last executing test programs: 3.056505362s ago: executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x4c) setresuid(0x0, r3, 0x0) r4 = socket(0x10, 0x3, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0xffffffffffffffff, r5) chown(&(0x7f00000001c0)='./file0\x00', r3, r5) r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x0) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x25840, 0x0) move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', r6, &(0x7f0000000140)='./file0\x00', 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r7}, &(0x7f00000004c0), &(0x7f0000000500)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r8}, 0x10) r9 = openat$tun(0xffffffffffffff9c, &(0x7f00000013c0), 0x0, 0x0) ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f00000016c0)={'pimreg0\x00', 0x41}) 3.041703645s ago: executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) statx(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 3.021285367s ago: executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="180200000000000000000000000000008500000056000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095000000000000002f81c461b3fea834ceb0e17d802cfb227e656a3698c79205e02f1561b0010095448e9f7024b45fb2006c9117fe2a42fcd2ce278009682dc8f7c867b177ec5bd50b92aedef35b6cd87b56690b4c96f63ab02174911d5e51b76d2c31b8bece7b0f841f393c401d8f51383f0f28d4c00fa2149870f1779f204103dbebff2a0e292b42f01b0bb114fa6e1889a6437285a0c9f00c4245e4d3524af00636736e812558294430bf4b365e0a9c468c9eb4977fb131145e0179c4ddb37a6704a36503e63d66ddcf9b8e1035383b90de09d000c223ffb7f13624e3ac52b248f92d041959c1f7985eb94aad8c0adf4e8730313d1b02662c6847a9851f40a969486ebbe7bfcb5b28fc7dbe1bb80c4a2c18a53fecc51e51de59049b0400000000000000394000000000000000d27022ca2e6e8190f483d0da08eef67837ed671c2154513111dbc0ee58c70889a1c6306b98300a49147242d3f8a6e4aea9b51d0e182153e1283089c3b42cca072dce78b07806950d2b5fd0b448fdf18269cbe47fae4cedeb356536d94534260fa7d6e6b7aa30d8dd5c82e448ef52da9f0894bb3993edafc976ad43adbe9731dd41d181a9c2"], &(0x7f0000000080)='GPL\x00'}, 0x65) 3.012721418s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r2, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x5452, &(0x7f0000000a00)={'dvmrp0\x00', @random="63749f3b111e"}) setsockopt$sock_attach_bpf(r2, 0x1, 0x7, &(0x7f0000000000), 0x4) 2.170058005s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x8}, 0x48) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000003380)={r0, &(0x7f0000003280), &(0x7f0000003340)=@udp=r1}, 0x20) recvmmsg(r1, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0) 1.845576113s ago: executing program 0: futex(&(0x7f0000000140), 0x5, 0x0, 0x0, &(0x7f0000000080), 0x47000000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000022c0)={'batadv_slave_1\x00', 0x0}) sendmmsg$inet(r0, &(0x7f0000007e00)=[{{&(0x7f0000000000)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1100000000000000000000000100000000000000000000001c000000000000000000000007000000940400004404e70301000000000000001c000000000000000000000008000000", @ANYRES32=r1], 0x58}}], 0x1, 0x4000890) 1.829635756s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$inet(0x2, 0xa, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000080)={'wg0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000001e80)={0x0, 0x0, &(0x7f0000001e40)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_FEATURES_WANTED={0x4}]}, 0x24}}, 0x0) 1.815267068s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x2, 0xc}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x20, r2, 0x101, 0x0, 0x0, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x20}}, 0x0) 1.80090395s ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x4, 0x1}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x10) statx(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r3}, 0x10) quotactl_fd$Q_SYNC(r3, 0xffffffff80000101, 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x2c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r6, 0x2, 0x2}, [@NDA_LLADDR={0xa, 0x2, @random="000415020200"}, @NDA_FDB_EXT_ATTRS={0x4}]}, 0x2c}}, 0x0) 1.778284344s ago: executing program 0: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W") quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000200)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000240)={0x0, 0x10, 0x200080000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 1.689041867s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000b8e9850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10) syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000100)=ANY=[@ANYBLOB="1201010200000020050b66184000010203010902"], &(0x7f0000000300)={0x0, 0x0, 0x8, 0x0}) 1.491627687s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000540)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x5, {0x5, 0x0, "a8c6df"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r1, &(0x7f00000002c0)={0x24, 0x0, &(0x7f0000000380)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_usb_control_io(r1, &(0x7f0000001780)={0x2c, 0x0, &(0x7f00000014c0)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r1, &(0x7f0000000280)={0x24, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00031200000012033f"], 0x0, 0x0}, 0x0) 1.478671938s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0xc}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001100007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='n']) 1.464562631s ago: executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) pwrite64(r0, 0x0, 0x0, 0x8000000) 1.457178772s ago: executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000040000000000e1ff95000000000000002ba7e1d30cb599e83f040000f300000000bd01212fb56f040026fbfefc41056bd8174b79ed317142fa9ea4158123751c5c652fbc1626cca2a2ad75806150ae0209e62f51ee988e6e06c8206ac6939fc404004900c788b277be1cb79b0a4dcf23d410f6accd3641110bec4e90a634199e07f8f6eb9604000e011ea665c45a3449abe802f5ab3e89cf6cfdffffffb8580218ce740068720000074e8b1715807ea0ca469e468eea3fd2f73902ebcfcf49822775985bf313405b367e81c700000040000000000200000000005335000000143ea7042ab40c7cb70cc8943a6d60d7c4900282e147d08e0af4b29df814f5691db43a5c00000004000000000089faff01210cce39bf405f1e846c12423a164a330100846f26ad03dd65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d6155102b1ced1e8019e63c850af895abba14f6fbd7fb5e2a431ab914040000000000010092c9f4609646b6c5c29647d2f950a959cf9938d6dfcb8ed2cbdc2ba9d580609e31c3fa90812a533ce206e7e57a79d6fce424c2200af6c7784a1975fabc0c4dd418c005479ecab19bdfb15a32a4fd67ce446adb431d07db79240acaf091231b986e77d05d988d6efdffdf48dca02113a38300cabf2b5543ffc166955709009e000000000061629d1822f720ec23812770d72c700a44e113d17088fdd00600000f7889b8c7044f56ff030000000000006cd4970400cac6f45a6922ded2e29514af463f747c08f4010586903500000000000000000000be34b10f9d640dd782ac0cbc46903243d0d0f4bc7f253d0500000032daaf281c450e64c33aac8ff7e7d1c94c4505a9839688b008c370494f6734b771546d9552d3bb2da0d000000000000000009125c97f0400f5e1671bc5eb7739daa7820a91cb0e732df2ae1d39c747e00a4fbfe8942fa859cd28bdaa1509309926c77fbcb15ec58b42b4bfaf5a6b649dd5f13cd776e6c7c4b5c4b0de20e0c81efb5e392a13cdd2ce219e6733b378553ead4c8cc530b62c36364e6505992209bdbc6203da7a3797246a6adef071102f0aa2c40095ddd05176f5cb8bd99e1ba0f9568f3e3876bba7bf973334e7919a080000000000000004fb996ad919f7e9672ce107000000ad882f2aead166c94500be902ee7dabc768eb9ec13f334aae90981ecaf5f744f22f2e45afe2c9e8632276cffe5f1fc21390797d0244cf1ce269d10525745caaa3f77d1b80116cb38400242010000000100000091a0116f4693133138583da5e10b434697b0443b7b4ddfb3ace29e16e5a881336aad0974269a1025e2a9a135c0508af1aec2926627b43bba1229a7466bdca64f514b7911458da09fe868190104000053226a83ae2424ccd3fc508216aea86833030f569d61dc998620fcf4eeb92e7bc511df63c53b82514493b8f3c74f44ba184d40e87612024da1a1ebe316923865f037c01d71b5de81121046d84b18acb5cbea7eecad9b6dd46ed83515cd911e0e5f00019be25b5910a3193e90be231a05fd82e6003969c3f081ff1d0eb50a04d14644234828cbb5aaa0ece702abdd425fa25ae04a2315c89064df633700000000d9e5953ea67310993d01000000000000003ac753358791b1490273ca535e05b11d815237743a5b79ad45de2a3c91257f02c2f30f5513662809073710937ed0055b238f466e1442f8ec7a5b394228035039ceeb452dca75f9ff5332b4c4777a58a0aa9a821667c68549e9da89ad4218cea744b332ab232a09cf1ec375627074ce2d3d7619936768a84a9465fff4eedba55955434f132ab7b8840558b3f918d675a79907a72a8252cd3fbaea5d3006a03507838231a335ae759ed25534f2e90a7def4b3d4af7fd47ab1a701e4b7a7dfc1d12775ed0a31bc7b5855880aa767e68196c7aa5ac115724b6cb8fcebb67719eccd87b06b38566cf61ad2f307a79d2ce9801837bf0bd3af0271de700eef2795d28cb0017000000000000000000e052d93194121b774d21a0317d0346078400004652c769fd3d3e661a2fb511164f1502ab2ac4eb3f19c042163e0bdb88b82de384a8055e8b1e24294b0546cce481ff5618b7b9585dbb64d66debf219fa479abf22f3d64fe82e466ea6f27859946e72f80bb1c9cfcde57b79625e2979fe689a5a246cbbdf6ad488f43f46b2536f175f46dfb27d5229467270246ab53616c46edf34c559d3de0c59ca3305e66825715e5e4cd5b54c1b05c09f04337a76a30373baac3ecec91fd546eb7c32dbecb18a308a0004be94dfab28c2a51dc856df0000000010c12254f041804f7f7074356789b1d4dd55f3e045a48241a4ce04d06acb2cf11eab759ba78da5da0f26126d4cf2c73e5f94030000040000000000000000c301985d603403592486204054be3fdda91f9e315886941928e5a8bc1a00e69a98c0a8f7192f6ee93cc4124cf4e7610915efc08c834a44e1d685d6835a40b5bc615949cbcd98d0e68d7eef5d32d5fcc7923d7544fa492aa38717481c55e86dcd7816ad8940bd19953603000000adeb9117e8b94ab422c8d62f858875dccdbc89572231ef5d6df6a9c55f8df763c7c64da7cc017e1e3f5cd4cb9fe6d19b11d4d38239d318016e622b9683b7e46be64dc097982e23462392a0cd05afb2e060fd42ef00dfbd057311aab94f307d10c7a1af0d8e5a0fcb547475d13c0000000000000000f1cc97103d714d1af45790517c4a0f5c6a5024e3359e8d83e3f6edf9e2afb5ab59c7b2b45cfb0a3c1303a98e4ed531ac11cca1cd744b431de74c7cd6533adaa8ec749061b2959d53da626aa189781dc1be4d5c81aebc0cada819895b377d6cf0a7878ba99864ae84464744c605646caf2e06b13eba7ba10acf77d91b2297e9573abb0a4da534d735a223626402b308daf7835780fa6f4e410000000000fb00000000000000000000b1495213060000000000000049584655c4fce8c5bb7c54664aef6d780100358aa54bcb49926c4be9ee4659153d9fa95d07cc4efdab2c355efe8e8d0255d0b748366dafe042d78479c21d832e1431ed6d646d13e8e7230300920a5642bbed1dee9b46b6f02e572047ccf3c8edd82660e5d74c52be71d780c300000000000000000000000000000000000044ff72f96f084f4b6cdcb1b4a9d8e9f99f1b85497d0c3df704c8a0034c09caeeb0e34799b755649883539258a7b33dcef15d8fd1953ebaaa3cff81a0de7a05a440f20f6b273ceb8678f10378b670be7504dabd1471355d853292775d0366891f0bcf0a6087ed4f1f2def52394db3e9d8318bbb9baff3db95bfd68a08ded502cc08a485c804e4fd107a7ca2a64ca081c6b2f7b895cdf98b763ebab9451c65eced6f5f97a541210806d885762ac3150225036c7eccd7a05593abd963f9a02df58085115e54f675e6a08d25b5722cabf989b4bbc562e073b81bae61f05c5e1f90e021340b60cc5fb8fdb09b6d20b0d87a6ed800000000000000000000000000000000006cc6f64f583a26a78f7f417f66c0a832f5194ddfce51e5aff28f621bb2fd2a5ab719823488d6e869b08d3d4ac7950c60144cf77437e29895a23282e3c65e015d1c334832a90ee77d93596e3f12e9ca8c67c7f3c9b66c9cb03edec184ad1d9544c7a3be250e471dca00000078544d79c0efe4094e561eeb26ee4c81106d03c004bc1589ef6e13648999c8735e26aa90c571fa3c07238697b1db783c52715055445e96995fe3273b0346b03fc742c06aa3947e0d9cf0c99b5e245ede85893112deea8bd3355a32ec15e1242f170a51f28cea4105541e96a52da4984d26bd29cb0623f00c6b0a4c00ad406d729babb8faf3182c5b98493a5aa943aa3a777a751f56e0c7a74f7f63d83ff1b8ca5b5ea419561acd5fe560563b051dc29ac586b21148ad5a5498369a58d65418bc978b88b699a0f12ce6524eaf0905445413033f041a26b189f2553ef218eba22152a4dc979a0e37396ae1593b9f2c2ff4803c589cabddff8f486f2958cec21280bd11ce2ba92f6e34b9c1d4e79a6552b34c15c4715afdfa5039741500b26e3a7de9c1445722fc889e64dc4709ce89b44414c185fcd0f8bb4d4a0ab9d0e404833cab79985168ecd83520c49cbf9ac249e8f7ec02f5a3302142505136c1bf79e5a05652567f51e16b6d70356f5d12e0037a218cb76842e5ed35bc367f440a5f8b57f623dd03d9b3a38ea6f71681759e1747"], &(0x7f0000000140)='GPL\x00'}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000400)=r1, 0x4) sendmsg$nl_generic(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001140)={0x14, 0x20, 0x229, 0x0, 0x0, {0x0, 0x2, 0x4}}, 0x14}}, 0x0) 1.449824483s ago: executing program 4: sigaltstack(&(0x7f0000001200)={&(0x7f0000000200)=""/4087, 0x0, 0xff7}, 0x0) sigaltstack(0x0, &(0x7f00000014c0)={0x0}) 1.442186824s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000000340), &(0x7f0000000380)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) rt_sigpending(0x0, 0x0) 1.433976405s ago: executing program 4: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x54c, 0x268, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x0, "2e649efc"}]}}, 0x0}, 0x0) 990.736201ms ago: executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000079000000090000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) clock_getres(0x0, 0x0) 982.807582ms ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18060000000000000000000000000040180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000020000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) pipe(&(0x7f0000000a40)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) splice(r3, 0x0, r5, 0x0, 0x800ff06, 0x0) write$binfmt_misc(r2, &(0x7f0000000740)=ANY=[], 0xfffffc8f) splice(r1, 0x0, r4, 0x0, 0x800, 0x0) dup2(r1, r4) 466.35953ms ago: executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) pwrite64(r0, 0x0, 0x0, 0x8000000) 459.139821ms ago: executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000040000000000e1ff95000000000000002ba7e1d30cb599e83f040000f300000000bd01212fb56f040026fbfefc41056bd8174b79ed317142fa9ea4158123751c5c652fbc1626cca2a2ad75806150ae0209e62f51ee988e6e06c8206ac6939fc404004900c788b277be1cb79b0a4dcf23d410f6accd3641110bec4e90a634199e07f8f6eb9604000e011ea665c45a3449abe802f5ab3e89cf6cfdffffffb8580218ce740068720000074e8b1715807ea0ca469e468eea3fd2f73902ebcfcf49822775985bf313405b367e81c700000040000000000200000000005335000000143ea7042ab40c7cb70cc8943a6d60d7c4900282e147d08e0af4b29df814f5691db43a5c00000004000000000089faff01210cce39bf405f1e846c12423a164a330100846f26ad03dd65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d6155102b1ced1e8019e63c850af895abba14f6fbd7fb5e2a431ab914040000000000010092c9f4609646b6c5c29647d2f950a959cf9938d6dfcb8ed2cbdc2ba9d580609e31c3fa90812a533ce206e7e57a79d6fce424c2200af6c7784a1975fabc0c4dd418c005479ecab19bdfb15a32a4fd67ce446adb431d07db79240acaf091231b986e77d05d988d6efdffdf48dca02113a38300cabf2b5543ffc166955709009e000000000061629d1822f720ec23812770d72c700a44e113d17088fdd00600000f7889b8c7044f56ff030000000000006cd4970400cac6f45a6922ded2e29514af463f747c08f4010586903500000000000000000000be34b10f9d640dd782ac0cbc46903243d0d0f4bc7f253d0500000032daaf281c450e64c33aac8ff7e7d1c94c4505a9839688b008c370494f6734b771546d9552d3bb2da0d000000000000000009125c97f0400f5e1671bc5eb7739daa7820a91cb0e732df2ae1d39c747e00a4fbfe8942fa859cd28bdaa1509309926c77fbcb15ec58b42b4bfaf5a6b649dd5f13cd776e6c7c4b5c4b0de20e0c81efb5e392a13cdd2ce219e6733b378553ead4c8cc530b62c36364e6505992209bdbc6203da7a3797246a6adef071102f0aa2c40095ddd05176f5cb8bd99e1ba0f9568f3e3876bba7bf973334e7919a080000000000000004fb996ad919f7e9672ce107000000ad882f2aead166c94500be902ee7dabc768eb9ec13f334aae90981ecaf5f744f22f2e45afe2c9e8632276cffe5f1fc21390797d0244cf1ce269d10525745caaa3f77d1b80116cb38400242010000000100000091a0116f4693133138583da5e10b434697b0443b7b4ddfb3ace29e16e5a881336aad0974269a1025e2a9a135c0508af1aec2926627b43bba1229a7466bdca64f514b7911458da09fe868190104000053226a83ae2424ccd3fc508216aea86833030f569d61dc998620fcf4eeb92e7bc511df63c53b82514493b8f3c74f44ba184d40e87612024da1a1ebe316923865f037c01d71b5de81121046d84b18acb5cbea7eecad9b6dd46ed83515cd911e0e5f00019be25b5910a3193e90be231a05fd82e6003969c3f081ff1d0eb50a04d14644234828cbb5aaa0ece702abdd425fa25ae04a2315c89064df633700000000d9e5953ea67310993d01000000000000003ac753358791b1490273ca535e05b11d815237743a5b79ad45de2a3c91257f02c2f30f5513662809073710937ed0055b238f466e1442f8ec7a5b394228035039ceeb452dca75f9ff5332b4c4777a58a0aa9a821667c68549e9da89ad4218cea744b332ab232a09cf1ec375627074ce2d3d7619936768a84a9465fff4eedba55955434f132ab7b8840558b3f918d675a79907a72a8252cd3fbaea5d3006a03507838231a335ae759ed25534f2e90a7def4b3d4af7fd47ab1a701e4b7a7dfc1d12775ed0a31bc7b5855880aa767e68196c7aa5ac115724b6cb8fcebb67719eccd87b06b38566cf61ad2f307a79d2ce9801837bf0bd3af0271de700eef2795d28cb0017000000000000000000e052d93194121b774d21a0317d0346078400004652c769fd3d3e661a2fb511164f1502ab2ac4eb3f19c042163e0bdb88b82de384a8055e8b1e24294b0546cce481ff5618b7b9585dbb64d66debf219fa479abf22f3d64fe82e466ea6f27859946e72f80bb1c9cfcde57b79625e2979fe689a5a246cbbdf6ad488f43f46b2536f175f46dfb27d5229467270246ab53616c46edf34c559d3de0c59ca3305e66825715e5e4cd5b54c1b05c09f04337a76a30373baac3ecec91fd546eb7c32dbecb18a308a0004be94dfab28c2a51dc856df0000000010c12254f041804f7f7074356789b1d4dd55f3e045a48241a4ce04d06acb2cf11eab759ba78da5da0f26126d4cf2c73e5f94030000040000000000000000c301985d603403592486204054be3fdda91f9e315886941928e5a8bc1a00e69a98c0a8f7192f6ee93cc4124cf4e7610915efc08c834a44e1d685d6835a40b5bc615949cbcd98d0e68d7eef5d32d5fcc7923d7544fa492aa38717481c55e86dcd7816ad8940bd19953603000000adeb9117e8b94ab422c8d62f858875dccdbc89572231ef5d6df6a9c55f8df763c7c64da7cc017e1e3f5cd4cb9fe6d19b11d4d38239d318016e622b9683b7e46be64dc097982e23462392a0cd05afb2e060fd42ef00dfbd057311aab94f307d10c7a1af0d8e5a0fcb547475d13c0000000000000000f1cc97103d714d1af45790517c4a0f5c6a5024e3359e8d83e3f6edf9e2afb5ab59c7b2b45cfb0a3c1303a98e4ed531ac11cca1cd744b431de74c7cd6533adaa8ec749061b2959d53da626aa189781dc1be4d5c81aebc0cada819895b377d6cf0a7878ba99864ae84464744c605646caf2e06b13eba7ba10acf77d91b2297e9573abb0a4da534d735a223626402b308daf7835780fa6f4e410000000000fb00000000000000000000b1495213060000000000000049584655c4fce8c5bb7c54664aef6d780100358aa54bcb49926c4be9ee4659153d9fa95d07cc4efdab2c355efe8e8d0255d0b748366dafe042d78479c21d832e1431ed6d646d13e8e7230300920a5642bbed1dee9b46b6f02e572047ccf3c8edd82660e5d74c52be71d780c300000000000000000000000000000000000044ff72f96f084f4b6cdcb1b4a9d8e9f99f1b85497d0c3df704c8a0034c09caeeb0e34799b755649883539258a7b33dcef15d8fd1953ebaaa3cff81a0de7a05a440f20f6b273ceb8678f10378b670be7504dabd1471355d853292775d0366891f0bcf0a6087ed4f1f2def52394db3e9d8318bbb9baff3db95bfd68a08ded502cc08a485c804e4fd107a7ca2a64ca081c6b2f7b895cdf98b763ebab9451c65eced6f5f97a541210806d885762ac3150225036c7eccd7a05593abd963f9a02df58085115e54f675e6a08d25b5722cabf989b4bbc562e073b81bae61f05c5e1f90e021340b60cc5fb8fdb09b6d20b0d87a6ed800000000000000000000000000000000006cc6f64f583a26a78f7f417f66c0a832f5194ddfce51e5aff28f621bb2fd2a5ab719823488d6e869b08d3d4ac7950c60144cf77437e29895a23282e3c65e015d1c334832a90ee77d93596e3f12e9ca8c67c7f3c9b66c9cb03edec184ad1d9544c7a3be250e471dca00000078544d79c0efe4094e561eeb26ee4c81106d03c004bc1589ef6e13648999c8735e26aa90c571fa3c07238697b1db783c52715055445e96995fe3273b0346b03fc742c06aa3947e0d9cf0c99b5e245ede85893112deea8bd3355a32ec15e1242f170a51f28cea4105541e96a52da4984d26bd29cb0623f00c6b0a4c00ad406d729babb8faf3182c5b98493a5aa943aa3a777a751f56e0c7a74f7f63d83ff1b8ca5b5ea419561acd5fe560563b051dc29ac586b21148ad5a5498369a58d65418bc978b88b699a0f12ce6524eaf0905445413033f041a26b189f2553ef218eba22152a4dc979a0e37396ae1593b9f2c2ff4803c589cabddff8f486f2958cec21280bd11ce2ba92f6e34b9c1d4e79a6552b34c15c4715afdfa5039741500b26e3a7de9c1445722fc889e64dc4709ce89b44414c185fcd0f8bb4d4a0ab9d0e404833cab79985168ecd83520c49cbf9ac249e8f7ec02f5a3302142505136c1bf79e5a05652567f51e16b6d70356f5d12e0037a218cb76842e5ed35bc367f440a5f8b57f623dd03d9b3a38ea6f71681759e1747"], &(0x7f0000000140)='GPL\x00'}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000400)=r1, 