last executing test programs: 20.461970281s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x800086}, 0x10}, 0x90) ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x20001400) ioctl$TUNSETOFFLOAD(r2, 0x40047451, 0x2000000c) 20.429289526s ago: executing program 3: syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='map_files\x00') fchdir(r1) sendmmsg$unix(r0, &(0x7f0000000240)=[{{&(0x7f0000000080)=@abs={0x1, 0x30, 0x30}, 0x12, 0x0}}], 0x1, 0x0) 20.420324388s ago: executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0) close(r1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000f8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r1}, 0x10) write$cgroup_pid(r0, &(0x7f0000000980), 0x12) 20.361355587s ago: executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000000740)=ANY=[@ANYBLOB="3c01000010000104000000000000000020010000000000000000000000000000ac1414bb00000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8000000000000000000000000000bb000000006c0000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000001010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000004c00120061656769733235362d6165736e6900"/244], 0x13c}}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r2, 0x0) fallocate(r2, 0x0, 0x0, 0x8004) r3 = open(&(0x7f0000007f80)='./bus\x00', 0x145142, 0x0) ftruncate(r3, 0x2007ffb) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) mkdir(&(0x7f0000002200)='./file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x0, 0x0, 0x0}, 0x90) fallocate(r2, 0x8, 0x2000, 0x7000) 20.314781904s ago: executing program 3: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000e00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000235a9bfb8500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='mm_page_alloc\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x9d, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r2, &(0x7f0000000080), 0x0}, 0x20) 20.290571288s ago: executing program 3: ptrace(0x10, 0x1) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0) sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0) 2.083595531s ago: executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_mballoc_prealloc\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_mballoc_prealloc\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r3, &(0x7f0000000180), 0x2000) 2.043124387s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10) setitimer(0x0, 0x0, 0x0) 2.015680341s ago: executing program 0: unshare(0x2040400) r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) unshare(0x2000400) fsmount(r0, 0x0, 0x0) 1.983548286s ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x81, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r1}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) sendmsg$unix(r2, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x0) 1.946113471s ago: executing program 0: r0 = socket(0x10, 0x803, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_MAX_THREADS(r1, 0x40046205, &(0x7f0000000000)=0x1) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000001a80)={0x48, 0x0, &(0x7f0000001900)=[@enter_looper, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000001a40)="a1"}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000380)='X'}) dup2(r0, r1) 1.923430335s ago: executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x4e20, @local}, {0x6, @random="0f65c8d4f756"}, 0x0, {0x2, 0x4e24, @broadcast}, 'veth0_virt_wifi\x00'}) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0) statx(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, 0x0, &(0x7f00000000c0), 0x10, &(0x7f00000003c0)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@loose}, {@noextend}, {@access_user}, {@debug}, {@afid}, {@cache_none}], [{@fsmagic={'fsmagic', 0x3d, 0x2a1}}, {@uid_eq}, {@fowner_gt={'fowner>', r1}}, {@smackfshat={'smackfshat', 0x3d, 'veth0_virt_wifi\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x34, 0x30, 0x35, 0x30, 0x31, 0x36, 0x31, 0x31], 0x2d, [0x61, 0x31, 0x63, 0x37], 0x2d, [0x33, 0x63, 0x35, 0x34], 0x2d, [0x0, 0x61, 0x62, 0x61], 0x2d, [0x61, 0x37, 0x62, 0x36, 0x30, 0x32, 0x35, 0x61]}}}, {@seclabel}, {@subj_role={'subj_role', 0x3d, 'veth0_virt_wifi\x00'}}, {@permit_directio}, {@permit_directio}]}}) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000580), 0x5c600, 0x0) getsockopt$nfc_llcp(r3, 0x118, 0x3, &(0x7f00000005c0)=""/4096, 0x1000) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000015c0)='/sys/class/watchdog', 0x0, 0x52) ioctl$TUNGETVNETHDRSZ(r3, 0x800454d7, &(0x7f0000001700)) ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000001740)={0x0, 0x0, @pic={0x8, 0x1, 0xdb, 0xff, 0xd, 0x3, 0x0, 0x0, 0xff, 0x1, 0x4, 0x3, 0x2, 0x2, 0x3, 0x29}}) chown(0xffffffffffffffff, 0x0, r2) 1.123921928s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmmsg(r2, &(0x7f0000000180), 0x400008a, 0x0) sendmsg$key(r2, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 1.097956891s ago: executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) read$usbmon(r0, 0x0, 0x3c) ioctl$MON_IOCH_MFLUSH(r0, 0x80089203, 0x0) syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) 976.21766ms ago: executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x8, &(0x7f0000000340)=ANY=[@ANYBLOB="620af8ff25200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fa093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415bd1966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b7845e6b607130c89f18c0c1089d8b853289d01aa27ae82e61b0f9223684198e1148f49faf2ad0000000000000026fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364145835108333719acd97cfa107d40224edc5465a932b77e74e80140d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf560fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e68242aff9fa740b5b763296b652d40229b24a96759823481cf32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc8734ff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000009731e6e8861c46495ba585a4b2d02edc3e28dd271c896249edc9981b5f240a2e57244b9fc9df0ff285b980680b000020435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da2a6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce5dfd3467decb05d1dbe5d2bc159ce262d9d10a64c1083d5e71b5565b1748ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761036cd3f7ec4e7fb8bc6ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec57c92f7285acd324d2c91be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c55609a6e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c50984042b3eac1f879b13634c31da2c25cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ece0ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9af04bffb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2b90d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4d58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6006e56237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b7030c1743d70e3aac9ef6c45c4c49b3bc19faa5449609b0a3dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d122a7cca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710db8f3e5c7ebfd6d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aed7a1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea500000000b4ba686fcdf240430a537a395dc73bda367bf12cb7d81643a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de553101cae9e48b0ed1254a83100e45b2569dc0d90b075225f728d44d0973171ad47d6b70ebc660309e1e245b00001743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933bee24c7e8000f2c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e000000000000037010632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5d6d4523497e4d64f95f08493564a1df87111c9bf3194fef96ccecc467acc45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127cf72748a028daf5fc4d4e6d5265bec44219ee8fbfe86f441c724fa7b3d1ff0555e63ad00a1c7f9f72f10154f1e109dc3f7dd87ea308a1fb5a983490c6c93610864623613dabec4c0b64461d21f807515d8fadec636c99aa95ff895c25aad5ac0993a65c7668ca2b6d46edbad410df7390d27e4ddc8f47d5a918b14da4ec07c8199259b8e3dd36de9b35ce25d39686f2470afb1b1db18221841cee6e5531280d65f1d28886e0f06856a5ca37a91ea6e19977c517b10fb66858a05b03084d1f3bd5542d2796a33cfe545be3dc03d302e4839492cdc7694142e48f23271787d3a2360996ca3c9b18000000000700000000000000000000004882ce2e7a68512b23b0ab1f7a6c960bd002984955dc620614f97a234c8e1df96d5e7a67c8d26cd7a4bbacc4a08600000000f5fab1f01e2b7cf653f9d25f942b1cff6d738e17df64464fbc9d89911829458645ef2d2d23f55eb1b09855cc74d29cbca2aeff07a9bf56c3fa68a7d71aad094d5d968ad88fdda027c65e434e9a6bc68ec751d6d21fa471c38646d714ce68f1f46f6ec4c1e87d720385be6f3a70fe730ccad42a9051cd07f356023e855e5acd5ec7d990cebcac66cbd3229d18511bfa1e3d2c82af72932cfd875584d0fc2daff4dfebe41c37494b8136a37f12caecba3e09a31a00410ff161089935db303df012b165663cc1f915d65f69f9d2c1d853b0150445d088da47c170155cd0cc863f4efc2bd7e2246916e0322494eb7bbc0f6c4efeac3d49b5318c410ddd8892aae7e22a558acfc4c2c08d54bd8f64469c43feaf6c9d49e701af9471f9d0cc02ed80f05f0a196bf4695cec437bea2d62515882d856c8a70f8f158da96ec472655529a4e87fc743080d59d747d4377e7e9d1d62b1d08eb1f051412b309208c8be79f66271b4ebd6800688955132ecc654d0e3bcb258b1da03b77cb17d2f4c1e557462f0a710b68056f3e272000d3bf4f49631f8d3677e5803ea1e52727c69afe25f0905a1dfaa0ffc168601e0fddaeff35269e24ba5675504f0c4f735cfa668aab6fca35eef66f9dcbabb5710f20a75e99c5bdc0f95deca2efa57ffb35dc5f555419b712cb63f8ae93fa5ccf0268617f9bb26c767cc1215d29e426aaab79f500d53e0be9cd41ad42da2d54a31e0eeab9faac817d99ec2d862074088fb8dffe3cd11d1b56d3712c2cf486f0017e013d3f80fe602501c4e4f87001eaa4e4d7f653dabfa7273598211be7f42401d0bd68f47076894dcc004bbce94423bf925a39e6a58ab08b26aca704ff47dbca3e05f6715cd9c5c40e4d02d98b0b32b9c528e235605a4baac3b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xffe9}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) unlinkat(0xffffffffffffffff, 0x0, 0x0) 942.823775ms ago: executing program 4: mkdir(&(0x7f0000000580)='./file0\x00', 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r3, &(0x7f00000000c0)={0x18}, 0x18) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}}) utime(&(0x7f0000000200)='./file0\x00', 0x0) chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffffff) 901.600982ms ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10) setitimer(0x0, 0x0, 0x0) 866.910207ms ago: executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB="f8000000160085020000000000000000ff0200000000000000000000000000012001000000000000000000000000000200000000000000000000200000000000", @ANYRES32=0x0, @ANYRES32=0x0], 0xf8}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020a000002000000000000000000d93f2c9d89a47082a505298763a90000"], 0x10}}, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8000000000000001}) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000140)) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0}) r6 = dup3(r5, r4, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x8000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000240)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000340)={@flat, @flat=@weak_binder, @ptr={0x70742a85, 0x1, 0x0}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) r7 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_proto_private(r7, 0x89b1, &(0x7f0000000000)="70e89cdae43a") write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) write(0xffffffffffffffff, &(0x7f0000000040)="2600000022004701050007108980e8ff06", 0x11) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 497.729594ms ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='mm_page_alloc\x00', r0}, 0x10) r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="020000"], 0xfe44, 0x0) 467.749398ms ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) pipe2$9p(&(0x7f0000002180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15) r3 = dup(r2) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000700)=ANY=[@ANYBLOB="3801"], 0x138) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) 451.233841ms ago: executing program 1: bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000004c0)={0x3e}, 0x8) 439.726983ms ago: executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) syz_emit_ethernet(0x4e, &(0x7f00000005c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a3ff2", 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, {[@exp_fastopen={0xfe, 0x4}]}}}}}}}}, 0x0) 430.471824ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) io_setup(0xffff, &(0x7f00000007c0)) 392.87758ms ago: executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r1 = dup(r0) write$FUSE_DIRENTPLUS(r1, &(0x7f0000000700)=ANY=[@ANYBLOB='8'], 0x138) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x0, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffff4f) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0xc, &(0x7f0000000340)=ANY=[@ANYRES8=r0], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10) r6 = userfaultfd(0x80001) ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0xcd}) ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) readv(r6, &(0x7f0000000240)=[{&(0x7f0000000140)=""/201, 0xc9}], 0x1) mremap(&(0x7f0000638000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r7) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='f2fs_write_end\x00', r2}, 0x10) pivot_root(0x0, 0x0) accept4(r1, 0x0, &(0x7f0000000000), 0x80000) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000200da0bace30000000000000006512981a209e82f6622e9c5", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r9}, 0x10) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r10}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{r8}, &(0x7f0000000600), &(0x7f0000000640)='%pS \x00'}, 0x20) 354.021925ms ago: executing program 2: syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000000)) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none}, 0xe) getsockopt$bt_BT_RCVMTU(r0, 0x112, 0x7, 0x0, &(0x7f0000000940)) 325.24629ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x5, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='ext4_ext_remove_space\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='ext4_ext_remove_space\x00', r3}, 0x10) write$cgroup_int(r2, &(0x7f0000000100), 0x1001) ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000000000)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) 270.387408ms ago: executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2}, 0x10) r3 = socket$packet(0x11, 0x2, 0x300) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) lchown(&(0x7f0000000280)='./file0\x00', 0x0, 0xffffffffffffffff) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0) ftruncate(r4, 0x8001) getsockopt$packet_buf(r3, 0x107, 0xf, 0x0, &(0x7f0000001040)) r5 = socket(0x0, 0x4, 0x0) r6 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440), 0x10) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(0xffffffffffffffff, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f00000002c0)) socket$unix(0x1, 0x2, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0xee01, r7, 0xffffffffffffffff) 269.566678ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) getgid() 136.768629ms ago: executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) 0s ago: executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000e80)=ANY=[@ANYBLOB="2c000000010101040000000000000000020000001800028014000180080001"], 0x2c}}, 0x0) kernel console output (not intermixed with test programs): 60][ T60] cdc_ether: probe of 3-1:1.0 failed with error -22 [ 1415.204011][ T60] usb-storage 3-1:1.0: USB Mass Storage device detected [ 1415.308906][ T5262] overlayfs: unrecognized mount option "B: KEY=10000000000000 0 [ 1415.308906][ T5262] [ 1415.308906][ T5262] I: Bus=0019 Vendor=0000 Product=0003 Version=0000 [ 1415.308906][ T5262] N: Name="Sleep Button" [ 1415.308906][ T5262] P: Phys=LNXSLPBN/button/input0 [ 1415.308906][ T5262] S: Sysfs=/devices/LNXSYSTM:00/LNXSLPBN:00/input/input1 [ 1415.308906][ T5262] U: Uniq= [ 1415.308906][ T5262] H: Handlers=kbd event1 [ 1415.308906][ T5262] B: PROP=0 [ 1415.308906][ T5262] B: EV=3 [ 1415.308906][ T5262] B: KEY=4000 0 0 [ 1415.308906][ T5262] [ 1415.308906][ T5262] I: Bus=0011 Vendor=0001 Product=0001 Version=abba [ 1415.308906][ T5262] N: Name="AT Translated Set 2 keyboard" [ 1415.308906][ T5262] P: Phys=isa0060/serio0/input0 [ 1415.308906][ T5262] S: Sysfs=/devices/platform/i8042/serio0/input/input2 [ 1415.308906][ T5262] U: Uniq= [ 1415.308906][ T5262] H: Handlers=kbd leds event2 [ 1415.308906][ T5262] B: PROP=0 [ 1415.308906][ T5262] B: EV=120013 [ 1415.432163][ T60] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 1415.508550][ T60] usb 3-1: USB disconnect, device number 90 [ 1415.546582][ T5274] loop3: detected capacity change from 0 to 1024 [ 1415.554546][ T5274] EXT4-fs: Ignoring removed orlov option [ 1415.560875][ T5274] EXT4-fs (loop3): Test dummy encryption mode enabled [ 1415.576707][ T5274] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1415.615759][ T4060] EXT4-fs (loop3): unmounting filesystem. [ 1415.836135][ T5292] overlayfs: unrecognized mount option "B: KEY=10000000000000 0 [ 1415.836135][ T5292] [ 1415.836135][ T5292] I: Bus=0019 Vendor=0000 Product=0003 Version=0000 [ 1415.836135][ T5292] N: Name="Sleep Button" [ 1415.836135][ T5292] P: Phys=LNXSLPBN/button/input0 [ 1415.836135][ T5292] S: Sysfs=/devices/LNXSYSTM:00/LNXSLPBN:00/input/input1 [ 1415.836135][ T5292] U: Uniq= [ 1415.836135][ T5292] H: Handlers=kbd event1 [ 1415.836135][ T5292] B: PROP=0 [ 1415.836135][ T5292] B: EV=3 [ 1415.836135][ T5292] B: KEY=4000 0 0 [ 1415.836135][ T5292] [ 1415.836135][ T5292] I: Bus=0011 Vendor=0001 Product=0001 Version=abba [ 1415.836135][ T5292] N: Name="AT Translated Set 2 keyboard" [ 1415.836135][ T5292] P: Phys=isa0060/serio0/input0 [ 1415.836135][ T5292] S: Sysfs=/devices/platform/i8042/serio0/input/input2 [ 1415.836135][ T5292] U: Uniq= [ 1415.836135][ T5292] H: Handlers=kbd leds event2 [ 1415.836135][ T5292] B: PROP=0 [ 1415.836135][ T5292] B: EV=120013 [ 1415.970700][ T5297] loop3: detected capacity change from 0 to 256 [ 1416.032401][ T5300] input: syz1 as /devices/virtual/input/input196 [ 1416.055179][ T5267] loop0: detected capacity change from 0 to 131072 [ 1416.075394][ T5303] hub 6-0:1.0: USB hub found [ 1416.080710][ T5303] hub 6-0:1.0: 1 port detected [ 1416.111202][ T5267] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1416.232409][ T5316] tipc: Enabling of bearer rejected, failed to enable media [ 1416.396814][ T5267] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1416.473753][ T5324] overlayfs: unrecognized mount option "B: KEY=10000000000000 0 [ 1416.473753][ T5324] [ 1416.473753][ T5324] I: Bus=0019 Vendor=0000 Product=0003 Version=0000 [ 1416.473753][ T5324] N: Name="Sleep Button" [ 1416.473753][ T5324] P: Phys=LNXSLPBN/button/input0 [ 1416.473753][ T5324] S: Sysfs=/devices/LNXSYSTM:00/LNXSLPBN:00/input/input1 [ 1416.473753][ T5324] U: Uniq= [ 1416.473753][ T5324] H: Handlers=kbd event1 [ 1416.473753][ T5324] B: PROP=0 [ 1416.473753][ T5324] B: EV=3 [ 1416.473753][ T5324] B: KEY=4000 0 0 [ 1416.473753][ T5324] [ 1416.473753][ T5324] I: Bus=0011 Vendor=0001 Product=0001 Version=abba [ 1416.473753][ T5324] N: Name="AT Translated Set 2 keyboard" [ 1416.473753][ T5324] P: Phys=isa0060/serio0/input0 [ 1416.473753][ T5324] S: Sysfs=/devices/platform/i8042/serio0/input/input2 [ 1416.473753][ T5324] U: Uniq= [ 1416.473753][ T5324] H: Handlers=kbd leds event2 [ 1416.473753][ T5324] B: PROP=0 [ 1416.473753][ T5324] B: EV=120013 [ 1416.526946][ T599] EXT4-fs error: 23205 callbacks suppressed [ 1416.526966][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1416.575781][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1416.590855][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1416.599823][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1416.611315][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1416.620368][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1416.632103][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1416.641592][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1416.653266][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1416.663940][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1416.714170][ T28] kauditd_printk_skb: 62 callbacks suppressed [ 1416.714188][ T28] audit: type=1326 audit(2000000197.706:57722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e48a7cea9 code=0x7ffc0000 [ 1416.752938][ T28] audit: type=1326 audit(2000000197.706:57723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e48a7cea9 code=0x7ffc0000 [ 1416.777203][ T28] audit: type=1326 audit(2000000197.706:57724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e48a7cea9 code=0x7ffc0000 [ 1417.356946][ T28] audit: type=1326 audit(2000000197.706:57725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e48a7cea9 code=0x7ffc0000 [ 1417.427656][ T28] audit: type=1326 audit(2000000197.706:57726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e48a7cea9 code=0x7ffc0000 [ 1417.497603][ T28] audit: type=1326 audit(2000000197.706:57727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e48a7cea9 code=0x7ffc0000 [ 1417.561975][ T28] audit: type=1326 audit(2000000197.746:57728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e48a7cea9 code=0x7ffc0000 [ 1417.599462][ T28] audit: type=1326 audit(2000000197.746:57729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9e48a7a627 code=0x7ffc0000 [ 1417.602881][ T5343] loop0: detected capacity change from 0 to 512 [ 1417.634588][ T5345] input: syz1 as /devices/virtual/input/input197 [ 1417.642284][ T28] audit: type=1326 audit(2000000197.746:57730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9e48a402e9 code=0x7ffc0000 [ 1417.666182][ T28] audit: type=1326 audit(2000000197.746:57731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e48a7cea9 code=0x7ffc0000 [ 1417.739375][ T5343] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1417.744631][ T5354] tipc: Enabling of bearer rejected, failed to enable media [ 1417.765191][ T5343] ext4 filesystem being mounted at /root/syzkaller-testdir1899357050/syzkaller.Qjg7B4/7/file0 supports timestamps until 2038 (0x7fffffff) [ 1417.795597][ T5190] EXT4-fs (loop0): unmounting filesystem. [ 1417.855085][ T5368] overlayfs: missing 'lowerdir' [ 1418.023597][ T5394] tipc: Started in network mode [ 1418.036078][ T5394] tipc: Node identity aaaaaaaaaa32, cluster identity 4711 [ 1418.045199][ T5394] tipc: Enabled bearer , priority 10 [ 1418.053166][ T5394] tipc: Resetting bearer [ 1418.060674][ T5394] tipc: Disabling bearer [ 1419.157861][ T5470] tipc: Enabling of bearer rejected, failed to enable media [ 1419.177764][ T5470] loop0: detected capacity change from 0 to 256 [ 1419.187068][ T5470] FAT-fs (loop0): Unrecognized mount option "shoptname=lower" or missing value [ 1419.295526][ T638] usb 4-1: new high-speed USB device number 87 using dummy_hcd [ 1419.556987][ T638] usb 4-1: Using ep0 maxpacket: 16 [ 1419.586920][T20061] usb 3-1: new high-speed USB device number 91 using dummy_hcd [ 1419.677014][ T638] usb 4-1: config 0 has an invalid interface number: 2 but max is 0 [ 1419.684995][ T638] usb 4-1: config 0 has no interface number 0 [ 1419.691047][ T638] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024 [ 1419.857060][T20061] usb 3-1: Using ep0 maxpacket: 8 [ 1419.876984][ T638] usb 4-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= f.88 [ 1419.894016][ T638] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1419.946992][ T638] usb 4-1: Product: syz [ 1419.951354][ T638] usb 4-1: Manufacturer: syz [ 1419.956173][ T638] usb 4-1: SerialNumber: syz [ 1419.963723][ T638] usb 4-1: config 0 descriptor?? [ 1419.986993][ T5454] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1419.997020][T20061] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1420.042847][T20061] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 1420.126952][T20061] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 1420.139083][T20061] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1420.169560][T20061] usb 3-1: SerialNumber: syz [ 1420.227273][T20061] usb-storage 3-1:1.0: USB Mass Storage device detected [ 1420.247726][ T638] usb 4-1: invalid MIDI in EP 0 [ 1420.255427][ T638] snd-usb-audio: probe of 4-1:0.2 failed with error -22 [ 1420.265937][T20061] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 1420.278211][ T638] usb 4-1: USB disconnect, device number 87 [ 1420.428172][ T2918] usb 3-1: USB disconnect, device number 91 [ 1420.906938][ T2918] usb 1-1: new high-speed USB device number 110 using dummy_hcd [ 1421.156973][ T2918] usb 1-1: Using ep0 maxpacket: 32 [ 1421.309570][ T5557] x_tables: duplicate underflow at hook 4 [ 1421.396412][ T5569] loop3: detected capacity change from 0 to 2048 [ 1421.439577][ T2918] usb 1-1: New USB device found, idVendor=257a, idProduct=260c, bcdDevice=a6.30 [ 1421.448884][ T5569] loop3: p1 < > p2 p3 < p5 > p4 [ 1421.453638][ T5569] loop3: partition table partially beyond EOD, truncated [ 1421.461353][ T2918] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1421.469377][ T5569] loop3: p1 start 4278190080 is beyond EOD, truncated [ 1421.476185][ T2918] usb 1-1: Product: syz [ 1421.480493][ T5569] loop3: p2 start 16908800 is beyond EOD, truncated [ 1421.487112][ T2918] usb 1-1: Manufacturer: syz [ 1421.491914][ T2918] usb 1-1: SerialNumber: syz [ 1421.504929][ T5569] loop3: p4 start 11326 is beyond EOD, truncated [ 1421.525630][ T2918] usb 1-1: config 0 descriptor?? [ 1421.531627][ T5569] loop3: p5 start 16908800 is beyond EOD, truncated [ 1421.536990][ T599] EXT4-fs error: 20801 callbacks suppressed [ 1421.537006][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1421.555666][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1421.564642][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1421.577419][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1421.586525][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1421.599091][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1421.608233][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1421.619961][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1421.628908][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1421.640398][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1421.801271][ T2918] usb 1-1: USB disconnect, device number 110 [ 1422.046881][T18751] usb 4-1: new high-speed USB device number 88 using dummy_hcd [ 1422.444453][T18751] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1422.467000][T18751] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1422.487893][T18751] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 1422.935395][T18751] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1422.943883][T18751] usb 4-1: config 0 descriptor?? [ 1422.999651][ T5602] tipc: Started in network mode [ 1423.014734][ T5602] tipc: Node identity aaaaaaaaaa32, cluster identity 4711 [ 1423.032576][ T5602] tipc: Enabled bearer , priority 10 [ 1423.046345][ T5602] tipc: Resetting bearer [ 1423.059716][ T5602] tipc: Disabling bearer [ 1423.158681][ T28] kauditd_printk_skb: 68 callbacks suppressed [ 1423.158697][ T28] audit: type=1400 audit(2000000204.156:57800): avc: denied { map } for pid=5605 comm="syz-executor.0" path="socket:[208969]" dev="sockfs" ino=208969 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 1423.427741][T18751] isku 0003:1E7D:319C.00CE: unknown main item tag 0x0 [ 1423.456596][T18751] isku 0003:1E7D:319C.00CE: unbalanced collection at end of report description [ 1423.465478][ T332] usb 1-1: new high-speed USB device number 111 using dummy_hcd [ 1423.477478][T18751] isku 0003:1E7D:319C.00CE: parse failed [ 1423.483037][T18751] isku: probe of 0003:1E7D:319C.00CE failed with error -22 [ 1423.631799][T18751] usb 4-1: USB disconnect, device number 88 [ 1423.736892][ T332] usb 1-1: Using ep0 maxpacket: 8 [ 1423.877372][ T332] usb 1-1: config 0 has an invalid interface number: 52 but max is 0 [ 1423.886206][ T332] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1423.896597][ T332] usb 1-1: config 0 has no interface number 0 [ 1423.902567][ T332] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 1423.913375][ T332] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 1423.924449][ T332] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1423.962286][ T332] usb 1-1: config 0 interface 52 has no altsetting 0 [ 1423.971220][ T332] usb 1-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00 [ 1423.980137][ T332] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1423.989588][ T332] usb 1-1: config 0 descriptor?? [ 1424.364847][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 1424.393892][ T2918] usb 1-1: USB disconnect, device number 111 [ 1424.487236][ T5651] loop0: detected capacity change from 0 to 256 [ 1424.497895][ T5651] exfat: Deprecated parameter 'namecase' [ 1424.507703][ T5651] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 1424.553037][ T28] audit: type=1326 audit(2000000205.546:57801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5652 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1424.589009][ T28] audit: type=1326 audit(2000000205.586:57802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5652 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1424.613181][ T28] audit: type=1326 audit(2000000205.586:57803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5652 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1424.648056][ T28] audit: type=1326 audit(2000000205.586:57804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5652 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1424.672003][ T28] audit: type=1326 audit(2000000205.586:57805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5652 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1424.695875][ T28] audit: type=1326 audit(2000000205.586:57806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5652 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1424.719808][ T28] audit: type=1326 audit(2000000205.586:57807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5652 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1424.743788][ T5642] overlayfs: statfs failed on './file0' [ 1424.744250][ T28] audit: type=1326 audit(2000000205.586:57808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5652 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1424.773218][ T28] audit: type=1326 audit(2000000205.586:57809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5652 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1425.346931][ T2918] usb 3-1: new high-speed USB device number 92 using dummy_hcd [ 1425.586942][ T2918] usb 3-1: Using ep0 maxpacket: 32 [ 1425.693866][ T5684] bridge0: port 1(bridge_slave_0) entered blocking