last executing test programs: 2.911894879s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) socketpair$unix(0x1, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000300)='ext4_journal_start\x00', r1}, 0x30) unlink(&(0x7f0000000140)='./cgroup\x00') 2.884981314s ago: executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x1e, 0x0, 0x4, 0x1fe, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r1}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r3}, 0x10) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) 2.861524147s ago: executing program 3: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x0) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000200), 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0/../file0\x00') r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) openat$incfs(r1, &(0x7f0000000540)='.pending_reads\x00', 0x0, 0x0) creat(&(0x7f0000000040)='./file0/file1\x00', 0x0) mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) renameat2(r0, &(0x7f0000004b00)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file0/../file0\x00', 0x0) 2.831309751s ago: executing program 3: r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0xffffffffffffffb4, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x100}}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) 1.544645301s ago: executing program 4: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) 1.524721584s ago: executing program 4: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) add_key$fscrypt_v1(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xffffffffffffffff) 1.495304528s ago: executing program 4: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = epoll_create(0x6) epoll_wait(r0, 0x0, 0x0, 0x0) inotify_init() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {0x0}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {0x0}, {&(0x7f00000007c0)=""/154, 0x9a}], 0x6, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400}) 1.118369566s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x6, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) fcntl$setstatus(r3, 0x4, 0x2400) splice(r3, 0x0, r2, 0x0, 0x1, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) 1.09602309s ago: executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000001dc0)) 1.087186541s ago: executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x0) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000200), 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0/../file0\x00') r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) openat$incfs(r1, &(0x7f0000000540)='.pending_reads\x00', 0x0, 0x0) creat(&(0x7f0000000040)='./file0/file1\x00', 0x0) mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) renameat2(r0, &(0x7f0000004b00)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file0/../file0\x00', 0x0) 1.058039756s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mkdir(&(0x7f0000000400)='./file1/file0\x00', 0x0) setxattr$security_selinux(&(0x7f00000003c0)='./file1/file0\x00', &(0x7f00000004c0), &(0x7f0000000500)='system_u:object_r:systemd_notify_exec_t:s0\x00', 0x2b, 0x0) 1.046924568s ago: executing program 0: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='ext4_ext_remove_space_done\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r2, &(0x7f00000000c0), 0x12) ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x2}}) 1.036064779s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x57}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_read_part_table(0x5be, &(0x7f00000005c0)="$eJzs2z9I3GcYB/DnTI5AMmTJlC5NhgwlSyRjbmjCeUmIrVzqElpIaEIIuekCgQs9COigNyjeII4uItzin8nzBidFwVnEwSI4uLQoBcHFK+LbXesfCHw+8PLwvu/37vk9w2/8Bd+0jvi73W5nIqJ97fS/7m3ku5593/Nj8ZeITPwWEb93fvfP0U0mJf7717tpv5n2E+PXW4N7T7ONjZf7914v1jrS/de0bkw2e888HBduKrd0s6+/XBiq5D6sF6rbA2ur3dO7+WLzRa0+8zz75G3KLad6NdVPUYkv8THeRClK8S7K59R/rLH14PB2oTH3/tFBV2t4oTPles4450n7f74z8qpefXx/9tbow8r8SnHnynGu9D/eLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALt9UbulmX3+5MFTJfVgvVLcH1la7p3fzxeaLWn3mefbJ25RbTvVqqp+iEl/iY7yJUpTiXZTPqf9YY+vB4e1CY+79o4Ou1vBCZ8r1nHHOk/b/fGfkVb36+P7srdGHlfmV4s6V41zp2gU9AAAAAAAAAAAAAAAAAAAAAETEs8JPPxfz3fmITPwaET/89UfH0Xk7fe+eSbm7qW6m84nx663BvafZxsbL/XuvF2t/pvOvad2YbPZe+jCc2r8BAAD//1Z7laY=") 1.019561972s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x4}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000008000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) finit_module(0xffffffffffffffff, 0x0, 0x0) 999.660775ms ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000020000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) listxattr(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$FIBMAP(r1, 0x1, &(0x7f0000000080)) 968.0986ms ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='jbd2_handle_stats\x00', r2}, 0x31) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000000)='jbd2_handle_stats\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) 954.258182ms ago: executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000100000085000000860000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='jbd2_handle_stats\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r2, &(0x7f0000000180), 0x2000) 897.014491ms ago: executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x5}}, 0x1c) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x86, &(0x7f0000000140)={@random="5b1a033f2511", @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "fdcdae25a7a296872a8a5290e48e30acf8afc7e67d70a62c979cefa10a0028bd", "ae0000000000000000e400", {"35f3c07eeca4a20a9858ac1500", "63081fe8fe001a08ed082ad7121d696f"}}}}}}}, 0x0) 886.103722ms ago: executing program 1: r0 = memfd_create(&(0x7f0000000100)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o8T\xech\x18\xae\xd6;\x18\x7f\xfd6\x8d}\xd8\xf2G\xb8\xeae)w\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HOA\xc8\x80kR\xfc\xcb%u3\xec\xde%\x00]\xd8\xebD\x82S\x17?\xd6As\xc2\xb1\x9aF\xe2\xba[\xc7%\x88 \xeeQR\xb9\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11)W\x9c\x82\x91\x17\xd8\xda@4\x9f\xc5*T\x1e^\xf7o\xff\xff\xff\xffwI\x02\xf3\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\x9c\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\x9d\xb8\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xea\x16\xc6\xce\x83\xab\x05\x19-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xce\xd8h\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc9\x81\rLJ\xc6\xa3\xd1\x91\xf5\x879\t&\xbdq\x06`T\xc8\x92\xaf\xad\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\xf1\x1b\xe6\xb9\xe7\xff\xc5H\x04\x8d\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x94 2.{\xc1\xbe\x9bth\xac\x9a~\xcb\xb9E\x10W\xed\xed51[\xc5\xeb\xb1ux\x94\x86p\x98\x9d\x1a\x8b\x88\xff\x05\x86\x9d\xe5.\xfc\xa2v\xb1\xff\xc6\xbd\xfa\xa5\x96|\xcb\xa5[\xabZ\xbd\a\xa1\x8a\xd4\x8b\xebG\xde\x82\xdb\xe3\x9f\x11\xea\x0e}\xeb\x8cX\xeft$\aW\xe7\xe5cL\xf4\xbd9\xcd,\x0fd{\x19\x98\xaa\x12\xad\xce\r$3j/\xda\xc1-X\xf1\x82\fC\xe9\x187\xd3\x84[\x92\f#\x00\xba\xd4b\b\xafr\x7f\x02i+)\xb7]\x98x\x13\xe3\xbc\x04\x1es\xa3\xd4\xdf\x0fZL\x94E\x81\xa1z\x88\x9a{\xbf\xe4\x1a\x81\x8a\xbf\x18/-M\x12\xe6\xdfvzJR\x83\xd5\x03\xf2\xc1\xce\xaf\xfa\xb8\xa7\v`1\xae\xe7\xab\x98*\xd9U\xfe\x9aE\xe5\x14\x10\xd0\xc8M\xf4\x99\xeb\b\x89\xa5\xe5\xbd\xb7\x92[<\x89\x95Y\b[-P\xbc\x9c\x85E\xcf\xf7\xc3\x86\n\xe7\xa9\xf8L\x89\x86\xbbc\x98$/5\x82\x85\xdad\x8e]\xcc\xff\x855\x9f\xa3\xe6w\x17\\\x0f\xec\xef\x00'/637, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5000001, 0x11, r0, 0xafc1b000) fallocate(r0, 0x0, 0x0, 0x8000007) r1 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$inet6_tcp_int(r1, 0x6, 0x0, &(0x7f0000002500), 0x4) 883.357123ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x1, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000057"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='ext4_es_lookup_extent_enter\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000002200b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000600)={{r2}, &(0x7f0000000580), &(0x7f00000005c0)='%-5lx \x00'}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='ext4_es_lookup_extent_enter\x00', r3}, 0x10) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) 863.500546ms ago: executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) removexattr(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)=@known='system.posix_acl_access\x00') 833.302241ms ago: executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x0) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000200), 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0/../file0\x00') r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) openat$incfs(r1, &(0x7f0000000540)='.pending_reads\x00', 0x0, 0x0) creat(&(0x7f0000000040)='./file0/file1\x00', 0x0) mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) renameat2(r0, &(0x7f0000004b00)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file0/../file0\x00', 0x0) 772.71749ms ago: executing program 2: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f00000004c0)="05041200d3fc030000004788031c09102f2827b0a4c121ce86650fe9aeaec548bdfa2fd0b78f14f77bdf7669c911a98110c12962", 0x34, 0x0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) recvmmsg(r0, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000000c0)=""/70}, {&(0x7f0000000a80)=""/202}, {&(0x7f00000001c0)=""/162}, {&(0x7f0000000740)=""/134}, {&(0x7f00000002c0)=""/111}, {&(0x7f0000000800)=""/208}, {&(0x7f0000000900)=""/152}], 0x0, &(0x7f0000000140)}, 0x20}], 0x3fffffffffffec0, 0x40000022, 0x0) sendmmsg$inet(r0, &(0x7f0000004840)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="3800000000000000000000000700000094048000000000000000ffff000000007f00000100000000e00000020000000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa"], 0x58}}], 0x1, 0x0) 678.268025ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0x5}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x0, 0x1c, &(0x7f00000003c0)=@framed={{}, [@ringbuf_query, @snprintf, @printk={@x}]}, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='ext4_es_lookup_extent_enter\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='ext4_es_lookup_extent_enter\x00', r2}, 0x10) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) 597.153087ms ago: executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_GET_XCRS(r3, 0x8188aea6, &(0x7f0000000180)) 557.710254ms ago: executing program 0: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000b80), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f00000002c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000540)=""/32, 0x20}}, 0x120) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200010, &(0x7f0000000240)={[{@block_validity}, {@nombcache}, {@dioread_lock}, {@norecovery}, {@abort}, {@data_ordered}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfb, 0x54c, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec+9Nzz0593t6Tk5CAhhaE9mPQsSrEfFtEnG47dho5Acn1s5bfXh9NtuSaDQ++yuJJN/XOj/Jfx/MM69ExG9fR5wsbCy3tryyUCqX08U8P1mvXJmsLa+culQpzafz6eXpmZkz78xMv//eu32r65vn//nh07sfnfnm+Or3v9w/cjuJs3EoP9Zejx240Z6ZiIn8ORmLs0+cONWHwgZJstsXwLaM5HE+FlkfcDhG8qgH/v++iogGMKQS8Q9DqjUOaM3t+zQPfmE8+HBtArSx/qNrr43Evubc6MBq8tjMKJvvjveh/KyMX/+8czvbon+vQwBs6cbNiDg9Orqx/0vy/m/7TvdwzpNl6P/g+bmbjX/e6jT+KayPf6LD+Odgh9jdjq3jv3C/D8V0lY3/Pug4/l1ftBofyXMvNcd8Y8nFS+U069tejogTMbY3y2+2nnNm9V6j27H28V+2ZeW3xoL5ddwf3fv4Y+ZK9dJO6tzuwc2I1zqOf5P19k86tH/2fJzvsYxj6Z3Xux3buv7PVuPniDc6tv+jFa1k8/XJyeb9MNm6Kzb6+9ax37uVv9v1z9r/wOb1H0/a12trT1/GT/v+Tbsd2+79vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr/Kz+J45v3v91uv/3R8QXPdb/1tFbXU8dhPafe6r2f/rEvY+//LFb+b21/9vN1Il8Ty/9X68XuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G5XHgAAAAAAAAAAAAAAAAAAAAbEwS6f/8/8MbLbVwc8c77yG4bXlvHfj296AgaS//8wvMQ/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/AMAAAAAAAAAAAAAAAAAAAAAAAAAAEBfnT93Ltsaqw+vz2b5uavLSwvVq6fm0tpCsbI0W5ytLl4pzler8+W0OFutbPX3ytXqlanpWLo2WU9r9cna8sqFSnXpcv3CpUppPr2Qjj2XWgEAAAAAAAAAAAAAAAAAAMCLpba8slAql9NFCYltJUYH4zIk+pzY7Z4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB75LwAA///MUDi3") r1 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) dup3(r1, r0, 0x0) ioctl$HIDIOCGRDESCSIZE(r1, 0x80044825, 0x0) 516.13123ms ago: executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a) writev(r0, 0x0, 0x0) 123.041791ms ago: executing program 4: pipe2$9p(&(0x7f0000002180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000700)=ANY=[@ANYBLOB="3801"], 0x138) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000c00)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) 41.911113ms ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) open(&(0x7f0000000240)='./file0\x00', 0x145142, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) 0s ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_type(r3, &(0x7f0000000000), 0x248800) kernel console output (not intermixed with test programs): 826.908437][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 826.915618][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 826.923152][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 826.930480][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 826.937737][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 826.945159][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 826.952433][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 826.959595][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 826.966803][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 826.973992][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 826.981310][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 826.988488][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 826.995729][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.002937][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.010126][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.017711][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.024955][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.032197][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.039430][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.046685][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.053865][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.056401][ T39] usb 1-1: string descriptor 0 read error: -71 [ 827.061154][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.074281][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.081509][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.086428][ T39] uclogic 0003:256C:006D.0091: failed retrieving string descriptor #200: -71 [ 827.088724][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.104517][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.107263][ T39] uclogic 0003:256C:006D.0091: failed retrieving pen parameters: -71 [ 827.119667][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 827.125737][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.127867][ T39] uclogic 0003:256C:006D.0091: failed probing pen v2 parameters: -71 [ 827.136074][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.141111][ T39] uclogic 0003:256C:006D.0091: failed probing parameters: -71 [ 827.156429][ T39] uclogic: probe of 0003:256C:006D.0091 failed with error -71 [ 827.164775][ T39] usb 1-1: USB disconnect, device number 95 [ 827.176239][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.183571][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.190977][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.204664][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.212548][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.222904][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.230330][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.237817][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.255877][ T2861] hid-generic 0000:0000:0000.0092: unknown main item tag 0x0 [ 827.263732][ T2861] hid-generic 0000:0000:0000.0092: hidraw0: HID v0.00 Device [syz0] on syz0 [ 827.298677][ T575] loop4: detected capacity change from 0 to 256 [ 827.307715][ T575] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 827.311349][ T579] incfs: ino conflict with backing FS 1 [ 827.329334][ T579] incfs: ino conflict with backing FS 2 [ 827.335253][ T579] incfs: ino conflict with backing FS 5 [ 827.488455][ T584] loop4: detected capacity change from 0 to 40427 [ 827.495556][ T584] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 827.503203][ T584] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 827.513058][ T584] F2FS-fs (loop4): Found nat_bits in checkpoint [ 827.549931][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.557836][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.560407][ T602] loop0: detected capacity change from 0 to 2048 [ 827.565228][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.573118][ T584] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 827.578574][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.585574][ T584] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 827.592764][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.607284][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.614486][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.621702][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.629082][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.636381][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.643489][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.650762][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.657943][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.665148][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.671297][ T39] usb 3-1: new high-speed USB device number 81 using dummy_hcd [ 827.679993][ T602] loop0: p3 p4 < > [ 827.683870][ T602] loop0: p3 start 4284289 is beyond EOD, truncated [ 827.684295][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.697900][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.705120][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.712445][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.719611][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.726900][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.734137][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.741462][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.748932][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.756275][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.916475][ T39] usb 3-1: Using ep0 maxpacket: 32 [ 827.964261][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.971759][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.979134][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.986292][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 827.993565][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 828.000802][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 828.008027][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 828.015175][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 828.022459][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 828.029633][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 828.036441][ T39] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 828.036798][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 828.054025][ T39] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 828.054691][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 828.071911][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 828.077305][ T39] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 828.079491][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 828.095242][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 828.100517][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 828.102487][T31371] hid-generic 0000:0000:0000.0093: unknown main item tag 0x0 [ 828.118290][T31371] hid-generic 0000:0000:0000.0093: hidraw0: HID v0.00 Device [syz0] on syz0 [ 828.137045][ T613] loop3: detected capacity change from 0 to 512 [ 828.157170][ T39] hub 3-1:4.0: USB hub found [ 828.358685][ T586] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 828.436375][ T39] hub 3-1:4.0: config failed, can't read hub descriptor (err -22) [ 828.476890][ T39] usb 3-1: USB disconnect, device number 81 [ 828.689040][ T620] loop4: detected capacity change from 0 to 131072 [ 828.696075][ T620] F2FS-fs (loop4): Invalid log blocks per segment (1) [ 828.702766][ T620] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 828.711332][ T620] F2FS-fs (loop4): invalid crc value [ 828.718185][ T620] F2FS-fs (loop4): Found nat_bits in checkpoint [ 828.763514][ T620] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 828.770440][ T620] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 830.088299][ T648] loop0: detected capacity change from 0 to 512 [ 830.137146][ T648] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 830.153600][ T648] ext4 filesystem being mounted at /root/syzkaller-testdir36528149/syzkaller.NigW1s/57/file0 supports timestamps until 2038 (0x7fffffff) [ 830.187301][T32388] EXT4-fs (loop0): unmounting filesystem. [ 830.297423][ T647] loop2: detected capacity change from 0 to 40427 [ 830.316477][ T647] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 830.326364][ T647] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 830.365100][ T647] F2FS-fs (loop2): Found nat_bits in checkpoint [ 830.371316][ T39] usb 4-1: new high-speed USB device number 103 using dummy_hcd [ 830.402568][ T647] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 830.403055][ T658] bridge0: port 1(bridge_slave_0) entered blocking state [ 830.409542][ T647] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 830.416573][ T658] bridge0: port 1(bridge_slave_0) entered disabled state [ 830.430922][ T658] device bridge_slave_0 entered promiscuous mode [ 830.437889][ T658] bridge0: port 2(bridge_slave_1) entered blocking state [ 830.444977][ T658] bridge0: port 2(bridge_slave_1) entered disabled state [ 830.452324][ T671] loop4: detected capacity change from 0 to 512 [ 830.452807][ T658] device bridge_slave_1 entered promiscuous mode [ 830.471814][ T671] EXT4-fs (loop4): orphan cleanup on readonly fs [ 830.478543][ T671] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.4: corrupted in-inode xattr [ 830.490976][ T671] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 830.503428][ T671] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 830.537385][ T658] bridge0: port 2(bridge_slave_1) entered blocking state [ 830.544228][ T658] bridge0: port 2(bridge_slave_1) entered forwarding state [ 830.551327][ T658] bridge0: port 1(bridge_slave_0) entered blocking state [ 830.558135][ T658] bridge0: port 1(bridge_slave_0) entered forwarding state [ 830.566186][T32282] EXT4-fs (loop4): unmounting filesystem. [ 830.592334][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 830.604552][ T19] bridge0: port 1(bridge_slave_0) entered disabled state [ 830.611843][ T19] bridge0: port 2(bridge_slave_1) entered disabled state [ 830.616578][ T39] usb 4-1: Using ep0 maxpacket: 16 [ 830.636811][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 830.644813][ T19] bridge0: port 1(bridge_slave_0) entered blocking state [ 830.651667][ T19] bridge0: port 1(bridge_slave_0) entered forwarding state [ 830.659104][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 830.667108][ T19] bridge0: port 2(bridge_slave_1) entered blocking state [ 830.673935][ T19] bridge0: port 2(bridge_slave_1) entered forwarding state [ 830.697588][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 830.706174][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 830.716826][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 830.724662][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 830.732233][ T678] incfs: Error accessing: ./file0/file0. [ 830.732251][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 830.737857][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 830.745541][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 830.756075][ T678] incfs: mount failed -2 [ 830.768760][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 830.769458][ T658] device veth0_vlan entered promiscuous mode [ 830.778608][ T39] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 830.793197][ T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 830.804689][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 830.812786][ T39] usb 4-1: config 0 descriptor?? [ 830.820558][ T682] loop4: detected capacity change from 0 to 256 [ 830.830363][ T658] device veth1_macvtap entered promiscuous mode [ 830.835521][ T682] syz-executor.4: attempt to access beyond end of device [ 830.835521][ T682] loop4: rw=2049, sector=256, nr_sectors = 12 limit=256 [ 830.841189][T29591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 830.862022][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 830.968335][ T695] loop4: detected capacity change from 0 to 512 [ 830.978198][ T695] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 830.987046][ T695] ext4 filesystem being mounted at /root/syzkaller-testdir337614076/syzkaller.cQVGPP/96/file0 supports timestamps until 2038 (0x7fffffff) [ 831.021920][T32282] EXT4-fs (loop4): unmounting filesystem. [ 831.059282][ T701] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 831.119761][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.128537][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.145765][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.153266][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.160636][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.167952][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.175245][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.182778][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.191445][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.198854][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.206208][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.213506][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.220856][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.228233][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.235755][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.256377][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.271170][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.278933][ T651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 831.293029][ T651] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 831.300744][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.308024][ T28] audit: type=1326 audit(2000000543.449:86385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=705 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e2dc7cea9 code=0x7ffc0000 [ 831.332904][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.340481][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.348120][ T39] hid (null): bogus close delimiter [ 831.353930][ T28] audit: type=1326 audit(2000000543.449:86386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=705 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e2dc7cea9 code=0x7ffc0000 [ 831.354368][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.388047][ T39] hid-generic 0003:0158:0100.0095: unknown main item tag 0x0 [ 831.395402][ T39] hid-generic 0003:0158:0100.0095: unknown main item tag 0x0 [ 831.402845][ T39] hid-generic 0003:0158:0100.0095: bogus close delimiter [ 831.406582][ T28] audit: type=1326 audit(2000000543.459:86387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=705 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e2dc7cea9 code=0x7ffc0000 [ 831.409944][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.440776][ T39] hid-generic 0003:0158:0100.0095: item 0 0 2 10 parsing failed [ 831.448511][ T39] hid-generic: probe of 0003:0158:0100.0095 failed with error -22 [ 831.456764][ T28] audit: type=1326 audit(2000000543.459:86388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=705 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e2dc7cea9 code=0x7ffc0000 [ 831.470371][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.488478][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.495726][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.503009][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.510332][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.517612][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.524862][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.532218][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.539548][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.546880][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.560724][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.566730][ T19] usb 4-1: USB disconnect, device number 103 [ 831.568067][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.581047][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.588244][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.595437][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.602639][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.609930][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.617180][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.624414][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.631560][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.638817][ T1074] hid-generic 0000:0000:0000.0094: unknown main item tag 0x0 [ 831.646923][ T1074] hid-generic 0000:0000:0000.0094: hidraw0: HID v0.00 Device [syz0] on syz0 [ 831.656358][ T28] audit: type=1326 audit(2000000543.789:86389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=705 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e2dc7cea9 code=0x7ffc0000 [ 831.680534][ T28] audit: type=1326 audit(2000000543.789:86390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=705 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3e2dc7a627 code=0x7ffc0000 [ 831.704535][ T28] audit: type=1326 audit(2000000543.789:86391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=705 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3e2dc40309 code=0x7ffc0000 [ 831.728914][ T28] audit: type=1326 audit(2000000543.789:86392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=705 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3e2dc7a627 code=0x7ffc0000 [ 831.752703][ T28] audit: type=1326 audit(2000000543.789:86393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=705 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3e2dc40309 code=0x7ffc0000 [ 831.778115][ T28] audit: type=1326 audit(2000000543.789:86394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=705 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3e2dc7a627 code=0x7ffc0000 [ 831.877935][ T8] device bridge_slave_1 left promiscuous mode [ 831.883912][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 831.895494][ T8] device bridge_slave_0 left promiscuous mode [ 831.901687][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 831.911392][ T8] device veth1_macvtap left promiscuous mode [ 831.919382][ T728] loop4: detected capacity change from 0 to 128 [ 832.194161][ T754] bridge0: port 1(bridge_slave_0) entered blocking state [ 832.201184][ T754] bridge0: port 1(bridge_slave_0) entered disabled state [ 832.208402][ T754] device bridge_slave_0 entered promiscuous mode [ 832.215219][ T754] bridge0: port 2(bridge_slave_1) entered blocking state [ 832.222164][ T754] bridge0: port 2(bridge_slave_1) entered disabled state [ 832.229083][T27456] usb 3-1: new high-speed USB device number 82 using dummy_hcd [ 832.230207][ T754] device bridge_slave_1 entered promiscuous mode [ 832.277336][ T754] bridge0: port 2(bridge_slave_1) entered blocking state [ 832.284219][ T754] bridge0: port 2(bridge_slave_1) entered forwarding state [ 832.291471][ T754] bridge0: port 1(bridge_slave_0) entered blocking state [ 832.298256][ T754] bridge0: port 1(bridge_slave_0) entered forwarding state [ 832.307819][ T1074] bridge0: port 1(bridge_slave_0) entered disabled state [ 832.315043][ T1074] bridge0: port 2(bridge_slave_1) entered disabled state [ 832.337239][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 832.344440][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 832.351800][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 832.359956][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 832.368409][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 832.375230][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 832.382409][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 832.390616][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 832.398539][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 832.405355][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 832.418638][T31371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 832.426566][T31371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 832.435157][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 832.443047][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 832.456455][ T19] usb 4-1: new high-speed USB device number 104 using dummy_hcd [ 832.466574][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 832.474889][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 832.482880][T27456] usb 3-1: Using ep0 maxpacket: 8 [ 832.490839][ T754] device veth0_vlan entered promiscuous mode [ 832.499301][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 832.507142][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 832.514905][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 832.522198][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 832.533521][ T754] device veth1_macvtap entered promiscuous mode [ 832.539982][T31371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 832.548389][T31371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 832.556283][T31371] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 832.572258][T31371] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 832.580385][T31371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 832.588493][T31371] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 832.596643][T31371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 832.606473][T27456] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 832.615416][T27456] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 832.626625][T27456] usb 3-1: config 0 descriptor?? [ 832.797497][ T765] loop4: detected capacity change from 0 to 128 [ 832.856780][ T19] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 832.868434][ T8] device bridge_slave_1 left promiscuous mode [ 832.870427][ T19] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 832.876532][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 832.885760][ T19] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 832.907873][ T19] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 832.920881][ T8] device bridge_slave_0 left promiscuous mode [ 832.921321][ T19] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 832.928009][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 832.935821][ T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 832.958532][ T8] device veth1_macvtap left promiscuous mode [ 832.964626][ T8] device veth0_vlan left promiscuous mode [ 832.987172][ T19] usb 4-1: invalid MIDI out EP 0 [ 832.994597][ T19] snd-usb-audio: probe of 4-1:27.0 failed with error -22 [ 833.189859][ T19] usb 4-1: USB disconnect, device number 104 [ 833.275233][ T775] loop0: detected capacity change from 0 to 40427 [ 833.287925][ T775] F2FS-fs (loop0): Found nat_bits in checkpoint [ 833.323795][ T775] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 833.341926][ T658] syz-executor.0: attempt to access beyond end of device [ 833.341926][ T658] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 833.488919][ T781] fscrypt (sda1, inode 1956): Direct key flag not allowed with different contents and filenames modes [ 833.765521][ T803] loop0: detected capacity change from 0 to 16 [ 833.772288][ T803] erofs: (device loop0): mounted with root inode @ nid 36. [ 833.821573][ T808] loop0: detected capacity change from 0 to 128 [ 833.994408][ T819] SELinux: Context system_u:object_r:dhcpd_exec_t:s0 is not valid (left unmapped). [ 834.003876][ T39] usb 4-1: new high-speed USB device number 105 using dummy_hcd [ 834.066294][ T833] loop0: detected capacity change from 0 to 128 [ 834.178697][ T838] loop0: detected capacity change from 0 to 512 [ 834.188246][ T838] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 834.197300][ T838] ext4 filesystem being mounted at /root/syzkaller-testdir4172918338/syzkaller.ncoC3r/33/file0 supports timestamps until 2038 (0x7fffffff) [ 834.219624][ T658] EXT4-fs (loop0): unmounting filesystem. [ 834.246419][ T39] usb 4-1: Using ep0 maxpacket: 32 [ 834.366446][ T39] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 834.377574][ T39] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 834.506508][ T39] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 834.515565][ T39] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 834.523819][ T39] usb 4-1: Product: syz [ 834.528191][ T39] usb 4-1: Manufacturer: syz [ 834.566655][ T39] hub 4-1:4.0: USB hub found [ 834.786452][ T39] hub 4-1:4.0: 2 ports detected [ 834.846406][T27456] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 834.856388][T27456] asix: probe of 3-1:0.0 failed with error -71 [ 834.862725][T27456] usb 3-1: USB disconnect, device number 82 [ 835.506949][ T880] loop2: detected capacity change from 0 to 128 [ 835.513738][ T880] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 835.524007][ T880] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 835.534434][ T880] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 835.550125][ T880] EXT4-fs error (device loop2): __ext4_find_entry:1695: inode #2: comm syz-executor.2: checksumming directory block 0 [ 835.563153][ T880] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 835.578727][ T880] EXT4-fs error (device loop2): __ext4_find_entry:1695: inode #2: comm syz-executor.2: checksumming directory block 0 [ 835.591332][ T880] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 835.606832][ T880] EXT4-fs error (device loop2): __ext4_find_entry:1695: inode #2: comm syz-executor.2: checksumming directory block 0 [ 835.619458][ T880] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 835.634925][ T880] EXT4-fs error (device loop2): __ext4_find_entry:1695: inode #2: comm syz-executor.2: checksumming directory block 0 [ 835.647672][ T880] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 835.663135][ T880] EXT4-fs error (device loop2): __ext4_find_entry:1695: inode #2: comm syz-executor.2: checksumming directory block 0 [ 835.676573][ T880] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 835.692193][ T880] EXT4-fs error (device loop2): __ext4_find_entry:1695: inode #2: comm syz-executor.2: checksumming directory block 0 [ 835.705275][ T880] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 835.721340][ T880] EXT4-fs error (device loop2): __ext4_find_entry:1695: inode #2: comm syz-executor.2: checksumming directory block 0 [ 835.734110][ T880] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 835.749835][ T880] EXT4-fs error (device loop2): __ext4_find_entry:1695: inode #2: comm syz-executor.2: checksumming directory block 0 [ 835.762633][ T880] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 835.778385][ T880] EXT4-fs error (device loop2): __ext4_find_entry:1695: inode #2: comm syz-executor.2: checksumming directory block 0 [ 835.791358][ T880] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 835.807167][ T880] EXT4-fs error (device loop2): __ext4_find_entry:1695: inode #2: comm syz-executor.2: checksumming directory block 0 [ 835.824419][T32328] EXT4-fs (loop2): unmounting filesystem. [ 835.851428][ T893] syz-executor.2[893] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 835.851500][ T893] syz-executor.2[893] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 836.116393][T27456] hub 4-1:4.0: activate --> -90 [ 836.187562][ T912] loop2: detected capacity change from 0 to 1024 [ 836.194224][ T912] EXT4-fs: Ignoring removed orlov option [ 836.199824][ T912] EXT4-fs: Ignoring removed nomblk_io_submit option [ 836.217778][ T912] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 836.856965][ T19] usb 4-1: USB disconnect, device number 105 [ 836.876427][T27456] usb 4-1-port2: cannot reset (err = -71) [ 836.882162][T27456] usb 4-1-port2: attempt power cycle [ 837.021394][T32328] EXT4-fs (loop2): unmounting filesystem. [ 837.234539][ T948] loop2: detected capacity change from 0 to 2048 [ 837.241938][ T948] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 837.253549][ T948] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 837.263645][ T948] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 837.275428][ T948] EXT4-fs error (device loop2): ext4_search_dir:1548: inode #12: block 9: comm syz-executor.2: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0 [ 837.294678][ T948] EXT4-fs (loop2): Remounting filesystem read-only [ 837.304831][T32328] EXT4-fs (loop2): unmounting filesystem. [ 837.419664][ T28] kauditd_printk_skb: 107 callbacks suppressed [ 837.419679][ T28] audit: type=1326 audit(2000000549.559:86502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=961 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3310c7cea9 code=0x7ffc0000 [ 837.449648][ T956] loop2: detected capacity change from 0 to 40427 [ 837.449996][ T28] audit: type=1326 audit(2000000549.599:86503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=961 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3310c7cea9 code=0x7ffc0000 [ 837.480695][ T28] audit: type=1326 audit(2000000549.629:86504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=961 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3310c7cea9 code=0x7ffc0000 [ 837.486178][ T956] F2FS-fs (loop2): invalid crc value [ 837.506227][ T28] audit: type=1326 audit(2000000549.629:86505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=961 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3310c7cea9 code=0x7ffc0000 [ 837.540274][ T956] F2FS-fs (loop2): Found nat_bits in checkpoint [ 837.541800][ T28] audit: type=1326 audit(2000000549.629:86506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=961 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3310c7cea9 code=0x7ffc0000 [ 837.570118][ T28] audit: type=1326 audit(2000000549.679:86507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=961 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3310c7cea9 code=0x7ffc0000 [ 837.575894][ T956] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 837.593818][ T28] audit: type=1326 audit(2000000549.679:86508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=961 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3310c7a627 code=0x7ffc0000 [ 837.593846][ T28] audit: type=1326 audit(2000000549.679:86509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=961 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3310c40309 code=0x7ffc0000 [ 837.593868][ T28] audit: type=1326 audit(2000000549.679:86510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=961 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3310c7cea9 code=0x7ffc0000 [ 837.593890][ T28] audit: type=1326 audit(2000000549.679:86511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=961 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3310c7a627 code=0x7ffc0000 [ 837.614232][ T956] syz-executor.2: attempt to access beyond end of device [ 837.614232][ T956] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 837.840536][ T39] usb 4-1: new high-speed USB device number 110 using dummy_hcd [ 838.054675][ T1074] usb 1-1: new high-speed USB device number 96 using dummy_hcd [ 838.296430][ T39] usb 4-1: descriptor type invalid, skip [ 838.376451][ T39] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 838.426468][ T1074] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 838.436515][ T1074] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 838.516500][ T1074] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 838.525413][ T1074] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 838.533193][ T1074] usb 1-1: SerialNumber: syz [ 838.556486][ T39] usb 4-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.40 [ 838.565396][ T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 838.573229][ T39] usb 4-1: Product: syz [ 838.577437][ T39] usb 4-1: Manufacturer: syz [ 838.581856][ T39] usb 4-1: SerialNumber: syz [ 838.626711][ T39] usbhid 4-1:1.0: couldn't find an input interrupt endpoint [ 838.816792][ T1074] usb 1-1: 0:2 : does not exist [ 838.821481][ T1074] usb 1-1: unit 5: unexpected type 0x0d [ 838.828163][ T39] usb 4-1: USB disconnect, device number 110 [ 838.834950][ T1074] usb 1-1: USB disconnect, device number 96 [ 839.016378][T27456] usb 3-1: new high-speed USB device number 83 using dummy_hcd [ 839.256404][T27456] usb 3-1: Using ep0 maxpacket: 32 [ 839.352496][ T999] loop3: detected capacity change from 0 to 512 [ 839.360295][ T999] EXT4-fs (loop3): orphan cleanup on readonly fs [ 839.367372][ T999] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.3: corrupted in-inode xattr [ 839.379726][ T999] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 839.392033][ T999] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 839.401273][ T999] EXT4-fs (loop3): unmounting filesystem. [ 839.406404][T27456] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 839.426389][T27456] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 839.476192][ T999] loop3: detected capacity change from 0 to 2048 [ 839.506621][ T999] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 839.516085][ T999] EXT4-fs (loop3): group descriptors corrupted! [ 839.546429][T27456] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 839.565775][T27456] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 839.586564][T27456] usb 3-1: Product: syz [ 839.598838][T27456] usb 3-1: Manufacturer: syz [ 839.666835][T27456] hub 3-1:4.0: USB hub found [ 839.876496][T27456] hub 3-1:4.0: 2 ports detected [ 840.416355][T31371] usb 1-1: new high-speed USB device number 97 using dummy_hcd [ 840.726418][ T2861] usb 4-1: new high-speed USB device number 111 using dummy_hcd [ 840.786430][T31371] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 840.797167][T31371] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 840.806666][T31371] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 840.815520][T31371] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 840.823656][T31371] usb 1-1: config 0 descriptor?? [ 841.106448][ T2861] usb 4-1: descriptor type invalid, skip [ 841.176418][T27456] hub 3-1:4.0: activate --> -90 [ 841.186436][ T2861] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 841.306929][T31371] arvo 0003:1E7D:30D4.0096: unknown main item tag 0x0 [ 841.313548][T31371] arvo 0003:1E7D:30D4.0096: item fetching failed at offset 5/7 [ 841.321096][T31371] arvo 0003:1E7D:30D4.0096: parse failed [ 841.326546][T31371] arvo: probe of 0003:1E7D:30D4.0096 failed with error -22 [ 841.356468][ T2861] usb 