last executing test programs: 13.877954906s ago: executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) write$binfmt_aout(r0, &(0x7f0000000140)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) r2 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)) r3 = dup3(r1, r0, 0x0) ioctl$TCXONC(r3, 0x540a, 0x3) 13.627593185s ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100020,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) umount2(&(0x7f0000000080)='./file0\x00', 0x0) 13.601945039s ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r3, 0x400, 0x0) fsetxattr$trusted_overlay_redirect(r3, &(0x7f0000000040), 0x0, 0x0, 0x0) 13.547738927s ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10) msync(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) 13.505923744s ago: executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/netlink\x00') read$msr(r0, &(0x7f0000000040)=""/59, 0xffb5) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xc8}}, 0x0) preadv(r0, &(0x7f0000000680)=[{&(0x7f0000000000)=""/31, 0x1f}], 0x1, 0x0, 0x0) read$msr(r0, &(0x7f0000000080)=""/202, 0xca) 13.462754011s ago: executing program 3: ptrace(0x10, 0x1) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$getenv(0x4205, r1, 0x202, &(0x7f0000000000)) 11.699981005s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r1}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) sendmsg$unix(r2, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x0) 11.690304207s ago: executing program 1: capset(&(0x7f0000000200)={0x19980330}, &(0x7f0000000040)) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDDELIO(r0, 0x4b35, 0x3c7) 11.684176908s ago: executing program 1: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, 0x0, 0x0}, 0x90) socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, 0x0}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00'}) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x18, r5, 0x1, 0x0, 0x0, {0x14}, [@HEADER={0x4}]}, 0x18}}, 0x0) 10.779117559s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}}) 10.712646739s ago: executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0)) r3 = fcntl$dupfd(r0, 0x0, r0) ioctl$TCFLSH(r3, 0x400455c8, 0x0) 1.352307879s ago: executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x40000000) setsockopt$sock_attach_bpf(r0, 0x1, 0x2c, &(0x7f0000000000), 0x4) 545.756865ms ago: executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x12, 0x4, 0x4, 0x8}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) close(r3) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000180)=[0x0, 0x0], 0x0, 0x8, &(0x7f00000001c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000200), &(0x7f0000000240), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000280)}}, 0x10) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x2, 0x3, &(0x7f0000000b80)=ANY=[@ANYBLOB="02000000074184d192c89f72a8004ca5eb567459b9b31a00ffa34889e4d785ed46e86c6516081a415e6ef5c3e33157baffd7a4e5e8194007f2801cba5ac953a7b8b12cbec11660ebfc97ef9026d3f7238fa8fb359ab4fe9f9b0004000000100000658f211cbd090f3dc6f9dc2cd5f26941efcfdbeee381d6a4736543271c9fb8d158636990940a7f2652818b401cafb0af582ad10a8aea86d410a62e9f77cf03f90b488814bc6b087af6bd46b2b5f25c1753f441f71b9d5754d37e09f3633ad03126d1e48ec0bf001d95eb5ebb2574c8b5d122131081bca64f17cb13bce6eece4a1f9100d4315355b7f301a1ba756836ca0a8ef2dfe258200daf1d6777347661bd33eebf6dcf849cd3902b1050142d6bef8acec585e21cfd17d8ae01ab0fca526a55c85c977fae772febda7af41cf8c1d8e0348f930e575e166fbe9114068c80c6c7f90360bf36458440e42d277378c13878386488dc3fa7467ed34af9c6c6598d47eac8421f712209f92670643741178799c0fcb39d79166619af43eb4e901297ae06000000000000006687808d66816df51024f9fca10df1638080306d84196977fda05f9ef747ac2c7993271f6077d63c8516bf870dfc48ea041b4055ebfcd67f556d058f55b52c13f7481c05000000004ceff48d2158374a8cc71a59840331be4a66e13019919d93ae2478aca8066ff5ab04dbc1303e58694bf5901b477d39cebe7b16827310796e5d0e6bd5725eb1ee78d17a4baf35b58724c7343905a8a215d35175b2a5c831f41eb177f6a3486f2958b4"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r6, 0xfffffffffffffee2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_tracing={0x1a, 0x1, &(0x7f0000000880)=ANY=[@ANYBLOB="38b10000c6ffff1a20a7764fb028a9e7a25e76bdb938a358507cf9b494dde04f45a8d3e648d3eae7c4ebdb6bf32d2fbc1fbe3ff0fb27f83708000000776a71a407783864883ac28d127e116d7ac1908537f3c26e7a79384026d7348ff1363be03856cd0500164f3cd6058d0b01c906c3ad01000000f995a9438256df8bdcaf553dcf300d57120687b73ac88950dfea81417dc5db303f2c70721b9f4769afe73d7169e1b0ada035b951096f1a0075283e99623a22b511eaeb1cae06e88bc1ea39db4194b9bb6786bb350480140bc895357f3f5e5ccb3e03ba31939be1efc0b1556b7e"], &(0x7f0000000380)='syzkaller\x00', 0xfff, 0x40, &(0x7f0000000440)=""/64, 0x40f00, 0x1, '\x00', r7, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000000600)={0x3, 0x0, 0x3867, 0xfffff31f}, 0x10, 0x15297, r6, 0x0, &(0x7f0000000640)=[0xffffffffffffffff]}, 0x80) bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@bloom_filter={0x1e, 0x8, 0x7fffffff, 0xaf4b, 0x1000, 0x1, 0x6, '\x00', r7, 0xffffffffffffffff, 0x4, 0x0, 0x5, 0x5}, 0x48) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) ioctl$SIOCSIFHWADDR(r8, 0x40086607, &(0x7f0000000540)={'\x00', @link_local}) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) ioctl$SIOCSIFHWADDR(r9, 0x40086607, &(0x7f0000000540)={'\x00', @link_local}) r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuset.effective_cpus\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1a, 0x6, &(0x7f0000000a00)=@raw=[@generic={0x3, 0x8, 0x9, 0x401}, @call={0x85, 0x0, 0x0, 0x2a}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x1}, @map_fd={0x18, 0x6}], &(0x7f0000000a40)='GPL\x00', 0x8, 0xa2, &(0x7f0000000a80)=""/162, 0x41000, 0x8, '\x00', 0x0, 0x20, r9, 0x8, &(0x7f0000000dc0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000e00)={0x5, 0xc, 0x4, 0x9}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000e40)=[r2, 0xffffffffffffffff]}, 0x80) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) ioctl$SIOCSIFHWADDR(r11, 0x40086607, &(0x7f0000000540)={'\x00', @link_local}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="18380000010000000000000000000000222a400900ffffff"], &(0x7f00000004c0)='syzkaller\x00', 0x1, 0x2d, &(0x7f0000000580)=""/45, 0x40f00, 0x2, '\x00', r7, 0x25, r8, 0x8, &(0x7f00000005c0)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000600)={0x3, 0xc, 0x2c00000, 0x101}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[r9, r10, r11]}, 0x80) ioctl$TUNSETVNETBE(r9, 0x400454de, &(0x7f0000000b40)) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@bloom_filter={0x1e, 0x6, 0x2, 0x7fff, 0x404, 0xffffffffffffffff, 0x401, '\x00', r4, 0xffffffffffffffff, 0x5, 0x5, 0x0, 0xf}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000001100)={r2, &(0x7f0000000100), &(0x7f0000000000)=""/95}, 0x20) recvmsg$unix(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x138}, 0x0) sendmsg$inet(r1, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0) 496.352093ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r1}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) 476.876086ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) accept$unix(0xffffffffffffffff, 0x0, 0x0) 457.606118ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r0, 0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pI4 \x00'}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, 0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x10) alarm(0x0) 437.495152ms ago: executing program 2: r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) r2 = dup3(r1, r0, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0) 428.602983ms ago: executing program 2: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000002000040257d15a44000010400010902"], 0x0) writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)='\b\x00\x00\x00', 0x4}, {0x0}], 0x2) 415.073555ms ago: executing program 0: socket$packet(0x11, 0x3, 0x300) r0 = socket$packet(0x11, 0x2, 0x300) bind$packet(r0, &(0x7f0000000140)={0x11, 0x4, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) syz_emit_ethernet(0x56, &(0x7f0000000340)=ANY=[], 0x0) 400.114157ms ago: executing program 1: r0 = open(&(0x7f0000000200)='./file0\x00', 0x145142, 0x0) ftruncate(r0, 0x2007ffc) sendfile(r0, r0, 0x0, 0x800000009) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x7, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f00000002c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x800c6613, &(0x7f0000000080)=@v1={0x0, @aes256, 0x0, @desc1}) 396.737478ms ago: executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_timeval(r0, 0x1, 0x2e, 0x0, &(0x7f0000000000)=0xfe71) 388.24553ms ago: executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r1) r2 = socket(0x1, 0x1, 0x0) ioctl$SIOCSIFMTU(r2, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00'}) 379.467091ms ago: executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x12, 0x4, 0x4, 0x8}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) close(r3) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000180)=[0x0, 0x0], 0x0, 0x8, &(0x7f00000001c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000200), &(0x7f0000000240), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000280)}}, 0x10) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x2, 0x3, &(0x7f0000000b80)=ANY=[@ANYBLOB="02000000074184d192c89f72a8004ca5eb567459b9b31a00ffa34889e4d785ed46e86c6516081a415e6ef5c3e33157baffd7a4e5e8194007f2801cba5ac953a7b8b12cbec11660ebfc97ef9026d3f7238fa8fb359ab4fe9f9b0004000000100000658f211cbd090f3dc6f9dc2cd5f26941efcfdbeee381d6a4736543271c9fb8d158636990940a7f2652818b401cafb0af582ad10a8aea86d410a62e9f77cf03f90b488814bc6b087af6bd46b2b5f25c1753f441f71b9d5754d37e09f3633ad03126d1e48ec0bf001d95eb5ebb2574c8b5d122131081bca64f17cb13bce6eece4a1f9100d4315355b7f301a1ba756836ca0a8ef2dfe258200daf1d6777347661bd33eebf6dcf849cd3902b1050142d6bef8acec585e21cfd17d8ae01ab0fca526a55c85c977fae772febda7af41cf8c1d8e0348f930e575e166fbe9114068c80c6c7f90360bf36458440e42d277378c13878386488dc3fa7467ed34af9c6c6598d47eac8421f712209f92670643741178799c0fcb39d79166619af43eb4e901297ae06000000000000006687808d66816df51024f9fca10df1638080306d84196977fda05f9ef747ac2c7993271f6077d63c8516bf870dfc48ea041b4055ebfcd67f556d058f55b52c13f7481c05000000004ceff48d2158374a8cc71a59840331be4a66e13019919d93ae2478aca8066ff5ab04dbc1303e58694bf5901b477d39cebe7b16827310796e5d0e6bd5725eb1ee78d17a4baf35b58724c7343905a8a215d35175b2a5c831f41eb177f6a3486f2958b4"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r6, 0xfffffffffffffee2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_tracing={0x1a, 0x1, &(0x7f0000000880)=ANY=[@ANYBLOB="38b10000c6ffff1a20a7764fb028a9e7a25e76bdb938a358507cf9b494dde04f45a8d3e648d3eae7c4ebdb6bf32d2fbc1fbe3ff0fb27f83708000000776a71a407783864883ac28d127e116d7ac1908537f3c26e7a79384026d7348ff1363be03856cd0500164f3cd6058d0b01c906c3ad01000000f995a9438256df8bdcaf553dcf300d57120687b73ac88950dfea81417dc5db303f2c70721b9f4769afe73d7169e1b0ada035b951096f1a0075283e99623a22b511eaeb1cae06e88bc1ea39db4194b9bb6786bb350480140bc895357f3f5e5ccb3e03ba31939be1efc0b1556b7e"], &(0x7f0000000380)='syzkaller\x00', 0xfff, 0x40, &(0x7f0000000440)=""/64, 0x40f00, 0x1, '\x00', r7, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000000600)={0x3, 0x0, 0x3867, 0xfffff31f}, 0x10, 0x15297, r6, 0x0, &(0x7f0000000640)=[0xffffffffffffffff]}, 0x80) bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@bloom_filter={0x1e, 0x8, 0x7fffffff, 0xaf4b, 0x1000, 0x1, 0x6, '\x00', r7, 0xffffffffffffffff, 0x4, 0x0, 0x5, 0x5}, 0x48) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) ioctl$SIOCSIFHWADDR(r8, 0x40086607, &(0x7f0000000540)={'\x00', @link_local}) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) ioctl$SIOCSIFHWADDR(r9, 0x40086607, &(0x7f0000000540)={'\x00', @link_local}) r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuset.effective_cpus\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1a, 0x6, &(0x7f0000000a00)=@raw=[@generic={0x3, 0x8, 0x9, 0x401}, @call={0x85, 0x0, 0x0, 0x2a}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x1}, @map_fd={0x18, 0x6}], &(0x7f0000000a40)='GPL\x00', 0x8, 0xa2, &(0x7f0000000a80)=""/162, 0x41000, 0x8, '\x00', 0x0, 0x20, r9, 0x8, &(0x7f0000000dc0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000e00)={0x5, 0xc, 0x4, 0x9}, 0x10, r5, 0xffffffffffffffff, 0x0, &(0x7f0000000e40)=[r2, 0xffffffffffffffff]}, 0x80) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) ioctl$SIOCSIFHWADDR(r11, 0x40086607, &(0x7f0000000540)={'\x00', @link_local}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="18380000010000000000000000000000222a400900ffffff"], &(0x7f00000004c0)='syzkaller\x00', 0x1, 0x2d, &(0x7f0000000580)=""/45, 0x40f00, 0x2, '\x00', r7, 0x25, r8, 0x8, &(0x7f00000005c0)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000600)={0x3, 0xc, 0x2c00000, 0x101}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[r9, r10, r11]}, 0x80) ioctl$TUNSETVNETBE(r9, 0x400454de, &(0x7f0000000b40)) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@bloom_filter={0x1e, 0x6, 0x2, 0x7fff, 0x404, 0xffffffffffffffff, 0x401, '\x00', r4, 0xffffffffffffffff, 0x5, 0x5, 0x0, 0xf}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000001100)={r2, &(0x7f0000000100), &(0x7f0000000000)=""/95}, 0x20) recvmsg$unix(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x138}, 0x0) sendmsg$inet(r1, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0) 339.033957ms ago: executing program 4: creat(&(0x7f0000000080)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB, @ANYRESHEX, @ANYRESDEC]) 331.371228ms ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x15}, &(0x7f0000000300)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) read$FUSE(r2, &(0x7f0000000400)={0x2020}, 0x2020) 320.55991ms ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) accept$unix(0xffffffffffffffff, 0x0, 0x0) 265.610308ms ago: executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000850000009e00000095"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xad, &(0x7f00000003c0)=""/173}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='block_bio_remap\x00', r0}, 0x10) r1 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0) fallocate(r1, 0x0, 0x0, 0x7fff) ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0xc020660b, &(0x7f0000000280)={0x0, 0xffffffff000, 0x1, 0x0, 0x2}) 230.572314ms ago: executing program 4: r0 = socket(0x1e, 0x1, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x8a, &(0x7f0000000580), 0x4) 222.813285ms ago: executing program 4: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) 0s ago: executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x40000000) setsockopt$sock_attach_bpf(r0, 0x1, 0x2c, &(0x7f0000000000), 0x4) kernel console output (not intermixed with test programs): 0 descriptor?? [ 462.806218][ T345] hub 1-1:0.0: USB hub found [ 463.025827][ T345] hub 1-1:0.0: 1 port detected [ 463.370196][T20550] __nla_validate_parse: 5 callbacks suppressed [ 463.370213][T20550] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 463.548661][T20557] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 463.553962][T20559] loop3: detected capacity change from 0 to 16 [ 463.577156][T20559] erofs: Unknown parameter 'nouser_xatr' [ 463.735775][ T345] hub 1-1:0.0: activate --> -90 [ 463.905764][ T776] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 463.937731][ T30] audit: type=1326 audit(1718655191.700:41829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20577 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 463.964926][ T30] audit: type=1326 audit(1718655191.700:41830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20577 