state [ 1425.700822][ T5684] bridge0: port 1(bridge_slave_0) entered disabled state [ 1425.707007][ T2918] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1425.708197][ T5684] device bridge_slave_0 entered promiscuous mode [ 1425.727413][ T2918] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1425.727561][ T5684] bridge0: port 2(bridge_slave_1) entered blocking state [ 1425.738123][ T2918] usb 3-1: New USB device found, idVendor=056a, idProduct=00fa, bcdDevice= 0.00 [ 1425.752840][ T2918] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1425.761525][ T5684] bridge0: port 2(bridge_slave_1) entered disabled state [ 1425.768709][ T2918] usb 3-1: config 0 descriptor?? [ 1425.777306][ T5684] device bridge_slave_1 entered promiscuous mode [ 1425.907858][T31315] device bridge_slave_1 left promiscuous mode [ 1425.915817][T31315] bridge0: port 2(bridge_slave_1) entered disabled state [ 1425.924664][T31315] device bridge_slave_0 left promiscuous mode [ 1425.931160][T31315] bridge0: port 1(bridge_slave_0) entered disabled state [ 1425.941980][T31315] device veth1_macvtap left promiscuous mode [ 1425.954381][T31315] device veth0_vlan left promiscuous mode [ 1426.131782][ T5684] bridge0: port 2(bridge_slave_1) entered blocking state [ 1426.138671][ T5684] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1426.145755][ T5684] bridge0: port 1(bridge_slave_0) entered blocking state [ 1426.152549][ T5684] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1426.180196][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1426.188067][ T332] bridge0: port 1(bridge_slave_0) entered disabled state [ 1426.195452][ T332] bridge0: port 2(bridge_slave_1) entered disabled state [ 1426.219196][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1426.227531][T30803] bridge0: port 1(bridge_slave_0) entered blocking state [ 1426.234390][T30803] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1426.241654][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1426.249644][ T2918] wacom 0003:056A:00FA.00CF: hidraw0: USB HID v0.00 Device [HID 056a:00fa] on usb-dummy_hcd.2-1/input0 [ 1426.250226][T30803] bridge0: port 2(bridge_slave_1) entered blocking state [ 1426.267450][T30803] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1426.274678][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1426.282830][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1426.304788][ T5684] device veth0_vlan entered promiscuous mode [ 1426.311287][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1426.319792][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1426.327792][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1426.335136][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1426.350405][ T5684] device veth1_macvtap entered promiscuous mode [ 1426.358559][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1426.366738][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1426.375099][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1426.390823][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1426.398714][ T5648] Bluetooth: hci0: command 0x1003 tx timeout [ 1426.398764][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1426.412789][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1426.421269][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1426.429479][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1426.463028][T18751] usb 3-1: USB disconnect, device number 92 [ 1426.525714][ T5707] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 1426.546282][ T5709] syz-executor.4[5709] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1426.546378][ T5709] syz-executor.4[5709] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1426.546911][ T599] EXT4-fs error: 27624 callbacks suppressed [ 1426.546926][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1426.587771][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1426.596801][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1426.608438][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1426.617860][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1426.629583][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1426.641789][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1426.653214][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1426.662222][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1426.673665][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1427.024330][ T5724] loop3: detected capacity change from 0 to 256 [ 1427.040034][ T5724] FAT-fs (loop3): Directory bread(block 64) failed [ 1427.046458][ T5724] FAT-fs (loop3): Directory bread(block 65) failed [ 1427.052972][ T5724] FAT-fs (loop3): Directory bread(block 66) failed [ 1427.059508][ T5724] FAT-fs (loop3): Directory bread(block 67) failed [ 1427.065857][ T5724] FAT-fs (loop3): Directory bread(block 68) failed [ 1427.072200][ T5724] FAT-fs (loop3): Directory bread(block 69) failed [ 1427.078732][ T5724] FAT-fs (loop3): Directory bread(block 70) failed [ 1427.085058][ T5724] FAT-fs (loop3): Directory bread(block 71) failed [ 1427.099668][ T5724] FAT-fs (loop3): Directory bread(block 72) failed [ 1427.106016][ T5724] FAT-fs (loop3): Directory bread(block 73) failed [ 1427.690054][ T5782] loop3: detected capacity change from 0 to 512 [ 1427.724067][ T5782] EXT4-fs (loop3): orphan cleanup on readonly fs [ 1427.740149][ T5782] EXT4-fs error (device loop3): ext4_quota_enable:6943: inode #3: comm syz-executor.3: iget: special inode unallocated [ 1427.777871][ T5782] EXT4-fs error (device loop3): ext4_quota_enable:6946: comm syz-executor.3: Bad quota inode: 3, type: 0 [ 1427.890381][ T5782] EXT4-fs warning (device loop3): ext4_enable_quotas:6987: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 1427.905294][ T5782] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 1427.912037][ T5782] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1428.637364][ T4060] EXT4-fs (loop3): unmounting filesystem. [ 1428.819192][ T5805] loop3: detected capacity change from 0 to 256 [ 1428.830591][ T5805] exfat: Deprecated parameter 'namecase' [ 1428.861236][ T5805] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 1428.996781][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 1428.996797][ T28] audit: type=1326 audit(2000000209.986:57813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5814 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e48a7cea9 code=0x0 [ 1429.056919][T18751] usb 1-1: new high-speed USB device number 112 using dummy_hcd [ 1429.379175][ T5823] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1429.393832][ T5823] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1429.403404][ T5823] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1429.412559][ T5823] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1429.421717][ T5823] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1429.431781][ T5823] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1429.450118][ T5823] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1429.459371][ T5823] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1429.468594][ T5823] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1429.478487][ T5823] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 1429.636965][T18751] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1429.647919][T18751] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1429.657603][T18751] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1429.666609][T18751] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1429.675951][T18751] usb 1-1: config 0 descriptor?? [ 1429.950837][ T5837] syz-executor.2[5837] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1429.950912][ T5837] syz-executor.2[5837] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1429.993106][ T5840] device syzkaller0 entered promiscuous mode [ 1430.167188][T18751] hid (null): bogus close delimiter [ 1430.386938][T18751] usb 1-1: language id specifier not provided by device, defaulting to English [ 1431.026978][T18751] uclogic 0003:256C:006D.00D0: failed retrieving string descriptor #100: -71 [ 1431.047007][T18751] uclogic 0003:256C:006D.00D0: failed retrieving pen parameters: -71 [ 1431.054997][T18751] uclogic 0003:256C:006D.00D0: failed probing pen v1 parameters: -71 [ 1431.070357][T18751] uclogic 0003:256C:006D.00D0: failed probing parameters: -71 [ 1431.078005][T18751] uclogic: probe of 0003:256C:006D.00D0 failed with error -71 [ 1431.098535][T18751] usb 1-1: USB disconnect, device number 112 [ 1431.383096][ T5858] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1431.397829][ T5858] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check. [ 1431.576569][ T599] EXT4-fs error: 24006 callbacks suppressed [ 1431.576598][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1431.593981][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1431.615449][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1431.636750][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1431.655427][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1431.687807][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1431.704668][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1431.720637][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1431.735966][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1431.765745][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1431.801947][ T5874] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 1431.815988][ T5874] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1431.834974][ T5875] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5875 comm=syz-executor.0 [ 1431.850650][ T5875] IPv6: syztnl2: Disabled Multicast RS [ 1432.738073][ T5910] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 1432.767514][T18751] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=18751 comm=kworker/0:6 [ 1433.129500][ T5921] device wireguard0 entered promiscuous mode [ 1433.398134][ T28] audit: type=1326 audit(2000000214.396:57814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5937 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1433.422456][ T28] audit: type=1326 audit(2000000214.416:57815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5937 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1433.447123][ T28] audit: type=1326 audit(2000000214.416:57816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5937 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1433.506936][ T28] audit: type=1326 audit(2000000214.416:57817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5937 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1433.534059][ T28] audit: type=1326 audit(2000000214.416:57818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5937 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1433.558030][ T28] audit: type=1326 audit(2000000214.416:57819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5937 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1433.582862][ T28] audit: type=1326 audit(2000000214.476:57820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5937 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1433.609177][ T28] audit: type=1326 audit(2000000214.486:57821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5937 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7b1767a627 code=0x7ffc0000 [ 1433.731675][ T28] audit: type=1326 audit(2000000214.486:57822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5937 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7b176402e9 code=0x7ffc0000 [ 1434.039398][ T28] kauditd_printk_skb: 136 callbacks suppressed [ 1434.039413][ T28] audit: type=1326 audit(2000000215.036:57959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5965 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e48a7cea9 code=0x7ffc0000 [ 1434.070788][ T28] audit: type=1326 audit(2000000215.046:57960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa251a7cea9 code=0x7ffc0000 [ 1434.095175][ T28] audit: type=1326 audit(2000000215.046:57961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa251a7ec27 code=0x7ffc0000 [ 1434.119217][ T28] audit: type=1326 audit(2000000215.046:57962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fa251a7eb9c code=0x7ffc0000 [ 1434.143515][ T28] audit: type=1326 audit(2000000215.046:57963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fa251a7ead4 code=0x7ffc0000 [ 1434.207056][ T28] audit: type=1326 audit(2000000215.046:57964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fa251a7ead4 code=0x7ffc0000 [ 1434.233142][ T28] audit: type=1326 audit(2000000215.046:57965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa251a7bd9a code=0x7ffc0000 [ 1434.257189][ T2918] usb 1-1: new high-speed USB device number 113 using dummy_hcd [ 1434.267418][ T28] audit: type=1326 audit(2000000215.046:57966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa251a7cea9 code=0x7ffc0000 [ 1434.274697][ T5982] tmpfs: Unknown parameter 'nolazytimeÿÿ' [ 1434.291882][ T28] audit: type=1326 audit(2000000215.056:57967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa251a7cea9 code=0x7ffc0000 [ 1434.321124][ T28] audit: type=1326 audit(2000000215.056:57968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa251a7cea9 code=0x7ffc0000 [ 1434.536931][ T2918] usb 1-1: Using ep0 maxpacket: 32 [ 1434.656978][ T2918] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1434.668467][ T2918] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1434.682032][ T2918] usb 1-1: New USB device found, idVendor=056a, idProduct=00fa, bcdDevice= 0.00 [ 1434.686971][T18751] usb 5-1: new high-speed USB device number 116 using dummy_hcd [ 1434.690953][ T2918] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1434.706788][ T2918] usb 1-1: config 0 descriptor?? [ 1434.712730][ T6013] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 1434.721992][ T6013] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1434.809804][ T6019] tmpfs: Bad value for 'size' [ 1434.858380][ T6011] loop3: detected capacity change from 0 to 40427 [ 1434.910024][ T6011] F2FS-fs (loop3): invalid crc value [ 1434.930685][ T6011] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1434.945549][ T6026] device pim6reg1 entered promiscuous mode [ 1434.966975][T18751] usb 5-1: Using ep0 maxpacket: 32 [ 1434.976979][ T6011] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 1435.000372][ T6011] syz-executor.3: attempt to access beyond end of device [ 1435.000372][ T6011] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1435.086939][T18751] usb 5-1: config 0 has no interfaces? [ 1435.092281][T18751] usb 5-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 1435.123008][T18751] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1435.157274][T18751] usb 5-1: config 0 descriptor?? [ 1435.188772][ T2918] wacom 0003:056A:00FA.00D1: hidraw0: USB HID v0.00 Device [HID 056a:00fa] on usb-dummy_hcd.0-1/input0 [ 1435.418735][T18751] usb 1-1: USB disconnect, device number 113 [ 1435.505520][ T6064] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=59408 sclass=netlink_route_socket pid=6064 comm=syz-executor.3 [ 1435.626579][ T5991] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1435.633032][ T6075] binder: binder_mmap: 6074 20ffb000-20fff000 bad vm_flags failed -1 [ 1435.645746][ T5991] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1435.657432][T18751] usb 5-1: USB disconnect, device number 116 [ 1436.225449][ T6085] device pim6reg1 entered promiscuous mode [ 1436.577276][ T638] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 1436.767112][ T599] EXT4-fs error: 24554 callbacks suppressed [ 1436.767132][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1436.787000][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1436.808424][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1436.825654][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1436.842909][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1436.854540][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1436.863584][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1436.875277][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1436.884330][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1436.896159][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1436.916907][T18751] usb 5-1: new high-speed USB device number 117 using dummy_hcd [ 1437.096941][ T638] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1437.105739][ T638] usb 4-1: New USB device found, idVendor=0403, idProduct=da73, bcdDevice=dc.8d [ 1437.114832][ T638] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1437.123597][ T638] usb 4-1: config 0 descriptor?? [ 1437.178043][ T6133] loop0: detected capacity change from 0 to 1024 [ 1437.188068][ T6133] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1437.205163][ T5190] EXT4-fs (loop0): unmounting filesystem. [ 1437.282149][ T6139] binder: binder_mmap: 6138 20ffb000-20fff000 bad vm_flags failed -1 [ 1437.285629][ T6141] syz-executor.2[6141] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1437.292081][ T6141] syz-executor.2[6141] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1437.307142][T18751] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1437.329865][T18751] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1437.339604][T18751] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1437.350595][T18751] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1437.359884][T18751] usb 5-1: config 0 descriptor?? [ 1437.368682][ T6087] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1437.377015][ T6087] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1437.385147][ T638] usb 4-1: USB disconnect, device number 89 [ 1438.812939][ T6171] binder: binder_mmap: 6170 20ffb000-20fff000 bad vm_flags failed -1 [ 1438.890061][ T6188] __nla_validate_parse: 11 callbacks suppressed [ 1438.890080][ T6188] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1438.906959][T18751] usb 5-1: language id specifier not provided by device, defaulting to English [ 1438.927958][ T6188] syz-executor.2[6188] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1438.928219][ T6188] syz-executor.2[6188] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1439.782604][ T6213] loop3: detected capacity change from 0 to 1024 [ 1439.805009][ T6213] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869) [ 1439.816742][ T6213] EXT4-fs (loop3): invalid journal inode [ 1439.822431][ T6213] EXT4-fs (loop3): can't get journal size [ 1439.828967][ T6213] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1440.019301][ T4060] EXT4-fs (loop3): unmounting filesystem. [ 1440.048277][ T6226] bridge: RTM_NEWNEIGH with invalid ether address [ 1440.068872][T18751] uclogic 0003:256C:006D.00D2: v1 frame probing failed: -71 [ 1440.077669][T18751] uclogic 0003:256C:006D.00D2: failed probing parameters: -71 [ 1440.084960][T18751] uclogic: probe of 0003:256C:006D.00D2 failed with error -71 [ 1440.114309][T18751] usb 5-1: USB disconnect, device number 117 [ 1440.314982][ T6248] loop0: detected capacity change from 0 to 512 [ 1440.321199][T18214] usb 3-1: new high-speed USB device number 93 using dummy_hcd [ 1440.332580][ T6248] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1440.343060][ T6248] EXT4-fs warning (device loop0): dx_probe:868: inode #2: comm syz-executor.0: Unimplemented hash flags: 0x0001 [ 1440.355102][ T6248] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 1440.369329][ T6248] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 3: comm syz-executor.0: path /root/syzkaller-testdir1899357050/syzkaller.Qjg7B4/99/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0 [ 1440.423306][ T5190] EXT4-fs (loop0): unmounting filesystem. [ 1440.436738][ T6253] futex_wake_op: syz-executor.0 tries to shift op by 32; fix this program [ 1440.453698][ T6255] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1440.464411][ T6255] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1440.485658][ T6257] loop0: detected capacity change from 0 to 256 [ 1440.494042][ T6257] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001) [ 1440.502400][ T6257] FAT-fs (loop0): Filesystem has been set read-only [ 1440.561256][ T6267] EXT4-fs warning (device sda1): ext4_group_extend:1869: can't shrink FS - resize aborted [ 1440.600014][ T2918] usb 4-1: new high-speed USB device number 90 using dummy_hcd [ 1440.640721][ T28] kauditd_printk_skb: 121 callbacks suppressed [ 1440.640739][ T28] audit: type=1326 audit(2000000221.636:58090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1440.683656][ T6276] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3012553984 (6025107968 ns) > initial count (4194304 ns). Using initial count to start timer. [ 1440.686983][T18214] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1440.701689][ T28] audit: type=1326 audit(2000000221.696:58091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1440.711373][T18214] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1440.744827][T18214] usb 3-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 1440.753745][T18214] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1440.762373][T18214] usb 3-1: config 0 descriptor?? [ 1440.767365][ T28] audit: type=1326 audit(2000000221.736:58092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1440.792441][ T28] audit: type=1326 audit(2000000221.736:58093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1440.817123][ T28] audit: type=1326 audit(2000000221.736:58094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1440.841076][ T28] audit: type=1326 audit(2000000221.736:58095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1440.865802][ T28] audit: type=1326 audit(2000000221.786:58096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7b1767a627 code=0x7ffc0000 [ 1440.891342][ T28] audit: type=1326 audit(2000000221.786:58097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7b176402e9 code=0x7ffc0000 [ 1440.915470][ T28] audit: type=1326 audit(2000000221.786:58098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1767cea9 code=0x7ffc0000 [ 1440.945070][ T28] audit: type=1326 audit(2000000221.786:58099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6275 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7b1767a627 code=0x7ffc0000 [ 1440.957337][ T6282] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1441.006944][ T2918] usb 4-1: config 0 has an invalid interface number: 4 but max is 0 [ 1441.011109][ T6282] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1441.014760][ T2918] usb 4-1: config 0 has no interface number 0 [ 1441.073725][ T6286] loop0: detected capacity change from 0 to 512 [ 1441.078281][ T2918] usb 4-1: config 0 interface 4 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1441.091063][ T6286] EXT4-fs: Ignoring removed oldalloc option [ 1441.096926][ T2918] usb 4-1: config 0 interface 4 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1441.106518][ T2918] usb 4-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00 [ 1441.115471][ T6286] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1441.115536][ T2918] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1441.133630][ T2918] usb 4-1: config 0 descriptor?? [ 1441.148498][ T6286] EXT4-fs (loop0): 1 truncate cleaned up [ 1441.154032][ T6286] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1441.179680][ T5190] EXT4-fs (loop0): unmounting filesystem. [ 1441.300655][ T6296] kvm [6295]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0xa00000000 [ 1441.312943][ T6296] kvm [6295]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x250000f7ff [ 1441.322848][ T6296] kvm [6295]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x250000ffff [ 1441.326979][T18214] usbhid 3-1:0.0: can't add hid device: -71 [ 1441.345426][ T6296] kvm [6295]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0x250000ffff [ 1441.351616][T18214] usbhid: probe of 3-1:0.0 failed with error -71 [ 1441.355318][ T6296] kvm [6295]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x187 data 0x250000f7ff [ 1441.372476][T18214] usb 3-1: USB disconnect, device number 93 [ 1441.372967][ T6296] kvm [6295]: vcpu0, guest rIP: 0x18e ignored wrmsr: 0x11e data 0x250000ffff [ 1441.388290][ T6296] kvm [6295]: vcpu0, guest rIP: 0x18e vmx_set_msr: BTF|LBR in IA32_DEBUGCTLMSR 0x250000f7ff, nop [ 1441.416962][ T638] usb 5-1: new high-speed USB device number 118 using dummy_hcd [ 1441.618133][ T2918] magicmouse 0003:05AC:0269.00D3: unbalanced delimiter at end of report description [ 1441.632980][ T2918] magicmouse 0003:05AC:0269.00D3: magicmouse hid parse failed [ 1441.647904][ T2918] magicmouse: probe of 0003:05AC:0269.00D3 failed with error -22 [ 1441.776973][ T638] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1441.782064][ T599] EXT4-fs error: 20193 callbacks suppressed [ 1441.782091][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1441.793138][ T638] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1441.794245][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1441.812420][ T638] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1441.844151][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1441.851781][ T638] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1441.853197][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1441.868614][ T638] usb 5-1: config 0 descriptor?? [ 1441.872483][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1441.877992][ T2918] usb 4-1: USB disconnect, device number 90 [ 1441.885934][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1441.903098][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1441.912974][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1441.927342][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1441.936576][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1442.430148][ T6324] loop3: detected capacity change from 0 to 512 [ 1442.437377][ T6324] EXT4-fs: Ignoring removed oldalloc option [ 1442.443395][ T6324] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1442.472439][ T6324] EXT4-fs (loop3): 1 truncate cleaned up [ 1442.490711][ T6324] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1442.566668][ T4060] EXT4-fs (loop3): unmounting filesystem. [ 1442.577995][ T638] usb 5-1: language id specifier not provided by device, defaulting to English [ 1443.316983][ T638] uclogic 0003:256C:006D.00D4: v1 frame probing failed: -71 [ 1443.324175][ T638] uclogic 0003:256C:006D.00D4: failed probing parameters: -71 [ 1443.331553][ T638] uclogic: probe of 0003:256C:006D.00D4 failed with error -71 [ 1443.340387][ T638] usb 5-1: USB disconnect, device number 118 [ 1443.361944][ T6343] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3012553984 (6025107968 ns) > initial count (4194304 ns). Using initial count to start timer. [ 1443.917035][T20061] usb 3-1: new high-speed USB device number 94 using dummy_hcd [ 1444.085339][ T6394] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 1444.095091][ T6394] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1444.323674][ T6402] loop3: detected capacity change from 0 to 256 [ 1444.335948][ T6402] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1444.487643][T20061] usb 3-1: config 0 has an invalid interface number: 4 but max is 0 [ 1444.495858][T20061] usb 3-1: config 0 has no interface number 0 [ 1444.502929][T20061] usb 3-1: config 0 interface 4 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1444.515150][T20061] usb 3-1: config 0 interface 4 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1444.524841][T20061] usb 3-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00 [ 1444.533738][T20061] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1444.542782][T20061] usb 3-1: config 0 descriptor?? [ 1445.028072][T20061] magicmouse 0003:05AC:0269.00D5: unbalanced delimiter at end of report description [ 1445.041922][T20061] magicmouse 0003:05AC:0269.00D5: magicmouse hid parse failed [ 1445.051009][T20061] magicmouse: probe of 0003:05AC:0269.00D5 failed with error -22 [ 1445.239660][ T5057] usb 3-1: USB disconnect, device number 94 [ 1445.250969][ T6442] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 1445.261304][ T6442] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1445.293423][ T6447] EXT4-fs warning (device sda1): ext4_group_extend:1869: can't shrink FS - resize aborted [ 1445.314867][ T6453] loop0: detected capacity change from 0 to 2048 [ 1445.347979][ T6453] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1445.370882][ T6453] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.0: corrupted in-inode xattr [ 1445.415047][ T5190] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 16: comm syz-executor.0: lblock 0 mapped to illegal pblock 16 (length 1) [ 1445.433897][ T5190] EXT4-fs (loop0): unmounting filesystem. [ 1445.479150][ T43] tipc: Left network mode [ 1445.651862][ T6466] bridge0: port 1(bridge_slave_0) entered blocking state [ 1445.656916][ T2918] usb 4-1: new high-speed USB device number 91 using dummy_hcd [ 1445.659371][ T6466] bridge0: port 1(bridge_slave_0) entered disabled state [ 1445.673622][ T6466] device bridge_slave_0 entered promiscuous mode [ 1445.683269][ T6466] bridge0: port 2(bridge_slave_1) entered blocking state [ 1445.690157][ T6466] bridge0: port 2(bridge_slave_1) entered disabled state [ 1445.697450][ T6466] device bridge_slave_1 entered promiscuous mode [ 1445.789304][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1445.796821][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1445.811497][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1445.828410][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1445.836459][T30803] bridge0: port 1(bridge_slave_0) entered blocking state [ 1445.843323][T30803] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1445.857562][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1445.887277][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1445.895307][T30803] bridge0: port 2(bridge_slave_1) entered blocking state [ 1445.902177][T30803] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1445.906896][ T2918] usb 4-1: Using ep0 maxpacket: 8 [ 1445.920975][T20061] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1445.929791][T20061] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1445.944877][T20061] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1445.998212][ T6466] device veth0_vlan entered promiscuous mode [ 1446.005475][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1446.013977][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1446.022045][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1446.030215][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1446.043920][ T6466] device veth1_macvtap entered promiscuous mode [ 1446.053081][ T638] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1446.061209][ T2918] usb 4-1: config index 0 descriptor too short (expected 255, got 27) [ 1446.086301][ T2918] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1446.103847][ T43] device bridge_slave_1 left promiscuous mode [ 1446.173827][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 1446.277650][ T43] device bridge_slave_0 left promiscuous mode [ 1446.283623][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 1446.291699][ T43] device veth1_macvtap left promiscuous mode [ 1446.297559][ T43] device veth0_vlan left promiscuous mode [ 1446.310447][ T6480] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 1446.318668][ T6480] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1446.467055][ T2918] usb 4-1: New USB device found, idVendor=05f9, idProduct=ffff, bcdDevice=59.31 [ 1446.480109][ T2918] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1446.500120][ T2918] usb 4-1: Product: syz [ 1446.518788][ T2918] usb 4-1: Manufacturer: syz [ 1446.524942][ T2918] usb 4-1: SerialNumber: syz [ 1446.531774][ T638] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1446.544782][ T2918] usb 4-1: config 0 descriptor?? [ 1446.554921][ T638] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1446.607377][ T2918] usbserial_generic 4-1:0.0: The "generic" usb-serial driver is only for testing and one-off prototypes. [ 1446.619425][ T2918] usbserial_generic 4-1:0.0: Tell linux-usb@vger.kernel.org to add your device to a proper driver. [ 1446.630000][ T2918] usbserial_generic 4-1:0.0: device has no bulk endpoints [ 1446.788920][ T599] EXT4-fs error: 25067 callbacks suppressed [ 1446.789119][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1446.832192][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1446.838502][ T638] usb 4-1: USB disconnect, device number 91 [ 1446.841432][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1446.858172][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1446.867152][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1446.880820][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1446.890742][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1446.904437][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1446.914797][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1446.930564][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1446.976936][ T2918] usb 1-1: new high-speed USB device number 114 using dummy_hcd [ 1447.216894][ T2918] usb 1-1: Using ep0 maxpacket: 8 [ 1447.264057][ T6509] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 1447.272210][ T6509] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1447.309336][ T6513] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1447.383326][ T2918] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 1447.477578][ T2918] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 1447.487190][ T2918] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 1447.495654][ T2918] usb 1-1: SerialNumber: syz [ 1447.702434][ T2918] usb 1-1: config 0 descriptor?? [ 1447.716970][ T638] usb 4-1: new high-speed USB device number 92 using dummy_hcd [ 1447.978209][ T6529] input: syz1 as /devices/virtual/input/input204 [ 1448.067094][ T2918] usb 1-1: Found UVC 0.00 device (05ac:8501) [ 1448.074521][ T2918] usb 1-1: No valid video chain found. [ 1448.081586][ T2918] usb 1-1: USB disconnect, device number 114 [ 1448.127154][ T638] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1448.145253][ T638] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1448.155181][ T638] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 1448.342544][ T638] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1448.368687][ T638] usb 4-1: config 0 descriptor?? [ 1448.889707][ T2918] kernel write not supported for file /rfkill (pid: 2918 comm: kworker/1:6) [ 1448.923330][ T6545] loop0: detected capacity change from 0 to 40427 [ 1448.946969][ T638] usbhid 4-1:0.0: can't add hid device: -71 [ 1448.952738][ T638] usbhid: probe of 4-1:0.0 failed with error -71 [ 1448.961480][ T6545] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1449.017868][ T638] usb 4-1: USB disconnect, device number 92 [ 1449.036804][ T6545] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1449.083511][ T6466] syz-executor.0: attempt to access beyond end of device [ 1449.083511][ T6466] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1449.376897][T30803] usb 3-1: new high-speed USB device number 95 using dummy_hcd [ 1449.697132][ T638] usb 1-1: new high-speed USB device number 115 using dummy_hcd [ 1449.757590][T30803] usb 3-1: config 0 has an invalid interface descriptor of length 8, skipping [ 1449.768496][T30803] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1449.927175][T30803] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=18.40 [ 1449.936331][T30803] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1449.944295][T30803] usb 3-1: SerialNumber: syz [ 1449.947112][ T638] usb 1-1: Using ep0 maxpacket: 8 [ 1449.956119][T30803] usb 3-1: config 0 descriptor?? [ 1450.067109][ T638] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 1450.138781][ T6585] loop3: detected capacity change from 0 to 1024 [ 1450.159376][ T6585] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1450.167837][ T6585] ext4 filesystem being mounted at /root/syzkaller-testdir1603765168/syzkaller.DTK9JE/268/file0 supports timestamps until 2038 (0x7fffffff) [ 1450.200375][T30803] usb 3-1: USB disconnect, device number 95 [ 1450.296989][ T638] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 1450.305947][ T638] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 1450.313998][ T638] usb 1-1: SerialNumber: syz [ 1450.319288][ T638] usb 1-1: config 0 descriptor?? [ 1450.656938][ T638] usb 1-1: Found UVC 0.00 device (05ac:8501) [ 1450.663677][ T638] usb 1-1: No valid video chain found. [ 1450.669766][ T638] usb 1-1: USB disconnect, device number 115 [ 1450.850765][ T6604] fuse: Invalid rootmode [ 1451.143475][ T4060] EXT4-fs (loop3): unmounting filesystem. [ 1451.218349][ T6623] loop3: detected capacity change from 0 to 512 [ 1451.226802][ T6623] EXT4-fs (loop3): bad block size 8192 [ 1451.796982][ T599] EXT4-fs error: 21976 callbacks suppressed [ 1451.797160][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1451.903479][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1451.923196][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1451.973925][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1451.990603][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1452.008198][ T6631] bridge0: port 1(bridge_slave_0) entered blocking state [ 1452.024102][ T6631] bridge0: port 1(bridge_slave_0) entered disabled state [ 1452.034173][ T6631] device bridge_slave_0 entered promiscuous mode [ 1452.105096][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1452.114066][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1452.159314][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1452.178854][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1452.191128][ T6631] bridge0: port 2(bridge_slave_1) entered blocking state [ 1452.201536][ T6631] bridge0: port 2(bridge_slave_1) entered disabled state [ 1452.213120][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1452.222857][ T6631] device bridge_slave_1 entered promiscuous mode [ 1452.259757][ T6626] loop0: detected capacity change from 0 to 40427 [ 1452.266797][ T6626] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1452.336640][ T6626] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1452.359748][ T6626] F2FS-fs (loop0): invalid crc value [ 1452.414268][ T6626] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1452.720513][ T6626] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1452.727975][T27312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1452.735283][T27312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1452.742559][ T6626] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1452.760164][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1452.768412][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1452.777317][ T6633] usb 3-1: new high-speed USB device number 96 using dummy_hcd [ 1452.780819][ T6626] syz-executor.0: attempt to access beyond end of device [ 1452.780819][ T6626] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1452.801638][ T6626] syz-executor.0: attempt to access beyond end of device [ 1452.801638][ T6626] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 1452.809802][T30803] bridge0: port 1(bridge_slave_0) entered blocking state [ 1452.822439][T30803] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1452.830844][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1452.839112][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1452.847318][T30803] bridge0: port 2(bridge_slave_1) entered blocking state [ 1452.851101][ T6466] syz-executor.0: attempt to access beyond end of device [ 1452.851101][ T6466] loop0: rw=2051, sector=45096, nr_sectors = 16 limit=40427 [ 1452.854184][T30803] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1452.885701][T27312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1452.893439][ T6466] F2FS-fs (loop0): Issue discard(5637, 5637, 2) failed, ret: -5 [ 1452.893735][T27312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1452.909332][T27312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1452.932553][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1452.946808][ T6631] device veth0_vlan entered promiscuous mode [ 1452.954294][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1452.967515][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1452.974956][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1452.998758][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1453.008037][ T6631] device veth1_macvtap entered promiscuous mode [ 1453.020251][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1453.036928][T18291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1453.036987][ T6633] usb 3-1: Using ep0 maxpacket: 8 [ 1453.078423][T23778] device bridge_slave_1 left promiscuous mode [ 1453.085396][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1453.093431][T23778] device bridge_slave_0 left promiscuous mode [ 1453.100337][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1453.109524][T23778] device veth1_macvtap left promiscuous mode [ 1453.115488][T23778] device veth0_vlan left promiscuous mode [ 1453.200267][ T6633] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 1453.266493][ T6670] input: syz1 as /devices/virtual/input/input205 [ 1453.297134][ T6633] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 1453.315738][ T6633] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 1453.328689][ T6633] usb 3-1: SerialNumber: syz [ 1453.350219][ T6633] usb 3-1: config 0 descriptor?? [ 1453.416269][ T6683] xt_policy: output policy not valid in PREROUTING and INPUT [ 1453.510487][ T6691] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1453.873417][T30803] usb 2-1: new high-speed USB device number 89 using dummy_hcd [ 1453.936950][ T6633] usb 3-1: Found UVC 0.00 device (05ac:8501) [ 1453.944817][ T6633] usb 3-1: No valid video chain found. [ 1453.959316][ T6633] usb 3-1: USB disconnect, device number 96 [ 1454.126890][T30803] usb 2-1: Using ep0 maxpacket: 32 [ 1454.276970][T30803] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1454.315524][T30803] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1454.370495][T30803] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1454.404983][T30803] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1454.540878][T30803] usb 2-1: config 0 descriptor?? [ 1454.638864][T30803] hub 2-1:0.0: USB hub found [ 1454.891483][T30803] hub 2-1:0.0: config failed, can't read hub descriptor (err -22) [ 1454.996939][T30803] usbhid 2-1:0.0: can't add hid device: -71 [ 1455.002705][T30803] usbhid: probe of 2-1:0.0 failed with error -71 [ 1455.047450][T30803] usb 2-1: USB disconnect, device number 89 [ 1455.289796][ T6746] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1456.258075][ T6780] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1456.266380][ T6792] loop3: detected capacity change from 0 to 128 [ 1456.273193][ T6792] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 1456.507386][T30803] usb 1-1: new high-speed USB device number 116 using dummy_hcd [ 1456.862409][ T599] EXT4-fs error: 17246 callbacks suppressed [ 1456.862427][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1456.914610][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1456.923757][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1456.935381][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1456.944498][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1456.956231][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1456.966136][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1456.977979][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1456.986982][T30803] usb 1-1: Using ep0 maxpacket: 32 [ 1456.986981][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1456.987129][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1457.118703][T30803] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1457.131298][T30803] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1457.141061][T30803] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1457.150359][T30803] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1457.158845][T30803] usb 1-1: config 0 descriptor?? [ 1457.207589][T30803] hub 1-1:0.0: USB hub found [ 1457.659846][T30803] hub 1-1:0.0: config failed, can't read hub descriptor (err -22) [ 1457.786954][T30803] usbhid 1-1:0.0: can't add hid device: -71 [ 1457.792884][T30803] usbhid: probe of 1-1:0.0 failed with error -71 [ 1457.837550][T30803] usb 1-1: USB disconnect, device number 116 [ 1458.275619][ T28] kauditd_printk_skb: 185 callbacks suppressed [ 1458.275636][ T28] audit: type=1326 audit(2000000239.266:58285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6847 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc031a7cea9 code=0x0 [ 1459.446929][T30803] usb 1-1: new high-speed USB device number 117 using dummy_hcd [ 1459.591458][ T28] audit: type=1326 audit(2000000240.586:58286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6887 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc031a7cea9 code=0x0 [ 1459.686889][T30803] usb 1-1: Using ep0 maxpacket: 8 [ 1459.734479][ T6893] netlink: 'syz-executor.2': attribute type 9 has an invalid length. [ 1459.742976][ T6893] netlink: 'syz-executor.2': attribute type 7 has an invalid length. [ 1459.778399][ T6893] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 1459.817009][T30803] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1459.828071][T30803] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1459.838087][T30803] usb 1-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00 [ 1459.847076][T30803] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1459.854876][ T28] audit: type=1326 