_blocks:5019: Corrupt filesystem [ 264.133613][ T8243] F2FS-fs (loop2): Test dummy encryption mode enabled [ 264.151953][ T1182] udevd[1182]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 264.164495][ T2711] udevd[2711]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 264.197091][ T8243] F2FS-fs (loop2): Found nat_bits in checkpoint [ 264.217670][ T8264] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2573'. [ 264.268316][ T2711] print_req_error: 199 callbacks suppressed [ 264.268329][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 264.287540][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 264.305117][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.327075][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.337969][ T2711] buffer_io_error: 172 callbacks suppressed [ 264.337978][ T2711] Buffer I/O error on dev loop3p3, logical block 8, async page read [ 264.351707][ T2711] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.362582][ T2711] Buffer I/O error on dev loop3p3, logical block 9, async page read [ 264.362637][ T8243] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 264.374272][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 264.390868][ T2711] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.406989][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.418269][ T2711] Buffer I/O error on dev loop3p3, logical block 10, async page read [ 264.428008][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 264.435871][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.447938][ T2711] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.474545][ T2711] Buffer I/O error on dev loop3p3, logical block 11, async page read [ 264.483052][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 264.491628][ T2711] blk_update_request: I/O error, dev loop3, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.496869][ T8273] EXT4-fs (loop1): orphan cleanup on readonly fs [ 264.503031][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 264.516578][ T2711] Buffer I/O error on dev loop3p3, logical block 12, async page read [ 264.526377][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 264.541497][ T8273] EXT4-fs error (device loop1): ext4_ext_check_inode:540: inode #4: comm syz.1.2576: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048) [ 264.565029][ T8273] EXT4-fs error (device loop1): ext4_quota_enable:6059: comm syz.1.2576: Bad quota inode: 4, type: 1 [ 264.577146][ T8273] EXT4-fs warning (device loop1): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 264.607217][ T8273] EXT4-fs (loop1): Cannot turn on quotas: error -117 [ 264.613765][ T8273] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 265.006865][ T384] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 265.376950][ T384] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 265.397046][ T384] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 265.406592][ T384] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 265.436873][ T384] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 265.436902][ T1388] usb 2-1: new full-speed USB device number 28 using dummy_hcd [ 265.463136][ T384] usb 4-1: config 0 descriptor?? [ 265.654603][ T8309] fuse: Unknown parameter 'fKy.'׫trBN' [ 265.851594][ T8313] EXT4-fs (loop2): can't mount with dioread_nolock if block size != PAGE_SIZE [ 265.949627][ T384] holtek_kbd 0003:04D9:A055.003C: hidraw0: USB HID v0.00 Device [HID 04d9:a055] on usb-dummy_hcd.3-1/input0 [ 266.056918][ T1388] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 266.068125][ T1388] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 266.077151][ T1388] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 266.106347][ T8320] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 266.120313][ T8320] ext4 filesystem being mounted at /207/bus supports timestamps until 2038 (0x7fffffff) [ 266.152898][ T384] usb 4-1: USB disconnect, device number 35 [ 266.217041][ T8320] loop_set_status: loop2 () has still dirty pages (nrpages=4) [ 266.232479][ T4781] EXT4-fs error (device loop2): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /207/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 266.267014][ T1388] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 266.275856][ T1388] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.296876][ T1388] usb 2-1: Product: syz [ 266.300841][ T1388] usb 2-1: Manufacturer: syz [ 266.305279][ T1388] usb 2-1: SerialNumber: syz [ 266.607754][ T1388] cdc_ncm 2-1:1.0: bind() failure [ 266.633417][ T1388] usb 2-1: USB disconnect, device number 28 [ 266.820911][ T8344] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2599'. [ 267.818407][ T8359] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 267.851400][ T8359] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 267.887666][ T8359] F2FS-fs (loop1): invalid crc value [ 267.959538][ T8359] F2FS-fs (loop1): Found nat_bits in checkpoint [ 268.243974][ T8359] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 268.251905][ T8359] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 268.286911][ T384] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 268.414101][ T5523] attempt to access beyond end of device [ 268.414101][ T5523] loop1: rw=2049, want=40968, limit=40427 [ 268.666949][ T384] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 268.686881][ T384] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 268.706605][ T384] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 268.726800][ T384] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.741080][ T384] usb 4-1: config 0 descriptor?? [ 269.048078][ T8379] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.055339][ T8379] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.067292][ T8379] device bridge_slave_0 entered promiscuous mode [ 269.075238][ T8379] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.082366][ T8379] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.089895][ T8379] device bridge_slave_1 entered promiscuous mode [ 269.210555][ T8379] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.217414][ T8379] bridge0: port 2(bridge_slave_1) entered forwarding state [ 269.224628][ T8379] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.231415][ T8379] bridge0: port 1(bridge_slave_0) entered forwarding state [ 269.232367][ T384] holtek_kbd 0003:04D9:A055.003D: hidraw0: USB HID v0.00 Device [HID 04d9:a055] on usb-dummy_hcd.3-1/input0 [ 269.316282][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 269.333950][ T384] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.341432][ T384] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.378514][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 269.386550][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.393402][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 269.411136][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 269.427331][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.434174][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 269.452495][ T1388] usb 4-1: USB disconnect, device number 36 [ 269.463821][ T9] device bridge_slave_1 left promiscuous mode [ 269.470287][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.487205][ T9] device bridge_slave_0 left promiscuous mode [ 269.503297][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.595440][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 269.614601][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 269.636285][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 269.664904][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 269.677178][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 269.719252][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 269.729753][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 269.888507][ T8395] tipc: Started in network mode [ 269.893195][ T8395] tipc: Own node identity ac1414aa, cluster identity 4711 [ 269.918036][ T8392] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 269.926750][ T8395] tipc: Enabling of bearer rejected, failed to enable media [ 269.956015][ T8392] EXT4-fs error (device loop4): ext4_validate_block_bitmap:418: comm syz.4.2613: bg 0: block 234: padding at end of block bitmap is not set [ 270.000860][ T8392] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 31 with max blocks 2 with error 117 [ 270.038247][ T8392] EXT4-fs (loop4): This should not happen!! Data will be lost [ 270.038247][ T8392] [ 270.142195][ T8402] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 270.159054][ T2711] print_req_error: 109 callbacks suppressed [ 270.159069][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 270.160307][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 270.167272][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.419649][ T2711] buffer_io_error: 94 callbacks suppressed [ 270.419679][ T2711] Buffer I/O error on dev loop3p3, logical block 8, async page read [ 270.447614][ T8402] EXT4-fs (loop4): This should not happen!! Data will be lost [ 270.447614][ T8402] [ 270.457233][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.476874][ T8402] EXT4-fs (loop4): Total free blocks count 0 [ 270.482716][ T8402] EXT4-fs (loop4): Free/Dirty block details [ 270.488466][ T8402] EXT4-fs (loop4): free_blocks=0 [ 270.493214][ T8402] EXT4-fs (loop4): dirty_blocks=16 [ 270.493612][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 270.498256][ T8402] EXT4-fs (loop4): Block reservation details [ 270.511865][ T8402] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 270.519293][ T2711] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.542379][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.553777][ T2711] Buffer I/O error on dev loop3p3, logical block 9, async page read [ 270.573417][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 270.573639][ T2711] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.596798][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.615921][ T2711] Buffer I/O error on dev loop3p3, logical block 10, async page read [ 270.625617][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 270.633599][ T2711] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.644633][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.656287][ T2711] Buffer I/O error on dev loop3p3, logical block 11, async page read [ 270.664455][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 270.672484][ T2711] Buffer I/O error on dev loop3p3, logical block 12, async page read [ 270.707137][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 270.863564][ T8419] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 270.957173][ T8419] EXT4-fs error (device loop4): ext4_empty_dir:3002: inode #12: block 80: comm syz.4.2622: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=3774873612, rec_len=65535, size=4096 fake=0 [ 270.996597][ T8419] EXT4-fs warning (device loop4): ext4_empty_dir:3004: inode #12: comm syz.4.2622: directory missing '.' [ 271.017230][ T8419] EXT4-fs error (device loop4): ext4_validate_block_bitmap:418: comm syz.4.2622: bg 0: block 186: padding at end of block bitmap is not set [ 271.050790][ T8429] tipc: Enabling of bearer rejected, failed to enable media [ 271.116212][ T8419] EXT4-fs error (device loop4) in ext4_free_blocks:5019: Corrupt filesystem [ 271.262314][ T8434] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 271.276982][ T8434] ext4 filesystem being mounted at /199/file1 supports timestamps until 2038 (0x7fffffff) [ 271.406069][ T8444] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 271.427507][ T8444] ext4 filesystem being mounted at /4/bus supports timestamps until 2038 (0x7fffffff) [ 271.626877][ T8444] loop_set_status: loop4 () has still dirty pages (nrpages=4) [ 271.915088][ T8379] EXT4-fs error (device loop4): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /4/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 272.222035][ T8466] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.229496][ T8466] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.237127][ T8466] device bridge_slave_0 entered promiscuous mode [ 272.246488][ T8466] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.253631][ T8466] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.261143][ T8466] device bridge_slave_1 entered promiscuous mode [ 272.397336][ T8466] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.404196][ T8466] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.411331][ T8466] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.418080][ T8466] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.446933][ T8476] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 272.455725][ T8476] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038 (0x7fffffff) [ 272.551788][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 272.569546][ T384] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.577678][ T384] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.632298][ T8487] EXT4-fs (loop3): orphan cleanup on readonly fs [ 272.649072][ T8487] EXT4-fs error (device loop3): ext4_ext_check_inode:540: inode #4: comm syz.3.2648: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048) [ 272.671243][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 272.680403][ T8487] EXT4-fs error (device loop3): ext4_quota_enable:6059: comm syz.3.2648: Bad quota inode: 4, type: 1 [ 272.697844][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.704766][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.737006][ T8487] EXT4-fs warning (device loop3): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 272.752017][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 272.777116][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.784041][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.791552][ T8487] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 272.806868][ T8487] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 272.865890][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 272.882093][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 272.967502][ T9] device bridge_slave_1 left promiscuous mode [ 272.974022][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.996235][ T9] device bridge_slave_0 left promiscuous mode [ 273.051225][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.283578][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 273.310077][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 273.328617][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 273.380544][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 273.397179][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 273.407494][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 273.424173][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 273.497150][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 273.509519][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 273.931839][ T23] kauditd_printk_skb: 87 callbacks suppressed [ 273.931990][ T23] audit: type=1400 audit(1719914245.588:5760): avc: denied { connect } for pid=8506 comm="syz.0.2640" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 274.005585][ T23] audit: type=1400 audit(1719914245.588:5761): avc: denied { read } for pid=8506 comm="syz.0.2640" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 274.226891][ T13] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 274.746897][ T13] usb 4-1: Using ep0 maxpacket: 16 [ 274.798435][ T8520] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2657'. [ 274.887202][ T13] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 274.906889][ T13] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 274.926542][ T13] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 274.953280][ T13] usb 4-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00 [ 274.962734][ T8526] EXT4-fs (loop0): orphan cleanup on readonly fs [ 274.976924][ T8526] EXT4-fs error (device loop0): ext4_ext_check_inode:540: inode #4: comm syz.0.2659: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048) [ 274.995176][ T13] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.008320][ T13] usb 4-1: config 0 descriptor?? [ 275.014610][ T8526] EXT4-fs error (device loop0): ext4_quota_enable:6059: comm syz.0.2659: Bad quota inode: 4, type: 1 [ 275.025719][ T8526] EXT4-fs warning (device loop0): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 275.040453][ T8526] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 275.047363][ T8526] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 275.327766][ T8530] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 275.345203][ T8530] EXT4-fs (loop1): old and new quota format mixing [ 275.508179][ T13] elecom 0003:056E:00FB.003E: unknown main item tag 0x0 [ 275.513064][ T8542] tmpfs: Bad value for 'nr_blocks' [ 275.514943][ T13] elecom 0003:056E:00FB.003E: unbalanced delimiter at end of report description [ 275.557515][ T13] elecom: probe of 0003:056E:00FB.003E failed with error -22 [ 275.953653][ T3107] usb 4-1: USB disconnect, device number 37 [ 276.467742][ T23] audit: type=1400 audit(1719914248.128:5762): avc: denied { name_bind } for pid=8552 comm="syz.1.2668" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 276.594028][ T1182] print_req_error: 236 callbacks suppressed [ 276.594042][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 276.616099][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 276.638399][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 276.657122][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 276.659993][ T2711] buffer_io_error: 203 callbacks suppressed [ 276.660001][ T2711] Buffer I/O error on dev loop3p3, logical block 8, async page read [ 276.668090][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 276.689734][ T2711] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 276.700705][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 276.711397][ T2711] Buffer I/O error on dev loop3p3, logical block 9, async page read [ 276.719216][ T2711] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 276.743053][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 276.821719][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 276.973033][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 276.989684][ T2711] Buffer I/O error on dev loop3p3, logical block 10, async page read [ 276.996360][ T8561] bridge0: port 1(bridge_slave_0) entered blocking state [ 277.004654][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 277.013199][ T2711] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 277.025451][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 277.033839][ T8561] bridge0: port 1(bridge_slave_0) entered disabled state [ 277.046916][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 277.051704][ T2711] Buffer I/O error on dev loop3p3, logical block 11, async page read [ 277.055382][ T8561] device bridge_slave_0 entered promiscuous mode [ 277.087607][ T8561] bridge0: port 2(bridge_slave_1) entered blocking state [ 277.091688][ T2711] Buffer I/O error on dev loop3p3, logical block 12, async page read [ 277.102499][ T8561] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.103249][ T8561] device bridge_slave_1 entered promiscuous mode [ 277.213552][ T8583] netlink: 'syz.1.2679': attribute type 126 has an invalid length. [ 277.288066][ T8561] bridge0: port 2(bridge_slave_1) entered blocking state [ 277.295143][ T8561] bridge0: port 2(bridge_slave_1) entered forwarding state [ 277.302308][ T8561] bridge0: port 1(bridge_slave_0) entered blocking state [ 277.309136][ T8561] bridge0: port 1(bridge_slave_0) entered forwarding state [ 277.390095][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 277.398551][ T1963] bridge0: port 1(bridge_slave_0) entered disabled state [ 277.405682][ T1963] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.477814][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 277.506159][ T1963] bridge0: port 1(bridge_slave_0) entered blocking state [ 277.513015][ T1963] bridge0: port 1(bridge_slave_0) entered forwarding state [ 277.551312][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 277.573052][ T1963] bridge0: port 2(bridge_slave_1) entered blocking state [ 277.580008][ T1963] bridge0: port 2(bridge_slave_1) entered forwarding state [ 277.638330][ T5144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 277.649250][ T5144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 277.690235][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 277.707326][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 277.725648][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 277.735712][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 277.777853][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 277.785877][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 277.804251][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 277.821580][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 277.840272][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 277.857203][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 278.025208][ T23] audit: type=1400 audit(1719914249.678:5763): avc: denied { nlmsg_write } for pid=8604 comm="syz.2.2686" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 278.121671][ T8611] netlink: 'syz.2.2689': attribute type 126 has an invalid length. [ 278.468134][ T23] audit: type=1400 audit(1719914250.128:5764): avc: denied { write } for pid=8622 comm="syz.0.2692" name="msr" dev="devtmpfs" ino=1137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 278.938474][ T23] audit: type=1400 audit(1719914250.598:5765): avc: denied { append } for pid=8635 comm="syz.1.2701" name="ppp" dev="devtmpfs" ino=1829 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 279.078415][ T8633] bridge0: port 1(bridge_slave_0) entered blocking state [ 279.085311][ T8633] bridge0: port 1(bridge_slave_0) entered disabled state [ 279.092912][ T8633] device bridge_slave_0 entered promiscuous mode [ 279.100041][ T8633] bridge0: port 2(bridge_slave_1) entered blocking state [ 279.107032][ T8633] bridge0: port 2(bridge_slave_1) entered disabled state [ 279.114570][ T8633] device bridge_slave_1 entered promiscuous mode [ 279.328151][ T8633] bridge0: port 2(bridge_slave_1) entered blocking state [ 279.335012][ T8633] bridge0: port 2(bridge_slave_1) entered forwarding state [ 279.342160][ T8633] bridge0: port 1(bridge_slave_0) entered blocking state [ 279.348999][ T8633] bridge0: port 1(bridge_slave_0) entered forwarding state [ 279.459653][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 279.468618][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 279.477840][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 279.524222][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 279.532941][ T3107] bridge0: port 1(bridge_slave_0) entered blocking state [ 279.539791][ T3107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 279.551600][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 279.560067][ T3107] bridge0: port 2(bridge_slave_1) entered blocking state [ 279.566911][ T3107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 279.587426][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 279.605914][ T9] device bridge_slave_1 left promiscuous mode [ 279.611887][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 279.619580][ T9] device bridge_slave_0 left promiscuous mode [ 279.625533][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 279.729136][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 279.759071][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 279.787777][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 279.806221][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 279.826362][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 279.836479][ T8670] lo: Caught tx_queue_len zero misconfig [ 279.864284][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 279.878350][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 279.908346][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 279.917386][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 279.925674][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 279.954196][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 280.176952][ T384] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 280.197919][ T23] audit: type=1400 audit(1719914251.858:5766): avc: denied { connect } for pid=8680 comm="syz.2.2718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 280.288192][ T23] audit: type=1326 audit(1719914252.002:5767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8680 comm="syz.2.2718" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0eb0ba2f19 code=0x0 [ 280.547038][ T384] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 280.586893][ T384] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 280.606764][ T384] usb 1-1: New USB device found, idVendor=04b4, idProduct=0001, bcdDevice= 0.00 [ 280.622240][ T384] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.647001][ T384] usb 1-1: config 0 descriptor?? [ 280.673588][ T23] audit: type=1107 audit(1719914252.382:5768): pid=8680 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 280.688671][ T384] usbhid 1-1:0.0: can't add hid device: -22 [ 280.694451][ T384] usbhid: probe of 1-1:0.0 failed with error -22 [ 280.818766][ T8665] F2FS-fs (loop1): Test dummy encryption mode enabled [ 280.829931][ T8665] F2FS-fs (loop1): Found nat_bits in checkpoint [ 280.886910][ T8665] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 281.046606][ T384] usb 1-1: USB disconnect, device number 29 [ 281.074290][ T8703] lo: Caught tx_queue_len zero misconfig [ 281.325636][ T8719] fuse: Unknown parameter 'fKy.'׫trBN' [ 281.333660][ T23] audit: type=1326 audit(1719914253.042:5769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8718 comm="syz.2.2732" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0eb0ba2f19 code=0x0 [ 282.085825][ T1182] print_req_error: 185 callbacks suppressed [ 282.085840][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 282.105150][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 282.139815][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 282.151804][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 282.181057][ T2711] buffer_io_error: 159 callbacks suppressed [ 282.181066][ T2711] Buffer I/O error on dev loop3p3, logical block 8, async page read [ 282.195325][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 282.213365][ T2711] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 282.230956][ T2711] Buffer I/O error on dev loop3p3, logical block 9, async page read [ 282.238167][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 282.253092][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 282.266925][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 282.275307][ T2711] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 282.287857][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 282.296473][ T2711] Buffer I/O error on dev loop3p3, logical block 10, async page read [ 282.314444][ T2711] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 282.327129][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 282.335372][ T2711] Buffer I/O error on dev loop3p3, logical block 11, async page read [ 282.356887][ T2711] Buffer I/O error on dev loop3p3, logical block 12, async page read [ 282.366885][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 282.367117][ T2711] Buffer I/O error on dev loop3p3, logical block 13, async page read [ 282.529786][ T8756] tipc: Started in network mode [ 282.534526][ T8756] tipc: Own node identity ac1414aa, cluster identity 4711 [ 282.554843][ T8756] tipc: Enabling of bearer rejected, failed to enable media [ 282.601164][ T8741] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 282.622908][ T8741] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 282.623443][ T8745] bridge0: port 1(bridge_slave_0) entered blocking state [ 282.653631][ T8745] bridge0: port 1(bridge_slave_0) entered disabled state [ 282.664713][ T8741] F2FS-fs (loop3): Found nat_bits in checkpoint [ 282.668131][ T8745] device bridge_slave_0 entered promiscuous mode [ 282.689857][ T8745] bridge0: port 2(bridge_slave_1) entered blocking state [ 282.703167][ T8745] bridge0: port 2(bridge_slave_1) entered disabled state [ 282.717222][ T8745] device bridge_slave_1 entered promiscuous mode [ 282.749639][ T8741] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 282.766654][ T8741] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 282.883096][ T8774] fuse: Unknown parameter 'fKy.'