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 463.989949][ T30] audit: type=1326 audit(1718655191.700:41831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20577 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 464.024615][ T30] audit: type=1326 audit(1718655191.700:41832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20577 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 464.066155][ T30] audit: type=1326 audit(1718655191.700:41833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20577 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 464.091926][ T30] audit: type=1326 audit(1718655191.700:41834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20577 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 464.116258][ T30] audit: type=1326 audit(1718655191.700:41835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20577 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 464.185759][ T776] usb 4-1: Using ep0 maxpacket: 32 [ 464.465816][ T776] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 464.475797][ T776] usb 4-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0 [ 464.484603][ T776] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.493086][ T776] usb 4-1: config 0 descriptor?? [ 464.517896][ T30] audit: type=1326 audit(1718655192.280:41836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20608 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4447074f29 code=0x7ffc0000 [ 464.542205][ T776] usb 4-1: bad CDC descriptors [ 464.592142][T20619] syz-executor.2[20619] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 464.592226][T20619] syz-executor.2[20619] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 464.656474][ T692] usb 1-1: USB disconnect, device number 41 [ 464.677410][ T345] usb 1-1-port1: cannot disable (err = -71) [ 464.744291][ T345] usb 4-1: USB disconnect, device number 27 [ 465.177883][T20642] syz-executor.0[20642] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 465.177937][T20642] syz-executor.0[20642] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 466.131862][T20715] loop3: detected capacity change from 0 to 512 [ 466.196688][T20715] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 466.203809][T20715] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 466.215489][T20715] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz-executor.3: bg 0: block 5: invalid block bitmap [ 466.228362][T20715] EXT4-fs (loop3): 1 truncate cleaned up [ 466.233848][T20715] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,bsddf,debug_want_extra_isize=0x0000000000000068,nomblk_io_submit,grpjquota=,noload,,errors=continue. Quota mode: none. [ 466.256093][ T30] kauditd_printk_skb: 47 callbacks suppressed [ 466.256107][ T30] audit: type=1400 audit(1718655194.020:41884): avc: denied { mounton } for pid=20714 comm="syz-executor.3" path="/root/syzkaller-testdir2818261719/syzkaller.PDPQu6/207/file1/file0/bus" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 466.291873][T18628] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #2: block 13: comm syz-executor.3: lblock 0 mapped to illegal pblock 13 (length 1) [ 466.306756][T18628] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 466.316139][T18628] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #2: comm syz-executor.3: mark_inode_dirty error [ 466.475835][T20719] bridge0: port 1(bridge_slave_0) entered blocking state [ 466.482695][T20719] bridge0: port 1(bridge_slave_0) entered disabled state [ 466.490040][T20719] device bridge_slave_0 entered promiscuous mode [ 466.497229][T20719] bridge0: port 2(bridge_slave_1) entered blocking state [ 466.504064][T20719] bridge0: port 2(bridge_slave_1) entered disabled state [ 466.511284][T20719] device bridge_slave_1 entered promiscuous mode [ 466.559353][T20719] bridge0: port 2(bridge_slave_1) entered blocking state [ 466.566215][T20719] bridge0: port 2(bridge_slave_1) entered forwarding state [ 466.573310][T20719] bridge0: port 1(bridge_slave_0) entered blocking state [ 466.580097][T20719] bridge0: port 1(bridge_slave_0) entered forwarding state [ 466.607226][ T771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 466.646619][ T771] bridge0: port 1(bridge_slave_0) entered disabled state [ 466.655199][ T771] bridge0: port 2(bridge_slave_1) entered disabled state [ 466.677030][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 466.692063][ T776] bridge0: port 1(bridge_slave_0) entered blocking state [ 466.698954][ T776] bridge0: port 1(bridge_slave_0) entered forwarding state [ 466.706479][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 466.714661][ T776] bridge0: port 2(bridge_slave_1) entered blocking state [ 466.721526][ T776] bridge0: port 2(bridge_slave_1) entered forwarding state [ 466.741230][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 466.749427][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 466.758815][ T771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 466.770264][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 466.777992][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 466.785125][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 466.793376][T20719] device veth0_vlan entered promiscuous mode [ 466.805887][T20738] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 466.810572][T20719] device veth1_macvtap entered promiscuous mode [ 466.821726][T20738] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 466.833546][T20738] SELinux: security_context_str_to_sid(s) failed for (dev ?, type ?) errno=-22 [ 466.843228][ T771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 466.854453][T20738] SELinux: security_context_str_to_sid(s) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 466.869010][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 466.877219][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 466.902378][T20744] loop3: detected capacity change from 0 to 128 [ 466.946741][T11249] device bridge_slave_1 left promiscuous mode [ 466.952696][T11249] bridge0: port 2(bridge_slave_1) entered disabled state [ 466.959879][T11249] device bridge_slave_0 left promiscuous mode [ 466.965830][T11249] bridge0: port 1(bridge_slave_0) entered disabled state [ 467.057919][T20751] fscrypt (sda1, inode 1967): Mutually exclusive encryption flags (0x16) [ 467.185755][ T6] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 467.705826][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 467.715375][ T6] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice= 9.99 [ 467.724238][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.732494][ T6] usb 1-1: config 0 descriptor?? [ 468.095905][ T6] snd-usb-audio: probe of 1-1:0.0 failed with error -2 [ 468.103439][ T6] usb 1-1: USB disconnect, device number 42 [ 468.301730][T20782] bpf_get_probe_write_proto: 10 callbacks suppressed [ 468.301759][T20782] syz-executor.1[20782] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 468.325903][T20780] loop4: detected capacity change from 0 to 128 [ 468.359249][T20782] syz-executor.1[20782] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 468.440380][T20785] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 468.462704][T20785] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 468.552105][T20794] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 468.561608][T20794] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 468.573650][T20794] SELinux: security_context_str_to_sid(s) failed for (dev ?, type ?) errno=-22 [ 468.583411][T20794] SELinux: security_context_str_to_sid(s) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 468.618848][ T30] audit: type=1400 audit(1718655196.380:41885): avc: denied { create } for pid=20795 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=appletalk_socket permissive=1 [ 468.639807][ T30] audit: type=1400 audit(1718655196.380:41886): avc: denied { create } for pid=20795 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1 [ 468.660952][ T30] audit: type=1400 audit(1718655196.380:41887): avc: denied { bind } for pid=20795 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1 [ 468.710376][T20798] syz-executor.1[20798] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 468.710460][T20798] syz-executor.1[20798] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 469.103557][T20814] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 469.127558][T20814] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 469.150089][T20815] loop4: detected capacity change from 0 to 1024 [ 469.170493][T20815] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 469.177751][T20815] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 469.193205][T20815] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,errors=remount-ro,dioread_nolock,max_dir_size_kb=0x0000000000000009,nomblk_io_submit,data_err=abort,. Quota mode: writeback. [ 469.342579][T20832] loop4: detected capacity change from 0 to 512 [ 469.616631][T20832] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 469.625949][T20832] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 469.640063][T20832] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz-executor.4: bg 0: block 5: invalid block bitmap [ 469.656132][T20832] EXT4-fs (loop4): 1 truncate cleaned up [ 469.661618][T20832] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,bsddf,debug_want_extra_isize=0x0000000000000068,nomblk_io_submit,grpjquota=,noload,,errors=continue. Quota mode: none. [ 469.685825][ T692] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 469.706142][T18205] EXT4-fs error (device loop4): ext4_map_blocks:602: inode #2: block 13: comm syz-executor.4: lblock 0 mapped to illegal pblock 13 (length 1) [ 469.721221][T18205] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 469.730626][T18205] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #2: comm syz-executor.4: mark_inode_dirty error [ 469.767973][T20848] loop1: detected capacity change from 0 to 40427 [ 469.917620][T20853] bridge0: port 1(bridge_slave_0) entered blocking state [ 469.924525][T20853] bridge0: port 1(bridge_slave_0) entered disabled state [ 469.931396][ T6] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 469.939572][T20853] device bridge_slave_0 entered promiscuous mode [ 469.954108][T20853] bridge0: port 2(bridge_slave_1) entered blocking state [ 469.961155][T20853] bridge0: port 2(bridge_slave_1) entered disabled state [ 469.968567][T20853] device bridge_slave_1 entered promiscuous mode [ 470.013812][T20853] bridge0: port 2(bridge_slave_1) entered blocking state [ 470.020847][T20853] bridge0: port 2(bridge_slave_1) entered forwarding state [ 470.027943][T20853] bridge0: port 1(bridge_slave_0) entered blocking state [ 470.034708][T20853] bridge0: port 1(bridge_slave_0) entered forwarding state [ 470.543315][T20858] loop1: detected capacity change from 0 to 256 [ 470.590479][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 470.598449][ T312] bridge0: port 1(bridge_slave_0) entered disabled state [ 470.605598][ T312] bridge0: port 2(bridge_slave_1) entered disabled state [ 470.612633][ T692] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 470.622800][ T692] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice= 9.99 [ 470.631881][ T692] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 470.631907][T20858] /dev/loop1: Can't open blockdev [ 470.645936][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 470.646467][ T692] usb 1-1: config 0 descriptor?? [ 470.657410][ T312] bridge0: port 1(bridge_slave_0) entered blocking state [ 470.665383][ T312] bridge0: port 1(bridge_slave_0) entered forwarding state [ 470.672690][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 470.682305][ T312] bridge0: port 2(bridge_slave_1) entered blocking state [ 470.689197][ T312] bridge0: port 2(bridge_slave_1) entered forwarding state [ 470.696510][ T6] usb 3-1: Using ep0 maxpacket: 8 [ 470.701540][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 470.709671][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 470.732190][ T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 470.745088][T20853] device veth0_vlan entered promiscuous mode [ 470.752725][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 470.760765][T20873] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 470.760880][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 470.776098][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 470.792016][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 470.813583][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 470.831205][T20853] device veth1_macvtap entered promiscuous mode [ 470.843002][ T6] usb 3-1: config 135 has an invalid interface number: 230 but max is 0 [ 470.851658][ T6] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 470.862698][T20880] SELinux: Context system_u: is not valid (left unmapped). [ 470.870893][ T771] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 470.875726][ T6] usb 3-1: config 135 has no interface number 0 [ 470.884170][ T6] usb 3-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 470.884617][ T771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 470.905094][ T30] audit: type=1400 audit(1718655198.660:41888): avc: denied { relabelto } for pid=20879 comm="syz-executor.3" name="" dev="pipefs" ino=110710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:" [ 470.936869][ T771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 470.945436][ T771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 470.953789][ T771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 471.013908][T20897] syz-executor.4[20897] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 471.013986][T20897] syz-executor.4[20897] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 471.045943][ T692] snd-usb-audio: probe of 1-1:0.0 failed with error -2 [ 471.065880][ T6] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 471.077623][ T692] usb 1-1: USB disconnect, device number 43 [ 471.091183][ T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 471.102299][ T6] usb 3-1: Product: syz [ 471.106336][ T6] usb 3-1: Manufacturer: syz [ 471.110771][ T6] usb 3-1: SerialNumber: syz [ 471.126916][ T10] device bridge_slave_1 left promiscuous mode [ 471.132866][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 471.140363][ T10] device bridge_slave_0 left promiscuous mode [ 471.146404][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 471.156662][ T6] usb 3-1: Found UVC 0.00 device syz (18ec:3288) [ 471.162856][ T6] usb 3-1: No valid video chain found. [ 471.171639][ T10] device veth1_macvtap left promiscuous mode [ 471.178089][ T10] device veth0_vlan left promiscuous mode [ 471.185210][T20915] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 471.360793][ T6] usb 3-1: USB disconnect, device number 43 [ 471.370562][T20925] device syzkaller0 entered promiscuous mode [ 471.709200][T20955] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 471.724034][T20954] device syzkaller0 entered promiscuous mode [ 471.780220][ T30] audit: type=1326 audit(1718655199.540:41889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 471.811593][ T30] audit: type=1326 audit(1718655199.540:41890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 471.835626][ T30] audit: type=1326 audit(1718655199.540:41891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 471.840216][T20963] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 471.859966][ T30] audit: type=1326 audit(1718655199.540:41892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 471.893597][ T30] audit: type=1326 audit(1718655199.540:41893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 471.925874][ T30] audit: type=1326 audit(1718655199.540:41894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 471.952523][ T30] audit: type=1326 audit(1718655199.570:41895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 471.979433][ T30] audit: type=1326 audit(1718655199.570:41896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 472.011349][ T30] audit: type=1326 audit(1718655199.570:41897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 472.039281][ T30] audit: type=1326 audit(1718655199.570:41898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20956 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 472.069155][T20978] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 472.395754][ T345] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 472.415846][ T6] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 472.465726][ T776] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 472.635761][ T345] usb 5-1: Using ep0 maxpacket: 8 [ 472.705738][ T776] usb 2-1: Using ep0 maxpacket: 8 [ 472.724128][T21005] loop0: detected capacity change from 0 to 8192 [ 472.755940][ T345] usb 5-1: config 135 has an invalid interface number: 230 but max is 0 [ 472.764223][ T345] usb 5-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 472.774204][ T345] usb 5-1: config 135 has no interface number 0 [ 472.780326][ T6] usb 4-1: config 0 interface 0 altsetting 3 endpoint 0x1 has invalid wMaxPacketSize 0 [ 472.789831][ T345] usb 5-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 472.802867][ T6] usb 4-1: config 0 interface 0 has no altsetting 0 [ 472.825838][ T776] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 472.900475][T21012] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 472.916581][ T776] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 472.925510][ T776] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 472.933545][ T776] usb 2-1: SerialNumber: syz [ 472.965826][ T6] usb 4-1: New USB device found, idVendor=045e, idProduct=0438, bcdDevice=7e.c7 [ 472.974774][ T345] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 472.984099][ T776] usb 2-1: bad CDC descriptors [ 472.989724][ T345] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 472.997577][ T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 473.005377][ T6] usb 4-1: Product: syz [ 473.009375][ T6] usb 4-1: Manufacturer: syz [ 473.013755][ T6] usb 4-1: SerialNumber: syz [ 473.018251][ T345] usb 5-1: Product: syz [ 473.022175][ T345] usb 5-1: Manufacturer: syz [ 473.026649][ T345] usb 5-1: SerialNumber: syz [ 473.041464][ T6] usb 4-1: config 0 descriptor?? [ 473.076482][ T345] usb 5-1: Found UVC 0.00 device syz (18ec:3288) [ 473.083553][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 473.085097][ T345] usb 5-1: No valid video chain found. [ 473.313451][ T692] usb 2-1: USB disconnect, device number 36 [ 473.373012][ T345] usb 5-1: USB disconnect, device number 37 [ 473.638542][T21041] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 473.869659][ T20] usb 4-1: USB disconnect, device number 28 [ 474.038150][T21084] geneve1: tun_chr_ioctl cmd 1074025692 [ 474.079751][T21083] bridge0: port 1(bridge_slave_0) entered blocking state [ 474.086861][T21083] bridge0: port 1(bridge_slave_0) entered disabled state [ 474.094003][T21083] device bridge_slave_0 entered promiscuous mode [ 474.108704][T21083] bridge0: port 2(bridge_slave_1) entered blocking state [ 474.115559][T21083] bridge0: port 2(bridge_slave_1) entered disabled state [ 474.136180][T21083] device bridge_slave_1 entered promiscuous mode [ 474.221139][T21083] bridge0: port 2(bridge_slave_1) entered blocking state [ 474.228051][T21083] bridge0: port 2(bridge_slave_1) entered forwarding state [ 474.235116][T21083] bridge0: port 1(bridge_slave_0) entered blocking state [ 474.241903][T21083] bridge0: port 1(bridge_slave_0) entered forwarding state [ 474.249205][ T776] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 474.267911][T21094] loop1: detected capacity change from 0 to 40427 [ 474.278620][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 474.286531][ T6] bridge0: port 1(bridge_slave_0) entered disabled state [ 474.293637][ T6] bridge0: port 2(bridge_slave_1) entered disabled state [ 474.303594][ T692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 474.311682][ T692] bridge0: port 1(bridge_slave_0) entered blocking state [ 474.318528][ T692] bridge0: port 1(bridge_slave_0) entered forwarding state [ 474.332743][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 474.340685][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 474.347530][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 474.354680][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 474.362671][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 474.385889][ T692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 474.399217][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 474.407207][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 474.414516][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 474.423081][T21083] device veth0_vlan entered promiscuous mode [ 474.471323][T21083] device veth1_macvtap entered promiscuous mode [ 474.478624][ T692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 474.490005][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 474.503712][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 474.635660][ T10] device bridge_slave_1 left promiscuous mode [ 474.650340][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 474.693118][ T10] device bridge_slave_0 left promiscuous mode [ 474.722803][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 474.746354][ T10] device veth1_macvtap left promiscuous mode [ 474.752224][ T10] device veth0_vlan left promiscuous mode [ 474.788450][T21110] loop2: detected capacity change from 0 to 128 [ 474.798666][T21110] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 474.815871][ T692] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 474.815963][ T776] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 474.838589][ T776] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 474.848193][ T776] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 474.857053][ T776] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 474.865639][ T776] usb 1-1: config 0 descriptor?? [ 474.900809][ T7536] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 475.205963][ T692] usb 5-1: config 0 interface 0 altsetting 3 endpoint 0x1 has invalid wMaxPacketSize 0 [ 475.215743][ T692] usb 5-1: config 0 interface 0 has no altsetting 0 [ 475.253844][T21121] loop1: detected capacity change from 0 to 256 [ 475.260030][ T20] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 475.378462][T21121] loop1: detected capacity change from 0 to 256 [ 475.385811][ T692] usb 5-1: New USB device found, idVendor=045e, idProduct=0438, bcdDevice=7e.c7 [ 475.394697][ T692] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 475.402558][ T692] usb 5-1: Product: syz [ 475.406520][ T692] usb 5-1: Manufacturer: syz [ 475.410879][ T692] usb 5-1: SerialNumber: syz [ 475.415873][ T692] usb 5-1: config 0 descriptor?? [ 475.505752][ T20] usb 3-1: Using ep0 maxpacket: 8 [ 475.625967][ T20] usb 3-1: config 135 has an invalid interface number: 230 but max is 0 [ 475.634210][ T20] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 475.644348][ T20] usb 3-1: config 135 has no interface number 0 [ 475.650380][ T20] usb 3-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 475.815827][ T20] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 475.824715][ T20] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 475.832543][ T20] usb 3-1: Product: syz [ 475.836524][ T20] usb 3-1: Manufacturer: syz [ 475.840894][ T20] usb 3-1: SerialNumber: syz [ 476.065807][ T776] uclogic 0003:256C:006D.0057: interface is invalid, ignoring [ 476.081444][T21131] loop3: detected capacity change from 0 to 512 [ 476.125856][ T20] usb 3-1: Found UVC 0.00 device syz (18ec:3288) [ 476.128225][T21131] EXT4-fs (loop3): 1 orphan inode deleted [ 476.132060][ T20] usb 3-1: No valid video chain found. [ 476.137661][T21131] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 476.143884][ T20] usb 3-1: USB disconnect, device number 44 [ 476.166118][ T692] usb 5-1: USB disconnect, device number 38 [ 476.169962][T21131] ext4 filesystem being mounted at /root/syzkaller-testdir3907000953/syzkaller.keC2Z0/47/file1 supports timestamps until 2038 (0x7fffffff) [ 476.288943][ T39] usb 1-1: USB disconnect, device number 44 [ 476.408227][T21147] loop1: detected capacity change from 0 to 512 [ 476.466253][T21157] incfs: Options parsing error. -22 [ 476.471369][T21157] incfs: mount failed -22 [ 476.485180][T21163] 9pnet: p9_errstr2errno: server reported unknown error @íÎhQI¸¥Šte [ 476.555444][T21167] loop3: detected capacity change from 0 to 8192 [ 476.562581][T21173] loop1: detected capacity change from 0 to 512 [ 476.587187][T21175] device syzkaller0 entered promiscuous mode [ 476.826659][T21192] incfs: Options parsing error. -22 [ 476.835128][T21192] incfs: mount failed -22 [ 476.849209][T21194] loop0: detected capacity change from 0 to 512 [ 476.879624][ T30] kauditd_printk_skb: 4482 callbacks suppressed [ 476.879640][ T30] audit: type=1400 audit(1718655204.640:46381): avc: denied { write } for pid=21197 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 476.908118][T21198] input: syz1 as /devices/virtual/input/input96 [ 477.143993][T21221] loop2: detected capacity change from 0 to 512 [ 477.196833][T21221] EXT4-fs (loop2): Mount option "nouser_xattr" will be removed by 3.5 [ 477.196833][T21221] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 477.196833][T21221] [ 477.221894][T21221] EXT4-fs (loop2): Test dummy encryption mode enabled [ 477.230748][T21224] 9pnet: p9_errstr2errno: server reported unknown error õ1 g;-‡~ [ 477.244472][T21221] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.2: inline data xattr refers to an external xattr inode [ 477.265753][ T39] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 477.276015][T21221] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz-executor.2: couldn't read orphan inode 12 (err -117) [ 477.288980][T21221] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,user_xattr,grpjquota=,resuid=0x0000000000000000,nouser_xattr,usrjquota=,usrjquota=,min_batch_time=0x000000000000409e,test_dummy_encryption,,errors=continue. Quota mode: none. [ 477.384336][T21233] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 477.464932][T21246] device syzkaller0 entered promiscuous mode [ 477.535734][ T39] usb 4-1: Using ep0 maxpacket: 8 [ 477.587954][T21252] loop1: detected capacity change from 0 to 256 [ 477.655893][ T39] usb 4-1: config 135 has an invalid interface number: 230 but max is 0 [ 477.664187][T21252] /dev/loop1: Can't open blockdev [ 477.669678][ T39] usb 4-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 477.686677][ T39] usb 4-1: config 135 has no interface number 0 [ 477.700447][ T39] usb 4-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 477.739201][T21257] loop4: detected capacity change from 0 to 512 [ 477.797779][T21257] EXT4-fs (loop4): Mount option "nouser_xattr" will be removed by 3.5 [ 477.797779][T21257] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 477.797779][T21257] [ 477.833754][T21257] EXT4-fs (loop4): Test dummy encryption mode enabled [ 477.856576][T21257] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.4: inline data xattr refers to an external xattr inode [ 477.872099][T21257] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz-executor.4: couldn't read orphan inode 12 (err -117) [ 478.106229][ T39] usb 4-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 478.115640][ T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 478.116763][T21257] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,user_xattr,grpjquota=,resuid=0x0000000000000000,nouser_xattr,usrjquota=,usrjquota=,min_batch_time=0x000000000000409e,test_dummy_encryption,,errors=continue. Quota mode: none. [ 478.155609][ T39] usb 4-1: Product: syz [ 478.166329][ T39] usb 4-1: Manufacturer: syz [ 478.176967][T21272] loop1: detected capacity change from 0 to 256 [ 478.183458][ T39] usb 4-1: SerialNumber: syz [ 478.250047][T21272] /dev/loop1: Can't open blockdev [ 478.333092][T21282] loop4: detected capacity change from 0 to 128 [ 478.371930][T21282] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 478.431616][T21293] 9pnet: p9_errstr2errno: server reported unknown error @íÎhQI¸¥Šte [ 478.482019][T21302] 9pnet: p9_errstr2errno: server reported unknown error õ1 g;-‡~ [ 478.485841][ T39] usb 4-1: Found UVC 0.00 device syz (18ec:3288) [ 478.496968][T11249] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 478.497327][ T39] usb 4-1: No valid video chain found. [ 478.513321][ T39] usb 4-1: USB disconnect, device number 29 [ 478.637706][T21318] syz-executor.0[21318] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 478.637783][T21318] syz-executor.0[21318] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 478.781705][T21314] loop1: detected capacity change from 0 to 40427 [ 478.830280][T21314] F2FS-fs (loop1): invalid crc value [ 478.835480][T21314] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 478.844708][T21314] F2FS-fs (loop1): Found nat_bits in checkpoint [ 478.878342][T21314] F2FS-fs (loop1): write access unavailable, skipping recovery [ 478.885842][T21314] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 479.085748][ T6] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 479.141199][ T30] audit: type=1326 audit(1718655206.900:46382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21345 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 479.165215][ T39] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 479.171202][ T30] audit: type=1326 audit(1718655206.900:46383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21345 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 479.196636][ T30] audit: type=1326 audit(1718655206.910:46384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21345 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 479.221053][ T30] audit: type=1326 audit(1718655206.910:46385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21345 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 479.245153][ T30] audit: type=1326 audit(1718655206.910:46386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21345 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 479.269420][ T30] audit: type=1326 audit(1718655206.910:46387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21345 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 479.293351][ T30] audit: type=1326 audit(1718655206.910:46388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21345 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 479.317545][ T30] audit: type=1326 audit(1718655206.910:46389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21345 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 479.341686][ T30] audit: type=1326 audit(1718655206.910:46390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21345 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 479.345756][ T331] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 479.365745][ T6] usb 1-1: Using ep0 maxpacket: 8 [ 479.415359][T21355] futex_wake_op: syz-executor.4 tries to shift op by -1; fix this program [ 479.445265][T21359] input: syz1 as /devices/virtual/input/input97 [ 479.495805][ T6] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 479.503894][ T6] usb 1-1: config 179 has no interface number 0 [ 479.510027][ T6] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 