0x4) sendmsg$nl_generic(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001140)={0x14, 0x20, 0x229, 0x0, 0x0, {0x0, 0x2, 0x4}}, 0x14}}, 0x0) 451.731882ms ago: executing program 1: sigaltstack(&(0x7f0000001200)={&(0x7f0000000200)=""/4087, 0x0, 0xff7}, 0x0) sigaltstack(0x0, &(0x7f00000014c0)={0x0}) 444.981343ms ago: executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)='!', 0x1}, {0x0, 0x2}], 0x2) 437.332684ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000005c0)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f00000007c0)='tlb_flush\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='tlb_flush\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 419.876037ms ago: executing program 1: bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r4, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0) 141.965129ms ago: executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000180)=0x7f, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="ef", 0xffe3}], 0x1, 0x0, 0x0, 0x20000000}, 0xa}], 0x420, 0x0) 134.0793ms ago: executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14507e, 0x0) r2 = eventfd2(0x0, 0x0) dup2(r2, r1) write$eventfd(r2, &(0x7f0000000000)=0xfffffffffffffffe, 0x8) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000000)={0x0, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000240)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000500)=""/73, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000480)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0xffffffff) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f00000000c0)={0x0, r2}) 125.417931ms ago: executing program 3: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) 0s ago: executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=ANY=[@ANYBLOB="640100001000010000000000feff0000ac1414aa000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ffffffff000000000000000000000000000000006c000000fe8000000000000000000000080000bb0000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480003006465666c6174650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000b0000000000240020"], 0x164}}, 0x0) kernel console output (not intermixed with test programs): error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz-executor.3: path /root/syzkaller-testdir2646490127/syzkaller.vPw2TS/0/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 59.132639][ T2542] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 17: comm syz-executor.3: path /root/syzkaller-testdir2646490127/syzkaller.vPw2TS/0/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 59.159129][ T2542] EXT4-fs error (device loop3): ext4_map_blocks:607: inode #2: block 18: comm syz-executor.3: lblock 23 mapped to illegal pblock 18 (length 1) [ 59.224071][ T2589] bridge0: port 3(syz_tun) entered blocking state [ 59.230419][ T2589] bridge0: port 3(syz_tun) entered disabled state [ 59.236854][ T2589] device syz_tun entered promiscuous mode [ 59.242624][ T2589] bridge0: port 3(syz_tun) entered blocking state [ 59.248865][ T2589] bridge0: port 3(syz_tun) entered forwarding state [ 59.301613][ T2542] EXT4-fs (loop3): unmounting filesystem. [ 59.307860][ T2586] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.314725][ T2586] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.322723][ T2586] device bridge_slave_0 entered promiscuous mode [ 59.331858][ T2600] tun0: tun_chr_ioctl cmd 1074025676 [ 59.337076][ T2600] tun0: owner set to 536871360 [ 59.341756][ T2586] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.348717][ T2586] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.355997][ T2586] device bridge_slave_1 entered promiscuous mode [ 59.483678][ T2586] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.490649][ T2586] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.497712][ T2586] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.504518][ T2586] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.561065][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.568604][ T19] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.575753][ T19] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.583383][ T2609] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.590351][ T2609] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.597742][ T2609] device bridge_slave_0 entered promiscuous mode [ 59.604571][ T2609] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.611521][ T2609] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.618744][ T2609] device bridge_slave_1 entered promiscuous mode [ 59.647554][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.655533][ T696] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.662376][ T696] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.682185][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.690267][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.698324][ T696] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.705149][ T696] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.712302][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 59.720076][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.727822][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 59.735584][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.750405][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.758968][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.777207][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.784976][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.800849][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.808315][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.815758][ T2586] device veth0_vlan entered promiscuous mode [ 59.843452][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.851419][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.861642][ T2586] device veth1_macvtap entered promiscuous mode [ 59.873381][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.881532][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.889511][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.903508][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.911653][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.936754][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.945182][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.962414][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 59.970682][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.971170][ T2627] loop4: detected capacity change from 0 to 256 [ 59.980019][ T19] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.988988][ T2627] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 59.991550][ T19] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.010898][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 60.019123][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 60.027205][ T19] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.034099][ T19] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.041634][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 60.093665][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 60.102622][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.110552][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 60.122532][ T2609] device veth0_vlan entered promiscuous mode [ 60.129857][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 60.150151][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.158357][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 60.165539][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 60.173033][ T2609] device veth1_macvtap entered promiscuous mode [ 60.189452][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.197738][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.267946][ T10] device bridge_slave_1 left promiscuous mode [ 60.273968][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.281468][ T10] device bridge_slave_0 left promiscuous mode [ 60.287783][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.295762][ T10] device bridge_slave_1 left promiscuous mode [ 60.302010][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.311124][ T10] device bridge_slave_0 left promiscuous mode [ 60.317064][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.325207][ T10] device veth1_macvtap left promiscuous mode [ 60.331188][ T10] device veth0_vlan left promiscuous mode [ 60.337218][ T10] device veth1_macvtap left promiscuous mode [ 60.343080][ T10] device veth0_vlan left promiscuous mode [ 60.468875][ T28] audit: type=1326 audit(1717502997.915:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2657 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f980cc7cee9 code=0x0 [ 60.577417][ T336] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 60.937358][ T336] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 60.948218][ T336] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 60.958268][ T336] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 60.967193][ T336] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.975816][ T336] usb 4-1: config 0 descriptor?? [ 60.984822][ T2679] loop4: detected capacity change from 0 to 2048 [ 61.000945][ T2679] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 61.012697][ T2679] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 234: padding at end of block bitmap is not set [ 61.028300][ T2679] EXT4-fs (loop4): Remounting filesystem read-only [ 61.041370][ T2586] EXT4-fs (loop4): unmounting filesystem. [ 61.074356][ T2688] loop1: detected capacity change from 0 to 8192 [ 61.117952][ T28] audit: type=1400 audit(1717502998.565:440): avc: denied { block_suspend } for pid=2693 comm="syz-executor.4" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 61.162194][ T2698] device pim6reg1 entered promiscuous mode [ 61.194302][ T2700] loop1: detected capacity change from 0 to 256 [ 61.203985][ T2700] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 61.458663][ T336] hid-led 0003:27B8:01ED.0003: unbalanced delimiter at end of report description [ 61.468067][ T336] hid-led: probe of 0003:27B8:01ED.0003 failed with error -22 [ 61.636900][ T2750] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 61.661545][ T336] usb 4-1: USB disconnect, device number 3 [ 61.760043][ T2762] loop0: detected capacity change from 0 to 512 [ 61.766563][ T2762] EXT4-fs: Ignoring removed mblk_io_submit option [ 61.773078][ T2762] ext2: Unknown parameter 'mask' [ 62.129322][ T2781] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 62.203419][ T2788] loop0: detected capacity change from 0 to 512 [ 62.210712][ T2788] EXT4-fs: Ignoring removed mblk_io_submit option [ 62.218239][ T2788] ext2: Unknown parameter 'mask' [ 62.357707][ T336] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 62.381961][ T2787] loop3: detected capacity change from 0 to 40427 [ 62.398097][ T2787] F2FS-fs (loop3): Invalid log sectorsize (2) [ 62.404044][ T2787] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 62.451797][ T2787] F2FS-fs (loop3): Found nat_bits in checkpoint [ 62.511635][ T2787] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 62.527279][ T2787] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 62.539268][ T2787] F2FS-fs (loop3): Unexpected flush for atomic writes: ino=10, npages=16 [ 62.553511][ T2787] syz-executor.3: attempt to access beyond end of device [ 62.553511][ T2787] loop3: rw=2049, sector=53248, nr_sectors = 128 limit=40427 [ 62.581169][ T2609] syz-executor.3: attempt to access beyond end of device [ 62.581169][ T2609] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 62.611684][ T2804] device pim6reg1 entered promiscuous mode [ 62.717470][ T336] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 62.862025][ T2819] loop3: detected capacity change from 0 to 40427 [ 62.868976][ T2819] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 62.876509][ T2819] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 62.884644][ T336] usb 2-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 62.888476][ T2819] F2FS-fs (loop3): Found nat_bits in checkpoint [ 62.893538][ T336] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 62.907410][ T336] usb 2-1: Product: syz [ 62.911358][ T336] usb 2-1: Manufacturer: syz [ 62.915778][ T336] usb 2-1: SerialNumber: syz [ 62.921283][ T336] usb 2-1: config 0 descriptor?? [ 62.939292][ T2819] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 62.946328][ T2819] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 63.109701][ T2832] loop4: detected capacity change from 0 to 512 [ 63.116175][ T2832] EXT4-fs: Ignoring removed mblk_io_submit option [ 63.122513][ T2832] ext2: Unknown parameter 'mask' [ 63.178747][ T336] snd-usb-audio: probe of 2-1:0.0 failed with error -2 [ 63.382084][ T19] usb 2-1: USB disconnect, device number 5 [ 63.591980][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 63.591996][ T28] audit: type=1400 audit(1717503001.035:443): avc: denied { write } for pid=2842 comm="syz-executor.0" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 63.623017][ T28] audit: type=1400 audit(1717503001.035:444): avc: denied { add_name } for pid=2842 comm="syz-executor.0" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 63.644770][ T28] audit: type=1400 audit(1717503001.035:445): avc: denied { create } for pid=2842 comm="syz-executor.0" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 63.665696][ T28] audit: type=1400 audit(1717503001.035:446): avc: denied { associate } for pid=2842 comm="syz-executor.0" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 63.768366][ T2850] __nla_validate_parse: 10 callbacks suppressed [ 63.768383][ T2850] netlink: 166 bytes leftover after parsing attributes in process `syz-executor.2'. [ 63.802752][ T2852] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 63.888217][ T28] audit: type=1400 audit(1717503001.335:447): avc: denied { write } for pid=2858 comm="syz-executor.2" name="uinput" dev="devtmpfs" ino=170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 63.888880][ T2859] input: syz0 as /devices/virtual/input/input11 [ 64.029767][ T2874] binder: 2873:2874 ioctl 400c620e 200028c0 returned -22 [ 64.050659][ T28] audit: type=1400 audit(1717503001.485:448): avc: denied { write } for pid=2877 comm="syz-executor.3" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 64.106948][ T2884] loop3: detected capacity change from 0 to 512 [ 64.168971][ T2887] wireguard: wg1: Could not create IPv6 socket [ 64.176176][ T2884] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 64.200221][ T2884] ext4 filesystem being mounted at /root/syzkaller-testdir2428673175/syzkaller.d2KPvw/14/file0 supports timestamps until 2038 (0x7fffffff) [ 64.239814][ T28] audit: type=1400 audit(1717503001.685:449): avc: denied { write } for pid=2883 comm="syz-executor.3" name="file2" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 64.248444][ T2861] loop1: detected capacity change from 0 to 40427 [ 64.269018][ T2861] F2FS-fs (loop1): Invalid log sectorsize (2) [ 64.275008][ T2861] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 64.284388][ T28] audit: type=1400 audit(1717503001.705:450): avc: denied { open } for pid=2883 comm="syz-executor.3" name="file2" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 64.309085][ T2609] EXT4-fs (loop3): unmounting filesystem. [ 64.346939][ T2861] F2FS-fs (loop1): Found nat_bits in checkpoint [ 64.367401][ T2902] syz-executor.4[2902] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.367467][ T2902] syz-executor.4[2902] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.444236][ T2906] loop4: detected capacity change from 0 to 512 [ 64.451452][ T2861] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 64.473083][ T2906] EXT4-fs (loop4): external journal device major/minor numbers have changed [ 64.498358][ T2861] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 64.507913][ T2906] block device autoloading is deprecated and will be removed. [ 64.533544][ T2906] I/O error, dev loop75, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 64.550175][ T2906] EXT4-fs (loop4): couldn't read superblock of external journal [ 64.623650][ T2861] F2FS-fs (loop1): Unexpected flush for atomic writes: ino=10, npages=16 [ 64.642754][ T2861] syz-executor.1: attempt to access beyond end of device [ 64.642754][ T2861] loop1: rw=2049, sector=53248, nr_sectors = 128 limit=40427 [ 64.694633][ T318] syz-executor.1: attempt to access beyond end of device [ 64.694633][ T318] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 64.698645][ T2889] loop0: detected capacity change from 0 to 40427 [ 64.737315][ T2889] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 64.746655][ T2918] loop3: detected capacity change from 0 to 2048 [ 64.757492][ T2889] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 64.782748][ T2918] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 64.800074][ T2918] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 234: padding at end of block bitmap is not set [ 64.829952][ T2889] F2FS-fs (loop0): Found nat_bits in checkpoint [ 64.831386][ T2918] EXT4-fs (loop3): Remounting filesystem read-only [ 64.898645][ T2609] EXT4-fs (loop3): unmounting filesystem. [ 64.904386][ T2889] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 64.911390][ T2889] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 64.981568][ T2939] wireguard: wg1: Could not create IPv6 socket [ 65.064643][ T2960] overlayfs: invalid redirect ((null)) [ 65.230175][ T2995] input: syz0 as /devices/virtual/input/input12 [ 65.301453][ T3001] overlayfs: invalid redirect ((null)) [ 65.399664][ T3009] KVM: debugfs: duplicate directory 3009-5 [ 65.576883][ T3029] syz-executor.2[3029] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 65.576949][ T3029] syz-executor.2[3029] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.217276][ T39] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 66.284061][ T3048] syz-executor.1 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 66.296771][ T3046] KVM: debugfs: duplicate directory 3046-5 [ 66.308002][ T3044] loop4: detected capacity change from 0 to 40427 [ 66.314851][ T3044] F2FS-fs (loop4): Invalid log sectorsize (2) [ 66.320803][ T3044] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 66.331047][ T3044] F2FS-fs (loop4): Found nat_bits in checkpoint [ 66.368959][ T3044] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 66.375871][ T3044] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 66.395207][ T3044] F2FS-fs (loop4): Unexpected flush for atomic writes: ino=10, npages=16 [ 66.403958][ T3044] syz-executor.4: attempt to access beyond end of device [ 66.403958][ T3044] loop4: rw=2049, sector=53248, nr_sectors = 128 limit=40427 [ 66.433010][ T2586] syz-executor.4: attempt to access beyond end of device [ 66.433010][ T2586] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 66.515848][ T28] audit: type=1400 audit(1717503003.955:451): avc: denied { mount } for pid=3075 comm="syz-executor.1" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 66.546071][ T28] audit: type=1400 audit(1717503003.955:452): avc: denied { write } for pid=3075 comm="syz-executor.1" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 66.592643][ T3084] kvm [3083]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010006 data 0x0 [ 66.602021][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 66.616630][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 66.635951][ T39] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 66.645607][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.662874][ T39] usb 3-1: config 0 descriptor?? [ 66.712851][ T3099] loop1: detected capacity change from 0 to 2048 [ 66.724351][ T3102] overlayfs: './file1' not a directory [ 66.738596][ T3099] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 66.788032][ T3112] fuse: Unknown parameter './file0' [ 66.806944][ T3099] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 66.816546][ T3099] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #18: comm syz-executor.1: mark_inode_dirty error [ 66.828157][ T3099] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 66.838747][ T3099] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #18: comm syz-executor.1: mark_inode_dirty error [ 66.850545][ T3099] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 66.863774][ T3099] EXT4-fs error (device loop1): ext4_punch_hole:4142: inode #18: comm syz-executor.1: mark_inode_dirty error [ 66.891597][ T3115] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #18: block 112: comm syz-executor.1: lblock 0 mapped to illegal pblock 112 (length 1) [ 66.912183][ T3115] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #18: block 112: comm syz-executor.1: lblock 0 mapped to illegal pblock 112 (length 1) [ 66.938672][ T318] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #2: block 16: comm syz-executor.1: lblock 0 mapped to illegal pblock 16 (length 1) [ 66.962325][ T318] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 66.976119][ T318] EXT4-fs (loop1): unmounting filesystem. [ 67.006263][ T318] bridge0: port 3(syz_tun) entered disabled state [ 67.018898][ T318] device syz_tun left promiscuous mode [ 67.024232][ T318] bridge0: port 3(syz_tun) entered disabled state [ 67.131044][ T3151] loop0: detected capacity change from 0 to 2048 [ 67.143015][ T3155] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 67.167495][ T3151] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 67.247658][ T3151] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 67.257063][ T3151] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #18: comm syz-executor.0: mark_inode_dirty error [ 67.268639][ T3151] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 67.278029][ T3151] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #18: comm syz-executor.0: mark_inode_dirty error [ 67.289608][ T3151] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 67.304254][ T3151] EXT4-fs error (device loop0): ext4_punch_hole:4142: inode #18: comm syz-executor.0: mark_inode_dirty error [ 67.316977][ T3170] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #18: block 112: comm syz-executor.0: lblock 0 mapped to illegal pblock 112 (length 1) [ 67.341174][ T3170] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #18: block 112: comm syz-executor.0: lblock 0 mapped to illegal pblock 112 (length 1) [ 67.362170][ T3166] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.369676][ T320] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 16: comm syz-executor.0: lblock 0 mapped to illegal pblock 16 (length 1) [ 67.384017][ T3166] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.394048][ T320] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 67.404594][ T320] EXT4-fs (loop0): unmounting filesystem. [ 67.410543][ T3166] device bridge_slave_0 entered promiscuous mode [ 67.419289][ T3166] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.426198][ T3166] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.433662][ T3166] device bridge_slave_1 entered promiscuous mode [ 67.489560][ T3166] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.496401][ T3166] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.503491][ T3166] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.510288][ T3166] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.530899][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 67.538207][ T316] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.545180][ T316] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.569429][ T3183] overlayfs: './file1' not a directory [ 67.591808][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 67.609729][ T696] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.616706][ T696] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.626690][ T3189] fuse: Unknown parameter './file0' [ 67.631503][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.642969][ T696] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.649822][ T696] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.659660][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.671841][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.677559][ T39] uclogic 0003:256C:006D.0004: failed retrieving Huion firmware version: -71 [ 67.694639][ T39] uclogic 0003:256C:006D.0004: failed probing parameters: -71 [ 67.699627][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 67.709621][ T39] uclogic: probe of 0003:256C:006D.0004 failed with error -71 [ 67.716845][ T3166] device veth0_vlan entered promiscuous mode [ 67.726090][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 67.730625][ T39] usb 3-1: USB disconnect, device number 4 [ 67.734329][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 67.746601][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 67.763579][ T3166] device veth1_macvtap entered promiscuous mode [ 67.783616][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 67.797427][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 67.805748][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 67.887081][ T3192] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.899816][ T3192] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.913294][ T3192] device bridge_slave_0 entered promiscuous mode [ 67.928719][ T3204] kvm [3203]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010006 data 0x0 [ 67.930552][ T3192] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.944895][ T3192] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.953876][ T3192] device bridge_slave_1 entered promiscuous mode [ 67.978277][ T43] device bridge_slave_1 left promiscuous mode [ 67.985401][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.999897][ T43] device bridge_slave_0 left promiscuous mode [ 68.005954][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.014661][ T43] device veth1_macvtap left promiscuous mode [ 68.020555][ T43] device veth0_vlan left promiscuous mode [ 68.212590][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 68.223520][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 68.241913][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 68.250314][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 68.258601][ T336] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.265458][ T336] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.272692][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 68.283963][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 68.296411][ T336] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.303277][ T336] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.322261][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 68.330127][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 68.340722][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 68.354314][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 68.388001][ T19] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 68.441444][ T509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 68.449573][ T509] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 68.456720][ T509] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 68.465336][ T3192] device veth0_vlan entered promiscuous mode [ 68.479621][ T509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 68.772510][ T3264] loop4: detected capacity change from 0 to 2048 [ 68.784631][ T3192] device veth1_macvtap entered promiscuous mode [ 68.792866][ T3264] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 68.809568][ T509] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 68.817772][ T509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 68.834510][ T509] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 68.843140][ T509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 68.852583][ T3264] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 68.864624][ T3264] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #18: comm syz-executor.4: mark_inode_dirty error [ 68.876217][ T3264] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 68.885688][ T3264] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #18: comm syz-executor.4: mark_inode_dirty error [ 68.897613][ T3264] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 68.907319][ T695] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 68.916484][ T3264] EXT4-fs error (device loop4): ext4_punch_hole:4142: inode #18: comm syz-executor.4: mark_inode_dirty error [ 68.928518][ T3269] EXT4-fs error (device loop4): ext4_map_blocks:607: inode #18: block 112: comm syz-executor.4: lblock 0 mapped to illegal pblock 112 (length 1) [ 68.944284][ T3269] EXT4-fs error (device loop4): ext4_map_blocks:607: inode #18: block 112: comm syz-executor.4: lblock 0 mapped to illegal pblock 112 (length 1) [ 68.963885][ T2586] EXT4-fs error (device loop4): ext4_map_blocks:607: inode #2: block 16: comm syz-executor.4: lblock 0 mapped to illegal pblock 16 (length 1) [ 68.980816][ T2586] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 68.991164][ T2586] EXT4-fs (loop4): unmounting filesystem. [ 69.037349][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 69.050864][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 69.060482][ T19] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 69.070015][ T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.078565][ T19] usb 4-1: config 0 descriptor?? [ 69.254326][ T3298] kvm [3297]: vcpu0, guest rIP: 0xfff0 Hyper-V unhandled wrmsr: 0x4000007a data 0x0 [ 69.307334][ T695] usb 2-1: unable to get BOS descriptor or descriptor too short [ 69.362268][ T3300] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.369412][ T3300] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.376742][ T3300] device bridge_slave_0 entered promiscuous mode [ 69.385094][ T3300] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.387462][ T695] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 69.392551][ T3300] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.408059][ T3300] device bridge_slave_1 entered promiscuous mode [ 69.410837][ T695] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 69.424530][ T43] device bridge_slave_1 left promiscuous mode [ 69.426502][ T695] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 69.431644][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.455229][ T43] device bridge_slave_0 left promiscuous mode [ 69.465664][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.478020][ T43] device veth1_macvtap left promiscuous mode [ 69.485113][ T43] device veth0_vlan left promiscuous mode [ 69.547536][ T19] hid (null): bogus close delimiter [ 69.617331][ T695] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 69.629309][ T695] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 69.641206][ T695] usb 2-1: Product: syz [ 69.658473][ T695] usb 2-1: Manufacturer: syz [ 69.663175][ T695] usb 2-1: SerialNumber: syz [ 69.754605][ T3300] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.761492][ T3300] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.768573][ T3300] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.775352][ T3300] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.848797][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.867457][ T337] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.878564][ T337] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.902411][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.913690][ T316] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.920551][ T316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.941893][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.956879][ T316] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.963852][ T316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.997399][ T695] usb 2-1: 0:2 : does not exist [ 70.003847][ T695] usb 2-1: USB disconnect, device number 6 [ 70.040291][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 70.051679][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.059540][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.067802][ T19] usb 4-1: string descriptor 0 read error: -71 [ 70.077487][ T28] kauditd_printk_skb: 9 callbacks suppressed [ 70.077499][ T28] audit: type=1400 audit(1717503007.525:462): avc: denied { map } for pid=3317 comm="syz-executor.2" path="pipe:[27477]" dev="pipefs" ino=27477 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 70.079777][ T3300] device veth0_vlan entered promiscuous mode [ 70.107441][ T19] uclogic 0003:256C:006D.0005: failed retrieving string descriptor #200: -71 [ 70.121416][ T3300] device veth1_macvtap entered promiscuous mode [ 70.134266][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 70.136863][ T19] uclogic 0003:256C:006D.0005: failed retrieving pen parameters: -71 [ 70.146603][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 70.160311][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 70.161871][ T19] uclogic 0003:256C:006D.0005: failed probing pen v2 parameters: -71 [ 70.174832][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 70.181838][ T19] uclogic 0003:256C:006D.0005: failed probing parameters: -71 [ 70.199494][ T19] uclogic: probe of 0003:256C:006D.0005 failed with error -71 [ 70.208170][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 70.216234][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 70.216794][ T19] usb 4-1: USB disconnect, device number 4 [ 70.235579][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 70.251337][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 70.332469][ T28] audit: type=1400 audit(1717503007.775:463): avc: denied { remount } for pid=3326 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 70.898907][ T43] device bridge_slave_1 left promiscuous mode [ 70.904861][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.919976][ T43] device bridge_slave_0 left promiscuous mode [ 70.927140][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.939527][ T43] device veth1_macvtap left promiscuous mode [ 70.947394][ T43] device veth0_vlan left promiscuous mode [ 71.016723][ T3361] Bluetooth: hci0: sending frame failed (-49) [ 71.023062][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -49 [ 72.470119][ T3419] loop1: detected capacity change from 0 to 256 [ 72.508716][ T3429] loop1: detected capacity change from 0 to 128 [ 72.645995][ T3447] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 73.260281][ T28] audit: type=1326 audit(1717503010.705:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3474 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ce87cee9 code=0x7ffc0000 [ 73.284492][ T28] audit: type=1326 audit(1717503010.705:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3474 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ce87cee9 code=0x7ffc0000 [ 73.308809][ T28] audit: type=1326 audit(1717503010.705:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3474 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9ce87cee9 code=0x7ffc0000 [ 73.308839][ T28] audit: type=1326 audit(1717503010.705:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3474 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ce87cee9 code=0x7ffc0000 [ 73.308863][ T28] audit: type=1326 audit(1717503010.705:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3474 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9ce87cee9 code=0x7ffc0000 [ 73.316260][ T28] audit: type=1326 audit(1717503010.755:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3474 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ce87cee9 code=0x7ffc0000 [ 73.405009][ T28] audit: type=1326 audit(1717503010.755:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3474 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb9ce87a667 code=0x7ffc0000 [ 73.433683][ T28] audit: type=1326 audit(1717503010.775:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3474 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb9ce840359 code=0x7ffc0000 [ 73.487479][ T3361] Bluetooth: hci0: command 0x1003 tx timeout [ 73.493932][ T3362] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 73.590000][ T3485] SELinux: Context d is not valid (left unmapped). [ 73.622576][ T3493] device veth1_macvtap left promiscuous mode [ 73.624247][ T3494] loop3: detected capacity change from 0 to 256 [ 73.649820][ T3493] device veth1_macvtap entered promiscuous mode [ 73.658360][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 73.879510][ T3531] loop3: detected capacity change from 0 to 512 [ 73.889026][ T3531] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 73.897930][ T3531] ext4 filesystem being mounted at /root/syzkaller-testdir2428673175/syzkaller.d2KPvw/71/file0 supports timestamps until 2038 (0x7fffffff) [ 73.912157][ T3529] SELinux: Context system_u:object_r:systemd_notify_exec_t:s0 is not valid (left unmapped). [ 73.935279][ T2609] EXT4-fs (loop3): unmounting filesystem. [ 74.146344][ T3566] loop1: detected capacity change from 0 to 512 [ 74.307434][ T3568] loop2: detected capacity change from 0 to 2048 [ 74.361897][ T3566] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 74.393248][ T3566] ext4 filesystem being mounted at /root/syzkaller-testdir967162473/syzkaller.wdjTdW/32/file0 supports timestamps until 2038 (0x7fffffff) [ 74.454676][ T3568] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 74.466476][ T3568] ext4 filesystem being mounted at /root/syzkaller-testdir539504733/syzkaller.mmdPLj/69/file0 supports timestamps until 2038 (0x7fffffff) [ 74.501328][ T3166] EXT4-fs (loop1): unmounting filesystem. [ 74.518627][ T3568] fscrypt (loop2, inode 13): Error -61 getting encryption context [ 74.535419][ T2481] EXT4-fs (loop2): unmounting filesystem. [ 74.688951][ T3596] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 74.696444][ T3597] loop2: detected capacity change from 0 to 2048 [ 74.707738][ T3597] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 74.717407][ T3597] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 74.729187][ T3597] EXT4-fs (loop2): failed to initialize system zone (-117) [ 74.736443][ T3597] EXT4-fs (loop2): mount failed [ 74.767829][ T3599] netlink: 'syz-executor.4': attribute type 27 has an invalid length. [ 74.791412][ T3597] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 74.816959][ T3599] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.824111][ T3599] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.831891][ T337] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 74.924132][ T3601] loop2: detected capacity change from 0 to 2048 [ 74.949018][ T3603] loop4: detected capacity change from 0 to 512 [ 74.957504][ T3601] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 74.973608][ T3603] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 74.987376][ T3603] ext4 filesystem being mounted at /root/syzkaller-testdir3010772943/syzkaller.hi2oR0/19/file0 supports timestamps until 2038 (0x7fffffff) [ 75.028836][ T3300] EXT4-fs (loop4): unmounting filesystem. [ 75.043434][ T3612] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 75.066246][ T3612] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 75.103010][ T3612] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 75.118095][ T3612] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 75.227311][ T28] kauditd_printk_skb: 80 callbacks suppressed [ 75.227366][ T28] audit: type=1400 audit(1717503012.635:548): avc: denied { mount } for pid=3613 comm="syz-executor.4" name="/" dev="configfs" ino=5994 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 75.257012][ T3612] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 75.267619][ T337] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 75.309359][ T337] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 75.393436][ T337] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 75.402857][ T28] audit: type=1400 audit(1717503012.645:549): avc: denied { search } for pid=3613 comm="syz-executor.4" name="/" dev="configfs" ino=5994 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 75.430987][ T28] audit: type=1400 audit(1717503012.645:550): avc: denied { read } for pid=3613 comm="syz-executor.4" name="/" dev="configfs" ino=5994 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 75.438708][ T337] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 75.453299][ T28] audit: type=1400 audit(1717503012.645:551): avc: denied { open } for pid=3613 comm="syz-executor.4" path="/" dev="configfs" ino=5994 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 75.497414][ T3612] EXT4-fs error (device loop2): ext4_punch_hole:4142: inode #18: comm syz-executor.2: mark_inode_dirty error [ 75.517503][ T3601] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #18: block 112: comm syz-executor.2: lblock 0 mapped to illegal pblock 112 (length 1) [ 75.542621][ T3611] loop3: detected capacity change from 0 to 40427 [ 75.550312][ T3601] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #18: block 112: comm syz-executor.2: lblock 0 mapped to illegal pblock 112 (length 1) [ 75.557354][ T337] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 75.574395][ T337] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 75.580527][ T2481] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #2: block 16: comm syz-executor.2: lblock 0 mapped to illegal pblock 16 (length 1) [ 75.582803][ T337] usb 2-1: Manufacturer: syz [ 75.604509][ T3611] F2FS-fs (loop3): Found nat_bits in checkpoint [ 75.606070][ T337] usb 2-1: config 0 descriptor?? [ 75.615550][ T2481] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 75.625941][ T2481] EXT4-fs (loop2): unmounting filesystem. [ 75.665594][ T3611] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 75.691799][ T2609] syz-executor.3: attempt to access beyond end of device [ 75.691799][ T2609] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 75.965737][ T3628] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.972769][ T3628] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.984070][ T3628] device bridge_slave_0 entered promiscuous mode [ 76.009960][ T3628] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.016802][ T3628] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.031180][ T3628] device bridge_slave_1 entered promiscuous mode [ 76.098138][ T337] appleir 0003:05AC:8243.0006: unknown main item tag 0x0 [ 76.105230][ T3646] loop4: detected capacity change from 0 to 2048 [ 76.111280][ T3650] syz-executor.0[3650] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 76.111412][ T3650] syz-executor.0[3650] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 76.111930][ T337] appleir 0003:05AC:8243.0006: No inputs registered, leaving [ 76.153869][ T337] appleir 0003:05AC:8243.0006: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 76.157230][ T3650] syz-executor.0[3650] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 76.166312][ T3650] syz-executor.0[3650] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 76.167509][ T3646] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 76.212460][ T3646] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 76.227379][ T3646] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 76.235250][ T3628] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.246293][ T3628] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.253499][ T3628] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.260281][ T3628] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.260298][ T3646] EXT4-fs (loop4): This should not happen!! Data will be lost [ 76.260298][ T3646] [ 76.278411][ T3646] EXT4-fs (loop4): Total free blocks count 0 [ 76.284235][ T3646] EXT4-fs (loop4): Free/Dirty block details [ 76.290527][ T3646] EXT4-fs (loop4): free_blocks=2415919104 [ 76.296094][ T3646] EXT4-fs (loop4): dirty_blocks=16 [ 76.307120][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 76.318470][ T3646] EXT4-fs (loop4): Block reservation details [ 76.319036][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 76.332970][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 76.333154][ T3646] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 76.358517][ T469] device bridge_slave_1 left promiscuous mode [ 76.366388][ T469] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.374621][ T337] usb 2-1: USB disconnect, device number 7 [ 76.375014][ T3300] EXT4-fs (loop4): unmounting filesystem. [ 76.386739][ T469] device bridge_slave_0 left promiscuous mode [ 76.393474][ T469] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.398471][ T696] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 76.408983][ T469] device veth1_macvtap left promiscuous mode [ 76.414867][ T469] device veth0_vlan left promiscuous mode [ 76.511028][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 76.526851][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 76.541367][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 76.559092][ T3628] device veth0_vlan entered promiscuous mode [ 76.568037][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 76.575964][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 76.583154][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 76.593937][ T3628] device veth1_macvtap entered promiscuous mode [ 76.607197][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.634516][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 76.644093][ T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 76.722066][ T3683] loop2: detected capacity change from 0 to 16 [ 76.729408][ T3683] erofs: (device loop2): mounted with root inode @ nid 36. [ 76.739170][ T28] audit: type=1400 audit(1717503014.185:552): avc: denied { execute } for pid=3682 comm="syz-executor.2" name="file1" dev="loop2" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 76.764954][ T28] audit: type=1400 audit(1717503014.195:553): avc: denied { read } for pid=3682 comm="syz-executor.2" path="/root/syzkaller-testdir3640811390/syzkaller.M3DtkO/2/file0/file1" dev="loop2" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 76.792353][ T28] audit: type=1400 audit(1717503014.195:554): avc: denied { execute_no_trans } for pid=3682 comm="syz-executor.2" path="/root/syzkaller-testdir3640811390/syzkaller.M3DtkO/2/file0/file1" dev="loop2" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 76.847591][ T696] usb 4-1: unable to get BOS descriptor or descriptor too short [ 76.867715][ T3687] loop2: detected capacity change from 0 to 2048 [ 76.905446][ T3687] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 76.927353][ T696] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 76.939600][ T3687] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 76.955257][ T3693] loop1: detected capacity change from 0 to 2048 [ 76.962069][ T3687] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 76.962079][ T696] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 76.962099][ T696] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 76.974255][ T3687] EXT4-fs (loop2): This should not happen!! Data will be lost [ 76.974255][ T3687] [ 77.002439][ T3687] EXT4-fs (loop2): Total free blocks count 0 [ 77.008271][ T3687] EXT4-fs (loop2): Free/Dirty block details [ 77.013966][ T3687] EXT4-fs (loop2): free_blocks=2415919104 [ 77.019716][ T3687] EXT4-fs (loop2): dirty_blocks=16 [ 77.024692][ T3687] EXT4-fs (loop2): Block reservation details [ 77.030545][ T3687] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 77.031377][ T3693] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 77.054121][ T3693] ext4 filesystem being mounted at /root/syzkaller-testdir967162473/syzkaller.wdjTdW/35/file0 supports timestamps until 2038 (0x7fffffff) [ 77.070976][ T3628] EXT4-fs (loop2): unmounting filesystem. [ 77.093510][ T3693] fscrypt (loop1, inode 13): Error -61 getting encryption context [ 77.124751][ T3166] EXT4-fs (loop1): unmounting filesystem. [ 77.217371][ T696] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 77.230696][ T696] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.251583][ T696] usb 4-1: Product: syz [ 77.262653][ T696] usb 4-1: Manufacturer: syz [ 77.267471][ T696] usb 4-1: SerialNumber: syz [ 77.519504][ T3731] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 77.528777][ T3731] tipc: Started in network mode [ 77.533813][ T3731] tipc: Node identity 6, cluster identity 4711 [ 77.540025][ T3731] tipc: Node number set to 6 [ 77.587426][ T696] usb 4-1: 0:2 : does not exist [ 77.594213][ T696] usb 4-1: USB disconnect, device number 5 [ 77.627316][ T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 78.049057][ T3750] loop2: detected capacity change from 0 to 256 [ 78.058002][ T3750] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 78.077311][ T24] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 