׫trBN' [ 282.891463][ T23] audit: type=1326 audit(1719914254.612:5770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8773 comm="syz.0.2750" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb0ae19f19 code=0x0 [ 282.918120][ T8745] bridge0: port 2(bridge_slave_1) entered blocking state [ 282.924975][ T8745] bridge0: port 2(bridge_slave_1) entered forwarding state [ 282.932096][ T8745] bridge0: port 1(bridge_slave_0) entered blocking state [ 282.938850][ T8745] bridge0: port 1(bridge_slave_0) entered forwarding state [ 283.000402][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 283.012145][ T1963] bridge0: port 1(bridge_slave_0) entered disabled state [ 283.027053][ T1963] bridge0: port 2(bridge_slave_1) entered disabled state [ 283.053363][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 283.065156][ T342] bridge0: port 1(bridge_slave_0) entered blocking state [ 283.072068][ T342] bridge0: port 1(bridge_slave_0) entered forwarding state [ 283.094835][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 283.111758][ T342] bridge0: port 2(bridge_slave_1) entered blocking state [ 283.118638][ T342] bridge0: port 2(bridge_slave_1) entered forwarding state [ 283.158057][ T9] device bridge_slave_1 left promiscuous mode [ 283.166919][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 283.187188][ T9] device bridge_slave_0 left promiscuous mode [ 283.193111][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 283.221194][ T8742] F2FS-fs (loop2): Test dummy encryption mode enabled [ 283.275019][ T8742] F2FS-fs (loop2): Found nat_bits in checkpoint [ 283.337882][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 283.347387][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 283.355558][ T8742] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 283.405144][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 283.676028][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 283.684248][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 283.699256][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 283.709163][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 283.737945][ T5144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 283.746256][ T5144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 283.764366][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 283.784269][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 283.865824][ T23] audit: type=1326 audit(1719914255.633:5771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8803 comm="syz.4.2736" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e4450df19 code=0x0 [ 284.036228][ T23] audit: type=1107 audit(1719914255.803:5772): pid=8803 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 284.099019][ T8802] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 284.110558][ T8802] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 284.193918][ T23] audit: type=1400 audit(1719914255.963:5773): avc: denied { setattr } for pid=8808 comm="syz.3.2759" name="kvm" dev="devtmpfs" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 284.228980][ T8802] F2FS-fs (loop0): Found nat_bits in checkpoint [ 284.347701][ T23] audit: type=1400 audit(1719914256.113:5774): avc: denied { remount } for pid=8820 comm="syz.3.2764" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 284.380058][ T8802] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 284.397118][ T8802] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 284.691399][ T23] audit: type=1400 audit(1719914256.463:5775): avc: denied { map } for pid=8826 comm="syz.2.2756" path="/9/bus" dev="devtmpfs" ino=9196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 284.968089][ T8829] F2FS-fs (loop3): Test dummy encryption mode enabled [ 284.995862][ T8829] F2FS-fs (loop3): Found nat_bits in checkpoint [ 285.081443][ T8829] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 285.156506][ T8834] F2FS-fs (loop4): invalid crc value [ 285.187137][ T8834] F2FS-fs (loop4): Found nat_bits in checkpoint [ 285.276614][ T8834] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 285.361892][ T8834] attempt to access beyond end of device [ 285.361892][ T8834] loop4: rw=2049, want=40992, limit=40427 [ 285.707013][ T384] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 285.846913][ T8868] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 285.859846][ T8868] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 285.871792][ T8868] F2FS-fs (loop4): Found nat_bits in checkpoint [ 285.885698][ T8872] EXT4-fs error (device loop0): ext4_fill_super:4612: inode #2: comm syz.0.2778: casefold flag without casefold feature [ 285.911580][ T8872] EXT4-fs (loop0): Remounting filesystem read-only [ 285.929573][ T8872] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e02c, mo2=0006] [ 285.937510][ T8872] System zones: 0-2, 18-18, 34-35 [ 285.942911][ T8872] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000000,errors=remount-ro, [ 285.965351][ T8881] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 285.977943][ T8881] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038 (0x7fffffff) [ 285.988473][ T8868] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 285.992464][ T8881] fs-verity: sha512 using implementation "sha512-generic" [ 286.003647][ T8868] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 286.077010][ T384] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 286.097855][ T384] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 286.145545][ T384] usb 3-1: New USB device found, idVendor=04b4, idProduct=0001, bcdDevice= 0.00 [ 286.171179][ T384] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.180303][ T384] usb 3-1: config 0 descriptor?? [ 286.217906][ T384] usbhid 3-1:0.0: can't add hid device: -22 [ 286.261793][ T384] usbhid: probe of 3-1:0.0 failed with error -22 [ 286.359094][ T8900] xt_CT: You must specify a L4 protocol and not use inversions on it [ 286.367597][ T8900] fscrypt (loop0, inode 12): Error -61 getting encryption context [ 286.539151][ T8908] EXT4-fs (loop4): Ignoring removed orlov option [ 286.556910][ T8908] EXT4-fs (loop4): Ignoring removed nobh option [ 286.597171][ T8908] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000019,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,nobh,,errors=continue [ 286.609526][ T5144] usb 3-1: USB disconnect, device number 29 [ 286.659673][ T8899] F2FS-fs (loop3): invalid crc value [ 286.711388][ T8899] F2FS-fs (loop3): Found nat_bits in checkpoint [ 286.761310][ T8899] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 286.796509][ T8899] attempt to access beyond end of device [ 286.796509][ T8899] loop3: rw=2049, want=40992, limit=40427 [ 286.921129][ T8919] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 286.930022][ T8919] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038 (0x7fffffff) [ 287.024494][ T8924] bridge0: port 1(bridge_slave_0) entered blocking state [ 287.041043][ T8924] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.058669][ T8924] device bridge_slave_0 entered promiscuous mode [ 287.077793][ T8924] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.084741][ T8924] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.102505][ T8924] device bridge_slave_1 entered promiscuous mode [ 287.191379][ T8924] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.198557][ T8924] bridge0: port 2(bridge_slave_1) entered forwarding state [ 287.205653][ T8924] bridge0: port 1(bridge_slave_0) entered blocking state [ 287.212474][ T8924] bridge0: port 1(bridge_slave_0) entered forwarding state [ 287.242817][ T5144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 287.250636][ T5144] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.258166][ T5144] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.267799][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 287.276066][ T384] bridge0: port 1(bridge_slave_0) entered blocking state [ 287.282913][ T384] bridge0: port 1(bridge_slave_0) entered forwarding state [ 287.308006][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 287.316045][ T384] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.322881][ T384] bridge0: port 2(bridge_slave_1) entered forwarding state [ 287.330663][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 287.338641][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 287.362896][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 287.378067][ T8951] device wireguard0 entered promiscuous mode [ 287.384925][ T8947] FAT-fs (loop3): Unrecognized mount option "B1q鞳+d'#.Ԓͯ?o\ [ 287.384925][ T8947] 18446744073709551615" or missing value [ 287.407577][ T9] device bridge_slave_1 left promiscuous mode [ 287.413910][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.421767][ T9] device bridge_slave_0 left promiscuous mode [ 287.428456][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.501483][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 287.514493][ T8956] EXT4-fs: Invalid sb specification: sb=0xfffffffffffffff8Anoauto_da_alloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,dioread_nolock,usrjquota=,nojournal_checksum,jqfmt=vfsv1,,errors=continue [ 287.553379][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 287.577407][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 287.577665][ T1182] print_req_error: 289 callbacks suppressed [ 287.577682][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 287.588645][ T8956] EXT4-fs (loop2): Unrecognized mount option "sb=0xfffffffffffffff8Anoauto_da_alloc" or missing value [ 287.596976][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 287.624314][ T1182] buffer_io_error: 250 callbacks suppressed [ 287.624323][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 287.627083][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 287.630426][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 287.657330][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 287.665205][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 287.672764][ T8963] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 287.676952][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 287.693404][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 287.710031][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 287.721750][ T8963] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038 (0x7fffffff) [ 287.735727][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 287.746441][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 287.757632][ T2711] Buffer I/O error on dev loop3p3, logical block 8, async page read [ 287.765469][ T2711] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 287.778592][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 287.789299][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 287.797056][ T2711] Buffer I/O error on dev loop3p3, logical block 9, async page read [ 