audit(2000000240.846:58287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6887 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc031a7cea9 code=0x0 [ 1459.887719][T30803] usb 1-1: config 0 descriptor?? [ 1459.902266][ T28] audit: type=1326 audit(2000000240.876:58288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa251a7cea9 code=0x7ffc0000 [ 1459.926310][ T28] audit: type=1326 audit(2000000240.876:58289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa251a7cea9 code=0x7ffc0000 [ 1459.950655][ T28] audit: type=1326 audit(2000000240.876:58290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa251a7cea9 code=0x7ffc0000 [ 1459.998105][ T28] audit: type=1326 audit(2000000240.876:58291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa251a7cea9 code=0x7ffc0000 [ 1460.022106][ T28] audit: type=1326 audit(2000000240.876:58292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa251a7cea9 code=0x7ffc0000 [ 1460.046206][ T28] audit: type=1326 audit(2000000240.876:58293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa251a7a627 code=0x7ffc0000 [ 1460.079484][ T28] audit: type=1326 audit(2000000240.876:58294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa251a402e9 code=0x7ffc0000 [ 1460.268357][ T6916] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 1460.285333][ T6916] netlink: 3657 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1460.408604][T30803] hid-led 0003:04D8:F372.00D6: hidraw0: USB HID v0.00 Device [HID 04d8:f372] on usb-dummy_hcd.0-1/input0 [ 1460.437679][T30803] hid-led 0003:04D8:F372.00D6: Greynut Luxafor initialized [ 1460.656535][ T5057] usb 1-1: USB disconnect, device number 117 [ 1460.670332][T31274] leds luxafor0:blue:led5: Setting an LED's brightness failed (-38) [ 1460.683581][T31274] leds luxafor0:green:led5: Setting an LED's brightness failed (-38) [ 1460.697595][T31274] leds luxafor0:red:led5: Setting an LED's brightness failed (-38) [ 1460.716532][T31274] leds luxafor0:blue:led4: Setting an LED's brightness failed (-38) [ 1460.738419][T31274] leds luxafor0:green:led4: Setting an LED's brightness failed (-38) [ 1460.758640][T31274] leds luxafor0:red:led4: Setting an LED's brightness failed (-38) [ 1460.766672][T31274] leds luxafor0:blue:led3: Setting an LED's brightness failed (-38) [ 1460.775259][T31274] leds luxafor0:green:led3: Setting an LED's brightness failed (-38) [ 1460.783682][T31274] leds luxafor0:red:led3: Setting an LED's brightness failed (-38) [ 1460.792505][T31274] leds luxafor0:blue:led2: Setting an LED's brightness failed (-38) [ 1460.801274][ T2918] leds luxafor0:green:led2: Setting an LED's brightness failed (-38) [ 1460.810591][ T2918] leds luxafor0:red:led2: Setting an LED's brightness failed (-38) [ 1460.818911][ T2918] leds luxafor0:blue:led1: Setting an LED's brightness failed (-38) [ 1460.835466][ T2918] leds luxafor0:green:led1: Setting an LED's brightness failed (-38) [ 1460.845198][ T2918] leds luxafor0:red:led1: Setting an LED's brightness failed (-38) [ 1460.867866][ T2918] leds luxafor0:blue:led0: Setting an LED's brightness failed (-38) [ 1460.884581][ T2918] leds luxafor0:green:led0: Setting an LED's brightness failed (-38) [ 1460.894688][ T6989] af_packet: tpacket_rcv: packet too big, clamped from 36 to 4294967272. macoff=96 [ 1460.913972][ T2918] leds luxafor0:red:led0: Setting an LED's brightness failed (-38) [ 1460.935576][ T6995] syz-executor.4[6995] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1460.935637][ T6995] syz-executor.4[6995] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1460.948472][ T6995] syz-executor.4[6995] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1460.960169][ T6995] syz-executor.4[6995] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1461.466051][ T7022] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 1461.477839][ T5057] usb 1-1: new high-speed USB device number 118 using dummy_hcd [ 1461.483552][ T7022] pim6reg0: linktype set to 778 [ 1461.582284][ T7025] syz-executor.4[7025] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1461.582356][ T7025] syz-executor.4[7025] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1461.599676][ T7025] syz-executor.4[7025] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1461.648461][ T7025] syz-executor.4[7025] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1461.731145][ T7023] bridge0: port 1(bridge_slave_0) entered blocking state [ 1461.747013][ T5057] usb 1-1: Using ep0 maxpacket: 8 [ 1461.761173][ T7044] serio: Serial port pts0 [ 1461.766946][ T7023] bridge0: port 1(bridge_slave_0) entered disabled state [ 1461.774508][ T7023] device bridge_slave_0 entered promiscuous mode [ 1461.787615][ T7023] bridge0: port 2(bridge_slave_1) entered blocking state [ 1461.794670][ T7023] bridge0: port 2(bridge_slave_1) entered disabled state [ 1461.804917][ T7023] device bridge_slave_1 entered promiscuous mode [ 1461.867592][ T599] EXT4-fs error: 26029 callbacks suppressed [ 1461.867630][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1461.882315][ T5057] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1461.893212][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1461.905164][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1461.913128][ T5057] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1461.923768][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1461.924048][ T5057] usb 1-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00 [ 1461.943910][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1461.945529][ T5057] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1461.953350][ T7052] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1461.962899][ T7052] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1461.971580][ T5057] usb 1-1: config 0 descriptor?? [ 1461.986764][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1462.011900][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1462.021448][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1462.033252][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1462.043143][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1462.137807][T31315] device bridge_slave_1 left promiscuous mode [ 1462.146276][T31315] bridge0: port 2(bridge_slave_1) entered disabled state [ 1462.178740][T31315] device bridge_slave_0 left promiscuous mode [ 1462.184775][T31315] bridge0: port 1(bridge_slave_0) entered disabled state [ 1462.233971][T31315] device veth1_macvtap left promiscuous mode [ 1462.240057][T31315] device veth0_vlan left promiscuous mode [ 1462.470282][ T5057] logitech 0003:046D:C20E.00D7: rdesc size test failed for formula gp [ 1462.515244][ T5057] logitech 0003:046D:C20E.00D7: hidraw0: USB HID v0.00 Device [HID 046d:c20e] on usb-dummy_hcd.0-1/input0 [ 1462.563201][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1462.572362][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1462.582536][ T638] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1462.605575][ T638] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1462.629281][ T638] bridge0: port 1(bridge_slave_0) entered blocking state [ 1462.636468][ T638] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1462.664068][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1462.681003][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1462.686005][T30803] usb 1-1: USB disconnect, device number 118 [ 1462.689660][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1462.703023][ T5057] bridge0: port 2(bridge_slave_1) entered blocking state [ 1462.709902][ T5057] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1462.717895][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1462.725872][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1462.741257][ T638] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1462.749447][ T638] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1462.780206][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1462.790256][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1462.801825][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1462.809747][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1462.817774][ T7023] device veth0_vlan entered promiscuous mode [ 1462.825827][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1462.834887][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1462.912342][ T7023] device veth1_macvtap entered promiscuous mode [ 1462.919659][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1462.928241][ T2918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1462.946603][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1462.955011][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1462.963372][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1462.971588][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1464.108924][ T7130] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 1464.136105][ T7130] x_tables: duplicate underflow at hook 2 [ 1464.571422][ T6633] usb 2-1: new high-speed USB device number 90 using dummy_hcd [ 1464.689067][ T28] kauditd_printk_skb: 6 callbacks suppressed [ 1464.689083][ T28] audit: type=1400 audit(2000000245.686:58301): avc: denied { map } for pid=7151 comm="syz-executor.0" path="/dev/uinput" dev="devtmpfs" ino=170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 1464.724631][ T28] audit: type=1400 audit(2000000245.686:58302): avc: denied { execute } for pid=7151 comm="syz-executor.0" path="/dev/uinput" dev="devtmpfs" ino=170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 1464.836895][ T6633] usb 2-1: Using ep0 maxpacket: 8 [ 1464.896971][ T2918] usb 5-1: new high-speed USB device number 119 using dummy_hcd [ 1464.946472][ T28] audit: type=1400 audit(2000000245.936:58303): avc: denied { audit_write } for pid=7160 comm="syz-executor.0" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 1464.970468][ T28] audit: type=1107 audit(2000000245.966:58304): pid=7160 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 1464.986965][ T6633] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1465.056941][ T6633] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1465.066616][ T6633] usb 2-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00 [ 1465.083992][ T6633] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1465.094026][ T6633] usb 2-1: config 0 descriptor?? [ 1465.277348][ T2918] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 33825, setting to 64 [ 1465.324722][ T2918] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1465.466969][ T2918] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1465.481128][ T2918] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1465.497203][ T2918] usb 5-1: SerialNumber: syz [ 1465.547336][ T2918] cdc_ether: probe of 5-1:1.0 failed with error -22 [ 1465.727574][ T6633] logitech 0003:046D:C20E.00D8: rdesc size test failed for formula gp [ 1465.762654][ T6633] logitech 0003:046D:C20E.00D8: hidraw0: USB HID v0.00 Device [HID 046d:c20e] on usb-dummy_hcd.1-1/input0 [ 1465.855439][ T6633] usb 5-1: USB disconnect, device number 119 [ 1465.931356][T29836] usb 2-1: USB disconnect, device number 90 [ 1466.661191][ T7206] overlayfs: statfs failed on './file0' [ 1466.696916][ T6633] usb 5-1: new high-speed USB device number 120 using dummy_hcd [ 1467.244626][T12210] EXT4-fs error: 16934 callbacks suppressed [ 1467.244648][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1467.277911][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1467.331378][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1467.401965][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1467.506991][ T6633] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 1467.577529][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1467.620127][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1467.676959][ T6633] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1467.706821][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1467.723656][ T6633] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1467.778964][ T6633] usb 5-1: SerialNumber: syz [ 1467.782359][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1467.880074][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1467.954379][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1468.167417][ T6633] cdc_ether: probe of 5-1:1.0 failed with error -22 [ 1468.306988][ T7237] overlayfs: missing 'lowerdir' [ 1468.369917][ T6633] usb 5-1: USB disconnect, device number 120 [ 1468.397895][ T7242] syz-executor.2[7242] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1468.397972][ T7242] syz-executor.2[7242] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1468.733489][ T7262] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 1468.913406][ T7294] syz-executor.4[7294] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1468.913590][ T7294] syz-executor.4[7294] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1468.927216][ T7295] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 1469.020183][ T28] audit: type=1400 audit(2000000250.016:58305): avc: denied { create } for pid=7300 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 1469.292586][ T7328] overlayfs: missing 'lowerdir' [ 1469.783451][ T7332] overlayfs: failed to resolve './file0': -2 [ 1470.006027][ T7351] geneve1: tun_chr_ioctl cmd 1074025681 [ 1470.345991][ T28] audit: type=1107 audit(2000000251.336:58306): pid=7379 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 1470.362639][ T7384] overlayfs: missing 'lowerdir' [ 1471.262628][ T7423] syz-executor.0[7423] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1471.262710][ T7423] syz-executor.0[7423] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1471.846922][ T6633] usb 2-1: new high-speed USB device number 91 using dummy_hcd [ 1471.870249][ T7457] fuse: Bad value for 'fd' [ 1472.284212][ T599] EXT4-fs error: 18913 callbacks suppressed [ 1472.284250][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1472.377098][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1472.387732][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1472.401804][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1472.411267][ T6633] usb 2-1: Using ep0 maxpacket: 16 [ 1472.411850][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1472.443673][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1472.458176][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1472.491764][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1472.510039][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1472.524474][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1472.576954][ T6633] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1472.578522][ T7489] syz-executor.3[7489] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1472.593286][ T7489] syz-executor.3[7489] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1472.666963][ T6633] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1472.708321][ T6633] usb 2-1: config 1 interface 0 has no altsetting 0 [ 1473.186996][ T6633] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1473.208422][ T6633] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1473.235440][ T6633] usb 2-1: Product: syz [ 1473.247810][ T6633] usb 2-1: Manufacturer: syz [ 1473.261941][ T6633] usb 2-1: SerialNumber: syz [ 1473.567207][ T6633] usb 2-1: bad CDC descriptors [ 