479.521051][ T6] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 479.532080][ T6] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 255, changing to 11 [ 479.543284][ T6] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 59391, setting to 1024 [ 479.554476][ T6] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 479.567685][ T6] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 479.576566][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 479.585839][ T39] usb 3-1: config 0 interface 0 altsetting 3 endpoint 0x1 has invalid wMaxPacketSize 0 [ 479.595416][ T39] usb 3-1: config 0 interface 0 has no altsetting 0 [ 479.595838][T21329] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 479.608698][T21329] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 479.616937][ T6] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input98 [ 479.655753][ T331] usb 4-1: Using ep0 maxpacket: 8 [ 479.765835][ T39] usb 3-1: New USB device found, idVendor=045e, idProduct=0438, bcdDevice=7e.c7 [ 479.774720][ T39] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 479.782494][ T39] usb 3-1: Product: syz [ 479.786550][ T331] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 479.796485][ T39] usb 3-1: Manufacturer: syz [ 479.800788][ T39] usb 3-1: SerialNumber: syz [ 479.805852][ T39] usb 3-1: config 0 descriptor?? [ 479.825956][ T771] usb 1-1: USB disconnect, device number 45 [ 479.836011][ T771] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 479.875928][ T331] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 479.884981][ T331] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 479.892713][ T331] usb 4-1: SerialNumber: syz [ 479.936582][ T331] usb 4-1: bad CDC descriptors [ 479.985756][ T692] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 480.141435][ T331] usb 4-1: USB disconnect, device number 30 [ 480.245752][ T692] usb 2-1: Using ep0 maxpacket: 16 [ 480.375820][ T692] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 480.560366][ T331] usb 3-1: USB disconnect, device number 45 [ 480.566308][ T692] usb 2-1: New USB device found, idVendor=0b49, idProduct=064f, bcdDevice=b9.e8 [ 480.578138][ T692] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 480.586052][ T692] usb 2-1: Product: syz [ 480.589987][ T692] usb 2-1: Manufacturer: syz [ 480.594416][ T692] usb 2-1: SerialNumber: syz [ 480.600049][ T692] usb 2-1: config 0 descriptor?? [ 480.682953][T21394] futex_wake_op: syz-executor.2 tries to shift op by -1; fix this program [ 480.808482][T21413] loop3: detected capacity change from 0 to 512 [ 480.839469][T21413] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz-executor.3: bad orphan inode 17 [ 480.847054][ T20] usb 2-1: USB disconnect, device number 37 [ 480.855497][T21413] ext4_test_bit(bit=16, block=4) = 1 [ 480.860839][T21413] is_bad_inode(inode)=0 [ 480.864847][T21413] NEXT_ORPHAN(inode)=0 [ 480.868808][T21413] max_ino=32 [ 480.871788][T21413] i_nlink=1 [ 480.874770][T21413] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 480.887537][T21413] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz-executor.3: bg 0: block 7: invalid block bitmap [ 480.923561][T21421] futex_wake_op: syz-executor.2 tries to shift op by -1; fix this program [ 481.021853][T21442] loop2: detected capacity change from 0 to 512 [ 481.060236][T21442] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz-executor.2: bad orphan inode 17 [ 481.080735][T21442] ext4_test_bit(bit=16, block=4) = 1 [ 481.088290][T21442] is_bad_inode(inode)=0 [ 481.092282][T21442] NEXT_ORPHAN(inode)=0 [ 481.100270][T21442] max_ino=32 [ 481.103866][T21442] i_nlink=1 [ 481.106932][T21442] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 481.121107][T21442] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz-executor.2: bg 0: block 7: invalid block bitmap [ 481.123387][T21435] loop0: detected capacity change from 0 to 40427 [ 481.171416][T21435] F2FS-fs (loop0): invalid crc value [ 481.182209][T21435] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 481.193008][T21435] F2FS-fs (loop0): Found nat_bits in checkpoint [ 481.224769][T21435] F2FS-fs (loop0): write access unavailable, skipping recovery [ 481.232859][T21435] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 481.369581][T21481] loop2: detected capacity change from 0 to 512 [ 481.456436][T21481] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz-executor.2: bad orphan inode 17 [ 481.486051][T21481] ext4_test_bit(bit=16, block=4) = 1 [ 481.759635][T21481] is_bad_inode(inode)=0 [ 481.764228][T21481] NEXT_ORPHAN(inode)=0 [ 481.768156][T21481] max_ino=32 [ 481.771188][T21481] i_nlink=1 [ 481.773569][T21495] netlink: 136 bytes leftover after parsing attributes in process `syz-executor.1'. [ 481.774160][T21481] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 481.816372][T21481] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz-executor.2: bg 0: block 7: invalid block bitmap [ 481.882989][T21501] loop0: detected capacity change from 0 to 40427 [ 481.948892][T21501] F2FS-fs (loop0): invalid crc value [ 481.954468][T21501] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 481.971666][T21501] F2FS-fs (loop0): Found nat_bits in checkpoint [ 482.013002][T21501] F2FS-fs (loop0): write access unavailable, skipping recovery [ 482.020883][T21501] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 482.109891][T21525] loop1: detected capacity change from 0 to 40427 [ 482.267031][ T20] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 482.395781][ T776] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 482.760791][ T30] kauditd_printk_skb: 12 callbacks suppressed [ 482.760807][ T30] audit: type=1400 audit(1718655210.520:46403): avc: denied { audit_read } for pid=21555 comm="syz-executor.4" capability=37 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 483.405803][ T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 483.421866][ T20] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 483.444319][ T776] usb 1-1: Using ep0 maxpacket: 8 [ 483.449247][ T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.457458][ T20] usb 3-1: config 0 descriptor?? [ 483.511372][T21578] loop1: detected capacity change from 0 to 256 [ 483.542920][T21586] loop3: detected capacity change from 0 to 2048 [ 483.565789][ T776] usb 1-1: config 135 has an invalid interface number: 230 but max is 0 [ 483.574073][ T776] usb 1-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 483.584282][ T776] usb 1-1: config 135 has no interface number 0 [ 483.585961][T21578] /dev/loop1: Can't open blockdev [ 483.595764][ T776] usb 1-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 483.611031][T21586] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 483.640334][T21586] syz-executor.3[21586] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 483.640397][T21586] syz-executor.3[21586] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 483.680399][T21588] loop4: detected capacity change from 0 to 40427 [ 483.707089][T21588] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 483.715612][T21588] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 483.725065][T21588] F2FS-fs (loop4): invalid crc value [ 483.734033][T21588] F2FS-fs (loop4): Found nat_bits in checkpoint [ 483.766014][ T776] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 483.774875][ T776] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 483.787695][ T776] usb 1-1: Product: syz [ 483.793046][ T776] usb 1-1: Manufacturer: syz [ 483.797522][ T776] usb 1-1: SerialNumber: syz [ 483.802142][T21588] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 483.809857][T21588] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 483.936800][ T20] keytouch 0003:0926:3333.0058: fixing up Keytouch IEC report descriptor [ 484.174684][T21621] attempt to access beyond end of device [ 484.174684][T21621] loop4: rw=2049, want=45104, limit=40427 [ 484.368632][ T20] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0058/input/input101 [ 484.385810][ T776] usb 1-1: Found UVC 0.00 device syz (18ec:3288) [ 484.392047][ T776] usb 1-1: No valid video chain found. [ 484.398529][ T776] usb 1-1: USB disconnect, device number 46 [ 484.420972][T21083] attempt to access beyond end of device [ 484.420972][T21083] loop4: rw=2049, want=45112, limit=40427 [ 484.447861][ T20] keytouch 0003:0926:3333.0058: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 484.636799][T21631] syz-executor.4[21631] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 484.636871][T21631] syz-executor.4[21631] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 484.682721][T21645] syz-executor.4[21645] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 484.694425][T21645] syz-executor.4[21645] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 484.835108][T21661] syz-executor.0[21661] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 484.846867][T21661] syz-executor.0[21661] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 484.876941][T21668] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 484.927969][T21674] loop4: detected capacity change from 0 to 256 [ 484.978779][T21674] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xba7df490, utbl_chksum : 0xe619d30d) [ 485.058948][T21684] syz-executor.4[21684] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 485.059026][T21684] syz-executor.4[21684] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 485.134766][ T771] usb 3-1: USB disconnect, device number 46 [ 485.156148][T21694] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 485.188945][T21702] loop0: detected capacity change from 0 to 256 [ 485.276584][T21702] /dev/loop0: Can't open blockdev [ 485.327034][T21709] syz-executor.0[21709] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 485.327094][T21709] syz-executor.0[21709] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 485.352843][T21711] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 485.380845][T21711] loop0: detected capacity change from 0 to 512 [ 485.535000][T21722] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 485.628653][T21737] input: syz0 as /devices/virtual/input/input102 [ 485.658378][T21739] loop1: detected capacity change from 0 to 2048 [ 485.744029][T21752] : renamed from veth0_vlan [ 485.810236][T21764] input: syz0 as /devices/virtual/input/input103 [ 485.970991][T21770] loop1: detected capacity change from 0 to 1024 [ 485.977771][ T20] usb 1-1: new high-speed USB device number 47 using dummy_hcd [ 486.215773][ T20] usb 1-1: Using ep0 maxpacket: 8 [ 486.235779][ T771] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 486.335932][ T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 486.346668][ T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 486.357125][ T20] usb 1-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00 [ 486.366044][ T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.374461][ T20] usb 1-1: config 0 descriptor?? [ 486.635853][ T771] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 486.647347][ T771] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 486.656251][ T771] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.664758][ T771] usb 3-1: config 0 descriptor?? [ 486.857076][ T20] uclogic 0003:5543:0004.0059: unknown main item tag 0x3 [ 486.864142][ T20] uclogic 0003:5543:0004.0059: No inputs registered, leaving [ 486.885821][ T20] uclogic 0003:5543:0004.0059: hidraw0: USB HID v0.00 Device [HID 5543:0004] on usb-dummy_hcd.0-1/input0 [ 487.057047][ T39] usb 1-1: USB disconnect, device number 47 [ 487.136469][ T771] keytouch 0003:0926:3333.005A: fixing up Keytouch IEC report descriptor [ 487.146128][ T771] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.005A/input/input104 [ 487.227613][ T771] keytouch 0003:0926:3333.005A: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 487.526891][ T30] audit: type=1326 audit(1718655215.290:46404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21812 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d0974f29 code=0x7ffc0000 [ 487.551914][ T30] audit: type=1326 audit(1718655215.290:46405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21812 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d0974f29 code=0x7ffc0000 [ 487.586573][ T30] audit: type=1326 audit(1718655215.290:46406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21812 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d0974f29 code=0x7ffc0000 [ 487.610966][ T30] audit: type=1326 audit(1718655215.310:46407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21812 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d0974f29 code=0x7ffc0000 [ 487.643858][ T30] audit: type=1326 audit(1718655215.320:46408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21812 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d0974f29 code=0x7ffc0000 [ 487.647268][T21817] overlayfs: failed to get inode (-116) [ 487.671928][ T30] audit: type=1326 audit(1718655215.320:46409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21812 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fb2d0974f29 code=0x7ffc0000 [ 487.697208][ T30] audit: type=1326 audit(1718655215.320:46410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21812 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d0974f29 code=0x7ffc0000 [ 487.697493][T21817] overlayfs: failed to get inode (-116) [ 487.721326][ T30] audit: type=1326 audit(1718655215.320:46411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21812 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d0974f29 code=0x7ffc0000 [ 487.721356][ T30] audit: type=1326 audit(1718655215.320:46412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21812 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d0974f29 code=0x7ffc0000 [ 487.847983][T21827] loop0: detected capacity change from 0 to 256 [ 487.855005][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 487.880578][T21827] /dev/loop0: Can't open blockdev [ 487.989656][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 488.180166][T21875] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 488.262268][ T771] usb 3-1: USB disconnect, device number 47 [ 488.805477][T21903] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 489.195734][ T771] usb 3-1: new high-speed USB device number 48 using dummy_hcd [ 489.253273][T21931] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 489.271591][T21933] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 489.377725][T21941] device syzkaller0 entered promiscuous mode [ 489.394871][T21946] loop1: detected capacity change from 0 to 256 [ 489.455950][T21946] /dev/loop1: Can't open blockdev [ 489.575868][ T771] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 489.586998][ T771] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 489.596032][ T771] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 489.604803][ T771] usb 3-1: config 0 descriptor?? [ 489.755711][ T20] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 489.825782][ T776] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 489.904554][T21965] loop0: detected capacity change from 0 to 256 [ 489.975739][T21965] /dev/loop0: Can't open blockdev [ 489.995750][ T20] usb 5-1: Using ep0 maxpacket: 32 [ 490.025206][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 490.065765][ T776] usb 2-1: Using ep0 maxpacket: 32 [ 490.096633][ T771] keytouch 0003:0926:3333.005B: fixing up Keytouch IEC report descriptor [ 490.105871][ T771] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.005B/input/input105 [ 490.116042][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 490.128096][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 490.137661][ T20] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 490.146587][ T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 490.154819][ T20] usb 5-1: config 0 descriptor?? [ 490.185828][ T776] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 490.187733][ T771] keytouch 0003:0926:3333.005B: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 490.199404][ T20] hub 5-1:0.0: USB hub found [ 490.365804][ T776] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 490.374720][ T776] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 490.382505][ T776] usb 2-1: Product: syz [ 490.386519][ T776] usb 2-1: Manufacturer: syz [ 490.390885][ T776] usb 2-1: SerialNumber: syz [ 490.405859][ T20] hub 5-1:0.0: 1 port detected [ 490.856625][ T776] usb 2-1: USB disconnect, device number 38 [ 490.934275][T21975] loop0: detected capacity change from 0 to 512 [ 491.075789][ T20] hub 5-1:0.0: activate --> -90 [ 491.141644][ T771] usb 3-1: USB disconnect, device number 48 [ 491.366780][ T30] kauditd_printk_skb: 93 callbacks suppressed [ 491.366796][ T30] audit: type=1326 audit(1718655219.130:46506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21988 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 491.396789][ T30] audit: type=1326 audit(1718655219.130:46507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21988 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 491.420772][ T30] audit: type=1326 audit(1718655219.130:46508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21988 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 491.444713][ T30] audit: type=1326 audit(1718655219.130:46509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21988 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 491.468694][ T30] audit: type=1326 audit(1718655219.130:46510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21988 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 491.492649][ T39] usb 1-1: new high-speed USB device number 48 using dummy_hcd [ 491.755854][ T39] usb 1-1: Using ep0 maxpacket: 32 [ 491.926294][ T771] usb 5-1: USB disconnect, device number 39 [ 491.945789][ T20] usb 5-1-port1: cannot disable (err = -71) [ 491.985793][ T692] usb 3-1: new high-speed USB device number 49 using dummy_hcd [ 492.035852][ T39] usb 1-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 492.044718][ T39] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 492.052622][ T39] usb 1-1: Product: syz [ 492.056539][ T39] usb 1-1: Manufacturer: syz [ 492.060929][ T39] usb 1-1: SerialNumber: syz [ 492.066004][ T39] usb 1-1: config 0 descriptor?? [ 492.106156][ T39] hub 1-1:0.0: bad descriptor, ignoring hub [ 492.111876][ T39] hub: probe of 1-1:0.0 failed with error -5 [ 492.345887][ T692] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 492.356618][ T692] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 492.366155][ T692] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 492.378748][ T692] usb 3-1: New USB device found, idVendor=056a, idProduct=0094, bcdDevice= 0.00 [ 492.387690][ T692] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.405977][ T692] usb 3-1: config 0 descriptor?? [ 492.416528][T22001] netem: unknown loss type 0 [ 492.421026][T22001] netem: change failed [ 492.499585][T22009] loop1: detected capacity change from 0 to 512 [ 492.527739][T22005] loop4: detected capacity change from 0 to 40427 [ 492.556480][T22005] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 492.563940][T22005] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 492.572930][T22005] F2FS-fs (loop4): invalid crc value [ 492.579473][T22005] F2FS-fs (loop4): Found nat_bits in checkpoint [ 492.601624][T22005] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 492.605765][ T39] usb 1-1: reset high-speed USB device number 48 using dummy_hcd [ 492.608671][T22005] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 492.807295][T22018] attempt to access beyond end of device [ 492.807295][T22018] loop4: rw=2049, want=45104, limit=40427 [ 492.893762][ T692] wacom 0003:056A:0094.005C: unknown main item tag 0x0 [ 492.901060][ T692] wacom 0003:056A:0094.005C: unknown main item tag 0x0 [ 492.908075][ T692] wacom 0003:056A:0094.005C: unknown main item tag 0x0 [ 492.914987][ T692] wacom 0003:056A:0094.005C: unknown main item tag 0x0 [ 492.921974][ T692] wacom 0003:056A:0094.005C: unknown main item tag 0x0 [ 492.928690][ T692] wacom 0003:056A:0094.005C: unknown main item tag 0x0 [ 492.935384][ T692] wacom 0003:056A:0094.005C: unknown main item tag 0x0 [ 492.942208][ T692] wacom 0003:056A:0094.005C: Using device in hidraw-only mode [ 492.950384][ T692] wacom 0003:056A:0094.005C: hidraw0: USB HID v0.00 Device [HID 056a:0094] on usb-dummy_hcd.2-1/input0 [ 493.090891][ T20] usb 3-1: USB disconnect, device number 49 [ 493.301372][T21083] attempt to access beyond end of device [ 493.301372][T21083] loop4: rw=2049, want=45112, limit=40427 [ 493.355946][ T692] usb 1-1: USB disconnect, device number 48 [ 493.815911][ T771] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 494.065763][ T771] usb 2-1: Using ep0 maxpacket: 16 [ 494.186583][ T771] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 494.206895][T22037] tipc: Failed to remove unknown binding: 66,1,1/0:1944001066/1944001068 [ 494.207724][ T771] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 494.215145][T22037] tipc: Failed to remove unknown binding: 66,1,1/0:1944001066/1944001068 [ 494.266757][ T771] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 494.275641][ T771] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.285878][ T771] usb 2-1: config 0 descriptor?? [ 494.515762][ T345] usb 1-1: new high-speed USB device number 49 using dummy_hcd [ 494.767228][ T771] microsoft 0003:045E:07DA.005D: No inputs registered, leaving [ 494.777769][ T771] microsoft 0003:045E:07DA.005D: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 494.789068][ T771] microsoft 0003:045E:07DA.005D: no inputs found [ 494.795140][ T771] microsoft 0003:045E:07DA.005D: could not initialize ff, continuing anyway [ 494.805755][ T345] usb 1-1: Using ep0 maxpacket: 8 [ 494.926312][ T345] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 494.937094][ T345] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 494.947040][ T345] usb 1-1: New USB device found, idVendor=056a, idProduct=0302, bcdDevice= 0.00 [ 494.955986][ T345] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.964421][ T345] usb 1-1: config 0 descriptor?? [ 495.028163][T22051] UDC core: couldn't find an available UDC or it's busy: -16 [ 495.035478][T22051] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 495.256531][ T776] usb 2-1: USB disconnect, device number 39 [ 495.661770][ T30] audit: type=1326 audit(1718655223.420:46511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22057 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4447074f29 code=0x7ffc0000 [ 495.710534][T22041] loop0: detected capacity change from 0 to 131072 [ 495.714009][ T30] audit: type=1326 audit(1718655223.420:46512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22057 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4447074f29 code=0x7ffc0000 [ 495.743699][ T30] audit: type=1326 audit(1718655223.450:46513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22057 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4447074f29 code=0x7ffc0000 [ 495.767927][ T30] audit: type=1326 audit(1718655223.450:46514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22057 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4447074f29 code=0x7ffc0000 [ 495.795342][ T30] audit: type=1326 audit(1718655223.450:46515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22057 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4447074f29 code=0x7ffc0000 [ 495.859763][T22065] tipc: Failed to remove unknown binding: 66,1,1/0:2125761144/2125761146 [ 495.882438][T22065] tipc: Failed to remove unknown binding: 66,1,1/0:2125761144/2125761146 [ 496.477802][T22077] loop2: detected capacity change from 0 to 40427 [ 496.496791][T22041] loop0: detected capacity change from 0 to 256 [ 496.519463][T22077] F2FS-fs (loop2): Found nat_bits in checkpoint [ 496.556132][T22077] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 496.569091][T22077] attempt to access beyond end of device [ 496.569091][T22077] loop2: rw=2049, want=53376, limit=40427 [ 496.590169][T15965] attempt to access beyond end of device [ 496.590169][T15965] loop2: rw=2049, want=45112, limit=40427 [ 496.708238][T22086] loop0: detected capacity change from 0 to 256 [ 496.888858][T22097] incfs: Can't find or create .index dir in ./file0 [ 496.904009][T22097] incfs: mount failed -14 [ 496.956474][T22103] tipc: Failed to remove unknown binding: 66,1,1/0:2658608509/2658608511 [ 496.965044][T22103] tipc: Failed to remove unknown binding: 66,1,1/0:2658608509/2658608511 [ 496.985881][T22105] loop1: detected capacity change from 0 to 128 [ 497.108762][T22105] loop1: detected capacity change from 0 to 256 [ 497.376109][T22105] /dev/loop1: Can't open blockdev [ 497.584265][T22125] incfs: Can't find or create .index dir in ./file0 [ 497.590889][T22125] incfs: mount failed -14 [ 497.622569][T22127] loop1: detected capacity change from 0 to 512 [ 497.728230][T22127] bpf_get_probe_write_proto: 2 callbacks suppressed [ 497.728247][T22127] syz-executor.1[22127] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 497.734837][T22127] syz-executor.1[22127] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 497.933927][T22139] loop2: detected capacity change from 0 to 128 [ 497.951661][ T345] usbhid 1-1:0.0: can't add hid device: -71 [ 497.964038][ T345] usbhid: probe of 1-1:0.0 failed with error -71 [ 497.979514][T22145] loop1: detected capacity change from 0 to 512 [ 497.991467][ T345] usb 1-1: USB disconnect, device number 49 [ 498.034092][T22151] device syzkaller0 entered promiscuous mode [ 498.046704][T22139] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 498.065840][T22139] ext4 filesystem being mounted at /root/syzkaller-testdir1748624034/syzkaller.QB7hl5/550/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 498.617882][T22183] loop0: detected capacity change from 0 to 512 [ 498.800227][T22189] device syzkaller0 entered promiscuous mode [ 498.894567][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 498.894584][ T30] audit: type=1326 audit(1718655226.650:46527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 498.937182][ T30] audit: type=1326 audit(1718655226.650:46528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 498.961195][ T30] audit: type=1326 audit(1718655226.650:46529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 498.994881][ T30] audit: type=1326 audit(1718655226.650:46530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 499.033087][ T30] audit: type=1326 audit(1718655226.650:46531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 499.058125][ T30] audit: type=1326 audit(1718655226.690:46532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 499.194359][T22206] loop0: detected capacity change from 0 to 128 [ 499.551191][T22216] device syzkaller0 entered promiscuous mode [ 500.055742][ T776] usb 1-1: new high-speed USB device number 50 using dummy_hcd [ 500.305790][ T776] usb 1-1: Using ep0 maxpacket: 32 [ 500.615868][ T776] usb 1-1: New USB device found, idVendor=0499, idProduct=1006, bcdDevice=15.0a [ 500.624772][ T776] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 500.633405][ T776] usb 1-1: Product: syz [ 500.637451][ T776] usb 1-1: Manufacturer: syz [ 500.641801][ T776] usb 1-1: SerialNumber: syz [ 500.647778][ T776] usb 1-1: config 0 descriptor?? [ 500.687882][ T776] snd-usb-audio: probe of 1-1:0.0 failed with error -2 [ 500.890466][ T39] usb 1-1: USB disconnect, device number 50 [ 501.456613][T22262] loop0: detected capacity change from 0 to 256 [ 501.506353][T22262] exfat: Deprecated parameter 'namecase' [ 501.511861][T22262] exfat: Deprecated parameter 'utf8' [ 501.535734][T22262] exfat: Deprecated parameter 'namecase' [ 501.579672][T22271] incfs: Can't find or create .index dir in ./file0 [ 501.586213][T22271] incfs: mount failed -14 [ 501.595635][T22262] /dev/loop0: Can't open blockdev [ 501.704661][ T30] audit: type=1326 audit(1718655229.460:46533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22272 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 501.734420][ T30] audit: type=1326 audit(1718655229.460:46534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22272 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 501.759607][ T30] audit: type=1326 audit(1718655229.490:46535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22272 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 501.783714][ T30] audit: type=1326 audit(1718655229.490:46536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22272 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 501.856264][T22295] fscrypt (sda1, inode 1957): Mutually exclusive encryption flags (0x0c) [ 501.955728][ T771] usb 3-1: new high-speed USB device number 50 using dummy_hcd [ 502.131534][T22328] SELinux: Context system_u:object_r: is not valid (left unmapped). [ 502.181413][T22336] netlink: 173 bytes leftover after parsing attributes in process `syz-executor.1'. [ 502.195733][ T771] usb 3-1: Using ep0 maxpacket: 32 [ 502.245755][ T345] usb 1-1: new high-speed USB device number 51 using dummy_hcd [ 502.349462][T22361] netlink: 173 bytes leftover after parsing attributes in process `syz-executor.1'. [ 502.369766][T22363] loop1: detected capacity change from 0 to 256 [ 502.475875][ T771] usb 3-1: New USB device found, idVendor=0499, idProduct=1006, bcdDevice=15.0a [ 502.488112][ T771] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 502.497221][ T771] usb 3-1: Product: syz [ 502.501334][ T771] usb 3-1: Manufacturer: syz [ 502.505765][ T771] usb 3-1: SerialNumber: syz [ 502.511487][ T771] usb 3-1: config 0 descriptor?? [ 502.516343][ T345] usb 1-1: Using ep0 maxpacket: 8 [ 502.556431][ T771] snd-usb-audio: probe of 3-1:0.0 failed with error -2 [ 502.636081][ T345] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 502.655718][ T345] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 502.673498][ T345] usb 1-1: New USB device found, idVendor=056a, idProduct=0302, bcdDevice= 0.00 [ 502.687447][T22383] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'. [ 502.696616][ T345] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 502.706756][ T345] usb 1-1: config 0 descriptor?? [ 502.761071][ T20] usb 3-1: USB disconnect, device number 50 [ 502.774382][T22385] tmpfs: Unsupported parameter 'mpol' [ 502.782730][T22385] loop1: detected capacity change from 0 to 512 [ 502.927652][T22387] loop1: detected capacity change from 0 to 256 [ 503.058781][T22393] syz-executor.1[22393] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 503.058862][T22393] syz-executor.1[22393] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 503.634222][T22320] loop0: detected capacity change from 0 to 131072 [ 503.735802][ T771] usb 3-1: new high-speed USB device number 51 using dummy_hcd [ 504.176559][ T771] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 504.205284][ T771] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 504.298019][ T771] usb 3-1: New USB device found, idVendor=056a, idProduct=032a, bcdDevice= 0.00 [ 504.319352][ T771] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 504.334993][T22320] loop0: detected capacity change from 0 to 256 [ 504.342821][ T771] usb 3-1: config 0 descriptor?? [ 504.551415][T22407] loop0: detected capacity change from 0 to 256 [ 504.827987][ T771] wacom 0003:056A:032A.005E: unknown main item tag 0x0 [ 