78.088192][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 78.100390][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 78.109955][ T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 78.122906][ T3753] loop2: detected capacity change from 0 to 2048 [ 78.137933][ T3753] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 78.151323][ T3753] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 78.165563][ T3753] EXT4-fs (loop2): failed to initialize system zone (-117) [ 78.173008][ T3753] EXT4-fs (loop2): mount failed [ 78.207409][ T24] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 78.216397][ T24] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 78.230471][ T24] usb 1-1: Manufacturer: syz [ 78.235753][ T3753] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 78.245201][ T24] usb 1-1: config 0 descriptor?? [ 78.354605][ T3775] device batadv_slave_0 entered promiscuous mode [ 78.364228][ T3774] device batadv_slave_0 left promiscuous mode [ 78.379332][ T28] audit: type=1326 audit(1717503015.825:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3780 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f38f3e7cee9 code=0x0 [ 78.441220][ T28] audit: type=1400 audit(1717503015.875:556): avc: denied { create } for pid=3784 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 78.517654][ T28] audit: type=1400 audit(1717503015.965:557): avc: denied { connect } for pid=3784 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 78.547593][ T3796] loop3: detected capacity change from 0 to 16 [ 78.554456][ T3796] erofs: (device loop3): mounted with root inode @ nid 36. [ 78.593372][ T3804] loop3: detected capacity change from 0 to 2048 [ 78.608882][ T3804] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 78.620926][ T3804] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 78.635723][ T3804] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 78.647798][ T3804] EXT4-fs (loop3): This should not happen!! Data will be lost [ 78.647798][ T3804] [ 78.647817][ T3804] EXT4-fs (loop3): Total free blocks count 0 [ 78.647830][ T3804] EXT4-fs (loop3): Free/Dirty block details [ 78.647847][ T3804] EXT4-fs (loop3): free_blocks=2415919104 [ 78.647860][ T3804] EXT4-fs (loop3): dirty_blocks=16 [ 78.647870][ T3804] EXT4-fs (loop3): Block reservation details [ 78.647880][ T3804] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 78.664338][ T2609] EXT4-fs (loop3): unmounting filesystem. [ 78.771432][ T24] appleir 0003:05AC:8243.0007: unknown main item tag 0x0 [ 78.778761][ T24] appleir 0003:05AC:8243.0007: No inputs registered, leaving [ 78.797339][ T24] appleir 0003:05AC:8243.0007: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 78.847295][ T695] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 79.103121][ T3829] loop2: detected capacity change from 0 to 16 [ 79.109972][ T3829] erofs: (device loop2): mounted with root inode @ nid 36. [ 79.117287][ T695] usb 5-1: Using ep0 maxpacket: 32 [ 79.123124][ T24] usb 1-1: USB disconnect, device number 2 [ 79.237336][ T695] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 79.248101][ T695] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 79.257797][ T695] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 79.270431][ T695] usb 5-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00 [ 79.279790][ T695] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.293433][ T695] usb 5-1: config 0 descriptor?? [ 79.710086][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 79.764372][ T3884] loop3: detected capacity change from 0 to 1024 [ 79.768422][ T695] microsoft 0003:045E:009D.0008: unknown main item tag 0x0 [ 79.778161][ T695] microsoft 0003:045E:009D.0008: hidraw0: USB HID v0.00 Device [HID 045e:009d] on usb-dummy_hcd.4-1/input0 [ 79.787594][ T3884] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6 [ 79.792950][ T695] microsoft 0003:045E:009D.0008: no inputs found [ 79.804251][ T695] microsoft 0003:045E:009D.0008: could not initialize ff, continuing anyway [ 80.047477][ T695] usb 5-1: USB disconnect, device number 3 [ 80.095785][ T3891] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 80.105143][ T3891] tipc: Started in network mode [ 80.109796][ T3891] tipc: Node identity 6, cluster identity 4711 [ 80.115771][ T3891] tipc: Node number set to 6 [ 80.275917][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 80.275934][ T28] audit: type=1326 audit(1717503017.715:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3892 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e307cee9 code=0x7ffc0000 [ 80.330404][ T28] audit: type=1326 audit(1717503017.715:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3892 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e307cee9 code=0x7ffc0000 [ 80.355294][ T28] audit: type=1326 audit(1717503017.715:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3892 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9e307cee9 code=0x7ffc0000 [ 80.379111][ T28] audit: type=1326 audit(1717503017.715:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3892 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e307cee9 code=0x7ffc0000 [ 80.402916][ T28] audit: type=1326 audit(1717503017.725:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3892 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9e307cee9 code=0x7ffc0000 [ 80.426515][ T28] audit: type=1326 audit(1717503017.725:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3892 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e307cee9 code=0x7ffc0000 [ 80.450153][ T28] audit: type=1326 audit(1717503017.725:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3892 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe9e307cee9 code=0x7ffc0000 [ 80.474200][ T28] audit: type=1326 audit(1717503017.725:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3892 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e307cee9 code=0x7ffc0000 [ 80.497880][ T28] audit: type=1326 audit(1717503017.725:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3892 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9e307cee9 code=0x7ffc0000 [ 80.534155][ T28] audit: type=1326 audit(1717503017.725:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3892 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e307cee9 code=0x7ffc0000 [ 80.907301][ T695] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 80.989129][ T3930] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 81.111765][ T3943] device pim6reg1 entered promiscuous mode [ 81.143965][ T3947] loop2: detected capacity change from 0 to 256 [ 81.150761][ T3947] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 81.161270][ T696] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 81.161942][ T3947] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 81.179765][ T3947] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 81.224512][ T3955] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 81.267365][ T695] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 81.278155][ T695] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.289084][ T695] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 81.298736][ T695] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 81.397388][ T695] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 81.407304][ T695] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 81.415247][ T695] usb 1-1: Manufacturer: syz [ 81.415347][ T3965] loop2: detected capacity change from 0 to 256 [ 81.425733][ T696] usb 4-1: Using ep0 maxpacket: 32 [ 81.427903][ T695] usb 1-1: config 0 descriptor?? [ 81.450687][ T3965] syz-executor.2: attempt to access beyond end of device [ 81.450687][ T3965] loop2: rw=2049, sector=256, nr_sectors = 12 limit=256 [ 81.587330][ T696] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.598227][ T696] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 81.607777][ T696] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 81.620405][ T696] usb 4-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00 [ 81.629216][ T696] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.637675][ T696] usb 4-1: config 0 descriptor?? [ 81.641817][ T3977] device pim6reg1 entered promiscuous mode [ 81.717392][ T3361] Bluetooth: hci0: command 0x1003 tx timeout [ 81.717470][ T3362] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 81.840612][ T3983] geneve1: tun_chr_ioctl cmd 1074025681 [ 82.062030][ T695] appleir 0003:05AC:8243.0009: unknown main item tag 0x0 [ 82.070549][ T695] appleir 0003:05AC:8243.0009: No inputs registered, leaving [ 82.079561][ T695] appleir 0003:05AC:8243.0009: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 82.148216][ T3987] loop2: detected capacity change from 0 to 128 [ 82.258054][ T696] microsoft 0003:045E:009D.000A: unknown main item tag 0x0 [ 82.286832][ T696] microsoft 0003:045E:009D.000A: hidraw1: USB HID v0.00 Device [HID 045e:009d] on usb-dummy_hcd.3-1/input0 [ 82.304265][ T696] microsoft 0003:045E:009D.000A: no inputs found [ 82.342328][ T696] microsoft 0003:045E:009D.000A: could not initialize ff, continuing anyway [ 82.343482][ T24] usb 1-1: USB disconnect, device number 3 [ 82.563086][ T316] usb 4-1: USB disconnect, device number 6 [ 82.607293][ T695] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 82.697808][ T4013] netem: change failed [ 82.989618][ T695] usb 3-1: Using ep0 maxpacket: 8 [ 83.167309][ T695] usb 3-1: unable to get BOS descriptor or descriptor too short [ 83.220879][ T4047] loop1: detected capacity change from 0 to 512 [ 83.235411][ T4047] EXT4-fs warning (device loop1): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 83.238137][ T4054] geneve1: tun_chr_ioctl cmd 1074025681 [ 83.245524][ T4047] EXT4-fs warning (device loop1): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 83.260859][ T695] usb 3-1: config 0 has no interfaces? [ 83.261047][ T4047] EXT4-fs (loop1): 1 truncate cleaned up [ 83.271641][ T4047] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 83.285343][ T4047] fscrypt (loop1, inode 2): Error -61 getting encryption context [ 83.300353][ T3166] EXT4-fs (loop1): unmounting filesystem. [ 83.367934][ T4072] netem: change failed [ 83.488330][ T4084] loop0: detected capacity change from 0 to 512 [ 83.496241][ T4084] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 83.506335][ T695] usb 3-1: string descriptor 0 read error: -22 [ 83.506339][ T4084] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 83.512371][ T695] usb 3-1: New USB device found, idVendor=046d, idProduct=c29b, bcdDevice= 0.40 [ 83.522649][ T4084] EXT4-fs (loop0): 1 truncate cleaned up [ 83.531633][ T695] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.537005][ T4084] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 83.545688][ T695] usb 3-1: config 0 descriptor?? [ 83.565362][ T4084] fscrypt (loop0, inode 2): Error -61 getting encryption context [ 83.589024][ T3192] EXT4-fs (loop0): unmounting filesystem. [ 83.617306][ T696] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 83.628961][ T4091] geneve1: tun_chr_ioctl cmd 1074025681 [ 83.708539][ T4103] syz-executor.0[4103] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 83.708599][ T4103] syz-executor.0[4103] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 83.728367][ T4103] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 83.875317][ T4112] loop0: detected capacity change from 0 to 512 [ 83.883401][ T4112] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 83.893507][ T4112] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 83.897264][ T696] usb 4-1: Using ep0 maxpacket: 32 [ 83.903800][ T4112] EXT4-fs (loop0): 1 truncate cleaned up [ 83.908460][ T509] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 83.921580][ T4112] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 83.934129][ T4112] fscrypt (loop0, inode 2): Error -61 getting encryption context [ 83.949591][ T3192] EXT4-fs (loop0): unmounting filesystem. [ 84.077298][ T696] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.092656][ T696] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.572937][ T696] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 84.585724][ T696] usb 4-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00 [ 84.594701][ T696] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.603210][ T696] usb 4-1: config 0 descriptor?? [ 84.627288][ T509] usb 2-1: Using ep0 maxpacket: 16 [ 84.777328][ T509] usb 2-1: config 0 has no interfaces? [ 84.782307][ T4134] overlayfs: './file0' not a directory [ 84.815541][ T4136] loop4: detected capacity change from 0 to 2048 [ 84.828614][ T4136] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 84.843030][ T4136] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 84.847822][ T4140] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 84.866607][ T3300] EXT4-fs (loop4): unmounting filesystem. [ 84.967333][ T509] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 84.976228][ T509] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.984061][ T509] usb 2-1: Product: syz [ 84.988019][ T509] usb 2-1: Manufacturer: syz [ 84.992485][ T509] usb 2-1: SerialNumber: syz [ 84.997422][ T509] r8152-cfgselector 2-1: config 0 descriptor?? [ 85.088148][ T696] microsoft 0003:045E:009D.000B: unknown main item tag 0x0 [ 85.095835][ T696] microsoft 0003:045E:009D.000B: hidraw0: USB HID v0.00 Device [HID 045e:009d] on usb-dummy_hcd.3-1/input0 [ 85.107370][ T696] microsoft 0003:045E:009D.000B: no inputs found [ 85.113639][ T696] microsoft 0003:045E:009D.000B: could not initialize ff, continuing anyway [ 85.166426][ T3801] usb 3-1: USB disconnect, device number 5 [ 85.221908][ T4164] loop2: detected capacity change from 0 to 256 [ 85.242532][ T4165] loop4: detected capacity change from 0 to 512 [ 85.265433][ T4165] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 85.283784][ T4164] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 85.342742][ T39] usb 4-1: USB disconnect, device number 7 [ 85.366495][ T4165] EXT4-fs error (device loop4): __ext4_fill_super:5386: inode #2: comm syz-executor.4: casefold flag without casefold feature [ 85.380519][ T4165] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a016e02c, mo2=0002] [ 85.388542][ T4165] System zones: 0-2, 18-18, 34-35 [ 85.395350][ T4165] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 85.725842][ T10] usb 2-1: config 0 descriptor?? [ 85.734223][ T509] usb 2-1: USB disconnect, device number 8 [ 85.999277][ T3300] EXT4-fs (loop4): unmounting filesystem. [ 86.027620][ T4174] device wg2 entered promiscuous mode [ 86.151886][ T4195] loop0: detected capacity change from 0 to 256 [ 86.160833][ T4195] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 86.242367][ T4197] loop2: detected capacity change from 0 to 512 [ 86.268405][ T4197] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 86.345680][ T4197] EXT4-fs error (device loop2): __ext4_fill_super:5386: inode #2: comm syz-executor.2: casefold flag without casefold feature [ 86.359357][ T4197] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a016e02c, mo2=0002] [ 86.367393][ T4197] System zones: 0-2, 18-18, 34-35 [ 86.374715][ T4197] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 86.787415][ T19] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 87.132906][ T3628] EXT4-fs (loop2): unmounting filesystem. [ 87.149513][ T4210] loop1: detected capacity change from 0 to 2048 [ 87.186495][ T4210] EXT4-fs: Ignoring removed mblk_io_submit option [ 87.197373][ T19] usb 5-1: Using ep0 maxpacket: 8 [ 87.208110][ T4210] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 87.208261][ T4218] Zero length message leads to an empty skb [ 87.269166][ T4230] syz-executor.2[4230] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.269236][ T4230] syz-executor.2[4230] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.311157][ T4235] loop3: detected capacity change from 0 to 2048 [ 87.330531][ T19] usb 5-1: config 135 has an invalid interface number: 230 but max is 0 [ 87.339245][ T19] usb 5-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 87.349687][ T19] usb 5-1: config 135 has no interface number 0 [ 87.361867][ T19] usb 5-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 87.412749][ T4235] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 87.433512][ T4235] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 87.493348][ T2609] EXT4-fs (loop3): unmounting filesystem. [ 87.499402][ T4210] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 234: padding at end of block bitmap is not set [ 87.515062][ T4210] EXT4-fs (loop1): Remounting filesystem read-only [ 87.567415][ T19] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 87.576482][ T19] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.584901][ T19] usb 5-1: Product: syz [ 87.588954][ T19] usb 5-1: Manufacturer: syz [ 87.593320][ T19] usb 5-1: SerialNumber: syz [ 87.612809][ T4262] loop3: detected capacity change from 0 to 2048 [ 87.629685][ T28] kauditd_printk_skb: 41 callbacks suppressed [ 87.629698][ T28] audit: type=1400 