1473.578364][ T6633] usb 2-1: USB disconnect, device number 91 [ 1473.828984][ T7534] overlayfs: missing 'lowerdir' [ 1477.286953][ T599] EXT4-fs error: 28284 callbacks suppressed [ 1477.286974][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1477.304216][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1477.313342][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1477.324903][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1477.333911][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1477.345384][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1477.354400][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1477.366062][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1477.375034][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1477.386615][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1477.854807][ T28] audit: type=1107 audit(2000000258.040:58307): pid=7557 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 1478.094547][ T28] audit: type=1326 audit(2000000258.280:58308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7581 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce15e7cea9 code=0x7ffc0000 [ 1478.118562][ T28] audit: type=1326 audit(2000000258.310:58309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7581 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce15e7cea9 code=0x7ffc0000 [ 1478.142843][ T28] audit: type=1326 audit(2000000258.310:58310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7581 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fce15e7cea9 code=0x7ffc0000 [ 1478.215433][ T7584] devtmpfs: Too few inodes for current use [ 1478.237023][ T28] audit: type=1326 audit(2000000258.310:58311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7581 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce15e7cea9 code=0x7ffc0000 [ 1478.261832][ T28] audit: type=1326 audit(2000000258.310:58312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7581 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fce15e7cea9 code=0x7ffc0000 [ 1478.354571][ T28] audit: type=1326 audit(2000000258.380:58313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7581 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce15e7cea9 code=0x7ffc0000 [ 1478.406975][ T28] audit: type=1326 audit(2000000258.390:58314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7581 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fce15e7a627 code=0x7ffc0000 [ 1478.431122][ T28] audit: type=1326 audit(2000000258.390:58315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7581 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fce15e402e9 code=0x7ffc0000 [ 1478.455629][ T28] audit: type=1326 audit(2000000258.390:58316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7581 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fce15e7a627 code=0x7ffc0000 [ 1478.647407][ T7603] device vlan1 entered promiscuous mode [ 1478.669263][ T7603] device vlan1 left promiscuous mode [ 1479.097452][ T7619] tipc: Failed to remove unknown binding: 66,1,1/0:3939348741/3939348743 [ 1479.123469][ T7619] tipc: Failed to remove unknown binding: 66,1,1/0:3939348741/3939348743 [ 1479.248689][ T7639] fuse: Bad value for 'fd' [ 1479.336927][T27312] usb 2-1: new high-speed USB device number 92 using dummy_hcd [ 1479.460542][ T7650] tipc: Failed to remove unknown binding: 66,1,1/0:946284643/946284645 [ 1479.468712][ T7650] tipc: Failed to remove unknown binding: 66,1,1/0:946284643/946284645 [ 1479.534941][ T7659] devtmpfs: Too few inodes for current use [ 1479.597132][T27312] usb 2-1: Using ep0 maxpacket: 16 [ 1479.675464][ T7671] overlayfs: statfs failed on './file0' [ 1480.076931][T27312] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1480.155742][ T7684] tipc: Failed to remove unknown binding: 66,1,1/0:494900771/494900773 [ 1480.166996][T27312] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1480.191720][T27312] usb 2-1: config 1 interface 0 has no altsetting 0 [ 1480.198613][ T7684] tipc: Failed to remove unknown binding: 66,1,1/0:494900771/494900773 [ 1480.850149][ T7691] 9pnet_fd: p9_fd_create_unix (7691): problem connecting socket: ./bus/file0: -111 [ 1480.946936][T27312] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1480.975444][T27312] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1480.998437][T27312] usb 2-1: Product: syz [ 1481.009362][T27312] usb 2-1: Manufacturer: syz [ 1481.014037][T27312] usb 2-1: SerialNumber: syz [ 1481.288230][T27312] usb 2-1: bad CDC descriptors [ 1481.295206][T27312] usb 2-1: USB disconnect, device number 92 [ 1481.403030][ T7738] devtmpfs: Too few inodes for current use [ 1482.049827][ T7764] syz-executor.4[7764] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1482.049902][ T7764] syz-executor.4[7764] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1482.170932][ T7777] syz-executor.3[7777] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1482.182802][ T7777] syz-executor.3[7777] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1482.297138][ T599] EXT4-fs error: 18268 callbacks suppressed [ 1482.297157][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1482.479935][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1482.489014][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1482.503503][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1482.513793][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1482.525959][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1482.526211][ T7797] sysfs: Unknown parameter 'g]d' [ 1482.550001][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1482.563603][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1482.573135][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1482.585030][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1482.842638][ T7809] overlayfs: failed to resolve './file0': -2 [ 1483.066959][T18751] usb 3-1: new high-speed USB device number 97 using dummy_hcd [ 1483.356910][T18751] usb 3-1: device descriptor read/64, error -71 [ 1483.712451][ T28] kauditd_printk_skb: 148 callbacks suppressed [ 1483.712468][ T28] audit: type=1107 audit(2000000263.680:58465): pid=7834 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 1483.766895][T18751] usb 3-1: device descriptor read/64, error -71 [ 1483.835754][ T7837] overlayfs: statfs failed on './file0' [ 1483.884009][ T7841] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1483.893465][ T7841] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1484.037022][T18751] usb 3-1: new high-speed USB device number 98 using dummy_hcd [ 1484.109766][ T7853] fuse: Bad value for 'fd' [ 1484.115913][ T7853] 9pnet_virtio: no channels available for device syz [ 1484.270389][ T7865] syz-executor.3[7865] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1484.270466][ T7865] syz-executor.3[7865] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1484.316907][T18751] usb 3-1: device descriptor read/64, error -71 [ 1484.647974][ T7891] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 1484.956897][T18751] usb 3-1: device descriptor read/64, error -71 [ 1485.086982][T18751] usb usb3-port1: attempt power cycle [ 1485.516936][T18751] usb 3-1: new high-speed USB device number 99 using dummy_hcd [ 1485.630726][ T7906] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 1485.651145][ T28] audit: type=1400 audit(2000000265.620:58466): avc: denied { rename } for pid=7907 comm="syz-executor.1" name="file5" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1 [ 1485.696909][T18751] usb 3-1: device descriptor read/8, error -71 [ 1485.906911][T18751] usb 3-1: device descriptor read/8, error -71 [ 1486.406883][T18751] usb 3-1: new high-speed USB device number 100 using dummy_hcd [ 1486.636948][T18751] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1486.647770][T18751] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1486.657960][T18751] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1486.670606][T18751] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10 [ 1486.679413][T18751] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1486.687855][T18751] usb 3-1: config 0 descriptor?? [ 1487.167823][T18751] prodikeys 0003:041E:2801.00D9: unknown main item tag 0x0 [ 1487.174978][T18751] prodikeys 0003:041E:2801.00D9: unknown main item tag 0x0 [ 1487.197536][T18751] prodikeys 0003:041E:2801.00D9: item fetching failed at offset 4/5 [ 1487.207112][T18751] prodikeys 0003:041E:2801.00D9: hid parse failed [ 1487.213370][T18751] prodikeys: probe of 0003:041E:2801.00D9 failed with error -22 [ 1487.306879][ T599] EXT4-fs error: 32093 callbacks suppressed [ 1487.306898][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1487.327127][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1487.345965][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1487.372781][T18751] usb 3-1: USB disconnect, device number 100 [ 1487.378689][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1487.407094][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1487.426893][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1487.447205][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1487.462977][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1487.487047][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1487.507073][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1490.367983][ T719] device bridge_slave_1 left promiscuous mode [ 1490.375776][ T719] bridge0: port 2(bridge_slave_1) entered disabled state [ 1490.393368][ T719] device bridge_slave_0 left promiscuous mode [ 1490.407073][ T719] bridge0: port 1(bridge_slave_0) entered disabled state [ 1490.420642][ T719] device veth1_macvtap left promiscuous mode [ 1490.436715][ T719] device veth0_vlan left promiscuous mode [ 1492.317229][ T599] EXT4-fs error: 34056 callbacks suppressed [ 1492.317249][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1492.341975][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1492.353417][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1492.362347][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1492.374160][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1492.383500][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1492.395083][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1492.405101][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1492.416584][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1492.425546][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1494.046426][ T8036] syz-executor.2[8036] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1494.046503][ T8036] syz-executor.2[8036] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1494.216914][T31246] usb 5-1: new high-speed USB device number 121 using dummy_hcd [ 1494.572818][ T8078] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1494.582553][ T8078] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1494.591810][ T8078] bridge0: port 2(bridge_slave_1) entered disabled state [ 1494.597064][T31246] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1494.609648][ T8078] bridge0: port 2(bridge_slave_1) entered blocking state [ 1494.616508][ T8078] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1494.776968][T31246] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1494.790609][ T28] audit: type=1326 audit(2000000274.760:58467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8087 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa251a7cea9 code=0x0 [ 1494.802752][T31246] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1494.821833][T31246] usb 5-1: Product: syz [ 1494.825905][T31246] usb 5-1: Manufacturer: syz [ 1494.830488][T31246] usb 5-1: SerialNumber: syz [ 1495.966992][T31246] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 1495.980289][T31246] cdc_ncm 5-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048 [ 1496.002230][T31246] cdc_ncm 5-1:1.0: setting rx_max = 2048 [ 1496.376969][T31246] cdc_ncm 5-1:1.0: setting tx_max = 88 [ 1496.386177][T31246] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 1496.425118][T31246] usb 5-1: USB disconnect, device number 121 [ 1496.443185][T31246] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP) [ 1497.052500][ T8146] netem: incorrect ge model size [ 1497.069978][ T8146] netem: change failed [ 1497.326988][ T599] EXT4-fs error: 32326 callbacks suppressed [ 1497.327009][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1497.351696][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1497.373973][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1497.393282][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1497.416505][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1497.442580][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1497.475474][ T599] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1497.504500][ T599] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm kworker/u4:3: mark_inode_dirty error [ 1497.551012][T12210] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Out of memory [ 1497.570199][T12210] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #18: comm syz-executor.2: mark_inode_dirty error [ 1498.049523][T18861] tipc: Left network mode [ 1498.218347][ T8186] bridge0: port 1(bridge_slave_0) entered blocking state [ 1498.225248][ T8186] bridge0: port 1(bridge_slave_0) entered disabled state [ 1498.233102][ T8186] device bridge_slave_0 entered promiscuous mode [ 1498.243576][ T8186] bridge0: port 2(bridge_slave_1) entered blocking state [ 1498.250501][ T8186] bridge0: port 2(bridge_slave_1) entered disabled state [ 1498.258013][ T8186] device bridge_slave_1 entered promiscuous mode [ 1498.347359][ T8186] bridge0: port 2(bridge_slave_1) entered blocking state [ 1498.354232][ T8186] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1498.361340][ T8186] bridge0: port 1(bridge_slave_0) entered blocking state [ 1498.368292][ T8186] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1498.413007][T31246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1498.420880][T31246] bridge0: port 1(bridge_slave_0) entered disabled state [ 1498.428246][T31246] bridge0: port 2(bridge_slave_1) entered disabled state [ 1498.440727][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1498.452157][T15162] bridge0: port 1(bridge_slave_0) entered blocking state [ 1498.459031][T15162] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1498.471154][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1498.479440][T15162] bridge0: port 2(bridge_slave_1) entered blocking state [ 1498.486299][T15162] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1498.520253][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1498.528553][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1498.547762][T31246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1498.567427][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1498.575798][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1498.583236][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1498.598015][ T8186] device veth0_vlan entered promiscuous mode [ 1498.619957][T30803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1498.649116][T18861] device bridge_slave_1 left promiscuous mode [ 1498.655073][T18861] bridge0: port 2(bridge_slave_1) entered disabled state [ 