4-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.40 [ 841.365306][ T2861] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 841.373133][ T2861] usb 4-1: Product: syz [ 841.377129][ T2861] usb 4-1: Manufacturer: syz [ 841.381533][ T2861] usb 4-1: SerialNumber: syz [ 841.426717][ T2861] usbhid 4-1:1.0: couldn't find an input interrupt endpoint [ 841.511713][ T2861] usb 1-1: USB disconnect, device number 97 [ 841.629147][ T1074] usb 4-1: USB disconnect, device number 111 [ 841.936880][ T2861] usb 3-1: USB disconnect, device number 83 [ 841.956411][T27456] usb 3-1-port2: cannot reset (err = -71) [ 841.962144][T27456] usb 3-1-port2: attempt power cycle [ 842.252322][ T1065] loop0: detected capacity change from 0 to 256 [ 842.260355][ T1065] exfat: Deprecated parameter 'utf8' [ 842.265835][ T1065] exfat: Deprecated parameter 'namecase' [ 842.278624][ T1065] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 842.483742][ T1073] loop2: detected capacity change from 0 to 256 [ 842.598486][ T1073] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 842.828395][ T1073] loop2: detected capacity change from 256 to 0 [ 842.843766][ T499] loop: Write error at byte offset 9223372036854857727, length 512. [ 842.851957][ C1] I/O error, dev loop2, sector 160 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 842.861367][ C1] Buffer I/O error on dev loop2, logical block 160, lost sync page write [ 842.930434][ C0] I/O error, dev loop2, sector 160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 842.965644][ C1] I/O error, dev loop2, sector 160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 843.247849][ C1] I/O error, dev loop2, sector 160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 843.259244][ C1] I/O error, dev loop2, sector 160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 843.268666][ C1] I/O error, dev loop2, sector 128 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 843.277846][T32328] exFAT-fs (loop2): error, failed to access to FAT (entry 0x00000005, err:-5) [ 843.286659][T32328] exFAT-fs (loop2): Filesystem has been set read-only [ 843.496871][ T1086] bridge0: port 1(bridge_slave_0) entered blocking state [ 843.514320][ T1086] bridge0: port 1(bridge_slave_0) entered disabled state [ 843.522607][ T1086] device bridge_slave_0 entered promiscuous mode [ 843.529509][ T1086] bridge0: port 2(bridge_slave_1) entered blocking state [ 843.536411][ T1086] bridge0: port 2(bridge_slave_1) entered disabled state [ 843.543765][ T1086] device bridge_slave_1 entered promiscuous mode [ 843.591742][ T1095] tipc: Failed to remove unknown binding: 66,1,1/0:2991555619/2991555621 [ 843.600320][ T1095] tipc: Failed to remove unknown binding: 66,1,1/0:2991555619/2991555621 [ 843.629175][ T1086] bridge0: port 2(bridge_slave_1) entered blocking state [ 843.636055][ T1086] bridge0: port 2(bridge_slave_1) entered forwarding state [ 843.643163][ T1086] bridge0: port 1(bridge_slave_0) entered blocking state [ 843.649934][ T1086] bridge0: port 1(bridge_slave_0) entered forwarding state [ 843.676979][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 843.684787][ T19] bridge0: port 1(bridge_slave_0) entered disabled state [ 843.692031][ T19] bridge0: port 2(bridge_slave_1) entered disabled state [ 843.710415][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 843.719324][ T2861] bridge0: port 1(bridge_slave_0) entered blocking state [ 843.726192][ T2861] bridge0: port 1(bridge_slave_0) entered forwarding state [ 843.738268][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 843.746502][ T2861] bridge0: port 2(bridge_slave_1) entered blocking state [ 843.753356][ T2861] bridge0: port 2(bridge_slave_1) entered forwarding state [ 843.768661][ T1099] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 843.780437][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 843.788938][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 843.803771][ T1086] device veth0_vlan entered promiscuous mode [ 843.813276][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 843.821632][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 843.829460][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 843.837242][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 843.850922][ T1086] device veth1_macvtap entered promiscuous mode [ 843.864527][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 843.877403][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 843.892738][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 843.906380][T27456] usb 1-1: new high-speed USB device number 98 using dummy_hcd [ 843.960785][ T499] device bridge_slave_1 left promiscuous mode [ 843.970681][ T499] bridge0: port 2(bridge_slave_1) entered disabled state [ 843.986917][ T499] device bridge_slave_0 left promiscuous mode [ 843.994651][ T499] bridge0: port 1(bridge_slave_0) entered disabled state [ 844.014086][ T499] device veth1_macvtap left promiscuous mode [ 844.033412][ T499] device veth0_vlan left promiscuous mode [ 844.165257][ T1104] loop4: detected capacity change from 0 to 40427 [ 844.176265][ T1104] F2FS-fs (loop4): invalid crc value [ 844.182923][ T1104] F2FS-fs (loop4): Found nat_bits in checkpoint [ 844.219468][ T1104] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 844.233487][ T1104] overlayfs: failed to resolve './file0': -2 [ 844.244843][ T754] syz-executor.4: attempt to access beyond end of device [ 844.244843][ T754] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 844.266410][T27456] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 844.277432][T27456] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 844.287367][T27456] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 844.300180][T27456] usb 1-1: New USB device found, idVendor=056a, idProduct=0094, bcdDevice= 0.00 [ 844.309290][T27456] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 844.317826][T27456] usb 1-1: config 0 descriptor?? [ 844.361403][ T1081] loop3: detected capacity change from 0 to 262144 [ 844.374268][ T1081] F2FS-fs (loop3): Found nat_bits in checkpoint [ 844.380496][ T1074] usb 3-1: new high-speed USB device number 88 using dummy_hcd [ 844.419089][ T1081] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 844.495134][ T1118] loop4: detected capacity change from 0 to 40427 [ 844.502271][ T1118] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 844.509836][ T1118] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 844.518728][ T1118] F2FS-fs (loop4): invalid crc value [ 844.525010][ T1118] F2FS-fs (loop4): Found nat_bits in checkpoint [ 844.564532][ T1118] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 844.571427][ T1118] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 844.596701][ T499] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 844.605742][ T499] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 844.698683][ T1131] loop4: detected capacity change from 0 to 2048 [ 844.707827][ T1131] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 844.716149][ T1131] ext4 filesystem being mounted at /root/syzkaller-testdir2975950062/syzkaller.SLCB7F/25/file0 supports timestamps until 2038 (0x7fffffff) [ 844.746457][ T1074] usb 3-1: descriptor type invalid, skip [ 844.749005][ T754] EXT4-fs (loop4): unmounting filesystem. [ 844.780952][ T1136] loop4: detected capacity change from 0 to 8192 [ 844.788169][T27456] wacom 0003:056A:0094.0097: unknown main item tag 0x0 [ 844.794949][T27456] wacom 0003:056A:0094.0097: unknown main item tag 0x0 [ 844.805477][T27456] wacom 0003:056A:0094.0097: unknown main item tag 0x0 [ 844.812448][T27456] wacom 0003:056A:0094.0097: unknown main item tag 0x0 [ 844.819174][T27456] wacom 0003:056A:0094.0097: unknown main item tag 0x0 [ 844.825795][T27456] wacom 0003:056A:0094.0097: unknown main item tag 0x0 [ 844.832590][ T1074] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 844.845530][T27456] wacom 0003:056A:0094.0097: unknown main item tag 0x0 [ 844.853276][T27456] wacom 0003:056A:0094.0097: Using device in hidraw-only mode [ 844.861705][T27456] wacom 0003:056A:0094.0097: hidraw0: USB HID v0.00 Device [HID 056a:0094] on usb-dummy_hcd.0-1/input0 [ 844.886045][ T1142] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 844.953116][ T1140] loop4: detected capacity change from 0 to 40427 [ 844.960043][ T1140] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 844.968692][ T1140] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 844.978665][ T1140] F2FS-fs (loop4): Found nat_bits in checkpoint [ 844.991937][T27456] usb 1-1: USB disconnect, device number 98 [ 845.006457][ T1074] usb 3-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.40 [ 845.015351][ T1074] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 845.015709][ T1140] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 845.024568][ T1154] loop3: detected capacity change from 0 to 256 [ 845.030117][ T1140] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 845.036079][ T1074] usb 3-1: Product: syz [ 845.048552][ T1074] usb 3-1: Manufacturer: syz [ 845.053147][ T1074] usb 3-1: SerialNumber: syz [ 845.089219][ T28] kauditd_printk_skb: 129 callbacks suppressed [ 845.089236][ T28] audit: type=1326 audit(2000000557.229:86641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1159 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0cbe7cea9 code=0x7ffc0000 [ 845.119188][ T28] audit: type=1326 audit(2000000557.229:86642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1159 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0cbe7cea9 code=0x7ffc0000 [ 845.143937][ T28] audit: type=1326 audit(2000000557.229:86643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1159 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0cbe7cea9 code=0x7ffc0000 [ 845.152846][ T1160] loop3: detected capacity change from 0 to 1024 [ 845.168565][ T1074] usbhid 3-1:1.0: couldn't find an input interrupt endpoint [ 845.176487][ T28] audit: type=1326 audit(2000000557.229:86644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1159 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0cbe7cea9 code=0x7ffc0000 [ 845.206841][ T1160] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 845.215722][ T28] audit: type=1326 audit(2000000557.289:86645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1159 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0cbe7cea9 code=0x7ffc0000 [ 845.664313][ T28] audit: type=1326 audit(2000000557.289:86646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1159 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa0cbe7cea9 code=0x7ffc0000 [ 845.675785][ T1074] usb 3-1: USB disconnect, device number 88 [ 845.688853][ T28] audit: type=1326 audit(2000000557.289:86647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1159 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa0cbe7a627 code=0x7ffc0000 [ 845.696493][ T1160] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 845.718051][ T28] audit: type=1326 audit(2000000557.289:86648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1159 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa0cbe40309 code=0x7ffc0000 [ 845.750290][ T28] audit: type=1326 audit(2000000557.289:86649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1159 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa0cbe7cee3 code=0x7ffc0000 [ 845.774066][ T28] audit: type=1326 audit(2000000557.289:86650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1159 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa0cbe7a627 code=0x7ffc0000 [ 845.822823][T32237] EXT4-fs (loop3): unmounting filesystem. [ 845.861344][ T1164] loop3: detected capacity change from 0 to 2048 [ 845.877579][ T1164] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 845.885908][ T1164] ext4 filesystem being mounted at /root/syzkaller-testdir1083732278/syzkaller.LICKiU/93/file0 supports timestamps until 2038 (0x7fffffff) [ 845.914794][ T1170] binder: 1169:1170 ioctl 4018620d 0 returned -22 [ 845.923259][T32237] EXT4-fs (loop3): unmounting filesystem. [ 845.972739][ T1175] binder: 1169:1175 ioctl c0306201 0 returned -14 [ 845.997255][ T1179] loop4: detected capacity change from 0 to 512 [ 846.005794][ T1179] EXT4-fs (loop4): 1 truncate cleaned up [ 846.011413][ T1179] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 846.023362][ T1179] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 846.040784][ T754] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path /root/syzkaller-testdir2975950062/syzkaller.SLCB7F/31/file2: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=196608, rec_len=0, size=1024 fake=0 [ 846.066548][ T754] EXT4-fs error (device loop4): ext4_lookup:1855: inode #11: comm syz-executor.4: iget: checksum invalid [ 846.078208][ T754] EXT4-fs error (device loop4): ext4_lookup:1855: inode #11: comm syz-executor.4: iget: checksum invalid [ 846.128395][ T754] EXT4-fs (loop4): unmounting filesystem. [ 846.217236][T27456] usb 4-1: new high-speed USB device number 112 using dummy_hcd [ 846.262650][ T1188] bridge0: port 1(bridge_slave_0) entered blocking state [ 846.270144][ T1188] bridge0: port 1(bridge_slave_0) entered disabled state [ 846.277270][ T1188] device bridge_slave_0 entered promiscuous mode [ 846.287106][ T1188] bridge0: port 2(bridge_slave_1) entered blocking state [ 846.294033][ T1188] bridge0: port 2(bridge_slave_1) entered disabled state [ 846.301351][ T1188] device bridge_slave_1 entered promiscuous mode [ 846.344112][ T1188] bridge0: port 2(bridge_slave_1) entered blocking state [ 846.350963][ T1188] bridge0: port 2(bridge_slave_1) entered forwarding state [ 846.358128][ T1188] bridge0: port 1(bridge_slave_0) entered blocking state [ 846.364922][ T1188] bridge0: port 1(bridge_slave_0) entered forwarding state [ 846.386675][ T1200] binder: 1199:1200 ioctl 4018620d 0 returned -22 [ 846.388220][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 846.400417][ T1074] bridge0: port 1(bridge_slave_0) entered disabled state [ 846.407936][ T1074] bridge0: port 2(bridge_slave_1) entered disabled state [ 846.418430][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 846.426569][ T19] bridge0: port 1(bridge_slave_0) entered blocking state [ 846.433411][ T19] bridge0: port 1(bridge_slave_0) entered forwarding state [ 846.441621][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 846.443901][ T1201] binder: 1199:1201 ioctl c0306201 0 returned -14 [ 846.449931][ T1074] bridge0: port 2(bridge_slave_1) entered blocking state [ 846.462646][ T1074] bridge0: port 2(bridge_slave_1) entered forwarding state [ 846.476639][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 846.496889][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 846.505413][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 846.517663][ T1188] device veth0_vlan entered promiscuous mode [ 846.531026][ T1188] device veth1_macvtap entered promiscuous mode [ 846.537233][ T39] usb 3-1: new high-speed USB device number 89 using dummy_hcd [ 846.546285][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 846.554277][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 846.561491][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 846.568816][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 846.581798][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 846.590024][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 846.606482][T27456] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 846.617537][T27456] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 846.627831][T27456] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 846.636734][T27456] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 846.682352][T27456] usb 4-1: config 0 descriptor?? [ 846.826995][ T499] device bridge_slave_1 left promiscuous mode [ 846.832973][ T499] bridge0: port 2(bridge_slave_1) entered disabled state [ 846.840175][ T499] device bridge_slave_0 left promiscuous mode [ 846.846121][ T499] bridge0: port 1(bridge_slave_0) entered disabled state [ 846.853811][ T499] device veth1_macvtap left promiscuous mode [ 846.859756][ T499] device veth0_vlan left promiscuous mode [ 846.926723][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 846.938839][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 846.972963][ T39] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 847.005388][ T39] usb 3-1: New USB device found, idVendor=056a, idProduct=0094, bcdDevice= 0.00 [ 847.021703][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 847.033687][ T39] usb 3-1: config 0 descriptor?? [ 847.167047][T27456] sony 0003:054C:0268.0098: unknown main item tag 0x0 [ 847.173744][T27456] sony 0003:054C:0268.0098: item fetching failed at offset 1/5 [ 847.181310][T27456] sony 0003:054C:0268.0098: parse failed [ 847.186950][T27456] sony: probe of 0003:054C:0268.0098 failed with error -22 [ 847.337108][ T1211] loop0: detected capacity change from 0 to 512 [ 847.344614][ T1211] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 847.353873][ T1211] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 847.362156][ T1211] System zones: 0-2, 18-18, 34-35 [ 847.367492][ T1211] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 847.372430][ T2861] usb 4-1: USB disconnect, device number 112 [ 847.382778][ T658] EXT4-fs (loop0): unmounting filesystem. [ 847.517667][ T39] wacom 0003:056A:0094.0099: unknown main item tag 0x0 [ 847.524558][ T39] wacom 0003:056A:0094.0099: unknown main item tag 0x0 [ 847.531293][ T39] wacom 0003:056A:0094.0099: unknown main item tag 0x0 [ 847.537953][ T39] wacom 0003:056A:0094.0099: unknown main item tag 0x0 [ 847.544604][ T39] wacom 0003:056A:0094.0099: unknown main item tag 0x0 [ 847.551326][ T39] wacom 0003:056A:0094.0099: unknown main item tag 0x0 [ 847.557991][ T39] wacom 0003:056A:0094.0099: unknown main item tag 0x0 [ 847.564737][ T39] wacom 0003:056A:0094.0099: Using device in hidraw-only mode [ 847.572298][ T39] wacom 0003:056A:0094.0099: hidraw0: USB HID v0.00 Device [HID 056a:0094] on usb-dummy_hcd.2-1/input0 [ 847.723947][ T39] usb 3-1: USB disconnect, device number 89 [ 847.744442][ T1223] loop4: detected capacity change from 0 to 40427 [ 847.751283][ T1223] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 847.759174][ T1223] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 847.767929][ T1223] F2FS-fs (loop4): invalid crc value [ 847.774170][ T1223] F2FS-fs (loop4): Found nat_bits in checkpoint [ 847.797061][ T1223] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 847.804067][ T1223] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 847.822763][ T499] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 847.832121][ T499] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 848.501626][ T1272] bridge0: port 1(bridge_slave_0) entered blocking state [ 848.528399][ T1272] bridge0: port 1(bridge_slave_0) entered disabled state [ 848.543194][ T1272] device bridge_slave_0 entered promiscuous mode [ 848.641763][ T1272] bridge0: port 2(bridge_slave_1) entered blocking state [ 848.649630][ T1272] bridge0: port 2(bridge_slave_1) entered disabled state [ 848.657195][ T1272] device bridge_slave_1 entered promiscuous mode [ 848.699968][ T1272] bridge0: port 2(bridge_slave_1) entered blocking state [ 848.706843][ T1272] bridge0: port 2(bridge_slave_1) entered forwarding state [ 848.714070][ T1272] bridge0: port 1(bridge_slave_0) entered blocking state [ 848.720874][ T1272] bridge0: port 1(bridge_slave_0) entered forwarding state [ 848.736359][ T2861] usb 3-1: new high-speed USB device number 90 using dummy_hcd [ 848.742729][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 848.751121][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 848.758802][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 848.769126][T31371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 848.777317][T31371] bridge0: port 1(bridge_slave_0) entered blocking state [ 848.784156][T31371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 848.793595][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 848.802084][ T19] bridge0: port 2(bridge_slave_1) entered blocking state [ 848.808965][ T19] bridge0: port 2(bridge_slave_1) entered forwarding state [ 848.827137][T31371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 848.840813][T31371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 848.854949][ T1272] device veth0_vlan entered promiscuous mode [ 848.861287][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 848.870596][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 848.878925][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 848.886107][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 848.899109][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 848.908030][ T1272] device veth1_macvtap entered promiscuous mode [ 848.917525][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 848.930769][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 849.106395][ T39] usb 4-1: new high-speed USB device number 113 using dummy_hcd [ 849.137225][T23073] device bridge_slave_1 left promiscuous mode [ 849.143253][T23073] bridge0: port 2(bridge_slave_1) entered disabled state [ 849.146451][ T2861] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 849.160929][ T2861] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 849.161108][T23073] device bridge_slave_0 left promiscuous mode [ 849.170536][ T2861] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 849.170563][ T2861] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 849.171188][ T2861] usb 3-1: config 0 descriptor?? [ 849.176635][T23073] bridge0: port 1(bridge_slave_0) entered disabled state [ 849.206514][T23073] device veth1_macvtap left promiscuous mode [ 849.212365][T23073] device veth0_vlan left promiscuous mode [ 849.346498][ T39] usb 4-1: Using ep0 maxpacket: 8 [ 849.358335][ T1299] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 849.386588][ T3972] usb 2-1: new high-speed USB device number 93 using dummy_hcd [ 849.418209][ T1303] overlayfs: statfs failed on './file0' [ 849.434816][ T1307] loop4: detected capacity change from 0 to 16 [ 849.444480][ T1307] erofs: (device loop4): mounted with root inode @ nid 36. [ 849.466451][ T39] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 849.556506][ T39] usb 4-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 849.565552][ T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 849.573486][ T39] usb 4-1: SerialNumber: syz [ 849.578468][ T39] usb 4-1: config 0 descriptor?? [ 849.657015][ T2861] sony 0003:054C:0268.009A: unknown main item tag 0x0 [ 849.663653][ T2861] sony 0003:054C:0268.009A: item fetching failed at offset 1/5 [ 849.671241][ T2861] sony 0003:054C:0268.009A: parse failed [ 849.677041][ T2861] sony: probe of 0003:054C:0268.009A failed with error -22 [ 849.776426][ T3972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 849.787232][ T3972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 849.796956][ T3972] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 849.809635][ T3972] usb 2-1: New USB device found, idVendor=056a, idProduct=0094, bcdDevice= 0.00 [ 849.818571][ T3972] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 849.827090][ T3972] usb 2-1: config 0 descriptor?? [ 849.836442][ T39] usb 4-1: Found UVC 0.00 device (05ac:8501) [ 849.843369][ T39] usb 4-1: No valid video chain found. [ 849.862873][T26714] usb 3-1: USB disconnect, device number 90 [ 850.040122][ T39] usb 4-1: USB disconnect, device number 113 [ 850.048805][ T1320] bridge0: port 2(bridge_slave_1) entered disabled state [ 850.055746][ T1320] bridge0: port 1(bridge_slave_0) entered disabled state [ 850.307327][ T3972] wacom 0003:056A:0094.009B: unknown main item tag 0x0 [ 850.314013][ T3972] wacom 0003:056A:0094.009B: unknown main item tag 0x0 [ 850.320763][ T3972] wacom 0003:056A:0094.009B: unknown main item tag 0x0 [ 850.327390][ T3972] wacom 0003:056A:0094.009B: unknown main item tag 0x0 [ 850.334054][ T3972] wacom 0003:056A:0094.009B: unknown main item tag 0x0 [ 850.340771][ T3972] wacom 0003:056A:0094.009B: unknown main item tag 0x0 [ 850.347549][ T3972] wacom 0003:056A:0094.009B: unknown main item tag 0x0 [ 850.354417][ T3972] wacom 0003:056A:0094.009B: Using device in hidraw-only mode [ 850.361860][ T3972] wacom 0003:056A:0094.009B: hidraw0: USB HID v0.00 Device [HID 056a:0094] on usb-dummy_hcd.1-1/input0 [ 850.480410][ T1331] loop2: detected capacity change from 0 to 512 [ 850.487939][ T1331] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 850.497577][ T1331] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 850.505479][ T1331] System zones: 0-2, 18-18, 34-35 [ 850.516683][ T1331] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 850.527520][ T3972] usb 2-1: USB disconnect, device number 93 [ 850.535281][ T1086] EXT4-fs (loop2): unmounting filesystem. [ 850.582219][ T1340] loop2: detected capacity change from 0 to 512 [ 850.593688][ T1334] bridge0: port 1(bridge_slave_0) entered blocking state [ 850.601581][ T1334] bridge0: port 1(bridge_slave_0) entered disabled state [ 850.608997][ T1340] EXT4-fs (loop2): invalid inodes per group: 4294963894 [ 850.608997][ T1340] [ 850.618431][ T1334] device bridge_slave_0 entered promiscuous mode [ 850.627521][ T1334] bridge0: port 2(bridge_slave_1) entered blocking state [ 850.634429][ T1334] bridge0: port 2(bridge_slave_1) entered disabled state [ 850.642856][ T1334] device bridge_slave_1 entered promiscuous mode [ 850.745903][ T1342] bridge0: port 1(bridge_slave_0) entered blocking state [ 850.752836][ T1342] bridge0: port 1(bridge_slave_0) entered disabled state [ 850.760646][ T1342] device bridge_slave_0 entered promiscuous mode [ 850.773171][ T1342] bridge0: port 2(bridge_slave_1) entered blocking state [ 850.780094][ T1342] bridge0: port 2(bridge_slave_1) entered disabled state [ 850.787295][ T1342] device bridge_slave_1 entered promiscuous mode [ 850.814747][ T1334] bridge0: port 2(bridge_slave_1) entered blocking state [ 850.821624][ T1334] bridge0: port 2(bridge_slave_1) entered forwarding state [ 850.829062][ T1334] bridge0: port 1(bridge_slave_0) entered blocking state [ 850.835831][ T1334] bridge0: port 1(bridge_slave_0) entered forwarding state [ 850.887846][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 850.895302][T27456] bridge0: port 1(bridge_slave_0) entered disabled state [ 850.902490][T27456] bridge0: port 2(bridge_slave_1) entered disabled state [ 850.937874][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 850.946096][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 850.952974][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 850.960205][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 850.968760][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 850.975717][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 850.984428][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 850.993127][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 851.028615][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 851.038979][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 851.053926][T27456] bridge0: port 1(bridge_slave_0) entered blocking state [ 851.060900][T27456] bridge0: port 1(bridge_slave_0) entered forwarding state [ 851.070469][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 851.078585][T27456] bridge0: port 2(bridge_slave_1) entered blocking state [ 851.085408][T27456] bridge0: port 2(bridge_slave_1) entered forwarding state [ 851.092593][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 851.100442][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 851.108337][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 851.123014][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 851.143017][ T1334] device veth0_vlan entered promiscuous mode [ 851.151184][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 851.159328][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 851.167331][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 851.181087][ T1342] device veth0_vlan entered promiscuous mode [ 851.194590][ T1342] device veth1_macvtap entered promiscuous mode [ 851.231832][T23073] device bridge_slave_1 left promiscuous mode [ 851.238026][T23073] bridge0: port 2(bridge_slave_1) entered disabled state [ 851.245482][T23073] device bridge_slave_0 left promiscuous mode [ 851.251500][T23073] bridge0: port 1(bridge_slave_0) entered disabled state [ 851.260306][T23073] device veth1_macvtap left promiscuous mode [ 851.266150][T23073] device veth0_vlan left promiscuous mode [ 851.505963][ T1405] loop2: detected capacity change from 0 to 512 [ 851.558134][ T1405] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz-executor.2: casefold flag without casefold feature [ 851.571161][ T1405] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.2: missing EA_INODE flag [ 851.583179][ T1405] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 12 err=-117 [ 851.595945][ T1405] EXT4-fs (loop2): 1 orphan inode deleted [ 851.606095][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 851.612233][ T1405] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 851.614511][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 851.630895][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 851.639352][ T1405] EXT4-fs (loop2): unmounting filesystem. [ 851.642003][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 851.652212][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 851.659495][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 851.667462][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 851.681068][ T1334] device veth1_macvtap entered promiscuous mode [ 851.695625][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 851.704261][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 851.706742][ T1416] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 851.712768][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 851.738750][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 851.746946][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 851.759169][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 851.768390][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 852.043780][ T1436] loop1: detected capacity change from 0 to 512 [ 852.052214][ T1436] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz-executor.1: casefold flag without casefold feature [ 852.066025][ T1436] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.1: missing EA_INODE flag [ 852.079879][ T1436] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 12 err=-117 [ 852.092583][ T1436] EXT4-fs (loop1): 1 orphan inode deleted [ 852.098565][ T1436] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 852.109452][ T1436] EXT4-fs (loop1): unmounting filesystem. [ 852.359115][ T1466] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 852.380688][ T1470] loop0: detected capacity change from 0 to 512 [ 852.388894][ T1470] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz-executor.0: casefold flag without casefold feature [ 852.403152][ T1470] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.0: missing EA_INODE flag [ 852.415696][ T1470] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 12 err=-117 [ 852.428421][ T1470] EXT4-fs (loop0): 1 orphan inode deleted [ 852.428456][T23073] device bridge_slave_1 left promiscuous mode [ 852.434017][ T1470] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 852.440369][T23073] bridge0: port 2(bridge_slave_1) entered disabled state [ 852.457857][T23073] device bridge_slave_0 