287.806959][ T2711] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 287.820316][ T2711] Buffer I/O error on dev loop3p3, logical block 10, async page read [ 287.852274][ T2711] Buffer I/O error on dev loop3p3, logical block 11, async page read [ 287.886454][ T2711] Buffer I/O error on dev loop3p3, logical block 12, async page read [ 289.055361][ T8989] EXT4-fs (loop2): mounted filesystem without journal. Opts: abort,nombcache,auto_da_alloc=0x0000000000000002,inode_readahead_blks=0x0000000004000000,debug_want_extra_isize=0x000000000000005e,lazytime,barrier,usrquota,grpquota,,errors=continue [ 289.106787][ T9000] EXT4-fs (loop1): Ignoring removed orlov option [ 289.117516][ T9000] EXT4-fs (loop1): Ignoring removed nobh option [ 289.139981][ T9000] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000019,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,nobh,,errors=continue [ 289.141623][ T9005] EXT4-fs (loop4): 1 orphan inode deleted [ 289.172593][ T9005] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 289.181487][ T9005] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038 (0x7fffffff) [ 289.332560][ T762] tipc: Left network mode [ 289.393863][ T9023] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 289.411983][ T9023] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 289.421566][ T9023] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 1 not in group (block 0)! [ 289.434541][ T9023] EXT4-fs (loop2): group descriptors corrupted! [ 289.503419][ T9028] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.510417][ T9028] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.518072][ T9028] device bridge_slave_0 entered promiscuous mode [ 289.524844][ T9028] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.532099][ T9028] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.539571][ T9028] device bridge_slave_1 entered promiscuous mode [ 289.629378][ T9028] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.636240][ T9028] bridge0: port 2(bridge_slave_1) entered forwarding state [ 289.643484][ T9028] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.650411][ T9028] bridge0: port 1(bridge_slave_0) entered forwarding state [ 289.674975][ T9026] EXT4-fs: Invalid sb specification: sb=0xfffffffffffffff8Anoauto_da_alloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,dioread_nolock,usrjquota=,nojournal_checksum,jqfmt=vfsv1,,errors=continue [ 289.702060][ T9026] EXT4-fs (loop0): Unrecognized mount option "sb=0xfffffffffffffff8Anoauto_da_alloc" or missing value [ 289.958254][ T9039] EXT4-fs (loop2): mounted filesystem without journal. Opts: abort,nombcache,auto_da_alloc=0x0000000000000002,inode_readahead_blks=0x0000000004000000,debug_want_extra_isize=0x000000000000005e,lazytime,barrier,usrquota,grpquota,,errors=continue [ 289.958302][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 289.989361][ T9038] EXT4-fs (loop3): mounted filesystem without journal. Opts: user_xattr,nombcache,dioread_lock,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,usrquota,noauto_da_alloc,,errors=continue [ 290.044465][ T23] audit: type=1400 audit(1719914261.783:5776): avc: denied { quotaon } for pid=9037 comm="syz.3.2823" name="file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 290.083875][ T3107] bridge0: port 1(bridge_slave_0) entered disabled state [ 290.090995][ T3107] bridge0: port 2(bridge_slave_1) entered disabled state [ 290.103475][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 290.111699][ T1963] bridge0: port 1(bridge_slave_0) entered blocking state [ 290.118545][ T1963] bridge0: port 1(bridge_slave_0) entered forwarding state [ 290.130671][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 290.474539][ T1963] bridge0: port 2(bridge_slave_1) entered blocking state [ 290.481410][ T1963] bridge0: port 2(bridge_slave_1) entered forwarding state [ 290.518361][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 290.527872][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 290.535683][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 290.543885][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 290.557926][ T9056] device wireguard0 entered promiscuous mode [ 290.599516][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 290.621345][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 290.666312][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 290.679039][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 290.688650][ T23] audit: type=1400 audit(1719914262.463:5777): avc: denied { wake_alarm } for pid=9073 comm="syz.0.2837" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 290.697253][ T9071] EXT4-fs (loop2): fragment/cluster size (1024) != block size (2048) [ 290.741127][ T762] device bridge_slave_1 left promiscuous mode [ 290.752816][ T762] bridge0: port 2(bridge_slave_1) entered disabled state [ 290.761272][ T762] device bridge_slave_0 left promiscuous mode [ 290.767773][ T762] bridge0: port 1(bridge_slave_0) entered disabled state [ 290.832125][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 290.842666][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 290.858064][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 290.866203][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 290.874366][ T9077] EXT4-fs (loop0): Unsupported blocksize for fs encryption [ 290.884511][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 290.892738][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 291.878778][ T9115] device wireguard0 entered promiscuous mode [ 291.924558][ T9114] EXT4-fs (loop4): fragment/cluster size (1024) != block size (2048) [ 292.218354][ T9133] EXT4-fs (loop4): Unsupported blocksize for fs encryption [ 292.374349][ T9136] EXT4-fs (loop0): Ignoring removed orlov option [ 292.381110][ T9136] EXT4-fs (loop0): Ignoring removed nobh option [ 292.398668][ T9136] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000019,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,nobh,,errors=continue [ 293.338263][ T1182] print_req_error: 80 callbacks suppressed [ 293.338276][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 293.424850][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 293.444303][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 293.455300][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 293.484606][ T2711] buffer_io_error: 68 callbacks suppressed [ 293.484613][ T2711] Buffer I/O error on dev loop3p3, logical block 8, async page read [ 293.507680][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 293.517032][ T2711] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 293.527905][ T2711] Buffer I/O error on dev loop3p3, logical block 9, async page read [ 293.535716][ T2711] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 293.546774][ T2711] Buffer I/O error on dev loop3p3, logical block 10, async page read [ 293.548183][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 293.575255][ T2711] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 293.583134][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 293.589057][ T2711] Buffer I/O error on dev loop3p3, logical block 11, async page read [ 293.650136][ T9165] device wireguard0 entered promiscuous mode [ 293.664897][ T762] tipc: Left network mode [ 293.690095][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 293.704085][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 293.737296][ T2711] Buffer I/O error on dev loop3p3, logical block 8, async page read [ 293.745207][ T2711] Buffer I/O error on dev loop3p3, logical block 9, async page read [ 293.756245][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 293.764668][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 294.000971][ T23] audit: type=1400 audit(1719914265.773:5778): avc: denied { write } for pid=9201 comm="syz.3.2880" name="usbmon0" dev="devtmpfs" ino=1830 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 294.079351][ T23] audit: type=1400 audit(1719914265.793:5779): avc: denied { map } for pid=9198 comm="syz.1.2879" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=1850 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 294.157322][ T9187] bridge0: port 1(bridge_slave_0) entered blocking state [ 294.167239][ T9187] bridge0: port 1(bridge_slave_0) entered disabled state [ 294.180175][ T9187] device bridge_slave_0 entered promiscuous mode [ 294.214788][ T9216] device wireguard0 entered promiscuous mode [ 294.248937][ T9187] bridge0: port 2(bridge_slave_1) entered blocking state [ 294.255798][ T9187] bridge0: port 2(bridge_slave_1) entered disabled state [ 294.264227][ T9187] device bridge_slave_1 entered promiscuous mode [ 294.335587][ T762] device bridge_slave_1 left promiscuous mode [ 294.344828][ T762] bridge0: port 2(bridge_slave_1) entered disabled state [ 294.352596][ T762] device bridge_slave_0 left promiscuous mode [ 294.360083][ T762] bridge0: port 1(bridge_slave_0) entered disabled state [ 294.484877][ T9229] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2890'. [ 294.537632][ T9187] bridge0: port 2(bridge_slave_1) entered blocking state [ 294.544593][ T9187] bridge0: port 2(bridge_slave_1) entered forwarding state [ 294.551764][ T9187] bridge0: port 1(bridge_slave_0) entered blocking state [ 294.558602][ T9187] bridge0: port 1(bridge_slave_0) entered forwarding state [ 294.566556][ T9163] F2FS-fs (loop4): Test dummy encryption mode enabled [ 294.600265][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 294.609185][ T384] bridge0: port 1(bridge_slave_0) entered disabled state [ 294.616642][ T384] bridge0: port 2(bridge_slave_1) entered disabled state [ 294.635764][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 294.644192][ T3107] bridge0: port 1(bridge_slave_0) entered blocking state [ 294.651054][ T3107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 294.658563][ T9163] F2FS-fs (loop4): Found