504.845191][ T771] wacom 0003:056A:032A.005E: hidraw0: USB HID v0.00 Device [HID 056a:032a] on usb-dummy_hcd.2-1/input0 [ 505.033451][ T692] usb 3-1: USB disconnect, device number 51 [ 505.588451][T22419] loop2: detected capacity change from 0 to 256 [ 505.611903][T22419] FAT-fs (loop2): Directory bread(block 64) failed [ 505.618413][T22419] FAT-fs (loop2): Directory bread(block 65) failed [ 505.624829][T22419] FAT-fs (loop2): Directory bread(block 66) failed [ 505.631393][T22419] FAT-fs (loop2): Directory bread(block 67) failed [ 505.637825][T22419] FAT-fs (loop2): Directory bread(block 68) failed [ 505.644170][T22419] FAT-fs (loop2): Directory bread(block 69) failed [ 505.650565][T22419] FAT-fs (loop2): Directory bread(block 70) failed [ 505.657053][T22419] FAT-fs (loop2): Directory bread(block 71) failed [ 505.678448][T22419] FAT-fs (loop2): Directory bread(block 72) failed [ 505.684847][T22419] FAT-fs (loop2): Directory bread(block 73) failed [ 505.712227][ T30] kauditd_printk_skb: 28 callbacks suppressed [ 505.712243][ T30] audit: type=1326 audit(1718655233.470:46565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22422 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 505.756565][ T30] audit: type=1326 audit(1718655233.510:46566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22422 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 505.780503][ T30] audit: type=1326 audit(1718655233.510:46567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22422 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 505.804582][ T30] audit: type=1326 audit(1718655233.510:46568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22422 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 505.832986][ T30] audit: type=1326 audit(1718655233.510:46569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22422 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 505.865864][ T345] usbhid 1-1:0.0: can't add hid device: -71 [ 505.874464][ T345] usbhid: probe of 1-1:0.0 failed with error -71 [ 505.881655][T22423] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22423 comm=syz-executor.1 [ 505.899930][ T345] usb 1-1: USB disconnect, device number 51 [ 505.917087][ T30] audit: type=1326 audit(1718655233.510:46570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22422 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 505.951745][ T30] audit: type=1326 audit(1718655233.510:46571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22422 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 505.976112][ T30] audit: type=1326 audit(1718655233.510:46572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22422 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 506.002702][ T30] audit: type=1326 audit(1718655233.510:46573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22422 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 506.028327][ T30] audit: type=1326 audit(1718655233.510:46574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22422 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3befe68f29 code=0x7ffc0000 [ 506.325777][ T345] usb 1-1: new high-speed USB device number 52 using dummy_hcd [ 506.579228][T22445] xt_hashlimit: invalid rate [ 506.975830][ T345] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 506.993753][ T345] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 507.003391][ T345] usb 1-1: New USB device found, idVendor=056a, idProduct=032a, bcdDevice= 0.00 [ 507.013085][ T345] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 507.024663][ T345] usb 1-1: config 0 descriptor?? [ 507.163527][T22472] cgroup: Invalid name [ 507.225767][T22479] loop2: detected capacity change from 0 to 2048 [ 507.247551][T22479] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 507.260354][T22479] incfs: Backing dir is not set, filesystem can't be mounted. [ 507.268401][T22479] incfs: mount failed -2 [ 507.360193][T22491] syz-executor.2[22491] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 507.360274][T22491] syz-executor.2[22491] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 507.375129][T22491] syz-executor.2[22491] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 507.387251][T22491] syz-executor.2[22491] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 507.487288][ T345] wacom 0003:056A:032A.005F: unknown main item tag 0x0 [ 507.516400][ T345] wacom 0003:056A:032A.005F: hidraw0: USB HID v0.00 Device [HID 056a:032a] on usb-dummy_hcd.0-1/input0 [ 507.780021][ T345] usb 1-1: USB disconnect, device number 52 [ 507.812638][T22501] syz-executor.1[22501] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 507.812759][T22501] syz-executor.1[22501] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 508.255232][T22505] loop2: detected capacity change from 0 to 512 [ 508.308729][T22505] EXT4-fs (loop2): 1 truncate cleaned up [ 508.314405][T22505] EXT4-fs (loop2): mounted filesystem without journal. Opts: prjquota,grpquota,debug_want_extra_isize=0x000000000000005c,nouid32,noload,errors=continue,grpjquota=,,errors=continue. Quota mode: writeback. [ 508.594973][T22526] device bridge_slave_1 left promiscuous mode [ 508.601536][T22526] bridge0: port 2(bridge_slave_1) entered disabled state [ 508.798738][T22530] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.2'. [ 508.914312][T22544] syz-executor.2[22544] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 508.914385][T22544] syz-executor.2[22544] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 509.449494][T22573] xt_hashlimit: invalid rate [ 509.494233][T22576] syz-executor.0[22576] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 509.494319][T22576] syz-executor.0[22576] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 509.536617][T22578] syz-executor.0[22578] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 509.553392][T22578] syz-executor.0[22578] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 509.630492][T22579] bridge0: port 1(bridge_slave_0) entered blocking state [ 509.649279][T22579] bridge0: port 1(bridge_slave_0) entered disabled state [ 509.656615][T22579] device bridge_slave_0 entered promiscuous mode [ 509.663576][T22579] bridge0: port 2(bridge_slave_1) entered blocking state [ 509.671230][T22579] bridge0: port 2(bridge_slave_1) entered disabled state [ 509.678568][T22579] device bridge_slave_1 entered promiscuous mode [ 509.695733][ T692] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 509.822036][T22579] bridge0: port 2(bridge_slave_1) entered blocking state [ 509.829037][T22579] bridge0: port 2(bridge_slave_1) entered forwarding state [ 509.836165][T22579] bridge0: port 1(bridge_slave_0) entered blocking state [ 509.843003][T22579] bridge0: port 1(bridge_slave_0) entered forwarding state [ 509.860047][T22586] loop0: detected capacity change from 0 to 40427 [ 509.904706][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 509.912684][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 509.920646][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 509.945905][ T692] usb 2-1: Using ep0 maxpacket: 16 [ 509.954631][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 509.963065][ T776] bridge0: port 1(bridge_slave_0) entered blocking state [ 509.969924][ T776] bridge0: port 1(bridge_slave_0) entered forwarding state [ 509.986948][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 510.005197][ T776] bridge0: port 2(bridge_slave_1) entered blocking state [ 510.012101][ T776] bridge0: port 2(bridge_slave_1) entered forwarding state [ 510.035998][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 510.049343][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 510.066124][ T692] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 510.080322][ T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 510.087621][ T692] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 510.102237][T22579] device veth0_vlan entered promiscuous mode [ 510.108022][ T692] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 510.108048][ T692] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 510.125200][ T692] usb 2-1: config 0 descriptor?? [ 510.130467][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 510.139954][ T10] device bridge_slave_1 left promiscuous mode [ 510.149514][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 510.164871][T22594] overlayfs: statfs failed on './file0' [ 510.170709][ T10] device bridge_slave_0 left promiscuous mode [ 510.176702][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 510.184923][ T10] device veth1_macvtap left promiscuous mode [ 510.190828][ T10] device veth0_vlan left promiscuous mode [ 510.292281][T22609] 9pnet: p9_fd_create_unix (22609): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0 [ 510.393758][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 510.542578][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 510.606683][T22570] UDC core: couldn't find an available UDC or it's busy: -16 [ 510.613724][ T776] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 510.616692][T22570] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 510.642581][T22579] device veth1_macvtap entered promiscuous mode [ 510.734751][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 510.751430][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 510.766587][ T692] hid (null): bogus close delimiter [ 510.775256][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.047220][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.062008][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.076549][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.083908][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.091972][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.099500][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.106799][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.113954][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.121165][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.128371][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.135551][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.142781][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.149985][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.157170][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.164366][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0xd [ 511.171606][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.178902][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.186103][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.193284][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.200505][ T692] hid-generic 0003:0158:0100.0060: unknown main item tag 0x0 [ 511.207703][ T692] hid-generic 0003:0158:0100.0060: bogus close delimiter [ 511.214524][ T692] hid-generic 0003:0158:0100.0060: item 0 4 2 10 parsing failed [ 511.222167][ T692] hid-generic: probe of 0003:0158:0100.0060 failed with error -22 [ 511.230954][ T692] usb 2-1: USB disconnect, device number 40 [ 511.237928][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 511.246658][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 511.315374][T22643] syz-executor.0[22643] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 511.315455][T22643] syz-executor.0[22643] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 511.447278][T22652] loop0: detected capacity change from 0 to 256 [ 511.479202][ T30] kauditd_printk_skb: 68 callbacks suppressed [ 511.479218][ T30] audit: type=1326 audit(1718655239.240:46643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22654 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f20cdf29 code=0x7ffc0000 [ 511.509801][ T30] audit: type=1326 audit(1718655239.270:46644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22654 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f20cdf29 code=0x7ffc0000 [ 511.540545][ T30] audit: type=1326 audit(1718655239.290:46645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22654 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7fb1f20cdf29 code=0x7ffc0000 [ 511.565604][ T30] audit: type=1326 audit(1718655239.290:46646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22654 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f20cdf29 code=0x7ffc0000 [ 511.592782][ T30] audit: type=1326 audit(1718655239.290:46647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22654 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f20cdf29 code=0x7ffc0000 [ 511.633309][T22663] syz-executor.1[22663] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 511.633380][T22663] syz-executor.1[22663] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 512.385199][T22669] device syzkaller0 entered promiscuous mode [ 512.594094][T22701] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 512.784839][T22714] device syzkaller0 entered promiscuous mode [ 512.806196][ T692] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 512.966545][T22724] 9pnet: p9_fd_create_unix (22724): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0 [ 513.059012][ T692] usb 2-1: Using ep0 maxpacket: 16 [ 513.236067][ T692] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 513.254101][ T692] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 513.275745][ T692] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 513.284752][ T692] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 513.294358][ T692] usb 2-1: config 0 descriptor?? [ 513.318068][T22733] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 513.363584][T22739] loop0: detected capacity change from 0 to 256 [ 513.816726][T22691] UDC core: couldn't find an available UDC or it's busy: -16 [ 513.835241][T22691] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 513.856146][ T692] hid (null): bogus close delimiter [ 513.864864][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 513.872653][T22751] device syzkaller0 entered promiscuous mode [ 513.897092][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 513.904963][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 513.921600][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 513.928892][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 513.940114][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 513.947354][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 513.954537][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 513.963019][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 513.971519][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 513.979767][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 513.987306][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 513.994547][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 514.001763][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 514.009305][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 514.016643][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0xd [ 514.024224][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 514.031493][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 514.038771][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 514.045940][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 514.053402][ T692] hid-generic 0003:0158:0100.0061: unknown main item tag 0x0 [ 514.060760][ T692] hid-generic 0003:0158:0100.0061: bogus close delimiter [ 514.074473][ T692] hid-generic 0003:0158:0100.0061: item 0 4 2 10 parsing failed [ 514.082185][ T692] hid-generic: probe of 0003:0158:0100.0061 failed with error -22 [ 514.092306][ T692] usb 2-1: USB disconnect, device number 41 [ 514.335788][ T6] usb 3-1: new high-speed USB device number 52 using dummy_hcd [ 514.585739][ T6] usb 3-1: Using ep0 maxpacket: 