left promiscuous mode [ 852.464096][T23073] bridge0: port 1(bridge_slave_0) entered disabled state [ 852.472451][ T1470] EXT4-fs (loop0): unmounting filesystem. [ 852.479558][T23073] device veth1_macvtap left promiscuous mode [ 852.493869][T23073] device veth0_vlan left promiscuous mode [ 852.760997][ T1509] overlayfs: failed to resolve './file0': -2 [ 852.770579][ T1509] overlayfs: failed to resolve './file0': -2 [ 852.802320][ T1507] bridge0: port 1(bridge_slave_0) entered blocking state [ 852.809366][ T1507] bridge0: port 1(bridge_slave_0) entered disabled state [ 852.816681][ T1507] device bridge_slave_0 entered promiscuous mode [ 852.828986][ T1507] bridge0: port 2(bridge_slave_1) entered blocking state [ 852.835839][ T1507] bridge0: port 2(bridge_slave_1) entered disabled state [ 852.843209][ T1507] device bridge_slave_1 entered promiscuous mode [ 852.906114][ T1507] bridge0: port 2(bridge_slave_1) entered blocking state [ 852.912993][ T1507] bridge0: port 2(bridge_slave_1) entered forwarding state [ 852.920071][ T1507] bridge0: port 1(bridge_slave_0) entered blocking state [ 852.926870][ T1507] bridge0: port 1(bridge_slave_0) entered forwarding state [ 852.952466][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 852.961521][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 852.968802][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 852.999767][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 853.009029][ T2861] bridge0: port 1(bridge_slave_0) entered blocking state [ 853.015892][ T2861] bridge0: port 1(bridge_slave_0) entered forwarding state [ 853.023211][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 853.031417][ T2861] bridge0: port 2(bridge_slave_1) entered blocking state [ 853.038296][ T2861] bridge0: port 2(bridge_slave_1) entered forwarding state [ 853.045924][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 853.053883][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 853.077034][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 853.088327][ T1507] device veth0_vlan entered promiscuous mode [ 853.095622][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 853.105762][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 853.114436][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 853.131824][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 853.141603][ T1507] device veth1_macvtap entered promiscuous mode [ 853.153080][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 853.172033][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 853.281378][ T1552] loop3: detected capacity change from 0 to 512 [ 853.293361][ T1556] loop0: detected capacity change from 0 to 512 [ 853.300036][ T1556] EXT4-fs: Ignoring removed mblk_io_submit option [ 853.301558][ T1552] EXT4-fs (loop3): 1 orphan inode deleted [ 853.306278][ T1556] EXT4-fs: Ignoring removed bh option [ 853.306940][ T1556] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 853.317214][ T1552] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 853.317295][ T1552] ext4 filesystem being mounted at /root/syzkaller-testdir861730463/syzkaller.i0XY45/15/file1 supports timestamps until 2038 (0x7fffffff) [ 853.328614][ T1556] EXT4-fs (loop0): 1 truncate cleaned up [ 853.355329][ T1556] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 853.355962][ T1342] EXT4-fs (loop3): unmounting filesystem. [ 853.416417][ T1556] loop0: detected capacity change from 512 to 0 [ 853.424132][ C0] I/O error, dev loop0, sector 14 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2 [ 853.433496][ C0] I/O error, dev loop0, sector 18 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 853.442835][ C0] I/O error, dev loop0, sector 16 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 853.445851][ T1556] EXT4-fs error (device loop0): ext4_get_inode_loc:4635: inode #12: block 7: comm syz-executor.0: unable to read itable block [ 853.452290][ C0] I/O error, dev loop0, sector 12 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 853.452319][ C0] I/O error, dev loop0, sector 10 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 853.465520][ T499] loop: Write error at byte offset 9223372036854776831, length 1024. [ 853.492124][ C0] I/O error, dev loop0, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 853.501450][ C0] I/O error, dev loop0, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 853.510693][ C0] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 853.518783][ T1556] EXT4-fs (loop0): I/O error while writing superblock [ 853.532956][ C1] I/O error, dev loop0, sector 26 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2 [ 853.545344][ T1334] EXT4-fs (loop0): unmounting filesystem. [ 853.551503][ T499] loop: Write error at byte offset 9223372036854776831, length 1024. [ 853.560648][ C1] I/O error, dev loop0, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 853.569985][ C1] I/O error, dev loop0, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 853.579224][ C1] Buffer I/O error on dev loop0, logical block 1, lost sync page write [ 853.587429][ T1334] EXT4-fs (loop0): I/O error while writing superblock [ 853.587849][T27456] usb 2-1: new high-speed USB device number 94 using dummy_hcd [ 853.637516][T23073] device bridge_slave_1 left promiscuous mode [ 853.643626][T23073] bridge0: port 2(bridge_slave_1) entered disabled state [ 853.651092][T23073] device bridge_slave_0 left promiscuous mode [ 853.657761][T23073] bridge0: port 1(bridge_slave_0) entered disabled state [ 853.670744][T23073] device veth1_macvtap left promiscuous mode [ 853.677499][T23073] device veth0_vlan left promiscuous mode [ 853.846256][ T1583] bridge0: port 1(bridge_slave_0) entered blocking state [ 853.853863][ T1583] bridge0: port 1(bridge_slave_0) entered disabled state [ 853.861463][ T1583] device bridge_slave_0 entered promiscuous mode [ 853.868560][ T1583] bridge0: port 2(bridge_slave_1) entered blocking state [ 853.875538][ T1583] bridge0: port 2(bridge_slave_1) entered disabled state [ 853.882913][ T1583] device bridge_slave_1 entered promiscuous mode [ 853.930771][ T1594] bridge0: port 3(veth1_macvtap) entered blocking state [ 853.937800][ T1594] bridge0: port 3(veth1_macvtap) entered disabled state [ 853.956412][T27456] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 853.965355][ T1583] bridge0: port 2(bridge_slave_1) entered blocking state [ 853.968910][T27456] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 853.973977][ T1583] bridge0: port 2(bridge_slave_1) entered forwarding state [ 853.984992][T27456] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 853.990743][ T1583] bridge0: port 1(bridge_slave_0) entered blocking state [ 853.999498][T27456] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 854.006342][ T1583] bridge0: port 1(bridge_slave_0) entered forwarding state [ 854.025630][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 854.034072][ T2861] bridge0: port 1(bridge_slave_0) entered disabled state [ 854.042689][ T2861] bridge0: port 2(bridge_slave_1) entered disabled state [ 854.061952][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 854.074586][T27456] usb 2-1: config 0 descriptor?? [ 854.088657][ T2861] bridge0: port 1(bridge_slave_0) entered blocking state [ 854.095517][ T2861] bridge0: port 1(bridge_slave_0) entered forwarding state [ 854.102802][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 854.110988][ T2861] bridge0: port 2(bridge_slave_1) entered blocking state [ 854.117851][ T2861] bridge0: port 2(bridge_slave_1) entered forwarding state [ 854.393394][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 854.415480][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 854.431605][ T1583] device veth0_vlan entered promiscuous mode [ 854.441073][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 854.449648][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 854.457521][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 854.464944][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 854.484983][ T1583] device veth1_macvtap entered promiscuous mode [ 854.493835][ T28] kauditd_printk_skb: 143 callbacks suppressed [ 854.493851][ T28] audit: type=1326 audit(2000000566.629:86794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73ff27cea9 code=0x7ffc0000 [ 854.494624][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 854.500943][ T28] audit: type=1326 audit(2000000566.629:86795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73ff27cea9 code=0x7ffc0000 [ 854.552014][ T1600] loop4: detected capacity change from 0 to 40427 [ 854.555559][ T28] audit: type=1326 audit(2000000566.679:86796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73ff27cea9 code=0x7ffc0000 [ 854.586400][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 854.588814][ T28] audit: type=1326 audit(2000000566.679:86797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73ff27cea9 code=0x7ffc0000 [ 854.594699][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 854.618275][ T28] audit: type=1326 audit(2000000566.679:86798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73ff27cea9 code=0x7ffc0000 [ 854.652855][ T1600] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 854.661081][ T1600] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 854.670437][T27456] holtek_kbd 0003:04D9:A055.009C: collection stack underflow [ 854.677815][T27456] holtek_kbd 0003:04D9:A055.009C: item 0 4 0 12 parsing failed [ 854.686269][T27456] holtek_kbd: probe of 0003:04D9:A055.009C failed with error -22 [ 854.692749][ T28] audit: type=1326 audit(2000000566.709:86799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73ff27cea9 code=0x7ffc0000 [ 854.697446][ T1600] F2FS-fs (loop4): Found nat_bits in checkpoint [ 854.722769][ T28] audit: type=1326 audit(2000000566.829:86800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f73ff27a627 code=0x7ffc0000 [ 854.752141][ T28] audit: type=1326 audit(2000000566.829:86801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f73ff240309 code=0x7ffc0000 [ 854.754377][ T1600] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 854.776701][ T28] audit: type=1326 audit(2000000566.829:86802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f73ff27a627 code=0x7ffc0000 [ 854.807211][ T28] audit: type=1326 audit(2000000566.829:86803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f73ff240309 code=0x7ffc0000 [ 854.831819][ T1600] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 854.873826][ T3972] usb 2-1: USB disconnect, device number 94 [ 854.908356][ T1619] syz-executor.4: attempt to access beyond end of device [ 854.908356][ T1619] loop4: rw=34817, sector=77824, nr_sectors = 2048 limit=40427 [ 854.917352][ T1622] loop3: detected capacity change from 0 to 128 [ 854.944571][ T1624] syz-executor.3[1624] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 854.944655][ T1624] syz-executor.3[1624] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 854.960547][ T1624] Invalid ELF header magic: != ELF [ 854.969478][ T569] kworker/u4:5: attempt to access beyond end of device [ 854.969478][ T569] loop4: rw=1, sector=62152, nr_sectors = 2264 limit=40427 [ 854.996290][ T569] kworker/u4:5: attempt to access beyond end of device [ 854.996290][ T569] loop4: rw=1, sector=64416, nr_sectors = 1120 limit=40427 [ 855.014434][ T569] kworker/u4:5: attempt to access beyond end of device [ 855.014434][ T569] loop4: rw=1, sector=49152, nr_sectors = 2232 limit=40427 [ 855.033382][ T569] kworker/u4:5: attempt to access beyond end of device [ 855.033382][ T569] loop4: rw=1, sector=51384, nr_sectors = 1864 limit=40427 [ 855.050664][ T569] kworker/u4:5: attempt to access beyond end of device [ 855.050664][ T569] loop4: rw=1, sector=61440, nr_sectors = 712 limit=40427 [ 855.071789][ T569] kworker/u4:5: attempt to access beyond end of device [ 855.071789][ T569] loop4: rw=1, sector=57344, nr_sectors = 2120 limit=40427 [ 855.089217][ T569] kworker/u4:5: attempt to access beyond end of device [ 855.089217][ T569] loop4: rw=1, sector=59464, nr_sectors = 1976 limit=40427 [ 855.106215][ T569] kworker/u4:5: attempt to access beyond end of device [ 855.106215][ T569] loop4: rw=1, sector=65536, nr_sectors = 2048 limit=40427 [ 855.123627][ T569] kworker/u4:5: attempt to access beyond end of device [ 855.123627][ T569] loop4: rw=1, sector=67584, nr_sectors = 2064 limit=40427 [ 855.155096][ T1188] F2FS-fs (loop4): Issue discard(9728, 9728, 512) failed, ret: -5 [ 855.357744][T23073] device bridge_slave_1 left promiscuous mode [ 855.361323][ T1650] loop4: detected capacity change from 0 to 512 [ 855.365519][T23073] bridge0: port 2(bridge_slave_1) entered disabled state [ 855.374491][ T1650] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz-executor.4: casefold flag without casefold feature [ 855.397642][T23073] device bridge_slave_0 left promiscuous mode [ 855.397697][ T1650] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.4: missing EA_INODE flag [ 855.403593][T23073] bridge0: port 1(bridge_slave_0) entered disabled state [ 855.423488][T23073] device veth1_macvtap left promiscuous mode [ 855.431344][T23073] device veth0_vlan left promiscuous mode [ 855.459878][ T1650] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 12 err=-117 [ 855.473774][ T1655] loop1: detected capacity change from 0 to 128 [ 855.483658][ T1650] EXT4-fs (loop4): 1 orphan inode deleted [ 855.493230][ T1650] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 855.524921][ T1650] EXT4-fs (loop4): unmounting filesystem. [ 855.753599][ T1683] loop4: detected capacity change from 0 to 128 [ 855.760876][ T1676] loop2: detected capacity change from 0 to 128 [ 855.767393][ T1676] FAT-fs (loop2): Unrecognized mount option "" or missing value [ 855.849037][ T1689] loop3: detected capacity change from 0 to 512 [ 855.856937][ T1689] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz-executor.3: casefold flag without casefold feature [ 855.869958][ T1689] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.3: missing EA_INODE flag [ 855.881911][ T1689] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 12 err=-117 [ 855.894839][ T1689] EXT4-fs (loop3): 1 orphan inode deleted [ 855.900489][ T1689] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 855.912948][ T1689] EXT4-fs (loop3): unmounting filesystem. [ 855.916374][T26714] usb 2-1: new high-speed USB device number 95 using dummy_hcd [ 856.156766][T26714] usb 2-1: Using ep0 maxpacket: 8 [ 856.178566][ T1715] loop0: detected capacity change from 0 to 512 [ 856.188924][ T1715] EXT4-fs (loop0): 1 orphan inode deleted [ 856.194482][ T1715] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 856.203602][ T1715] ext4 filesystem being mounted at /root/syzkaller-testdir1721025081/syzkaller.jtWSb2/8/file1 supports timestamps until 2038 (0x7fffffff) [ 856.225993][ T1583] EXT4-fs (loop0): unmounting filesystem. [ 856.276403][T26714] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 856.332348][ T1739] loop0: detected capacity change from 0 to 512 [ 856.348113][ T1739] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 856.357081][ T1739] ext4 filesystem being mounted at /root/syzkaller-testdir1721025081/syzkaller.jtWSb2/13/file0 supports timestamps until 2038 (0x7fffffff) [ 856.374821][ T1583] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 3: comm syz-executor.0: path /root/syzkaller-testdir1721025081/syzkaller.jtWSb2/13/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0 [ 856.400468][ T1583] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 12: comm syz-executor.0: path /root/syzkaller-testdir1721025081/syzkaller.jtWSb2/13/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 856.426787][T26714] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 856.427094][ T1583] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 13: comm syz-executor.0: path /root/syzkaller-testdir1721025081/syzkaller.jtWSb2/13/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 856.435632][T26714] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 856.435653][T26714] usb 2-1: SerialNumber: syz [ 856.461572][ T1583] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 14: comm syz-executor.0: path /root/syzkaller-testdir1721025081/syzkaller.jtWSb2/13/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 856.469963][T26714] usb 2-1: config 0 descriptor?? [ 856.473832][ T1583] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 15: comm syz-executor.0: path /root/syzkaller-testdir1721025081/syzkaller.jtWSb2/13/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 856.528100][ T1583] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 16: comm syz-executor.0: path /root/syzkaller-testdir1721025081/syzkaller.jtWSb2/13/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 856.554031][ T1583] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 17: comm syz-executor.0: path /root/syzkaller-testdir1721025081/syzkaller.jtWSb2/13/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 856.579243][ T1583] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 18: comm syz-executor.0: lblock 23 mapped to illegal pblock 18 (length 1) [ 856.596168][ T1583] EXT4-fs error (device loop0): ext4_readdir:260: inode #12: block 32: comm syz-executor.0: path /root/syzkaller-testdir1721025081/syzkaller.jtWSb2/13/file0/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=12, rec_len=106, size=2048 fake=1 [ 856.621212][ T1583] EXT4-fs error (device loop0): ext4_empty_dir:3099: inode #12: block 32: comm syz-executor.0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=12, rec_len=106, size=2048 fake=1 [ 856.645489][ T1583] EXT4-fs warning (device loop0): ext4_empty_dir:3101: inode #12: comm syz-executor.0: directory missing '.' [ 856.658684][ T1583] EXT4-fs warning (device loop0): ext4_empty_dir:3101: inode #12: comm syz-executor.0: directory missing '.' [ 856.671371][ T1583] EXT4-fs warning (device loop0): ext4_empty_dir:3101: inode #12: comm syz-executor.0: directory missing '.' [ 856.683849][ T1583] EXT4-fs warning (device loop0): ext4_empty_dir:3101: inode #12: comm syz-executor.0: directory missing '.' [ 856.695918][ T1583] EXT4-fs warning (device loop0): ext4_empty_dir:3101: inode #12: comm syz-executor.0: directory missing '.' [ 856.708301][ T1583] EXT4-fs warning (device loop0): ext4_empty_dir:3101: inode #12: comm syz-executor.0: directory missing '.' [ 856.720650][ T1583] EXT4-fs warning (device loop0): ext4_empty_dir:3101: inode #12: comm syz-executor.0: directory missing '.' [ 856.732700][ T1583] EXT4-fs warning (device loop0): ext4_empty_dir:3101: inode #12: comm syz-executor.0: directory missing '.' [ 856.744924][ T1583] EXT4-fs warning (device loop0): ext4_empty_dir:3101: inode #12: comm syz-executor.0: directory missing '.' [ 856.756968][ T1583] EXT4-fs warning (device loop0): ext4_empty_dir:3101: inode #12: comm syz-executor.0: directory missing '.' [ 856.796602][T26714] usb 2-1: Found UVC 0.00 device (05ac:8501) [ 856.803561][T26714] usb 2-1: No valid video chain found. [ 856.848990][ T1583] EXT4-fs (loop0): unmounting filesystem. [ 857.006836][ T5355] usb 2-1: USB disconnect, device number 95 [ 857.034349][ T1764] bridge0: port 1(bridge_slave_0) entered blocking state [ 857.041617][ T1764] bridge0: port 1(bridge_slave_0) entered disabled state [ 857.049060][ T1764] device bridge_slave_0 entered promiscuous mode [ 857.059306][ T1764] bridge0: port 2(bridge_slave_1) entered blocking state [ 857.066233][ T1764] bridge0: port 2(bridge_slave_1) entered disabled state [ 857.073470][ T1764] device bridge_slave_1 entered promiscuous mode [ 857.131051][ T1765] bridge0: port 1(bridge_slave_0) entered blocking state [ 857.138169][ T1765] bridge0: port 1(bridge_slave_0) entered disabled state [ 857.145552][ T1765] device bridge_slave_0 entered promiscuous mode [ 857.163068][ T1765] bridge0: port 2(bridge_slave_1) entered blocking state [ 857.170094][ T1765] bridge0: port 2(bridge_slave_1) entered disabled state [ 857.177445][ T1765] device bridge_slave_1 entered promiscuous mode [ 857.211026][ T1764] bridge0: port 2(bridge_slave_1) entered blocking state [ 857.217912][ T1764] bridge0: port 2(bridge_slave_1) entered forwarding state [ 857.225011][ T1764] bridge0: port 1(bridge_slave_0) entered blocking state [ 857.231802][ T1764] bridge0: port 1(bridge_slave_0) entered forwarding state [ 857.289146][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 857.296599][ T2861] bridge0: port 1(bridge_slave_0) entered disabled state [ 857.303634][ T2861] bridge0: port 2(bridge_slave_1) entered disabled state [ 857.326181][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 857.334620][ T5355] bridge0: port 1(bridge_slave_0) entered blocking state [ 857.341530][ T5355] bridge0: port 1(bridge_slave_0) entered forwarding state [ 857.348904][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 857.357216][ T5355] bridge0: port 2(bridge_slave_1) entered blocking state [ 857.364098][ T5355] bridge0: port 2(bridge_slave_1) entered forwarding state [ 857.386639][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 857.394644][T27456] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 857.407095][T23073] device bridge_slave_1 left promiscuous mode [ 857.413044][T23073] bridge0: port 2(bridge_slave_1) entered disabled state [ 857.420863][T23073] device bridge_slave_0 left promiscuous mode [ 857.426898][T23073] bridge0: port 1(bridge_slave_0) entered disabled state [ 857.434844][T23073] device veth1_macvtap left promiscuous mode [ 857.440850][T23073] device veth0_vlan left promiscuous mode [ 857.559292][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 857.582434][ T1764] device veth0_vlan entered promiscuous mode [ 857.590512][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 857.601891][ T1787] syz-executor.1[1787] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 857.601962][ T1787] syz-executor.1[1787] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 857.604787][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 857.637206][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 857.666205][ T2861] hid-generic 0000:0000:0000.009D: unknown main item tag 0x0 [ 857.674050][ T2861] hid-generic 0000:0000:0000.009D: hidraw0: HID v0.00 Device [syz1] on syz0 [ 857.728011][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 857.736233][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 857.756744][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 857.764968][ T3972] bridge0: port 1(bridge_slave_0) entered blocking state [ 857.771823][ T3972] bridge0: port 1(bridge_slave_0) entered forwarding state [ 857.781202][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 857.789586][ T3972] bridge0: port 2(bridge_slave_1) entered blocking state [ 857.796441][ T3972] bridge0: port 2(bridge_slave_1) entered forwarding state [ 857.804088][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 857.815572][ T1764] device veth1_macvtap entered promiscuous mode [ 857.832575][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 857.841477][ T1796] loop1: detected capacity change from 0 to 256 [ 857.848186][ T3972] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 857.863611][ T1765] device veth0_vlan entered promiscuous mode [ 857.879013][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 857.888454][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 857.896897][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 857.905185][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 857.913367][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 857.920974][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 857.942167][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 857.950702][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 857.961541][ T1765] device veth1_macvtap entered promiscuous mode [ 857.980428][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 857.988409][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 858.003470][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 858.034980][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 858.063278][ T5355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 858.139930][ T1818] syz-executor.0[1818] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 858.140042][ T1818] syz-executor.0[1818] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 858.190054][ T1826] EXT4-fs warning (device sda1): ext4_group_extend:1877: need to use ext2online to resize further [ 858.619985][ T1841] tipc: Failed to remove unknown binding: 66,1,1/0:1615372081/1615372083 [ 858.628595][ T1841] tipc: Failed to remove unknown binding: 66,1,1/0:1615372081/1615372083 [ 858.764642][ T1868] tipc: Failed to remove unknown binding: 66,1,1/0:1377937571/1377937573 [ 858.766188][ T1870] bridge0: port 2(bridge_slave_1) entered disabled state [ 858.773164][ T1868] tipc: Failed to remove unknown binding: 66,1,1/0:1377937571/1377937573 [ 858.793832][ T1872] loop3: detected capacity change from 0 to 512 [ 858.802651][T23073] device bridge_slave_1 left promiscuous mode [ 858.810284][T23073] bridge0: port 2(bridge_slave_1) entered disabled state [ 858.815186][ T1872] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 858.831182][T23073] device bridge_slave_0 left promiscuous mode [ 858.831209][ T1872] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 858.837586][T23073] bridge0: port 1(bridge_slave_0) entered disabled state [ 858.849928][ T1872] EXT4-fs (loop3): 1 orphan inode deleted [ 858.861997][ T1872] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 858.870635][T23073] device veth1_macvtap left promiscuous mode [ 858.878418][ T1342] EXT4-fs (loop3): unmounting filesystem. [ 858.882603][T23073] device veth0_vlan left promiscuous mode [ 859.025208][ T1903] serio: Serial port ptm0 [ 859.218300][ T1926] bridge0: port 2(bridge_slave_1) entered disabled state [ 859.346072][ T1934] SELinux: security_context_str_to_sid (Eá…) failed with errno=-22 [ 859.610582][ T1948] device pim6reg1 entered promiscuous mode [ 859.716437][ T3972] usb 2-1: new high-speed USB device number 96 using dummy_hcd [ 859.770624][ T1964] loop2: detected capacity change from 0 to 512 [ 859.779137][ T1964] EXT4-fs error (device loop2): mb_free_blocks:1813: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 859.793687][ T1964] EXT4-fs (loop2): Remounting filesystem read-only [ 859.800226][ T1964] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz-executor.2: invalid indirect mapped block 1 (level 1) [ 859.813854][ T1964] EXT4-fs (loop2): 1 truncate cleaned up [ 859.819613][ T1964] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 859.830499][ T1964] EXT4-fs error (device loop2): ext4_lookup:1847: inode #2: comm syz-executor.2: bad inode number: 1 [ 859.841851][ T1964] EXT4-fs (loop2): Remounting filesystem read-only [ 859.852822][ T1765] EXT4-fs (loop2): unmounting filesystem. [ 859.886057][ T1960] loop0: detected capacity change from 0 to 40427 [ 859.897576][ T1960] F2FS-fs (loop0): Found nat_bits in checkpoint [ 859.943583][ T1960] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 860.046028][ T1991] loop3: detected capacity change from 0 to 256 [ 860.106433][ T3972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 860.117366][ T3972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 860.127053][ T3972] usb 2-1: New USB device found, idVendor=04b4, idProduct=0001, bcdDevice= 0.00 [ 860.136103][ T3972] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 860.144749][ T3972] usb 2-1: config 0 descriptor?? [ 860.171143][ T1984] loop0: detected capacity change from 0 to 40427 [ 860.177932][ T1984] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 860.185389][ T1984] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 860.194212][ T1984] F2FS-fs (loop0): invalid crc value [ 860.201603][ T1984] F2FS-fs (loop0): Found nat_bits in checkpoint [ 860.225081][ T1984] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 860.232013][ T1984] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 860.376533][ T2861] usb 4-1: new high-speed USB device number 114 using dummy_hcd [ 860.574385][ T2019] loop0: detected capacity change from 0 to 256 [ 860.626443][ T2861] usb 4-1: Using ep0 maxpacket: 32 [ 860.631962][ T3972] cypress 0003:04B4:0001.009E: ignoring exceeding usage max [ 860.640624][ T3972] cypress 0003:04B4:0001.009E: hidraw0: USB HID v0.00 Device [HID 04b4:0001] on usb-dummy_hcd.1-1/input0 [ 860.659527][ T2032] syz-executor.0[2032] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 860.659573][ T2032] syz-executor.0[2032] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 860.766473][ T2861] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 860.788975][ T2861] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 860.799159][ T2861] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 860.808155][ T2861] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 860.816770][ T2861] usb 4-1: config 0 descriptor?? [ 860.822213][ T28] kauditd_printk_skb: 228 callbacks suppressed [ 860.822229][ T28] audit: type=1326 audit(2000000572.959:87032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2039 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f7c7cea9 code=0x7fc00000 [ 860.823700][ T2043] EXT4-fs warning (device sda1): ext4_group_extend:1877: need to use ext2online to resize further [ 860.835368][ T5355] usb 2-1: USB disconnect, device number 96 [ 860.875071][ T28] audit: type=1326 audit(2000000573.019:87033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2039 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7ff1f7c7cea9 code=0x7fc00000 [ 860.899438][ T2861] hub 4-1:0.0: USB hub found [ 861.008635][ T2055] syz-executor.2[2055] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 861.008684][ T2055] syz-executor.2[2055] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 861.106517][ T2861] hub 4-1:0.0: 2 ports detected [ 861.124845][ T2861] usb 4-1: selecting invalid altsetting 1 [ 861.131139][ T2861] hub 4-1:0.0: Using single TT (err -22) [ 861.316402][ T2861] hub 4-1:0.0: hub_hub_status failed (err = -71) [ 861.323070][ T2861] hub 4-1:0.0: config failed, can't get hub status (err -71) [ 861.373626][ T2084] loop2: detected capacity change from 0 to 1024 [ 861.381832][ T2084] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 861.392694][ T2084] EXT4-fs error (device loop2): ext4_xattr_ibody_list:748: inode #2: comm syz-executor.2: corrupted in-inode xattr [ 861.405096][ T2084] EXT4-fs (loop2): Remounting filesystem read-only [ 861.416521][ T1765] EXT4-fs (loop2): unmounting filesystem. [ 861.466410][ T2861] usbhid 4-1:0.0: can't add hid device: -71 [ 861.472251][ T2861] usbhid: probe of 4-1:0.0 failed with error -71 [ 861.506577][ T2861] usb 4-1: USB disconnect, device number 114 [ 861.547175][ T28] audit: type=1326 audit(2000000573.689:87034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2039 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f7c7cea9 code=0x7fc00000 [ 861.657029][ T2105] loop0: detected capacity change from 0 to 256 [ 861.780624][ T2113] bridge0: port 1(bridge_slave_0) entered blocking state [ 861.787655][ T2113] bridge0: port 1(bridge_slave_0) entered disabled state [ 861.794870][ T2113] device bridge_slave_0 entered promiscuous mode [ 861.804880][ T2113] bridge0: port 2(bridge_slave_1) entered blocking state [ 861.811829][ T2113] bridge0: port 2(bridge_slave_1) entered disabled state [ 861.819321][ T2113] device bridge_slave_1 entered promiscuous mode [ 