nat_bits in checkpoint [ 294.658915][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 294.672896][ T3107] bridge0: port 2(bridge_slave_1) entered blocking state [ 294.679742][ T3107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 294.710637][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 294.722491][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 294.765032][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 294.771490][ T9163] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 294.797976][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 294.842839][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 294.850717][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 294.867871][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 294.875953][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 294.884113][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 294.892477][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 294.918082][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 294.928449][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 295.043933][ T9267] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2902'. [ 295.114754][ T9245] F2FS-fs (loop3): Invalid segment count (0) [ 295.128098][ T9245] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 295.138081][ T9245] F2FS-fs (loop3): invalid crc value [ 295.144969][ T9245] F2FS-fs (loop3): Found nat_bits in checkpoint [ 295.216652][ T9269] EXT4-fs (loop0): 1 orphan inode deleted [ 295.225718][ T9269] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 295.245538][ T9269] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038 (0x7fffffff) [ 295.255438][ T9245] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 295.273724][ T9245] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 295.424624][ T6847] attempt to access beyond end of device [ 295.424624][ T6847] loop3: rw=2049, want=45104, limit=40427 [ 295.515897][ T9290] EXT4-fs (loop1): Ignoring removed orlov option [ 295.527613][ T23] audit: type=1400 audit(1719914267.303:5780): avc: denied { bind } for pid=9300 comm="syz.2.2913" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 295.536475][ T9290] EXT4-fs (loop1): Ignoring removed nobh option [ 295.599848][ T9290] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000019,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,nobh,,errors=continue [ 295.996503][ T9332] syz.3.2910[9332] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 296.133447][ T9330] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.141861][ T9338] EXT4-fs (loop2): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 296.151604][ T9330] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.168363][ T9330] device bridge_slave_0 entered promiscuous mode [ 296.177681][ T9330] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.184508][ T9330] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.192171][ T9330] device bridge_slave_1 entered promiscuous mode [ 296.202434][ T9321] F2FS-fs (loop0): Invalid segment count (0) [ 296.215887][ T9321] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 296.234399][ T9321] F2FS-fs (loop0): invalid crc value [ 296.259760][ T9348] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 296.290615][ T9321] F2FS-fs (loop0): Found nat_bits in checkpoint [ 296.297156][ T9348] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 296.326470][ T9348] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 1 not in group (block 0)! [ 296.355910][ T9348] EXT4-fs (loop2): group descriptors corrupted! [ 296.373902][ T9330] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.380762][ T9330] bridge0: port 2(bridge_slave_1) entered forwarding state [ 296.387907][ T9330] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.394729][ T9330] bridge0: port 1(bridge_slave_0) entered forwarding state [ 296.397162][ T9321] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 296.408720][ T9321] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 296.417501][ T388] device bridge_slave_1 left promiscuous mode [ 296.423503][ T388] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.431211][ T388] device bridge_slave_0 left promiscuous mode [ 296.437274][ T388] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.580794][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 296.591485][ T3107] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.598648][ T9368] syz.2.2937[9368] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 296.605729][ T3107] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.627779][ T23] audit: type=1400 audit(1719914268.393:5781): avc: denied { getopt } for pid=9369 comm="syz.2.2938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 296.651453][ T9187] attempt to access beyond end of device [ 296.651453][ T9187] loop0: rw=2049, want=45104, limit=40427 [ 296.667033][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 296.675193][ T342] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.682038][ T342] bridge0: port 1(bridge_slave_0) entered forwarding state [ 296.707808][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 296.716017][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.722865][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 296.751880][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 296.761715][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 296.773536][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 296.786310][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 296.800975][ T9377] EXT4-fs (loop4): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 296.801052][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 296.817828][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 296.829383][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 296.837556][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 296.854463][ T5144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 296.870383][ T5144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 296.897054][ T5144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 296.907793][ T5144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 296.919419][ T5144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 296.928178][ T5144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 297.059615][ T9402] EXT4-fs (loop0): Unsupported blocksize for fs encryption [ 297.389549][ T9412] EXT4-fs (loop2): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 298.001640][ T9427] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 298.032149][ T9427] EXT4-fs (loop2): Unsupported blocksize for fs encryption [ 298.172840][ T9455] EXT4-fs (loop4): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 298.416064][ T2711] print_req_error: 448 callbacks suppressed [ 298.416076][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 298.416290][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 298.471625][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 298.514063][ T2711] buffer_io_error: 386 callbacks suppressed [ 298.514085][ T2711] Buffer I/O error on dev loop3p3, logical block 8, async page read [ 298.530417][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 298.599788][ T2711] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 298.620146][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 298.628450][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 298.639605][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 298.647487][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 298.658279][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 298.666157][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 298.677225][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 298.685087][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 298.696300][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 298.704893][ T2711] Buffer I/O error on dev loop3p3, logical block 9, async page read [ 298.715017][ T2711] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 298.726021][ T2711] Buffer I/O error on dev loop3p3, logical block 10, async page read [ 298.734507][ T2711] Buffer I/O error on dev loop3p3, logical block 11, async page read [ 298.747048][ T2711] Buffer I/O error on dev loop3p3, logical block 12, async page read [ 299.614994][ T9527] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue [ 299.628925][ T9527] ext4 filesystem being mounted at /13/bus supports timestamps until 2038 (0x7fffffff) [ 299.648019][ T9536] EXT4-fs (loop2): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 299.672220][ T9527] EXT4-fs error (device loop0): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 300.051353][ T9542] F2FS-fs (loop3): invalid crc value [ 300.078031][ T9542] F2FS-fs (loop3): Found nat_bits in checkpoint [ 300.235328][ T9542] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 300.268957][ T6847] attempt to access beyond end of device [ 300.268957][ T6847] loop3: rw=2049, want=45104, limit=40427 [ 300.404528][ T9579] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 300.709147][ T9594] 9pnet: Insufficient options for proto=fd [ 300.899137][ T9605] syz.0.3029[9605] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 300.899198][ T9605] syz.0.3029[9605] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 300.986081][ T23] audit: type=1400 audit(1719914272.683:5782): avc: denied { create } for pid=9593 comm="syz.0.3029" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1 [ 302.098192][ T9653] input: syz1 as /devices/virtual/input/input29 [ 302.184042][ T9665] 9pnet: Insufficient options for proto=fd [ 302.282194][ T23] audit: type=1400 audit(1719914274.053:5783): avc: denied { relabelfrom } for pid=9666 comm="syz.4.3057" name="NETLINK" dev="sockfs" ino=95535 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 302.308942][ T23] audit: type=1400 