1498.683049][T18861] device bridge_slave_0 left promiscuous mode [ 1498.698001][T18861] bridge0: port 1(bridge_slave_0) entered disabled state [ 1498.708037][T18861] device veth1_macvtap left promiscuous mode [ 1498.714185][T18861] device veth0_vlan left promiscuous mode [ 1498.737798][ T8202] overlayfs: failed to resolve './file1': -2 [ 1498.842880][ T8216] cgroup: No subsys list or none specified [ 1498.851634][ T8186] device veth1_macvtap entered promiscuous mode [ 1498.881751][T15162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1498.897247][T31246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1499.177128][T15162] usb 5-1: new high-speed USB device number 122 using dummy_hcd [ 1499.426907][T15162] usb 5-1: Using ep0 maxpacket: 8 [ 1499.546934][T15162] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1499.556958][T15162] usb 5-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6 [ 1499.565851][T15162] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1499.574260][T15162] usb 5-1: config 0 descriptor?? [ 1499.820921][T30803] usb 5-1: USB disconnect, device number 122 [ 1499.962034][ T599] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 3 with error 117 [ 1499.974440][ T599] EXT4-fs (loop2): This should not happen!! Data will be lost [ 1499.974440][ T599] [ 1500.061421][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1500.077956][T13387] FAT-fs (loop4): unable to read boot sector to mark fs as dirty [ 1500.360059][T12210] EXT4-fs (loop2): unmounting filesystem. [ 1500.412248][ T8262] loop2: detected capacity change from 0 to 512 [ 1500.424686][ T8264] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1500.434252][ T8264] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1500.435939][ T8262] EXT4-fs error (device loop2): __ext4_iget:5046: inode #3: block 127754: comm syz-executor.2: invalid block [ 1500.463342][ T8262] EXT4-fs error (device loop2): ext4_quota_enable:6946: comm syz-executor.2: Bad quota inode: 3, type: 0 [ 1500.477598][ T8262] EXT4-fs warning (device loop2): ext4_enable_quotas:6987: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 1500.493198][ T8262] EXT4-fs (loop2): mount failed [ 1500.663211][ T8298] loop2: detected capacity change from 0 to 256 [ 1500.674282][ T8298] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1500.689094][T23778] device bridge_slave_1 left promiscuous mode [ 1500.695143][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1500.710122][T23778] device bridge_slave_0 left promiscuous mode [ 1500.716183][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1500.724864][T23778] device veth1_macvtap left promiscuous mode [ 1500.734309][ T8305] cgroup: No subsys list or none specified [ 1500.744414][T23778] device veth0_vlan left promiscuous mode [ 1500.763777][ T8309] syz-executor.1[8309] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1500.763856][ T8309] syz-executor.1[8309] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1500.920844][ T8334] incfs: Error accessing: ./file1. [ 1500.938010][ T8334] incfs: mount failed -2 [ 1501.025080][ T8337] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1501.223890][ T8345] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1501.439675][ T8374] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1501.466673][ T8377] syz-executor.1[8377] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1501.466743][ T8377] syz-executor.1[8377] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1501.519039][ T28] audit: type=1326 audit(2000000281.490:58468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8388 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbed807cea9 code=0x0 [ 1501.861148][ T8405] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1502.043607][ T8415] syz-executor.0[8415] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1502.043680][ T8415] syz-executor.0[8415] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1502.466688][ T8445] syz-executor.0[8445] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1502.486359][ T8445] syz-executor.0[8445] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1502.500863][T23778] device bridge_slave_1 left promiscuous mode [ 1502.539169][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1502.551824][T23778] device bridge_slave_0 left promiscuous mode [ 1502.558337][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1502.567577][T23778] device bridge_slave_1 left promiscuous mode [ 1502.573511][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1502.588089][T23778] device bridge_slave_0 left promiscuous mode [ 1502.612901][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1502.633489][T23778] device bridge_slave_1 left promiscuous mode [ 1502.655364][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1502.667300][T23778] device bridge_slave_0 left promiscuous mode [ 1502.688267][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1502.714046][T23778] device bridge_slave_1 left promiscuous mode [ 1502.730199][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1502.755422][T23778] device bridge_slave_0 left promiscuous mode [ 1502.768934][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1502.804596][T23778] device bridge_slave_1 left promiscuous mode [ 1502.818814][ T8467] input: syz1 as /devices/virtual/input/input206 [ 1502.825115][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1502.853130][T23778] device bridge_slave_0 left promiscuous mode [ 1502.860665][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1502.878473][T23778] device bridge_slave_0 left promiscuous mode [ 1502.894571][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1502.911111][T23778] device bridge_slave_1 left promiscuous mode [ 1502.923096][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1502.937767][T23778] device bridge_slave_0 left promiscuous mode [ 1502.950199][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1502.970243][T23778] device bridge_slave_1 left promiscuous mode [ 1502.982651][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1502.997292][T23778] device bridge_slave_0 left promiscuous mode [ 1503.009682][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1503.025128][T23778] device bridge_slave_1 left promiscuous mode [ 1503.037705][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1503.052562][T23778] device bridge_slave_0 left promiscuous mode [ 1503.064987][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1503.080809][T23778] device bridge_slave_1 left promiscuous mode [ 1503.093329][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1503.108195][T23778] device bridge_slave_0 left promiscuous mode [ 1503.120616][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1503.136090][T23778] device bridge_slave_1 left promiscuous mode [ 1503.148592][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1503.163489][T23778] device bridge_slave_0 left promiscuous mode [ 1503.175967][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1503.193098][T23778] device bridge_slave_1 left promiscuous mode [ 1503.204485][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1503.220221][T23778] device bridge_slave_0 left promiscuous mode [ 1503.231585][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1503.240954][T23778] device bridge_slave_1 left promiscuous mode [ 1503.246976][T23778] bridge0: port 2(bridge_slave_1) entered disabled state [ 1503.254392][T23778] device bridge_slave_0 left promiscuous mode [ 1503.261501][T23778] bridge0: port 1(bridge_slave_0) entered disabled state [ 1503.283631][T23778] device veth1_macvtap left promiscuous mode [ 1503.292645][T23778] device veth0_vlan left promiscuous mode [ 1503.300205][T23778] device veth1_macvtap left promiscuous mode [ 1503.313835][T23778] device veth0_vlan left promiscuous mode [ 1503.319803][T23778] device veth1_macvtap left promiscuous mode [ 1503.326041][T23778] device veth0_vlan left promiscuous mode [ 1503.335888][T23778] device veth1_macvtap left promiscuous mode [ 1503.347136][T23778] device veth0_vlan left promiscuous mode [ 1503.363253][T23778] device veth1_macvtap left promiscuous mode [ 1503.369881][T23778] device veth0_vlan left promiscuous mode [ 1503.377601][T23778] device veth1_macvtap left promiscuous mode [ 1503.379115][ T8443] loop4: detected capacity change from 0 to 131072 [ 1503.383433][T23778] device veth0_vlan left promiscuous mode [ 1503.401889][T23778] device veth1_macvtap left promiscuous mode [ 1503.408052][T23778] device veth0_vlan left promiscuous mode [ 1503.413933][T23778] device veth1_macvtap left promiscuous mode [ 1503.419890][T23778] device veth0_vlan left promiscuous mode [ 1503.427926][T23778] device veth1_macvtap left promiscuous mode [ 1503.434098][T23778] device veth0_vlan left promiscuous mode [ 1503.440216][T23778] device veth1_macvtap left promiscuous mode [ 1503.446207][T23778] device veth0_vlan left promiscuous mode [ 1503.452255][T23778] device veth1_macvtap left promiscuous mode [ 1503.460118][T23778] device veth0_vlan left promiscuous mode [ 1503.465961][T23778] device veth1_macvtap left promiscuous mode [ 1503.471937][T23778] device veth0_vlan left promiscuous mode [ 1503.482608][T23778] device veth1_macvtap left promiscuous mode [ 1503.495187][T23778] device veth0_vlan left promiscuous mode [ 1504.120780][ T8513] loop2: detected capacity change from 0 to 40427 [ 1504.128234][ T8513] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1504.135815][ T8513] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1504.153817][ T8513] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1504.191498][ T8513] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1504.198423][ T8513] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1504.341302][ T28] audit: type=1326 audit(2000000284.310:58469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8550 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0487cea9 code=0x7ffc0000 [ 1504.366524][ T28] audit: type=1326 audit(2000000284.310:58470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8550 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a0487cea9 code=0x7ffc0000 [ 1504.392182][ T28] audit: type=1326 audit(2000000284.310:58471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8550 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0487cea9 code=0x7ffc0000 [ 1504.421183][ T28] audit: type=1326 audit(2000000284.310:58472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8550 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3a0487cea9 code=0x7ffc0000 [ 1504.448009][ T28] audit: type=1326 audit(2000000284.310:58473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8550 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0487cea9 code=0x7ffc0000 [ 1504.471943][ T28] audit: type=1326 audit(2000000284.310:58474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8550 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a0487cea9 code=0x7ffc0000 [ 1504.496031][ T28] audit: type=1326 audit(2000000284.310:58475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8550 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0487cea9 code=0x7ffc0000 [ 1504.520420][ T28] audit: type=1326 audit(2000000284.310:58476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8550 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a0487cea9 code=0x7ffc0000 [ 1504.544734][ T28] audit: type=1326 audit(2000000284.310:58477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8550 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a0487cea9 code=0x7ffc0000 [ 1504.596018][ T8563] loop2: detected capacity change from 0 to 1024 [ 1504.603168][ T8563] EXT4-fs: Ignoring removed orlov option [ 1504.622235][ T8563] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1504.652290][ T8563] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1504.680240][ T8563] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.2: corrupt xattr in inline inode [ 1504.694286][ T8563] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.2: corrupted in-inode xattr [ 1504.727363][ T8186] ================================================================== [ 1504.735249][ T8186] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0 [ 1504.743059][ T8186] Read of size 4 at addr ffff8881549c4000 by task syz-executor.2/8186 [ 1504.751048][ T8186] [ 1504.753216][ T8186] CPU: 1 PID: 8186 Comm: syz-executor.2 Tainted: G W 6.1.78-syzkaller-00002-g65aed0e2f758 #0 [ 1504.764584][ T8186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 1504.774479][ T8186] Call Trace: 2033/05/18 03:38:04 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 1504.777602][ T8186] [ 1504.780379][ T8186] dump_stack_lvl+0x151/0x1b7 [ 1504.784896][ T8186] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 1504.790189][ T8186] ? _printk+0xd1/0x111 [ 1504.794182][ T8186] ? __virt_addr_valid+0x242/0x2f0 [ 1504.799132][ T8186] print_report+0x158/0x4e0 [ 1504.803469][ T8186] ? __virt_addr_valid+0x242/0x2f0 [ 1504.808415][ T8186] ? kasan_addr_to_slab+0xd/0x80 [ 1504.813274][ T8186] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 1504.818742][ T8186] kasan_report+0x13c/0x170 [ 1504.823084][ T8186] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 1504.828554][ T8186] __asan_report_load4_noabort+0x14/0x20 [ 1504.834019][ T8186] ext4_xattr_delete_inode+0xcd0/0xce0 [ 1504.839316][ T8186] ? sb_end_intwrite+0x130/0x130 [ 1504.844092][ T8186] ? ext4_expand_extra_isize_ea+0x1c40/0x1c40 [ 1504.849991][ T8186] ? __kasan_check_read+0x11/0x20 [ 1504.854850][ T8186] ? ext4_inode_is_fast_symlink+0x295/0x3d0 [ 1504.860580][ T8186] ? ext4_evict_inode+0xbc2/0x1550 [ 1504.865525][ T8186] ext4_evict_inode+0xef9/0x1550 [ 1504.870300][ T8186] ? _raw_spin_unlock+0x4c/0x70 [ 1504.874986][ T8186] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 1504.880716][ T8186] ? _raw_spin_unlock+0x4c/0x70 [ 1504.885401][ T8186] ? inode_io_list_del+0x18b/0x1a0 [ 1504.890347][ T8186] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 1504.896075][ T8186] evict+0x2a3/0x630 [ 1504.899813][ T8186] iput+0x642/0x870 [ 1504.903454][ T8186] vfs_rmdir+0x3c2/0x500 [ 1504.907536][ T8186] do_rmdir+0x3ab/0x630 [ 1504.911527][ T8186] ? d_delete_notify+0x160/0x160 [ 1504.916305][ T8186] __x64_sys_unlinkat+0xdf/0xf0 [ 1504.920988][ T8186] do_syscall_64+0x3d/0xb0 [ 1504.925241][ T8186] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 1504.930965][ T8186] RIP: 0033:0x7fcab8a7c687 [ 1504.935220][ T8186] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1504.954661][ T8186] RSP: 002b:00007ffe18075b68 EFLAGS: 00000207 ORIG_RAX: 0000000000000107 [ 1504.962904][ T8186] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007fcab8a7c687 [ 1504.970719][ T8186] RDX: 0000000000000200 RSI: 00007ffe18076d10 RDI: 00000000ffffff9c [ 1504.978529][ T8186] RBP: 00007fcab8ad9636 R08: 0000000000000000 R09: 0000000000000000 [ 1504.986338][ T8186] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffe18076d10 [ 1504.994151][ T8186] R13: 00007fcab8ad9636 R14: 000000000016f53d R15: 0000000000000009 [ 1505.001977][ T8186] [ 1505.004830][ T8186] [ 1505.006998][ T8186] The buggy address belongs to the physical page: [ 1505.013258][ T8186] page:ffffea0005527100 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x1 pfn:0x1549c4 [ 1505.023576][ T8186] flags: 0x4000000000000000(zone=1) [ 15