audit(1717503025.075:612): avc: denied { connect } for pid=4266 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 87.658888][ T19] usb 5-1: Found UVC 0.00 device syz (18ec:3288) [ 87.665050][ T19] usb 5-1: No valid video chain found. [ 87.673696][ T28] audit: type=1400 audit(1717503025.105:613): avc: denied { setopt } for pid=4266 comm="syz-executor.2" laddr=172.20.20.170 lport=7 faddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 87.699309][ T4262] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 87.710981][ T4262] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 87.725550][ T28] audit: type=1400 audit(1717503025.105:614): avc: denied { read } for pid=4266 comm="syz-executor.2" path="socket:[31624]" dev="sockfs" ino=31624 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 87.726838][ T3166] EXT4-fs (loop1): unmounting filesystem. [ 87.748958][ T4262] EXT4-fs (loop3): Remounting filesystem read-only [ 87.760695][ T28] audit: type=1400 audit(1717503025.155:615): avc: denied { map } for pid=4261 comm="syz-executor.3" path="/root/syzkaller-testdir2428673175/syzkaller.d2KPvw/118/file0/cpuacct.usage_sys" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 87.807038][ T28] audit: type=1400 audit(1717503025.245:616): avc: denied { ioctl } for pid=4274 comm="syz-executor.0" path="socket:[32507]" dev="sockfs" ino=32507 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 87.833767][ T28] audit: type=1400 audit(1717503025.245:617): avc: denied { getopt } for pid=4274 comm="syz-executor.0" lport=8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 87.854544][ T2609] EXT4-fs (loop3): unmounting filesystem. [ 87.861881][ T4277] netem: change failed [ 87.877875][ T19] usb 5-1: USB disconnect, device number 4 [ 88.078930][ T4305] bridge: RTM_NEWNEIGH with invalid ether address [ 88.527063][ T4345] device wg2 left promiscuous mode [ 88.543184][ T4345] device wg2 entered promiscuous mode [ 88.575384][ T4355] syz-executor.4[4355] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.575450][ T4355] syz-executor.4[4355] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.577327][ T3801] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 88.616207][ T4353] netem: change failed [ 88.721727][ T4376] device wg2 left promiscuous mode [ 88.731676][ T4376] device wg2 entered promiscuous mode [ 88.783560][ T4380] loop0: detected capacity change from 0 to 2048 [ 88.790349][ T4380] EXT4-fs: Ignoring removed mblk_io_submit option [ 88.835310][ T4380] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 88.876616][ T4384] syz-executor.1[4384] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.876702][ T4384] syz-executor.1[4384] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.897522][ T695] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 88.977434][ T3801] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 88.997317][ T3801] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 89.006898][ T3801] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 89.027292][ T3801] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.042846][ T4388] netem: change failed [ 89.048028][ T3801] usb 3-1: config 0 descriptor?? [ 89.167369][ T695] usb 5-1: Using ep0 maxpacket: 32 [ 89.168174][ T4398] loop1: detected capacity change from 0 to 128 [ 89.239004][ T4380] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 234: padding at end of block bitmap is not set [ 89.253750][ T4380] EXT4-fs (loop0): Remounting filesystem read-only [ 89.287370][ T695] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 89.301397][ T695] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 89.315642][ T695] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 89.337163][ T695] usb 5-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00 [ 89.347964][ T695] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.356832][ T695] usb 5-1: config 0 descriptor?? [ 89.432296][ T3192] EXT4-fs (loop0): unmounting filesystem. [ 89.450330][ T4403] device wg2 left promiscuous mode [ 89.461040][ T4403] device wg2 entered promiscuous mode [ 89.527941][ T3801] keytouch 0003:0926:3333.000C: fixing up Keytouch IEC report descriptor [ 89.545170][ T3801] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.000C/input/input13 [ 89.629598][ T3801] keytouch 0003:0926:3333.000C: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 89.734498][ T336] usb 3-1: USB disconnect, device number 6 [ 89.838059][ T695] microsoft 0003:045E:009D.000D: unknown main item tag 0x0 [ 89.845689][ T695] microsoft 0003:045E:009D.000D: hidraw0: USB HID v0.00 Device [HID 045e:009d] on usb-dummy_hcd.4-1/input0 [ 89.856940][ T695] microsoft 0003:045E:009D.000D: no inputs found [ 89.863499][ T695] microsoft 0003:045E:009D.000D: could not initialize ff, continuing anyway [ 89.927293][ T19] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 90.040451][ T336] usb 5-1: USB disconnect, device number 5 [ 90.092363][ T28] audit: type=1400 audit(1717503027.535:618): avc: denied { setattr } for pid=4433 comm="syz-executor.1" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1 [ 90.198606][ T4442] loop1: detected capacity change from 0 to 256 [ 90.297382][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 90.308293][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 90.317985][ T19] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 90.326794][ T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.335335][ T19] usb 4-1: config 0 descriptor?? [ 90.479013][ T4466] loop2: detected capacity change from 0 to 512 [ 90.485446][ T4466] EXT4-fs: Ignoring removed bh option [ 90.490981][ T4466] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 90.502407][ T4466] EXT4-fs error (device loop2): ext4_orphan_get:1422: comm syz-executor.2: bad orphan inode 17 [ 90.513571][ T4466] EXT4-fs (loop2): Remounting filesystem read-only [ 90.519968][ T4466] ext4_test_bit(bit=16, block=4) = 1 [ 90.525158][ T4466] is_bad_inode(inode)=0 [ 90.529298][ T4466] NEXT_ORPHAN(inode)=1048336 [ 90.533791][ T4466] max_ino=32 [ 90.536875][ T4466] i_nlink=0 [ 90.539927][ T4466] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 90.543687][ T4477] loop1: detected capacity change from 0 to 512 [ 90.560868][ T4479] mmap: syz-executor.4 (4479): VmData 167407616 exceed data ulimit 7. Update limits or use boot option ignore_rlimit_data. [ 90.574474][ T3628] EXT4-fs (loop2): unmounting filesystem. [ 90.588700][ T4477] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 90.600141][ T4477] ext4 filesystem being mounted at /root/syzkaller-testdir967162473/syzkaller.wdjTdW/109/bus supports timestamps until 2038 (0x7fffffff) [ 90.626064][ T3166] EXT4-fs (loop1): unmounting filesystem. [ 90.648467][ T4495] loop4: detected capacity change from 0 to 256 [ 90.657363][ T4495] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 90.671065][ T28] audit: type=1400 audit(1717503028.115:619): avc: denied { mounton } for pid=4494 comm="syz-executor.4" path="/root/syzkaller-testdir3010772943/syzkaller.hi2oR0/91/file0/file0" dev="loop4" ino=1048678 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 90.671551][ T4495] incfs: ino conflict with backing FS 1 [ 90.720024][ T4495] incfs: iterate_incfs_dir / -22 [ 90.767325][ T336] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 90.821984][ T4505] syz-executor.4[4505] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 90.822056][ T4505] syz-executor.4[4505] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 90.838304][ T19] hid (null): bogus close delimiter [ 90.865915][ T4489] loop2: detected capacity change from 0 to 40427 [ 90.872781][ T4489] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 90.880392][ T4489] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 90.907460][ T4489] F2FS-fs (loop2): Found nat_bits in checkpoint [ 90.924134][ T4499] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 90.957540][ T4489] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 90.964799][ T4489] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 91.137359][ T336] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 91.148236][ T336] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 91.157834][ T336] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 91.166615][ T336] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.175393][ T336] usb 1-1: config 0 descriptor?? [ 91.188629][ T4556] loop4: detected capacity change from 0 to 256 [ 91.197884][ T4556] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 91.214848][ T4556] incfs: ino conflict with backing FS 1 [ 91.221291][ T4556] incfs: iterate_incfs_dir / -22 [ 91.328496][ T28] audit: type=1400 audit(1717503028.775:620): avc: denied { create } for pid=4574 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 91.357330][ T19] usb 4-1: string descriptor 0 read error: -71 [ 91.378260][ T19] uclogic 0003:256C:006D.000E: failed retrieving string descriptor #200: -71 [ 91.386889][ T19] uclogic 0003:256C:006D.000E: failed retrieving pen parameters: -71 [ 91.394831][ T19] uclogic 0003:256C:006D.000E: failed probing pen v2 parameters: -71 [ 91.402814][ T19] uclogic 0003:256C:006D.000E: failed probing parameters: -71 [ 91.410107][ T19] uclogic: probe of 0003:256C:006D.000E failed with error -71 [ 91.418246][ T19] usb 4-1: USB disconnect, device number 8 [ 91.427877][ T4583] syz-executor.2[4583] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 91.427936][ T4583] syz-executor.2[4583] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 91.445532][ T4583] loop2: detected capacity change from 0 to 2048 [ 91.468745][ T4583] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 91.480061][ T4583] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 91.494732][ T4583] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 91.506936][ T4583] EXT4-fs (loop2): This should not happen!! Data will be lost [ 91.506936][ T4583] [ 91.516383][ T4583] EXT4-fs (loop2): Total free blocks count 0 [ 91.522244][ T4583] EXT4-fs (loop2): Free/Dirty block details [ 91.527893][ T4583] EXT4-fs (loop2): free_blocks=2415919104 [ 91.533543][ T4583] EXT4-fs (loop2): dirty_blocks=16 [ 91.538519][ T4583] EXT4-fs (loop2): Block reservation details [ 91.544306][ T4583] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 91.556016][ T3628] EXT4-fs (loop2): unmounting filesystem. [ 91.617339][ T696] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 91.678274][ T336] keytouch 0003:0926:3333.000F: fixing up Keytouch IEC report descriptor [ 91.688167][ T336] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.000F/input/input14 [ 91.779257][ T336] keytouch 0003:0926:3333.000F: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 91.867320][ T696] usb 5-1: Using ep0 maxpacket: 16 [ 91.881825][ T695] usb 1-1: USB disconnect, device number 4 [ 92.017360][ T696] usb 5-1: config 0 has no interfaces? [ 92.058514][ T4636] loop1: detected capacity change from 0 to 128 [ 92.094934][ T4638] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 92.187408][ T696] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 92.196362][ T696] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.217259][ T696] usb 5-1: Product: syz [ 92.221237][ T696] usb 5-1: Manufacturer: syz [ 92.225661][ T696] usb 5-1: SerialNumber: syz [ 92.237547][ T696] r8152-cfgselector 5-1: config 0 descriptor?? [ 92.378029][ T4679] loop1: detected capacity change from 0 to 128 [ 92.450915][ T4690] syz-executor.0[4690] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 92.450979][ T4690] syz-executor.0[4690] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 92.472960][ T4687] loop3: detected capacity change from 0 to 2048 [ 92.476456][ T4690] loop0: detected capacity change from 0 to 2048 [ 92.484986][ T4687] EXT4-fs: Ignoring removed mblk_io_submit option [ 92.507486][ T696] r8152-cfgselector 5-1: Unknown version 0x0000 [ 92.510038][ T4690] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 92.515512][ T4687] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 92.707554][ T4690] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 92.709481][ T695] r8152-cfgselector 5-1: USB disconnect, device number 6 [ 92.722476][ T4690] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 92.741341][ T4690] EXT4-fs (loop0): This should not happen!! Data will be lost [ 92.741341][ T4690] [ 92.756946][ T4690] EXT4-fs (loop0): Total free blocks count 0 [ 92.765349][ T4690] EXT4-fs (loop0): Free/Dirty block details [ 92.776231][ T4690] EXT4-fs (loop0): free_blocks=2415919104 [ 92.782155][ T4690] EXT4-fs (loop0): dirty_blocks=16 [ 92.788003][ T4690] EXT4-fs (loop0): Block reservation details [ 92.794011][ T4690] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 92.816226][ T3192] EXT4-fs (loop0): unmounting filesystem. [ 92.840820][ T4705] loop2: detected capacity change from 0 to 256 [ 92.854866][ T4705] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 92.875218][ T4705] incfs: ino conflict with backing FS 1 [ 92.881514][ T4705] incfs: iterate_incfs_dir / -22 [ 92.919433][ T4710] device batadv_slave_1 entered promiscuous mode [ 92.930995][ T4709] device batadv_slave_1 left promiscuous mode [ 92.952229][ T4687] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 234: padding at end of block bitmap is not set [ 92.970748][ T4687] EXT4-fs (loop3): Remounting filesystem read-only [ 92.977329][ T696] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 93.107933][ T4722] incfs: Options parsing error. -22 [ 93.112983][ T4722] incfs: mount failed -22 [ 93.136533][ T2609] EXT4-fs (loop3): unmounting filesystem. [ 93.162790][ T4732] loop0: detected capacity change from 0 to 256 [ 93.178905][ T4732] FAT-fs (loop0): Directory bread(block 1285) failed [ 93.189520][ T28] audit: type=1400 audit(1717503030.635:621): avc: denied { bind } for pid=4737 comm="syz-executor.2" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 93.210474][ T28] audit: type=1400 audit(1717503030.635:622): avc: denied { node_bind } for pid=4737 comm="syz-executor.2" saddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 93.237902][ T696] usb 2-1: Using ep0 maxpacket: 8 [ 93.308880][ T4755] /dev/loop0: Can't open blockdev [ 93.321483][ T28] audit: type=1400 audit(1717503030.765:623): avc: denied { getopt } for pid=4756 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 93.326238][ T4759] loop4: detected capacity change from 0 to 256 [ 93.347831][ T4759] exfat: Deprecated parameter 'utf8' [ 93.563468][ T4759] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xc61f63e4, utbl_chksum : 0xe619d30d) [ 93.657383][ T696] usb 2-1: unable to get BOS descriptor or descriptor too short [ 93.757574][ T696] usb 2-1: config 0 has no interfaces? [ 93.877715][ T39] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 93.907518][ T336] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 93.927636][ T4800] incfs: Options parsing error. -22 [ 93.932722][ T4800] incfs: mount failed -22 [ 94.037463][ T696] usb 2-1: string descriptor 0 read error: -22 [ 94.043612][ T696] usb 2-1: New USB device found, idVendor=046d, idProduct=c29b, bcdDevice= 0.40 [ 94.052470][ T696] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.061526][ T696] usb 2-1: config 0 descriptor?? [ 94.167327][ T336] usb 5-1: Using ep0 maxpacket: 16 [ 94.227752][ T4826] netem: change failed [ 94.257358][ T39] usb 1-1: config index 0 descriptor too short (expected 26989, got 96) [ 94.265817][ T39] usb 1-1: config 101 has too many interfaces: 120, using maximum allowed: 32 [ 94.274695][ T39] usb 1-1: config 101 has an invalid descriptor of length 111, skipping remainder of the config [ 94.284975][ T39] usb 1-1: config 101 has 0 interfaces, different from the descriptor's value: 120 [ 94.307434][ T336] usb 5-1: config 0 has no interfaces? [ 94.408702][ T4836] loop3: detected capacity change from 0 to 512 [ 94.415871][ T39] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 94.425056][ T39] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 94.433178][ T39] usb 1-1: Product: syz [ 94.438984][ T39] usb 1-1: Manufacturer: syz [ 94.468196][ T4836] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 94.505810][ T4836] EXT4-fs error (device loop3): __ext4_fill_super:5386: inode #2: comm syz-executor.3: casefold flag without casefold feature [ 94.519600][ T4836] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a016e02c, mo2=0002] [ 94.527579][ T4836] System zones: 0-2, 18-18, 34-35 [ 94.534824][ T4836] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 94.798321][ T336] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 94.807311][ T336] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.815209][ T336] usb 5-1: Product: syz [ 94.819227][ T336] usb 5-1: Manufacturer: syz [ 94.823753][ T336] usb 5-1: SerialNumber: syz [ 95.184072][ T336] r8152-cfgselector 5-1: config 0 descriptor?? [ 95.190590][ T2609] EXT4-fs (loop3): unmounting filesystem. [ 95.204257][ T4848] loop3: detected capacity change from 0 to 256 [ 95.215045][ T4848] FAT-fs (loop3): Directory bread(block 64) failed [ 