audit(1719914274.053:5784): avc: denied { relabelto } for pid=9666 comm="syz.4.3057" name="NETLINK" dev="sockfs" ino=95535 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_netfilter_socket permissive=1 [ 302.387466][ T9676] syz.1.3056[9676] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 302.387806][ T9676] syz.1.3056[9676] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 302.694310][ T9686] input: syz1 as /devices/virtual/input/input30 [ 302.980523][ T9713] input: syz1 as /devices/virtual/input/input31 [ 303.196972][ T372] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 303.470351][ T9742] 9pnet: Insufficient options for proto=fd [ 303.546551][ T372] usb 4-1: Using ep0 maxpacket: 16 [ 303.671524][ T9752] syz.4.3088[9752] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 303.671876][ T9752] syz.4.3088[9752] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 303.820801][ T372] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 303.857195][ T9748] GPT:first_usable_lbas don't match. [ 303.862527][ T9748] GPT:34 != 290 [ 303.866288][ T9748] GPT: Use GNU Parted to correct GPT errors. [ 303.872369][ T9748] loop0: p1 p2 p3 [ 303.875946][ T372] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 303.894093][ T372] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 303.903031][ T372] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 303.912228][ T372] usb 4-1: config 0 descriptor?? [ 304.022668][ T1156] udevd[1156]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 304.022953][ T1182] udevd[1182]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 304.033267][ T2711] udevd[2711]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 304.582414][ T9704] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 304.596158][ T9704] FAT-fs (loop3): bogus number of directory entries (203) [ 304.603739][ T9704] FAT-fs (loop3): Can't find a valid FAT filesystem [ 304.735747][ T1182] print_req_error: 245 callbacks suppressed [ 304.735760][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 304.738248][ T9704] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 304.742002][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 304.773346][ T372] hid (null): bogus close delimiter [ 304.799390][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 304.924791][ T372] hid (null): usage index exceeded [ 304.939860][ T372] hid-generic 0003:0158:0100.003F: unknown main item tag 0x0 [ 304.947562][ T1182] buffer_io_error: 211 callbacks suppressed [ 304.947582][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 304.961710][ T372] hid-generic 0003:0158:0100.003F: unknown main item tag 0x0 [ 305.006957][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 305.017786][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 305.028532][ T2711] Buffer I/O error on dev loop3p3, logical block 8, async page read [ 305.036288][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 305.044214][ T2711] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 305.057182][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 305.067928][ T2711] Buffer I/O error on dev loop3p3, logical block 9, async page read [ 305.074136][ T372] hid-generic 0003:0158:0100.003F: bogus close delimiter [ 305.081856][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 305.086782][ T372] hid-generic 0003:0158:0100.003F: item 0 0 2 10 parsing failed [ 305.107459][ T23] audit: type=1400 audit(1719914276.883:5785): avc: denied { map } for pid=9798 comm="syz.2.3109" path="socket:[96095]" dev="sockfs" ino=96095 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 305.115465][ T2711] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 305.137863][ T372] hid-generic: probe of 0003:0158:0100.003F failed with error -22 [ 305.148855][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 305.159366][ T372] usb 4-1: USB disconnect, device number 38 [ 305.179267][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 305.191505][ T2711] Buffer I/O error on dev loop3p3, logical block 10, async page read [ 305.200068][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 305.200208][ T2711] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 305.219694][ T2711] Buffer I/O error on dev loop3p3, logical block 11, async page read [ 305.227987][ T2711] Buffer I/O error on dev loop3p3, logical block 12, async page read [ 305.368237][ T9813] 9pnet: Insufficient options for proto=fd [ 305.593665][ T9817] syz.0.3113[9817] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 305.593735][ T9817] syz.0.3113[9817] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 305.954873][ T9829] GPT:first_usable_lbas don't match. [ 305.972468][ T9829] GPT:34 != 290 [ 305.976077][ T9829] GPT: Use GNU Parted to correct GPT errors. [ 305.983596][ T9829] loop1: p1 p2 p3 [ 305.985214][ T9826] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold, [ 306.018440][ T9836] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 306.039895][ T9836] EXT4-fs error (device loop3): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 306.065213][ T8924] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 34: comm syz-executor: path /49/file0/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1025, size=2048 fake=0 [ 306.085629][ T9836] Quota error (device loop3): write_blk: dquota write failed [ 306.093075][ T9836] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5 [ 306.102541][ T9836] Quota error (device loop3): write_blk: dquota write failed [ 306.110025][ T8924] EXT4-fs (loop4): Remounting filesystem read-only [ 306.116426][ T9836] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 306.126942][ T8924] EXT4-fs error (device loop4): ext4_lookup:1814: inode #14: comm syz-executor: iget: bad extra_isize 1056 (inode size 256) [ 306.139752][ T9836] EXT4-fs (loop3): 1 truncate cleaned up [ 306.142601][ T8924] EXT4-fs error (device loop4): ext4_lookup:1814: inode #14: comm syz-executor: iget: bad extra_isize 1056 (inode size 256) [ 306.145244][ T9836] EXT4-fs (loop3): mounted filesystem without journal. Opts: usrjquota=,noblock_validity,max_dir_size_kb=0x000000000181fffc,barrier=0x0000000000000003,journal_ioprio=0x0000000000000007,discard,nobarrier,dioread_nolock,resgid=0x000000000000ee002,errors=continue [ 306.191655][ T1182] udevd[1182]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 306.204623][ T2711] udevd[2711]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 306.252926][ T9844] capability: warning: `syz.2.3124' uses 32-bit capabilities (legacy support in use) [ 306.263442][ T1156] udevd[1156]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 306.445860][ T1182] udevd[1182]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 306.718493][ T1156] udevd[1156]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 306.722939][ T2711] udevd[2711]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 307.088031][ T9879] 9pnet: Insufficient options for proto=fd [ 307.597173][ T9886] syz.1.3137[9886] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 307.597225][ T9886] syz.1.3137[9886] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 307.836622][ T9881] netlink: 'syz.2.3135': attribute type 2 has an invalid length. [ 308.038933][ T9901] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3144'. [ 308.144941][ T9877] bridge0: port 1(bridge_slave_0) entered blocking state [ 308.151983][ T9877] bridge0: port 1(bridge_slave_0) entered disabled state [ 308.159185][ T9877] device bridge_slave_0 entered promiscuous mode [ 308.165824][ T9877] bridge0: port 2(bridge_slave_1) entered blocking state [ 308.172652][ T9877] bridge0: port 2(bridge_slave_1) entered disabled state [ 308.179914][ T9877] device bridge_slave_1 entered promiscuous mode [ 308.259486][ T9877] bridge0: port 2(bridge_slave_1) entered blocking state [ 308.266405][ T9877] bridge0: port 2(bridge_slave_1) entered forwarding state [ 308.273572][ T9877] bridge0: port 1(bridge_slave_0) entered blocking state [ 308.280430][ T9877] bridge0: port 1(bridge_slave_0) entered forwarding state [ 308.328395][ T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 308.335852][ T372] bridge0: port 1(bridge_slave_0) entered disabled state [ 308.342958][ T372] bridge0: port 2(bridge_slave_1) entered disabled state [ 308.556357][ T9908] EXT4-fs (loop0): Unsupported blocksize for fs encryption [ 308.576850][ T9924] netlink: 'syz.1.3149': attribute type 2 has an invalid length. [ 308.787074][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 308.806475][ T371] bridge0: port 1(bridge_slave_0) entered blocking state [ 308.813363][ T371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 308.832719][ T9928] 9pnet: Insufficient options for proto=fd [ 308.918581][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 308.926724][ T3107] bridge0: port 2(bridge_slave_1) entered blocking state [ 308.933563][ T3107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 308.940813][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 308.956930][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 309.017025][ T9933] syz.3.3153[9933] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 309.017298][ T9933] syz.3.3153[9933] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 309.228353][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 309.247733][ T388] device bridge_slave_1 left promiscuous mode [ 309.262849][ T388] bridge0: port 2(bridge_slave_1) entered disabled state [ 309.270425][ T388] device bridge_slave_0 left promiscuous mode [ 309.279102][ T388] bridge0: port 1(bridge_slave_0) entered disabled state [ 309.327290][ T1963] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 309.402564][ T9944] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3158'. [ 309.444544][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 309.458421][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 