32 [ 514.628515][T22806] loop1: detected capacity change from 0 to 512 [ 514.657368][T22806] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 514.668115][T22806] EXT4-fs (loop1): write access unavailable, skipping orphan cleanup [ 514.676119][T22806] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 514.688678][T22806] EXT4-fs (loop1): Couldn't remount RDWR because of unprocessed orphan inode list. Please umount/remount instead [ 514.715807][ T6] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 514.726621][ T6] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 514.766109][ T345] usb 1-1: new high-speed USB device number 53 using dummy_hcd [ 514.875811][ T6] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 514.884697][ T6] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 514.893630][ T6] usb 3-1: Product: syz [ 514.897820][ T6] usb 3-1: Manufacturer: syz [ 514.946231][ T6] hub 3-1:4.0: USB hub found [ 515.015773][ T39] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 515.156114][ T6] hub 3-1:4.0: 2 ports detected [ 515.160866][ T345] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 515.171602][ T345] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 515.183098][ T345] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 515.192847][ T345] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 515.292471][T22814] loop3: detected capacity change from 0 to 512 [ 515.305930][ T345] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 515.315929][ T345] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 515.323841][ T345] usb 1-1: Manufacturer: syz [ 515.326198][T22814] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 515.329494][ T345] usb 1-1: config 0 descriptor?? [ 515.341806][T22814] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b816c118, mo2=0002] [ 515.351081][T22814] System zones: 1-12 [ 515.355883][T22814] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.3: corrupted in-inode xattr [ 515.369065][T22814] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 515.375863][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 515.382531][T22814] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,grpquota,,errors=continue. Quota mode: writeback. [ 515.405735][ T39] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 515.422939][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 515.432444][ T39] usb 2-1: config 0 descriptor?? [ 515.508999][ T30] audit: type=1400 audit(1718655243.270:46648): avc: denied { accept } for pid=22813 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 515.529967][ T30] audit: type=1326 audit(1718655243.300:46649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22813 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb1f20cdf29 code=0x0 [ 515.807959][ T345] appleir 0003:05AC:8243.0062: unknown main item tag 0x0 [ 515.815000][ T345] appleir 0003:05AC:8243.0062: No inputs registered, leaving [ 515.834719][ T345] appleir 0003:05AC:8243.0062: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 515.906419][ T39] keytouch 0003:0926:3333.0063: fixing up Keytouch IEC report descriptor [ 515.926344][ T39] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0063/input/input114 [ 516.018351][ T39] keytouch 0003:0926:3333.0063: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 516.086355][ T6] usb 1-1: USB disconnect, device number 53 [ 516.156276][T22820] loop3: detected capacity change from 0 to 256 [ 516.186660][T22820] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 516.312365][ T39] usb 2-1: USB disconnect, device number 42 [ 516.465798][ T345] hub 3-1:4.0: activate --> -90 [ 516.675779][ T20] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 516.901518][T22858] loop0: detected capacity change from 0 to 128 [ 516.937658][ T6] usb 3-1: USB disconnect, device number 52 [ 516.945724][ T20] usb 4-1: Using ep0 maxpacket: 16 [ 516.955854][ T345] usb 3-1-port2: config error [ 517.075827][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 517.089969][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 517.100550][ T20] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 517.109625][ T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 517.118114][ T776] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 517.126497][T22862] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 517.136119][ T30] audit: type=1400 audit(1718655244.900:46650): avc: denied { accept } for pid=22861 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 517.159870][ T20] usb 4-1: config 0 descriptor?? [ 517.508671][T22883] bpf_get_probe_write_proto: 4 callbacks suppressed [ 517.508689][T22883] syz-executor.2[22883] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 517.515212][T22883] syz-executor.2[22883] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 517.535818][ T776] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 517.575476][ T776] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 517.604372][ T776] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 517.606041][T22828] UDC core: couldn't find an available UDC or it's busy: -16 [ 517.614078][ T776] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 517.621292][T22828] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 517.936574][ T20] hid (null): bogus close delimiter [ 517.949756][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 517.971368][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 517.978804][ T776] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 517.987798][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 517.995173][ T776] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 518.003457][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.010824][ T776] usb 2-1: Manufacturer: syz [ 518.016659][ T776] usb 2-1: config 0 descriptor?? [ 518.016754][T22889] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 518.021559][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.039301][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.046568][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.054784][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.063617][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.071441][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.079468][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.087006][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.094446][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.101946][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.109447][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.116876][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0xd [ 518.124184][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.134184][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.141451][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.148967][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.156381][ T20] hid-generic 0003:0158:0100.0064: unknown main item tag 0x0 [ 518.163663][ T20] hid-generic 0003:0158:0100.0064: bogus close delimiter [ 518.174775][ T20] hid-generic 0003:0158:0100.0064: item 0 4 2 10 parsing failed [ 518.185536][ T20] hid-generic: probe of 0003:0158:0100.0064 failed with error -22 [ 518.197812][ T20] usb 4-1: USB disconnect, device number 31 [ 518.496578][ T776] appleir 0003:05AC:8243.0065: unknown main item tag 0x0 [ 518.503614][ T776] appleir 0003:05AC:8243.0065: No inputs registered, leaving [ 518.511925][ T776] appleir 0003:05AC:8243.0065: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 518.525741][ T39] usb 1-1: new high-speed USB device number 54 using dummy_hcd [ 518.552468][T22907] bridge0: port 1(bridge_slave_0) entered blocking state [ 518.559401][T22907] bridge0: port 1(bridge_slave_0) entered disabled state [ 518.566628][T22907] device bridge_slave_0 entered promiscuous mode [ 518.574224][T22907] bridge0: port 2(bridge_slave_1) entered blocking state [ 518.581112][T22907] bridge0: port 2(bridge_slave_1) entered disabled state [ 518.588253][T22907] device bridge_slave_1 entered promiscuous mode [ 518.629331][T22907] bridge0: port 2(bridge_slave_1) entered blocking state [ 518.636172][T22907] bridge0: port 2(bridge_slave_1) entered forwarding state [ 518.643246][T22907] bridge0: port 1(bridge_slave_0) entered blocking state [ 518.650058][T22907] bridge0: port 1(bridge_slave_0) entered forwarding state [ 518.669784][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 518.676830][ T776] usb 3-1: new high-speed USB device number 53 using dummy_hcd [ 518.684732][ T6] bridge0: port 1(bridge_slave_0) entered disabled state [ 518.692026][ T6] bridge0: port 2(bridge_slave_1) entered disabled state [ 518.714271][T20876] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 518.722642][T20876] bridge0: port 1(bridge_slave_0) entered blocking state [ 518.729526][T20876] bridge0: port 1(bridge_slave_0) entered forwarding state [ 518.736810][T20876] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 518.744905][T20876] bridge0: port 2(bridge_slave_1) entered blocking state [ 518.751761][T20876] bridge0: port 2(bridge_slave_1) entered forwarding state [ 518.775749][ T39] usb 1-1: Using ep0 maxpacket: 16 [ 518.776909][ T6] usb 2-1: USB disconnect, device number 43 [ 518.788524][T20876] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 518.801032][T20876] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 518.826889][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 518.835131][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 518.843225][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 518.851829][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 518.860224][T22907] device veth0_vlan entered promiscuous mode [ 518.874905][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 518.888189][T22907] device veth1_macvtap entered promiscuous mode [ 518.895853][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 518.901273][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 518.906849][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 518.924390][ T39] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 518.933276][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 518.935729][ T776] usb 3-1: Using ep0 maxpacket: 32 [ 518.941772][ T39] usb 1-1: config 0 descriptor?? [ 518.953778][T20876] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 519.002630][T22915] overlayfs: statfs failed on './file0' [ 519.126420][ T776] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 519.137243][ T776] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 519.295851][ T776] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 519.310792][ T776] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 519.319052][ T776] usb 3-1: Product: syz [ 519.322987][ T776] usb 3-1: Manufacturer: syz [ 519.346911][T11249] device bridge_slave_1 left promiscuous mode [ 519.354968][T11249] bridge0: port 2(bridge_slave_1) entered disabled state [ 519.366261][ T776] hub 3-1:4.0: USB hub found [ 519.372553][T11249] device bridge_slave_0 left promiscuous mode [ 519.379092][T11249] bridge0: port 1(bridge_slave_0) entered disabled state [ 519.387220][T11249] device veth1_macvtap left promiscuous mode [ 519.393129][T11249] device veth0_vlan left promiscuous mode [ 519.406342][T22903] UDC core: couldn't find an available UDC or it's busy: -16 [ 519.414051][T22903] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 519.428280][T22932] loop1: detected capacity change from 0 to 128 [ 519.450250][ T39] hid-generic 0003:0158:0100.0066: unknown main item tag 0x1 [ 519.464496][ T39] hid-generic 0003:0158:0100.0066: unexpected long global item [ 519.479517][ T39] hid-generic: probe of 0003:0158:0100.0066 failed with error -22 [ 519.545232][T22924] loop3: detected capacity change from 0 to 131072 [ 519.569784][T22924] F2FS-fs (loop3): Found nat_bits in checkpoint [ 519.586083][ T776] hub 3-1:4.0: 2 ports detected [ 519.594128][T22924] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b [ 519.656967][ T6] usb 1-1: USB disconnect, device number 54 [ 519.920301][T22954] loop1: detected capacity change from 0 to 256 [ 520.697433][ T30] audit: type=1326 audit(1718655248.460:46651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22973 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 520.721916][ T30] audit: type=1326 audit(1718655248.480:46652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22973 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 520.753637][ T30] audit: type=1326 audit(1718655248.480:46653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22973 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 520.780008][ T30] audit: type=1326 audit(1718655248.510:46654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22973 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 520.805254][ T30] audit: type=1326 audit(1718655248.510:46655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22973 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 520.829719][ T30] audit: type=1326 audit(1718655248.510:46656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22973 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 520.854339][ T30] audit: type=1326 audit(1718655248.510:46657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22973 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 520.879013][ T30] audit: type=1326 audit(1718655248.510:46658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22973 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 520.905432][ T30] audit: type=1326 audit(1718655248.510:46659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22973 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 520.929779][ T776] hub 3-1:4.0: activate --> -90 [ 520.987684][T22993] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 520.995573][T22993] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 521.376307][ T39] usb 3-1: USB disconnect, device number 53 [ 521.385804][ T776] usb 3-1-port2: config error [ 522.157537][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 522.157552][ T30] audit: type=1326 audit(1718655249.920:46662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23030 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 522.171866][T23033] usb usb1: usbfs: process 23033 (syz-executor.2) did not claim interface 14 before use [ 522.209024][ T30] audit: type=1326 audit(1718655249.950:46663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23030 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 522.233243][ T30] audit: type=1326 audit(1718655249.950:46664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23030 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 522.257599][ T30] audit: type=1326 audit(1718655249.960:46665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23030 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 522.283833][ T30] audit: type=1326 audit(1718655249.960:46666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23030 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 522.308343][ T30] audit: type=1326 audit(1718655249.960:46667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23030 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 522.337977][ T30] audit: type=1326 audit(1718655249.960:46668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23030 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 522.368421][ T30] audit: type=1326 audit(1718655249.960:46669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23030 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 522.392676][ T30] audit: type=1326 audit(1718655249.960:46670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23030 