95.221461][ T4848] FAT-fs (loop3): Directory bread(block 65) failed [ 95.228219][ T4848] FAT-fs (loop3): Directory bread(block 66) failed [ 95.234595][ T4848] FAT-fs (loop3): Directory bread(block 67) failed [ 95.240949][ T4848] FAT-fs (loop3): Directory bread(block 68) failed [ 95.247281][ T4848] FAT-fs (loop3): Directory bread(block 69) failed [ 95.253573][ T4848] FAT-fs (loop3): Directory bread(block 70) failed [ 95.259921][ T4848] FAT-fs (loop3): Directory bread(block 71) failed [ 95.266281][ T4848] FAT-fs (loop3): Directory bread(block 72) failed [ 95.272664][ T4848] FAT-fs (loop3): Directory bread(block 73) failed [ 95.286082][ T28] audit: type=1400 audit(1717503032.725:624): avc: denied { watch } for pid=4847 comm="syz-executor.3" path="/root/syzkaller-testdir2428673175/syzkaller.d2KPvw/196/file1" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1 [ 95.287597][ T4854] netem: change failed [ 95.379245][ T4867] loop3: detected capacity change from 0 to 16 [ 95.386098][ T4867] erofs: (device loop3): mounted with root inode @ nid 36. [ 95.394447][ T4867] syz-executor.3: attempt to access beyond end of device [ 95.394447][ T4867] loop3: rw=0, sector=296, nr_sectors = 16 limit=16 [ 95.405660][ T28] audit: type=1400 audit(1717503032.835:625): avc: denied { watch watch_reads } for pid=4866 comm="syz-executor.3" path="/root/syzkaller-testdir2428673175/syzkaller.d2KPvw/200/file1" dev="loop3" ino=36 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 95.411716][ T4867] erofs: (device loop3): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 95.445469][ T696] usb 2-1: USB disconnect, device number 9 [ 95.468896][ T4871] loop1: detected capacity change from 0 to 256 [ 95.470612][ T28] audit: type=1400 audit(1717503032.915:626): avc: denied { setopt } for pid=4872 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 95.476734][ T4871] exfat: Deprecated parameter 'utf8' [ 95.510338][ T28] audit: type=1400 audit(1717503032.955:627): avc: denied { rename } for pid=4876 comm="syz-executor.3" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="incremental-fs" ino=1969 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 95.514384][ T4871] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xc61f63e4, utbl_chksum : 0xe619d30d) [ 95.586438][ T4880] xt_bpf: check failed: parse error [ 95.671577][ T336] usb 5-1: USB disconnect, device number 7 [ 95.698367][ T28] audit: type=1400 audit(1717503033.145:628): avc: denied { getopt } for pid=4897 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 95.719421][ T39] usb 1-1: USB disconnect, device number 5 [ 95.760103][ T28] audit: type=1400 audit(1717503033.205:629): avc: denied { connect } for pid=4905 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 95.782143][ T4904] incfs: ino conflict with backing FS 1 [ 95.790738][ T4904] incfs: ino conflict with backing FS 4 [ 95.890643][ T4927] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 96.019161][ T4952] loop1: detected capacity change from 0 to 16 [ 96.025758][ T4952] erofs: (device loop1): mounted with root inode @ nid 36. [ 96.034784][ T4952] syz-executor.1: attempt to access beyond end of device [ 96.034784][ T4952] loop1: rw=0, sector=296, nr_sectors = 16 limit=16 [ 96.053269][ T4952] erofs: (device loop1): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 96.161901][ T28] audit: type=1326 audit(1717503033.605:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4973 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e307cee9 code=0x7ff00000 [ 96.315693][ T4983] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 96.483234][ T4994] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.490487][ T4994] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.505649][ T4994] device bridge_slave_0 entered promiscuous mode [ 96.520117][ T4994] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.546507][ T4994] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.558635][ T4994] device bridge_slave_1 entered promiscuous mode [ 96.704710][ T4994] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.711585][ T4994] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.718689][ T4994] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.725453][ T4994] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.758684][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 96.772906][ T336] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.782593][ T336] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.809355][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 96.817681][ T336] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.824552][ T336] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.832940][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 96.841184][ T336] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.848167][ T336] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.855544][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 96.877330][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 96.895154][ T4994] device veth0_vlan entered promiscuous mode [ 96.906200][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 96.919869][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 96.929285][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 96.936729][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 96.953135][ T4994] device veth1_macvtap entered promiscuous mode [ 96.961088][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 96.973432][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 96.982766][ T43] device bridge_slave_1 left promiscuous mode [ 96.990664][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.003238][ T43] device bridge_slave_0 left promiscuous mode [ 97.010833][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.020665][ T43] device veth1_macvtap left promiscuous mode [ 97.027012][ T43] device veth0_vlan left promiscuous mode [ 97.234105][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 97.317300][ T336] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 97.707417][ T336] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 97.887329][ T336] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 97.899459][ T336] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 97.918067][ T336] usb 5-1: Product: syz [ 97.926539][ T336] usb 5-1: Manufacturer: syz [ 97.935340][ T336] usb 5-1: SerialNumber: syz [ 97.942388][ T5032] loop0: detected capacity change from 0 to 131072 [ 97.952350][ T5032] F2FS-fs (loop0): invalid crc value [ 97.957538][ T3362] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 97.978967][ T5032] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 98.055656][ T5032] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 98.239311][ T5101] loop2: detected capacity change from 0 to 128 [ 98.248230][ T5101] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 98.256689][ T5101] ext4 filesystem being mounted at /root/syzkaller-testdir3640811390/syzkaller.M3DtkO/152/mnt supports timestamps until 2038 (0x7fffffff) [ 98.282392][ T3628] EXT4-fs (loop2): unmounting filesystem. [ 98.323277][ T5108] syz-executor.0[5108] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 98.323338][ T5108] syz-executor.0[5108] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 98.402850][ T5114] loop1: detected capacity change from 0 to 1024 [ 98.422939][ T5114] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 98.441023][ T4994] EXT4-fs (loop1): unmounting filesystem. [ 98.557319][ T695] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 98.561875][ T5117] loop1: detected capacity change from 0 to 40427 [ 98.571936][ T5117] F2FS-fs (loop1): Mismatch start address, segment0(0) cp_blkaddr(512) [ 98.580141][ T5117] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 98.588935][ T5117] F2FS-fs (loop1): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root [ 98.598278][ T5117] F2FS-fs (loop1): Found nat_bits in checkpoint [ 98.630610][ T5117] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 98.637610][ T5117] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 98.652019][ T5117] syz-executor.1: attempt to access beyond end of device [ 98.652019][ T5117] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 98.797293][ T695] usb 3-1: Using ep0 maxpacket: 32 [ 98.917363][ T695] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 98.930473][ T5143] input: syz1 as /devices/virtual/input/input15 [ 98.940709][ T695] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 99.067327][ T336] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 99.067724][ T695] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 99.073638][ T336] cdc_ncm 5-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 99.082658][ T695] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 99.089800][ T336] cdc_ncm 5-1:1.0: setting rx_max = 2048 [ 99.097936][ T695] usb 3-1: Product: syz [ 99.107495][ T695] usb 3-1: Manufacturer: syz [ 99.119155][ T5161] loop3: detected capacity change from 0 to 128 [ 99.127363][ T5161] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 99.132162][ T5166] syz-executor.0[5166] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 99.135715][ T5166] syz-executor.0[5166] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 99.135724][ T5161] ext4 filesystem being mounted at /root/syzkaller-testdir2428673175/syzkaller.d2KPvw/218/mnt supports timestamps until 2038 (0x7fffffff) [ 99.147693][ T695] hub 3-1:4.0: USB hub found [ 99.179674][ T2609] EXT4-fs (loop3): unmounting filesystem. [ 99.238744][ T5172] input: syz1 as /devices/virtual/input/input16 [ 99.267299][ T39] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 99.273963][ T5177] loop3: detected capacity change from 0 to 16 [ 99.281305][ T5177] erofs: (device loop3): erofs_read_inode: unsupported chunk format 7fff of nid 36 [ 99.290533][ T336] cdc_ncm 5-1:1.0: setting tx_max = 184 [ 99.298624][ T336] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 99.311095][ T336] usb 5-1: USB disconnect, device number 8 [ 99.317036][ T336] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP) [ 99.349501][ T5106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 99.357810][ T5106] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 99.366109][ T5177] fuse: Unknown parameter '0x0000000000000004' [ 99.417299][ T695] hub 3-1:4.0: config failed, hub has too many ports! (err -19) [ 99.627301][ T39] usb 2-1: config 0 has an invalid interface number: 54 but max is 1 [ 99.638521][ T39] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 99.650010][ T39] usb 2-1: config 0 has no interface number 1 [ 99.656020][ T39] usb 2-1: config 0 interface 54 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 99.666010][ T5186] loop3: detected capacity change from 0 to 1024 [ 99.669646][ T39] usb 2-1: config 0 interface 0 has no altsetting 0 [ 99.688277][ T5186] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities [ 99.724625][ T5194] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=63767 sclass=netlink_route_socket pid=5194 comm=syz-executor.0 [ 99.758647][ T5198] input: syz1 as /devices/virtual/input/input17 [ 99.794839][ T5206] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5206 comm=syz-executor.0 [ 99.797636][ T695] usb 3-1: USB disconnect, device number 7 [ 99.825615][ T5208] loop4: detected capacity change from 0 to 256 [ 99.836608][ T5208] FAT-fs (loop4): Directory bread(block 64) failed [ 99.847346][ T39] usb 2-1: New USB device found, idVendor=0582, idProduct=000c, bcdDevice=c7.66 [ 99.856184][ T39] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.865645][ T39] usb 2-1: Product: syz [ 99.869685][ T5208] FAT-fs (loop4): Directory bread(block 65) failed [ 99.875975][ T39] usb 2-1: Manufacturer: syz [ 99.880424][ T39] usb 2-1: SerialNumber: syz [ 99.885450][ T39] usb 2-1: config 0 descriptor?? [ 99.890424][ T5208] FAT-fs (loop4): Directory bread(block 66) failed [ 99.898621][ T5210] loop0: detected capacity change from 0 to 256 [ 99.905098][ T5210] exfat: Deprecated parameter 'namecase' [ 99.910665][ T5208] FAT-fs (loop4): Directory bread(block 67) failed [ 99.917021][ T5208] FAT-fs (loop4): Directory bread(block 68) failed [ 99.925908][ T5210] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 99.937922][ T5208] FAT-fs (loop4): Directory bread(block 69) failed [ 99.944299][ T5208] FAT-fs (loop4): Directory bread(block 70) failed [ 99.950729][ T5208] FAT-fs (loop4): Directory bread(block 71) failed [ 99.957137][ T5208] FAT-fs (loop4): Directory bread(block 72) failed [ 99.964158][ T39] usb 2-1: selecting invalid altsetting 0 [ 99.970040][ T28] kauditd_printk_skb: 1303 callbacks suppressed [ 99.970052][ T28] audit: type=1400 audit(1717503037.415:1934): avc: denied { append } for pid=5209 comm="syz-executor.0" path="/root/syzkaller-testdir3092298865/syzkaller.aqWwBe/158/file2/cpu.stat" dev="loop0" ino=1048714 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 100.002102][ T5202] loop3: detected capacity change from 0 to 40427 [ 100.006138][ T5208] FAT-fs (loop4): Directory bread(block 73) failed [ 100.011573][ T28] audit: type=1400 audit(1717503037.415:1935): avc: denied { map } for pid=5209 comm="syz-executor.0" path="/root/syzkaller-testdir3092298865/syzkaller.aqWwBe/158/file2/cpu.stat" dev="loop0" ino=1048714 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 100.047449][ T5202] F2FS-fs (loop3): Mismatch start address, segment0(0) cp_blkaddr(512) [ 100.055502][ T5202] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 100.065711][ T5202] F2FS-fs (loop3): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root [ 100.078891][ T5202] F2FS-fs (loop3): Found nat_bits in checkpoint [ 100.102259][ T5219] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=63767 sclass=netlink_route_socket pid=5219 comm=syz-executor.0 [ 100.127683][ T5202] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 100.134528][ T5202] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 100.159624][ T5202] syz-executor.3: attempt to access beyond end of device [ 100.159624][ T5202] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 100.177018][ T5229] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64812 sclass=netlink_route_socket pid=5229 comm=syz-executor.0 [ 100.185074][ T39] usb 2-1: USB disconnect, device number 10 [ 100.207638][ T5229] loop0: detected capacity change from 0 to 1024 [ 100.227345][ T5229] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities [ 100.236788][ T5233] syz-executor.2[5233] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.236856][ T5233] syz-executor.2[5233] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.335643][ T5241] syz-executor.0[5241] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.347397][ T5241] syz-executor.0[5241] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.348051][ T5239] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'. [ 100.409940][ T5243] loop3: detected capacity change from 0 to 256 [ 100.436107][ T5243] FAT-fs (loop3): Directory bread(block 64) failed [ 100.448505][ T5243] FAT-fs (loop3): Directory bread(block 65) failed [ 100.455345][ T5243] FAT-fs (loop3): Directory bread(block 66) failed [ 100.462976][ T5243] FAT-fs (loop3): Directory bread(block 67) failed [ 100.469921][ T5243] FAT-fs (loop3): Directory bread(block 68) failed [ 100.476377][ T5243] FAT-fs (loop3): Directory bread(block 69) failed [ 100.482839][ T5243] FAT-fs (loop3): Directory bread(block 70) failed [ 100.489414][ T5243] FAT-fs (loop3): Directory bread(block 71) failed [ 100.507364][ T5243] FAT-fs (loop3): Directory bread(block 72) failed [ 100.517117][ T5243] FAT-fs (loop3): Directory bread(block 73) failed [ 100.657000][ T5260] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64812 sclass=netlink_route_socket pid=5260 comm=syz-executor.3 [ 100.677254][ T5260] loop3: detected capacity change from 0 to 1024 [ 100.747945][ T5262] loop0: detected capacity change from 0 to 512 [ 100.757210][ T5262] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 100.770504][ T5260] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities [ 100.872277][ T5262] EXT4-fs error (device loop0): __ext4_fill_super:5386: inode #2: comm syz-executor.0: casefold flag without casefold feature [ 100.885752][ T5262] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a016e02c, mo2=0002] [ 100.893830][ T5262] System zones: 0-2, 18-18, 34-35 [ 100.900830][ T5262] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 101.092357][ T5267] loop2: detected capacity change from 0 to 512 [ 101.125960][ T5269] loop1: detected capacity change from 0 to 16 [ 101.142394][ T5269] erofs: (device loop1): erofs_read_inode: unsupported chunk format 7fff of nid 36 [ 101.157746][ T5267] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 101.166907][ T5267] ext4 filesystem being mounted at /root/syzkaller-testdir3640811390/syzkaller.M3DtkO/156/file0 supports timestamps until 2038 (0x7fffffff) [ 101.513159][ T3192] EXT4-fs (loop0): unmounting filesystem. [ 101.522717][ T5269] fuse: Unknown parameter '0x0000000000000004' [ 101.539873][ T5275] input: syz1 as /devices/virtual/input/input18 [ 101.557147][ T3628] EXT4-fs (loop2): unmounting filesystem. [ 101.565322][ T5278] loop0: detected capacity change from 0 to 256 [ 101.612238][ T5278] FAT-fs (loop0): Directory bread(block 64) failed [ 101.623049][ T5278] FAT-fs (loop0): Directory bread(block 65) failed [ 101.635127][ T5278] FAT-fs (loop0): Directory bread(block 66) failed [ 101.664787][ T5278] FAT-fs (loop0): Directory bread(block 67) failed [ 101.672012][ T5278] FAT-fs (loop0): Directory bread(block 68) failed [ 101.680452][ T5286] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5286 comm=syz-executor.2 [ 101.693733][ T5278] FAT-fs (loop0): Directory bread(block 69) failed [ 101.700377][ T28] audit: type=1400 audit(1717503039.145:1936): avc: denied { read } for pid=5285 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 101.720854][ T5278] FAT-fs (loop0): Directory bread(block 70) failed [ 101.817389][ T5278] FAT-fs (loop0): Directory bread(block 71) failed [ 101.839271][ T5278] FAT-fs (loop0): Directory bread(block 72) failed [ 102.020782][ T5278] FAT-fs (loop0): Directory bread(block 73) failed [ 102.047954][ T5295] +: renamed from syzkaller0 [ 102.100112][ T5301] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64812 sclass=netlink_route_socket pid=5301 comm=syz-executor.2 [ 102.186723][ T5303] loop0: detected capacity change from 0 to 512 [ 102.238499][ T5303] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 102.260663][ T5301] loop2: detected capacity change from 0 to 1024 [ 102.313615][ T5303] EXT4-fs error (device loop0): __ext4_fill_super:5386: inode #2: comm syz-executor.0: casefold flag without casefold feature [ 102.327244][ T5303] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a016e02c, mo2=0002] [ 102.335293][ T5303] System zones: 0-2, 18-18, 34-35 [ 102.343690][ T5303] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 102.539326][ T5301] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 102.568134][ T5307] loop3: detected capacity change from 0 to 512 [ 102.959776][ T5307] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 102.983461][ T3192] EXT4-fs (loop0): unmounting filesystem. [ 103.004466][ T5307] ext4 filesystem being mounted at /root/syzkaller-testdir2428673175/syzkaller.d2KPvw/238/file0 supports timestamps until 2038 (0x7fffffff) [ 103.072447][ T2609] EXT4-fs (loop3): unmounting filesystem. [ 103.104461][ T5329] overlayfs: invalid redirect ((null)) [ 103.238655][ T5349] loop1: detected capacity change from 0 to 256 [ 103.336490][ T5354] loop4: detected capacity change from 0 to 512 [ 103.350164][ T5354] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 103.482475][ T5354] EXT4-fs error (device loop4): __ext4_fill_super:5386: inode #2: comm syz-executor.4: casefold flag without casefold feature [ 103.496085][ T5354] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a016e02c, mo2=0002] [ 103.504102][ T5354] System zones: 0-2, 18-18, 34-35 [ 103.511380][ T5354] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 104.129087][ T3300] EXT4-fs (loop4): unmounting filesystem. [ 104.202497][ T5351] loop1: detected capacity change from 0 to 40427 [ 104.215882][ T5351] F2FS-fs (loop1): invalid crc value [ 104.234012][ C1] IPv4: Oversized IP packet from 172.20.20.10 [ 104.240988][ T5351] F2FS-fs (loop1): Found nat_bits in checkpoint [ 104.317337][ T5351] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 104.365262][ T5382] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 104.457308][ T696] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 104.627288][ T336] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 104.857375][ T696] usb 5-1: config 0 has an invalid interface number: 54 but max is 1 [ 104.865537][ T696] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 104.875731][ T696] usb 5-1: config 0 has no interface number 1 [ 104.881937][ T696] usb 5-1: config 0 interface 54 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 104.891834][ T696] usb 5-1: config 0 interface 0 has no altsetting 0 [ 104.987427][ T336] usb 2-1: config 36 has an invalid descriptor of length 0, skipping remainder of the config [ 104.998244][ T336] usb 2-1: config 36 has 0 interfaces, different from the descriptor's value: 1 [ 105.087339][ T696] usb 5-1: New USB device found, idVendor=0582, idProduct=000c, bcdDevice=c7.66 [ 105.096444][ T696] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 105.104434][ T696] usb 5-1: Product: syz [ 105.108713][ T696] usb 5-1: Manufacturer: syz [ 105.113276][ T696] usb 5-1: SerialNumber: syz [ 105.125822][ T696] usb 5-1: config 0 descriptor?? [ 105.130878][ T336] usb 2-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29 [ 105.140120][ T336] usb 2-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16 [ 105.153001][ T336] usb 2-1: Manufacturer: syz [ 105.157947][ T336] usb 2-1: SerialNumber: syz [ 105.178371][ T5413] syz-executor.3 uses obsolete (PF_INET,SOCK_PACKET) [ 105.198276][ T696] usb 5-1: selecting invalid altsetting 0 [ 105.402005][ T696] usb 5-1: USB disconnect, device number 9 [ 105.511378][ T5437] device syzkaller0 entered promiscuous mode [ 105.589200][ T336] usb 2-1: USB disconnect, device number 11 [ 105.610373][ T5445] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.617300][ T5445] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.619953][ T5452] tmpfs: Unknown parameter 'n' [ 105.624745][ T5445] device bridge_slave_0 entered promiscuous mode [ 105.638539][ T5445] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.648404][ T5445] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.655719][ T5445] device bridge_slave_1 entered promiscuous mode [ 105.701108][ T5464] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 105.723362][ T5467] loop0: detected capacity change from 0 to 512 [ 105.735010][ T5445] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.741969][ T5445] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.749035][ T5445] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.755854][ T5445] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.765039][ T5467] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 105.774004][ T5467] ext4 filesystem being mounted at /root/syzkaller-testdir3092298865/syzkaller.aqWwBe/186/file1 supports timestamps until 2038 (0x7fffffff) [ 105.794964][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 105.796506][ T3192] EXT4-fs (loop0): unmounting filesystem. [ 105.808249][ T696] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.815276][ T696] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.831074][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 105.840048][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.846882][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.854107][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 105.862025][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.868849][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.875966][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 105.887363][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 105.900522][ T695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 105.912126][ T5445] device veth0_vlan entered promiscuous mode [ 105.921864][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 105.929973][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 105.937310][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 105.951146][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 105.960295][ T5445] device veth1_macvtap entered promiscuous mode [ 105.970280][ T696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 105.980173][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 106.018833][ T5484] tmpfs: Unknown parameter 'n' [ 106.118180][ T10] device bridge_slave_1 left promiscuous mode [ 106.124174][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.131290][ T696] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 106.139143][ T10] device bridge_slave_0 left promiscuous mode [ 106.145252][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.153178][ T10] device veth1_macvtap left promiscuous mode [ 106.159182][ T10] device veth0_vlan left promiscuous mode [ 106.287267][ T336] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 106.327684][ T19] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 106.557364][ T696] usb 1-1: unable to get BOS descriptor or descriptor too short [ 106.597381][ T696] usb 1-1: not running at top speed; connect to a high speed hub [ 106.667376][ T336] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.678134][ T336] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.687695][ T696] usb 1-1: config 0 has no interfaces? [ 106.692930][ T336] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 106.701769][ T336] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.709625][ T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.720520][ T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.730239][ T336] usb 3-1: config 0 descriptor?? [ 106.735055][ T19] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 106.743849][ T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.752299][ T19] usb 5-1: config 0 descriptor?? [ 106.847309][ T696] usb 1-1: New USB device found, idVendor=0b05, idProduct=1866, bcdDevice= 0.40 [ 106.856198][ T696] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.864019][ T696] usb 1-1: Product: syz [ 106.867970][ T696] usb 1-1: Manufacturer: syz [ 106.872370][ T696] usb 1-1: SerialNumber: syz [ 106.877615][ T696] usb 1-1: config 0 descriptor?? [ 107.016682][ T5512] tmpfs: Unknown parameter 'n' [ 107.118359][ T222] usb 1-1: USB disconnect, device number 6 [ 107.207490][ T336] hid (null): bogus close delimiter [ 107.228919][ T19] sony 0003:054C:0268.0011: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.4-1/input0 [ 107.240583][ T19] sony 0003:054C:0268.0011: failed to claim input [ 107.372840][ T5532] loop3: detected capacity change from 0 to 1024 [ 107.379272][ T5532] EXT4-fs: Ignoring removed orlov option [ 107.384724][ T5532] EXT4-fs: Ignoring removed nomblk_io_submit option [ 107.398737][ T5532] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 107.409819][ T28] audit: type=1400 audit(1717503044.855:1937): avc: denied { map } for pid=5531 comm="syz-executor.3" path="/root/syzkaller-testdir2428673175/syzkaller.d2KPvw/265/file1/file0/bus" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 107.442808][ T695] usb 5-1: USB disconnect, device number 10 [ 107.447332][ T336] usb 3-1: language id specifier not provided by device, defaulting to English [ 107.460457][ T5532] EXT4-fs error (device loop3): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.3: corrupt xattr in inline inode [ 107.474022][ T5532] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.3: corrupted in-inode xattr [ 107.491763][ T28] audit: type=1400 audit(1717503044.935:1938): avc: denied { unlink } for pid=2609 comm="syz-executor.3" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 107.514480][ T28] audit: type=1400 audit(1717503044.935:1939): avc: denied { unlink } for pid=2609 comm="syz-executor.3" name="file1" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 107.514656][ T2609] ================================================================== [ 107.537313][ T28] audit: type=1400 audit(1717503044.935:1940): avc: denied { unmount } for pid=2609 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 107.545102][ T2609] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0 [ 107.572980][ T2609] Read of size 4 at addr ffff88813f5ea000 by task syz-executor.3/2609 [ 107.580967][ T2609] [ 107.583135][ T2609] CPU: 1 PID: 2609 Comm: syz-executor.3 Not tainted 6.1.78-syzkaller-00137-gc36abc6d4212 #0 [ 107.593029][ T2609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 107.602928][ T2609] Call Trace: [ 107.606048][ T2609] [ 107.608827][ T2609] dump_stack_lvl+0x151/0x1b7 [ 107.613341][ T2609] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 107.618639][ T2609] ? _printk+0xd1/0x111 [ 107.622629][ T2609] ? __virt_addr_valid+0x242/0x2f0 [ 107.627584][ T2609] print_report+0x158/0x4e0 [ 107.631913][ T2609] ? __virt_addr_valid+0x242/0x2f0 [ 107.636861][ T2609] ? kasan_addr_to_slab+0xd/0x80 [ 107.641633][ T2609] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 107.647191][ T2609] kasan_report+0x13c/0x170 [ 107.651535][ T2609] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 107.656996][ T2609] __asan_report_load4_noabort+0x14/0x20 [ 107.662463][ T2609] ext4_xattr_delete_inode+0xcd0/0xce0 [ 107.667767][ T2609] ? sb_end_intwrite+0x130/0x130 [ 107.672536][ T2609] ? ext4_expand_extra_isize_ea+0x1c40/0x1c40 [ 107.678438][ T2609] ? __kasan_check_read+0x11/0x20 [ 107.683295][ T2609] ? ext4_inode_is_fast_symlink+0x295/0x3d0 [ 107.689025][ T2609] ? ext4_evict_inode+0xbc2/0x1550 [ 107.693974][ T2609] ext4_evict_inode+0xef9/0x1550 [ 107.698743][ T2609] ? _raw_spin_unlock+0x4c/0x70 [ 107.703433][ T2609] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 107.709162][ T2609] ? _raw_spin_unlock+0x4c/0x70 [ 107.713849][ T2609] ? inode_io_list_del+0x18b/0x1a0 [ 107.718795][ T2609] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 107.724523][ T2609] evict+0x2a3/0x630 [ 107.728256][ T2609] iput+0x642/0x870 [ 107.731899][ T2609] vfs_rmdir+0x3c2/0x500 [ 107.735983][ T2609] do_rmdir+0x3ab/0x630 [ 107.740058][ T2609] ? d_delete_notify+0x160/0x160 [ 107.744838][ T2609] __x64_sys_unlinkat+0xdf/0xf0 [ 107.749528][ T2609] do_syscall_64+0x3d/0xb0 [ 107.753773][ T2609] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 107.759502][ T2609] RIP: 0033:0x7f63d887c6c7 [ 107.763753][ T2609] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 107.783192][ T2609] RSP: 002b:00007ffe570d38f8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107 [ 107.791437][ T2609] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f63d887c6c7 [ 107.799252][ T2609] RDX: 0000000000000200 RSI: 00007ffe570d4aa0 RDI: 00000000ffffff9c [ 107.807059][ T2609] RBP: 00007f63d88d9636 R08: 0000000000000000 R09: 0000000000000000 [ 107.814877][ T2609] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffe570d4aa0 [ 107.822684][ T2609] R13: 00007f63d88d9636 R14: 000000000001a357 R15: 0000000000000009 [ 107.830501][ T2609] [ 107.833362][ T2609] [ 107.835531][ T2609] The buggy address belongs to the physical page: [ 107.841787][ T2609] page:ffffea0004fd7a80 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x13f5ea [ 107.851845][ T2609] flags: 0x4000000000000000(zone=1) [ 107.856888][ T2609] raw: 4000000000000000 ffffea0004fbd348 ffffea0004fbf048 0000000000000000 [ 107.865307][ T2609] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 107.873719][ T2609] page dumped because: kasan: bad access detected [ 107.879973][ T2609] page_owner tracks the page as freed [ 107.885174][ T2609] page last allocated via order 0, migratetype Movable, gfp_mask 0x8140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO|__GFP_CMA), pid 5532, tgid 5531 (syz-executor.3), ts 107370026215, free_ts 107489423636 [ 107.904968][ T2609] post_alloc_hook+0x213/0x220 [ 107.909562][ T2609] prep_new_page+0x1b/0x110 [ 107.913903][ T2609] get_page_from_freelist+0x27ea/0x2870 [ 107.919284][ T2609] __alloc_pages+0x3a1/0x780 [ 107.923708][ T2609] __folio_alloc+0x15/0x40 [ 107.927964][ T2609] handle_mm_fault+0x1fb0/0x2f40 [ 107.932735][ T2609] exc_page_fault+0x3b3/0x700 [ 107.937251][ T2609] asm_exc_page_fault+0x27/0x30 [ 107.941936][ T2609] page last free stack trace: [ 107.946455][ T2609] free_unref_page_prepare+0x83d/0x850 [ 107.951745][ T2609] free_unref_page_list+0xf1/0x7b0 [ 107.956692][ T2609] release_pages+0xf7f/0xfe0 [ 107.961122][ T2609] free_pages_and_swap_cache+0x8a/0xa0 [ 107.966412][ T2609] tlb_finish_mmu+0x1e0/0x3f0 [ 107.970924][ T2609] exit_mmap+0x421/0x940 [ 107.975013][ T2609] __mmput+0x95/0x310 [ 107.978822][ T2609] mmput+0x56/0x170 [ 107.982469][ T2609] do_exit+0xb29/0x2b80 [ 107.986463][ T2609] do_group_exit+0x21a/0x2d0 [ 107.990886][ T2609] __x64_sys_exit_group+0x3f/0x40 [ 107.995748][ T2609] do_syscall_64+0x3d/0xb0 [ 108.000000][ T2609] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 108.005731][ T2609] [ 108.007898][ T2609] Memory state around the buggy address: [ 108.013371][ T2609] ffff88813f5e9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2024/06/04 12:10:45 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 108.021269][ T2609] ffff88813f5e9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 108.029164][ T2609] >ffff88813f5ea000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 108.037062][ T2609] ^ [ 108.040968][ T2609] ffff88813f5ea080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 108.048868][ T2609] ffff88813f5ea100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 108.056765][ T2609] ================================================================== [ 108.119089][ T2609] Disabling lock debugging due to kernel taint