309.716571][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 309.726415][ T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 309.741739][ T2711] print_req_error: 155 callbacks suppressed [ 309.741755][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 309.760938][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 309.772048][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 309.787296][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 309.795853][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 309.805176][ T2711] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 309.844712][ T2711] blk_update_request: I/O error, dev loop3, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 309.856309][ T2711] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 309.872220][ T2711] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 309.883498][ T2711] blk_update_request: I/O error, dev loop3, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 309.894998][ T1963] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 309.905948][ T2711] blk_update_request: I/O error, dev loop3, sector 14 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 309.917429][ T1963] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 309.920267][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 309.927632][ T2711] blk_update_request: I/O error, dev loop3, sector 15 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 309.934521][ T3107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 309.945149][ T2711] blk_update_request: I/O error, dev loop3, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 309.963491][ T2711] buffer_io_error: 140 callbacks suppressed [ 309.963500][ T2711] Buffer I/O error on dev loop3p3, logical block 15, async page read [ 309.989217][ T1182] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 309.994405][ T2711] Buffer I/O error on dev loop3p3, logical block 8, async page read [ 310.008598][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 310.010411][ T2711] Buffer I/O error on dev loop3p3, logical block 9, async page read [ 310.024359][ T2711] Buffer I/O error on dev loop3p3, logical block 10, async page read [ 310.030381][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 310.045141][ T2711] Buffer I/O error on dev loop3p3, logical block 11, async page read [ 310.049304][ T1182] Buffer I/O error on dev loop3p1, logical block 0, async page read [ 310.053982][ T2711] Buffer I/O error on dev loop3p3, logical block 12, async page read [ 310.068886][ T2711] Buffer I/O error on dev loop3p3, logical block 13, async page read [ 310.107412][ T388] ================================================================== [ 310.115429][ T388] BUG: KASAN: null-ptr-deref in tcf_idrinfo_destroy+0xe2/0x280 [ 310.122808][ T388] Read of size 4 at addr 0000000000000010 by task kworker/u4:3/388 [ 310.130518][ T388] [ 310.132699][ T388] CPU: 0 PID: 388 Comm: kworker/u4:3 Tainted: G W 5.4.276-syzkaller-00021-g58de09405d1e #0 [ 310.143921][ T388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 310.153818][ T388] Workqueue: netns cleanup_net [ 310.158411][ T388] Call Trace: [ 310.161548][ T388] dump_stack+0x1d8/0x241 [ 310.165703][ T388] ? panic+0x89d/0x89d [ 310.169610][ T388] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 310.175257][ T388] ? idr_get_next_ul+0x32a/0x3f0 [ 310.180026][ T388] ? tcf_idrinfo_destroy+0xe2/0x280 [ 310.185058][ T388] __kasan_report+0xe9/0x120 [ 310.189484][ T388] ? tcf_idrinfo_destroy+0xe2/0x280 [ 310.194521][ T388] kasan_report+0x30/0x60 [ 310.198687][ T388] check_memory_region+0x272/0x280 [ 310.203636][ T388] tcf_idrinfo_destroy+0xe2/0x280 [ 310.208498][ T388] ? tcf_idr_check_alloc+0x370/0x370 [ 310.213616][ T388] ? netdev_refcnt_read+0x1c0/0x1c0 [ 310.218646][ T388] ? gact_exit_net+0xef/0x140 [ 310.223162][ T388] police_exit_net+0xd7/0x140 [ 310.227670][ T388] ? police_init_net+0x1c0/0x1c0 [ 310.232445][ T388] cleanup_net+0x6e2/0xc90 [ 310.236700][ T388] ? ops_init+0x4a0/0x4a0 [ 310.240875][ T388] ? read_word_at_a_time+0xe/0x20 [ 310.245723][ T388] ? strscpy+0x89/0x220 [ 310.249717][ T388] process_one_work+0x765/0xd20 [ 310.254409][ T388] worker_thread+0xaef/0x1470 [ 310.258933][ T388] kthread+0x2da/0x360 [ 310.262823][ T388] ? worker_clr_flags+0x170/0x170 [ 310.267681][ T388] ? kthread_blkcg+0xd0/0xd0 [ 310.272125][ T388] ret_from_fork+0x1f/0x30 [ 310.276360][ T388] ================================================================== [ 310.284256][ T388] Disabling lock debugging due to kernel taint [ 310.294445][ T9960] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold, [ 310.294989][ T388] kasan: CONFIG_KASAN_INLINE enabled [ 310.314196][ T1963] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 310.319636][ T388] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 310.328795][ T1963] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.343447][ T388] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 310.343924][ T1963] usb 1-1: Product: syz [ 310.350190][ T388] CPU: 0 PID: 388 Comm: kworker/u4:3 Tainted: G B W 5.4.276-syzkaller-00021-g58de09405d1e #0 [ 310.350195][ T388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 310.350208][ T388] Workqueue: netns cleanup_net [ 310.350223][ T388] RIP: 0010:tcf_idrinfo_destroy+0xe9/0x280 [ 310.350233][ T388] Code: ee e8 9b 9b b6 00 48 85 c0 0f 84 54 01 00 00 49 89 c6 48 8d 58 20 48 89 df be 04 00 00 00 e8 6e 55 00 fe 48 89 d8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 f5 00 00 00 8b 1b 31 ff 89 de e8 bf 9f [ 310.350239][ T388] RSP: 0018:ffff8881f0f4fb60 EFLAGS: 00010202 [ 310.350248][ T388] RAX: 0000000000000002 RBX: 0000000000000010 RCX: ffff8881f31e8fc0 [ 310.350254][ T388] RDX: 0000000000000000 RSI: 000000000000000d RDI: 00000000ffffffff [ 310.350262][ T388] RBP: ffff8881f0f4fc30 R08: ffffffff813ae585 R09: 0000000000000003 [ 310.350270][ T388] R10: ffffffffffffffff R11: dffffc0000000001 R12: 1ffff1103e1e9f78 [ 310.350278][ T388] R13: ffff8881f0f4fbc0 R14: fffffffffffffff0 R15: dffffc0000000000 [ 310.350286][ T388] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 310.350293][ T388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 310.350300][ T388] CR2: 0000001b32f13ff8 CR3: 00000001e606f000 CR4: 00000000003406b0 [ 310.350309][ T388] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 310.350315][ T388] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 310.350317][ T388] Call Trace: [ 310.350339][ T388] ? __die+0xb4/0x100 [ 310.378255][ T1963] usb 1-1: Manufacturer: syz [ 310.379881][ T388] ? die+0x26/0x50 [ 310.379897][ T388] ? do_general_protection+0x266/0x3c0 [ 310.385587][ T1963] usb 1-1: SerialNumber: syz [ 310.404961][ T388] ? ___preempt_schedule+0x16/0x20 [ 310.404970][ T388] ? do_trap+0x340/0x340 [ 310.404979][ T388] ? check_panic_on_warn+0x5e/0xa0 [ 310.404989][ T388] ? tcf_idrinfo_destroy+0xe2/0x280 [ 310.404999][ T388] ? general_protection+0x28/0x30 [ 310.405014][ T388] ? check_panic_on_warn+0x55/0xa0 [ 310.542146][ T388] ? tcf_idrinfo_destroy+0xe9/0x280 [ 310.547156][ T388] ? tcf_idr_check_alloc+0x370/0x370 [ 310.552276][ T388] ? netdev_refcnt_read+0x1c0/0x1c0 [ 310.557308][ T388] ? gact_exit_net+0xef/0x140 [ 310.561824][ T388] police_exit_net+0xd7/0x140 [ 310.566335][ T388] ? police_init_net+0x1c0/0x1c0 [ 310.571109][ T388] cleanup_net+0x6e2/0xc90 [ 310.575365][ T388] ? ops_init+0x4a0/0x4a0 [ 310.579530][ T388] ? read_word_at_a_time+0xe/0x20 [ 310.584400][ T388] ? strscpy+0x89/0x220 [ 310.588383][ T388] process_one_work+0x765/0xd20 [ 310.593068][ T388] worker_thread+0xaef/0x1470 [ 310.597585][ T388] kthread+0x2da/0x360 [ 310.601490][ T388] ? worker_clr_flags+0x170/0x170 [ 310.606346][ T388] ? kthread_blkcg+0xd0/0xd0 [ 310.610774][ T388] ret_from_fork+0x1f/0x30 [ 310.615119][ T388] Modules linked in: [ 310.623998][ T388] ---[ end trace 998b65da7a032ae9 ]--- [ 310.630714][ T388] RIP: 0010:tcf_idrinfo_destroy+0xe9/0x280 [ 310.636446][ T388] Code: ee e8 9b 9b b6 00 48 85 c0 0f 84 54 01 00 00 49 89 c6 48 8d 58 20 48 89 df be 04 00 00 00 e8 6e 55 00 fe 48 89 d8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 f5 00 00 00 8b 1b 31 ff 89 de e8 bf 9f [ 310.641409][ T9965] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=continue,,errors=continue [ 310.658387][ T9877] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 34: comm syz-executor: path /0/file0/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1025, size=2048 fake=0 [ 310.674708][ T9965] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038 (0x7fffffff) [ 310.689829][ T388] RSP: 0018:ffff8881f0f4fb60 EFLAGS: 00010202 [ 310.705512][ T388] RAX: 0000000000000002 RBX: 0000000000000010 RCX: ffff8881f31e8fc0 [ 310.713513][ T9877] EXT4-fs (loop4): Remounting filesystem read-only [ 310.719366][ T388] RDX: 0000000000000000 RSI: 000000000000000d RDI: 00000000ffffffff [ 310.720606][ T9877] EXT4-fs error (device loop4): ext4_lookup:1814: inode #14: comm syz-executor: iget: bad extra_isize 1056 (inode size 256) [ 310.728101][ T388] RBP: ffff8881f0f4fc30 R08: ffffffff813ae585 R09: 0000000000000003 [ 310.745048][ T9877] EXT4-fs error (device loop4): ext4_lookup:1814: inode #14: comm syz-executor: iget: bad extra_isize 1056 (inode size 256) [ 310.748257][ T388] R10: ffffffffffffffff R11: dffffc0000000001 R12: 1ffff1103e1e9f78 [ 310.748266][ T388] R13: ffff8881f0f4fbc0 R14: fffffffffffffff0 R15: dffffc0000000000 [ 310.748275][ T388] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 310.748281][ T388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 310.748288][ T388] CR2: 0000001b2f31bff8 CR3: 00000001edbb6000 CR4: 00000000003406a0 [ 310.748296][ T388] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 310.748302][ T388] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 310.748312][ T388] Kernel panic - not syncing: Fatal exception [ 310.821438][ T388] Kernel Offset: disabled [ 310.825565][ T388] Rebooting in 86400 seconds..