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 522.420126][ T30] audit: type=1326 audit(1718655249.970:46671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23030 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62190f6f29 code=0x7ffc0000 [ 522.481312][T23043] device syzkaller0 entered promiscuous mode [ 522.570268][T23057] usb usb1: usbfs: process 23057 (syz-executor.0) did not claim interface 14 before use [ 522.751851][T23069] loop4: detected capacity change from 0 to 16 [ 522.767043][T23069] erofs: (device loop4): mounted with root inode @ nid 36. [ 522.782029][T23069] attempt to access beyond end of device [ 522.782029][T23069] loop4: rw=0, want=48, limit=16 [ 522.801078][T23084] usb usb1: usbfs: process 23084 (syz-executor.0) did not claim interface 14 before use [ 522.842528][ T692] hid-generic 0000:0000:0000.0067: unknown main item tag 0x0 [ 522.850130][ T692] hid-generic 0000:0000:0000.0067: hidraw0: HID v0.00 Device [syz0] on syz0 [ 522.938670][T23101] loop4: detected capacity change from 0 to 256 [ 522.976436][T23101] exfat: Bad value for 'dmask' [ 523.045815][ T776] usb 3-1: new high-speed USB device number 54 using dummy_hcd [ 523.082017][T23110] loop4: detected capacity change from 0 to 16 [ 523.106676][T23110] erofs: (device loop4): mounted with root inode @ nid 36. [ 523.114406][T23110] attempt to access beyond end of device [ 523.114406][T23110] loop4: rw=0, want=48, limit=16 [ 523.124713][T20876] usb 1-1: new high-speed USB device number 55 using dummy_hcd [ 523.294315][T23114] cgroup: No subsys list or none specified [ 523.595892][ T776] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 523.606743][ T776] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 523.616296][ T776] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 523.625123][ T776] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 523.633563][ T776] usb 3-1: config 0 descriptor?? [ 523.695844][T20876] usb 1-1: config 0 has no interfaces? [ 523.815831][T20876] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 523.824711][T20876] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 523.832490][T20876] usb 1-1: Product: syz [ 523.836505][T20876] usb 1-1: Manufacturer: syz [ 523.841508][T20876] usb 1-1: config 0 descriptor?? [ 524.086727][T20876] usb 1-1: USB disconnect, device number 55 [ 524.117467][ T776] hid-led 0003:27B8:01ED.0068: unbalanced delimiter at end of report description [ 524.126601][ T776] hid-led: probe of 0003:27B8:01ED.0068 failed with error -22 [ 524.320410][T20876] usb 3-1: USB disconnect, device number 54 [ 524.600930][T23140] SELinux: security_context_str_to_sid(s) failed for (dev ?, type ?) errno=-22 [ 524.609812][T23140] SELinux: security_context_str_to_sid(s) failed for (dev configfs, type configfs) errno=-22 [ 524.753075][T23144] cgroup: No subsys list or none specified [ 524.934383][ T776] Bluetooth: hci0: command 0x1003 tx timeout [ 524.940346][T23080] Bluetooth: hci0: sending frame failed (-49) [ 524.962361][T23146] 9pnet: p9_errstr2errno: server reported unknown error œæçæÎsÅ‚Ün02ÖÌü䧑̼§6þ [ 525.453183][T23174] 9pnet: p9_errstr2errno: server reported unknown error œæçæÎsÅ‚Ün02ÖÌü䧑̼§6þ [ 525.649147][T23193] loop2: detected capacity change from 0 to 128 [ 525.679601][T23193] FAT-fs (loop2): bogus logical sector size 65535 [ 525.686110][T23193] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 525.695347][T23193] FAT-fs (loop2): Can't find a valid FAT filesystem [ 525.860603][T23197] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 526.092291][T23208] syz-executor.4[23208] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 526.092372][T23208] syz-executor.4[23208] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 526.995766][T20876] Bluetooth: hci0: command 0x1001 tx timeout [ 527.013250][T23080] Bluetooth: hci0: sending frame failed (-49) [ 527.779184][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 527.779222][ T30] audit: type=1107 audit(1718655255.540:46680): pid=23254 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 527.837075][ T30] audit: type=1326 audit(1718655255.600:46681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8128d43f29 code=0x7ffc0000 [ 527.867060][ T30] audit: type=1326 audit(1718655255.600:46682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8128d43f29 code=0x7ffc0000 [ 527.900473][ T30] audit: type=1326 audit(1718655255.600:46683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8128d43f29 code=0x7ffc0000 [ 527.924931][ T30] audit: type=1326 audit(1718655255.600:46684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8128d43f29 code=0x7ffc0000 [ 527.949318][ T30] audit: type=1326 audit(1718655255.600:46685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8128d43f29 code=0x7ffc0000 [ 527.974610][ T30] audit: type=1326 audit(1718655255.600:46686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f8128d43f29 code=0x7ffc0000 [ 527.999094][ T30] audit: type=1326 audit(1718655255.600:46687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8128d43f29 code=0x7ffc0000 [ 528.079981][ T30] audit: type=1326 audit(1718655255.600:46688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8128d43f29 code=0x7ffc0000 [ 528.114409][ T30] audit: type=1326 audit(1718655255.600:46689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8128d43f29 code=0x7ffc0000 [ 528.186847][ T6] hid-generic 0000:0000:0000.0069: unknown main item tag 0x0 [ 528.201051][ T6] hid-generic 0000:0000:0000.0069: hidraw0: HID v0.00 Device [syz0] on syz0 [ 528.351331][T23287] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 528.465781][ T331] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 528.479720][T23300] overlayfs: failed to get inode (-116) [ 528.485307][T23300] overlayfs: failed to get inode (-116) [ 528.491129][T23300] overlayfs: failed to get inode (-116) [ 528.496964][T23300] overlayfs: failed to get inode (-116) [ 528.637211][T23304] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 528.825924][ T331] usb 5-1: config 0 has no interfaces? [ 528.946015][ T331] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 528.955016][ T331] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 528.962898][ T331] usb 5-1: Product: syz [ 528.966901][ T331] usb 5-1: Manufacturer: syz [ 528.973928][ T331] usb 5-1: config 0 descriptor?? [ 529.076126][ T6] Bluetooth: hci0: command 0x1009 tx timeout [ 529.272489][ T20] usb 5-1: USB disconnect, device number 40 [ 529.412441][T23324] input: syz1 as /devices/virtual/input/input116 [ 529.595767][ T776] usb 1-1: new high-speed USB device number 56 using dummy_hcd [ 529.834098][T23342] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 529.975952][ T776] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 529.986741][ T776] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 529.999541][ T776] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 530.008467][ T776] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 530.018926][ T776] usb 1-1: config 0 descriptor?? [ 530.496871][ T776] plantronics 0003:047F:FFFF.006A: No inputs registered, leaving [ 530.505543][ T776] plantronics 0003:047F:FFFF.006A: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 530.698833][ T331] usb 1-1: USB disconnect, device number 56 [ 530.860939][T23370] overlayfs: failed to get inode (-116) [ 530.866622][T23370] overlayfs: failed to get inode (-116) [ 530.872040][T23370] overlayfs: failed to get inode (-116) [ 530.877533][T23370] overlayfs: failed to get inode (-116) [ 532.065022][T23400] device pim6reg1 entered promiscuous mode [ 532.993743][T23443] 9pnet: Insufficient options for proto=fd [ 533.064836][ T776] hid-generic 0000:0000:0000.006B: unknown main item tag 0x0 [ 533.072962][ T776] hid-generic 0000:0000:0000.006B: hidraw0: HID v0.00 Device [syz0] on syz0 [ 533.157240][T23472] 9pnet: Insufficient options for proto=fd [ 533.272835][T23482] loop4: detected capacity change from 0 to 1024 [ 533.316808][T23482] EXT4-fs (loop4): Ignoring removed orlov option [ 533.322992][T23482] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 533.337787][T23482] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 533.360570][ T776] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 533.363447][ T30] kauditd_printk_skb: 35 callbacks suppressed [ 533.363461][ T30] audit: type=1400 audit(1718655261.120:46725): avc: denied { create } for pid=23481 comm="syz-executor.4" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 533.394403][ T30] audit: type=1400 audit(1718655261.140:46726): avc: denied { write open } for pid=23481 comm="syz-executor.4" path="/root/syzkaller-testdir413753704/syzkaller.4o9rAr/65/file1/file0/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 533.412283][T23482] EXT4-fs error (device loop4): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.4: corrupt xattr in inline inode [ 533.422839][ T30] audit: type=1400 audit(1718655261.140:46727): avc: denied { mounton } for pid=23481 comm="syz-executor.4" path="/root/syzkaller-testdir413753704/syzkaller.4o9rAr/65/file1/file0/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 533.436408][T23482] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.4: corrupted in-inode xattr [ 533.487705][ T30] audit: type=1400 audit(1718655261.250:46728): avc: denied { unlink } for pid=22907 comm="syz-executor.4" name="bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 533.488273][T22907] ================================================================== [ 533.517642][T22907] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0 [ 533.525446][T22907] Read of size 4 at addr ffff88813628c000 by task syz-executor.4/22907 [ 533.533517][T22907] [ 533.535692][T22907] CPU: 1 PID: 22907 Comm: syz-executor.4 Tainted: G W 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 533.547377][T22907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 533.557270][T22907] Call Trace: [ 533.560398][T22907] [ 533.563172][T22907] dump_stack_lvl+0x151/0x1b7 [ 533.567686][T22907] ? io_uring_drop_tctx_refs+0x190/0x190 [ 533.573162][T22907] ? panic+0x751/0x751 [ 533.577057][T22907] print_address_description+0x87/0x3b0 [ 533.582441][T22907] kasan_report+0x179/0x1c0 [ 533.586779][T22907] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 533.592247][T22907] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 533.597714][T22907] __asan_report_load4_noabort+0x14/0x20 [ 533.603182][T22907] ext4_xattr_delete_inode+0xcd0/0xce0 [ 533.608479][T22907] ? sb_end_intwrite+0x120/0x120 [ 533.613255][T22907] ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0 [ 533.619151][T22907] ? ext4_journal_check_start+0x16c/0x230 [ 533.624704][T22907] ? __kasan_check_read+0x11/0x20 [ 533.629569][T22907] ? ext4_inode_is_fast_symlink+0x295/0x3d0 [ 533.635293][T22907] ? ext4_evict_inode+0xb8d/0x14e0 [ 533.640240][T22907] ext4_evict_inode+0xea1/0x14e0 [ 533.645015][T22907] ? _raw_spin_unlock+0x4d/0x70 [ 533.649701][T22907] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 533.655431][T22907] ? _raw_spin_unlock+0x4d/0x70 [ 533.660117][T22907] ? inode_io_list_del+0x18b/0x1a0 [ 533.665063][T22907] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 533.670797][T22907] evict+0x2a3/0x630 [ 533.674524][T22907] iput+0x63b/0x7e0 [ 533.678169][T22907] vfs_rmdir+0x359/0x470 [ 533.682247][T22907] do_rmdir+0x3ab/0x630 [ 533.686239][T22907] ? d_delete_notify+0x160/0x160 [ 533.691016][T22907] __x64_sys_unlinkat+0xdf/0xf0 [ 533.695703][T22907] do_syscall_64+0x3d/0xb0 [ 533.699954][T22907] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 533.705683][T22907] RIP: 0033:0x7f8128d43707 [ 533.709937][T22907] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 533.729378][T22907] RSP: 002b:00007fff1acc0d48 EFLAGS: 00000207 ORIG_RAX: 0000000000000107 [ 533.737619][T22907] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f8128d43707 [ 533.745430][T22907] RDX: 0000000000000200 RSI: 00007fff1acc1ef0 RDI: 00000000ffffff9c [ 533.753241][T22907] RBP: 00007f8128da06c6 R08: 0000000000000000 R09: 0000000000000000 [ 533.761061][T22907] R10: 0000000000000100 R11: 0000000000000207 R12: 00007fff1acc1ef0 [ 533.768866][T22907] R13: 00007f8128da06c6 R14: 0000000000082304 R15: 0000000000000008 [ 533.776682][T22907] [ 533.779541][T22907] [ 533.781712][T22907] The buggy address belongs to the page: [ 533.787190][T22907] page:ffffea0004d8a300 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x100 pfn:0x13628c [ 533.797682][T22907] flags: 0x4000000000000000(zone=1) [ 533.802716][T22907] raw: 4000000000000000 ffffea0004e3bb08 ffffea0004c1e108 0000000000000000 [ 533.811138][T22907] raw: 0000000000000100 0000000000000002 00000000ffffff7f 0000000000000000 [ 533.819550][T22907] page dumped because: kasan: bad access detected [ 533.825809][T22907] page_owner tracks the page as freed [ 533.831006][T22907] page last allocated via order 0, migratetype Movable, gfp_mask 0x100cca(GFP_HIGHUSER_MOVABLE), pid 22320, ts 503441845223, free_ts 503759726881 [ 533.845595][T22907] post_alloc_hook+0x1a3/0x1b0 [ 533.850191][T22907] prep_new_page+0x1b/0x110 [ 533.854527][T22907] get_page_from_freelist+0x3550/0x35d0 [ 533.859906][T22907] __alloc_pages+0x27e/0x8f0 [ 533.864336][T22907] shmem_alloc_and_acct_page+0x4bd/0xa80 [ 533.869800][T22907] shmem_getpage_gfp+0x1388/0x23c0 [ 533.874748][T22907] shmem_write_begin+0xca/0x1b0 [ 533.879445][T22907] generic_perform_write+0x2bc/0x5a0 [ 533.884554][T22907] __generic_file_write_iter+0x25b/0x4b0 [ 533.890022][T22907] generic_file_write_iter+0xaf/0x1c0 [ 533.895230][T22907] vfs_write+0xd5d/0x1110 [ 533.899394][T22907] ksys_write+0x199/0x2c0 [ 533.903564][T22907] __x64_sys_write+0x7b/0x90 [ 533.907987][T22907] do_syscall_64+0x3d/0xb0 [ 533.912240][T22907] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 533.917971][T22907] page last free stack trace: [ 533.922569][T22907] free_unref_page_prepare+0x7c8/0x7d0 [ 533.927866][T22907] free_unref_page_list+0x14b/0xa60 [ 533.932901][T22907] release_pages+0x1310/0x1370 [ 533.937501][T22907] __pagevec_release+0x84/0x100 [ 533.942183][T22907] shmem_undo_range+0x604/0x1560 [ 533.946958][T22907] shmem_evict_inode+0x215/0x9d0 [ 533.951729][T22907] evict+0x2a3/0x630 [ 533.955464][T22907] iput+0x63b/0x7e0 [ 533.959107][T22907] dentry_unlink_inode+0x34f/0x440 [ 533.964055][T22907] __dentry_kill+0x447/0x660 [ 533.968486][T22907] dentry_kill+0xc0/0x2a0 [ 533.972646][T22907] dput+0x45/0x80 [ 533.976119][T22907] __fput+0x662/0x910 [ 533.979944][T22907] ____fput+0x15/0x20 [ 533.983756][T22907] task_work_run+0x129/0x190 [ 533.988182][T22907] exit_to_user_mode_loop+0xc4/0xe0 [ 533.993216][T22907] [ 533.995386][T22907] Memory state around the buggy address: [ 534.000858][T22907] ffff88813628bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 534.008756][T22907] ffff88813628bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2024/06/17 20:14:21 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 534.016652][T22907] >ffff88813628c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 534.024548][T22907] ^ [ 534.028458][T22907] ffff88813628c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 534.036360][T22907] ffff88813628c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 534.044248][T22907] ================================================================== [ 534.052148][T22907] Disabling lock debugging due to kernel taint [ 534.058205][ T776] usb 3-1: config 0 has no interfaces? [ 534.175805][ T776] usb 3-1: string descriptor 0 read error: -71 [ 534.182166][ T776] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 534.191053][ T776] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 534.205481][ T776] usb 3-1: config 0 descriptor?? [