861.882095][ T2113] bridge0: port 2(bridge_slave_1) entered blocking state [ 861.888993][ T2113] bridge0: port 2(bridge_slave_1) entered forwarding state [ 861.896074][ T2113] bridge0: port 1(bridge_slave_0) entered blocking state [ 861.902860][ T2113] bridge0: port 1(bridge_slave_0) entered forwarding state [ 861.931252][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 861.938947][T26714] bridge0: port 1(bridge_slave_0) entered disabled state [ 861.946040][T26714] bridge0: port 2(bridge_slave_1) entered disabled state [ 861.966236][ T2113] device veth0_vlan entered promiscuous mode [ 861.973774][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 861.976419][ T39] usb 3-1: new high-speed USB device number 91 using dummy_hcd [ 861.982868][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 862.251958][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 862.259348][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 862.269741][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 862.277882][T26714] bridge0: port 1(bridge_slave_0) entered blocking state [ 862.284739][T26714] bridge0: port 1(bridge_slave_0) entered forwarding state [ 862.292001][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 862.300373][T26714] bridge0: port 2(bridge_slave_1) entered blocking state [ 862.307243][T26714] bridge0: port 2(bridge_slave_1) entered forwarding state [ 862.314483][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 862.322280][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 862.331978][ T2126] netem: change failed [ 862.344531][ T2113] device veth1_macvtap entered promiscuous mode [ 862.351660][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 862.354889][ T28] audit: type=1326 audit(2000000574.499:87035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2129 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb0bfe7cea9 code=0x0 [ 862.389939][ T2861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 862.407049][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 862.415281][T26714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 862.437520][ T2135] incfs: ino conflict with backing FS 1 [ 862.443455][ T2135] incfs: ino conflict with backing FS 2 [ 862.450046][ T2135] incfs: ino conflict with backing FS 5 [ 862.526547][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 862.537357][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 862.546981][ T39] usb 3-1: New USB device found, idVendor=04b4, idProduct=0001, bcdDevice= 0.00 [ 862.555811][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 862.564945][ T39] usb 3-1: config 0 descriptor?? [ 862.575764][ T2153] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'. [ 862.585054][ T2153] tipc: Enabling of bearer rejected, failed to enable media [ 862.629001][ T2163] incfs: ino conflict with backing FS 1 [ 862.635092][ T2163] incfs: ino conflict with backing FS 2 [ 862.641304][ T2163] incfs: ino conflict with backing FS 5 [ 862.727715][T23073] device bridge_slave_1 left promiscuous mode [ 862.733865][T23073] bridge0: port 2(bridge_slave_1) entered disabled state [ 862.741698][T23073] device bridge_slave_0 left promiscuous mode [ 862.747713][T23073] bridge0: port 1(bridge_slave_0) entered disabled state [ 862.755904][T23073] device veth1_macvtap left promiscuous mode [ 862.761933][T23073] device veth0_vlan left promiscuous mode [ 862.863916][ T28] audit: type=1326 audit(2000000574.999:87036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2174 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6767cea9 code=0x7fc00000 [ 862.865567][ T2176] EXT4-fs warning (device sda1): ext4_group_extend:1877: need to use ext2online to resize further [ 862.917217][ T28] audit: type=1326 audit(2000000575.059:87037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2174 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f4f6767cea9 code=0x7fc00000 [ 862.956543][T26714] usb 4-1: new high-speed USB device number 115 using dummy_hcd [ 863.046916][ T39] cypress 0003:04B4:0001.009F: ignoring exceeding usage max [ 863.055224][ T39] cypress 0003:04B4:0001.009F: hidraw0: USB HID v0.00 Device [HID 04b4:0001] on usb-dummy_hcd.2-1/input0 [ 863.165767][ T2183] loop4: detected capacity change from 0 to 1024 [ 863.174171][ T2183] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 863.188709][ T1188] EXT4-fs (loop4): unmounting filesystem. [ 863.216113][ T2191] incfs: ino conflict with backing FS 1 [ 863.222320][ T2191] incfs: ino conflict with backing FS 2 [ 863.228636][ T2191] incfs: ino conflict with backing FS 5 [ 863.285991][ T39] usb 3-1: USB disconnect, device number 91 [ 863.296984][ T2199] device pim6reg1 entered promiscuous mode [ 863.336478][T26714] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 863.403553][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.410907][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.418173][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.425488][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.432906][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.440276][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.447924][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.455139][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.463704][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.471127][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.478430][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.485669][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.492990][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.500346][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.507627][T26714] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 863.516788][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.524032][T26714] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 863.531859][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.539055][T26714] usb 4-1: Product: syz [ 863.542981][T26714] usb 4-1: Manufacturer: syz [ 863.547463][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.554644][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.561872][T26714] usb 4-1: SerialNumber: syz [ 863.568594][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.575862][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.583080][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.590276][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597540][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597566][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597586][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597605][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597624][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597643][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597663][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597683][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597702][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597721][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597741][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597760][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597780][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597800][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597826][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597845][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597865][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597884][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597903][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597923][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.597942][ T19] hid-generic 0000:0000:0000.00A0: unknown main item tag 0x0 [ 863.598407][ T19] hid-generic 0000:0000:0000.00A0: hidraw0: HID v0.00 Device [syz0] on syz0 [ 863.755630][ T2224] loop4: detected capacity change from 0 to 128 [ 863.775374][ T28] audit: type=1326 audit(2000000575.909:87038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2174 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6767cea9 code=0x7fc00000 [ 863.784291][ T2224] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 863.807701][ T28] audit: type=1326 audit(2000000575.909:87039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2174 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4f6767cea9 code=0x7fc00000 [ 863.834834][ T28] audit: type=1326 audit(2000000575.909:87040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2174 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6767cea9 code=0x7fc00000 [ 863.861985][ T28] audit: type=1326 audit(2000000575.909:87041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2174 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f6767cea9 code=0x7fc00000 [ 863.894613][ T2222] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 863.910320][ T2229] EXT4-fs (sda1): re-mounted. Quota mode: none. [ 863.923388][ T2234] fscrypt (sda1, inode 1963): Direct key flag not allowed with different contents and filenames modes [ 864.036619][ T2258] tipc: MTU too low for tipc bearer [ 864.054704][ T2257] syz-executor.2[2257] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 864.054778][ T2257] syz-executor.2[2257] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 864.083260][ T2263] EXT4-fs warning (device sda1): __ext4_ioctl:1246: Setting inode version is not supported with metadata_csum enabled. [ 864.108375][ T2261] EXT4-fs (sda1): re-mounted. Quota mode: none. [ 864.405334][ T2323] incfs: ino conflict with backing FS 1 [ 864.411493][ T2323] incfs: ino conflict with backing FS 2 [ 864.417712][ T2323] incfs: ino conflict with backing FS 5 [ 864.469821][ T2330] loop1: detected capacity change from 0 to 2048 [ 864.497375][ T2330] Alternate GPT is invalid, using primary GPT. [ 864.504661][ T2330] loop1: p1 p2 p3 [ 864.668535][ T2350] incfs: ino conflict with backing FS 1 [ 864.681128][ T2350] incfs: ino conflict with backing FS 2 [ 864.692698][ T2350] incfs: ino conflict with backing FS 5 [ 864.736435][T26714] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 864.742872][T26714] cdc_ncm 4-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 864.750489][T26714] cdc_ncm 4-1:1.0: setting rx_max = 2048 [ 864.946400][T26714] cdc_ncm 4-1:1.0: setting tx_max = 184 [ 864.953599][T26714] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 864.970089][ T2360] loop0: detected capacity change from 0 to 1024 [ 864.988696][T26714] usb 4-1: USB disconnect, device number 115 [ 864.994761][T26714] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP) [ 865.014054][ T2360] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal [ 865.035310][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.044005][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.061421][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.068722][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.086036][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.106220][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.113503][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.130874][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.144929][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.162441][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.172536][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.186452][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.203847][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.224038][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.231369][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.246368][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.263775][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.273868][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.294068][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.304165][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.319883][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.336354][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.353909][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.374088][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.381438][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.396352][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.413795][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.423885][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.443389][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.456368][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.474180][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.486064][ T3972] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0 [ 865.506620][ T3972] hid-generic 0000:0000:0000.00A1: hidraw0: HID v0.00 Device [syz0] on syz0 [ 865.526547][ T3972] ================================================================== [ 865.534438][ T3972] BUG: KASAN: use-after-free in worker_thread+0xa36/0x1260 [ 865.541475][ T3972] Read of size 8 at addr ffff88813921ece0 by task kworker/0:7/3972 [ 865.549274][ T3972] [ 865.551450][ T3972] CPU: 0 PID: 3972 Comm: kworker/0:7 Tainted: G W 6.1.78-syzkaller-00003-gdda68b1657b1 #0 [ 865.562557][ T3972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 865.572449][ T3972] Workqueue: 0x0 (events) [ 865.576702][ T3972] Call Trace: [ 865.579822][ T3972] [ 865.582717][ T3972] dump_stack_lvl+0x151/0x1b7 [ 865.587203][ T3972] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 865.592494][ T3972] ? _printk+0xd1/0x111 [ 865.596492][ T3972] ? __virt_addr_valid+0x242/0x2f0 [ 865.601434][ T3972] print_report+0x158/0x4e0 [ 865.605769][ T3972] ? __virt_addr_valid+0x242/0x2f0 [ 865.610719][ T3972] ? kasan_complete_mode_report_info+0x90/0x1b0 [ 865.616794][ T3972] ? worker_thread+0xa36/0x1260 [ 865.621478][ T3972] kasan_report+0x13c/0x170 [ 865.625820][ T3972] ? worker_thread+0xa36/0x1260 [ 865.630507][ T3972] __asan_report_load8_noabort+0x14/0x20 [ 865.635974][ T3972] worker_thread+0xa36/0x1260 [ 865.640493][ T3972] kthread+0x26d/0x300 [ 865.644392][ T3972] ? worker_clr_flags+0x1a0/0x1a0 [ 865.649254][ T3972] ? kthread_blkcg+0xd0/0xd0 [ 865.653683][ T3972] ret_from_fork+0x1f/0x30 [ 865.657935][ T3972] [ 865.660796][ T3972] [ 865.662964][ T3972] Allocated by task 26714: [ 865.667219][ T3972] kasan_set_track+0x4b/0x70 [ 865.671645][ T3972] kasan_save_alloc_info+0x1f/0x30 [ 865.676590][ T3972] __kasan_kmalloc+0x9c/0xb0 [ 865.681017][ T3972] __kmalloc_node+0xb4/0x1e0 [ 865.685444][ T3972] kvmalloc_node+0x221/0x640 [ 865.689886][ T3972] alloc_netdev_mqs+0x8c/0xf90 [ 865.694475][ T3972] alloc_etherdev_mqs+0x36/0x40 [ 865.699158][ T3972] usbnet_probe+0x207/0x27c0 [ 865.703585][ T3972] usb_probe_interface+0x5b6/0xa90 [ 865.708530][ T3972] really_probe+0x2b8/0x920 [ 865.712876][ T3972] __driver_probe_device+0x1a0/0x310 [ 865.717990][ T3972] driver_probe_device+0x54/0x3d0 [ 865.722850][ T3972] __device_attach_driver+0x2e3/0x490 [ 865.728059][ T3972] bus_for_each_drv+0x183/0x200 [ 865.732745][ T3972] __device_attach+0x312/0x510 [ 865.737344][ T3972] device_initial_probe+0x1a/0x20 [ 865.742206][ T3972] bus_probe_device+0xbe/0x1e0 [ 865.746807][ T3972] device_add+0xb60/0xf10 [ 865.750971][ T3972] usb_set_configuration+0x190f/0x1e80 [ 865.756266][ T3972] usb_generic_driver_probe+0x8b/0x150 [ 865.761562][ T3972] usb_probe_device+0x144/0x260 [ 865.766336][ T3972] really_probe+0x2b8/0x920 [ 865.770760][ T3972] __driver_probe_device+0x1a0/0x310 [ 865.775882][ T3972] driver_probe_device+0x54/0x3d0 [ 865.780739][ T3972] __device_attach_driver+0x2e3/0x490 [ 865.785949][ T3972] bus_for_each_drv+0x183/0x200 [ 865.790644][ T3972] __device_attach+0x312/0x510 [ 865.795237][ T3972] device_initial_probe+0x1a/0x20 [ 865.800097][ T3972] bus_probe_device+0xbe/0x1e0 [ 865.804694][ T3972] device_add+0xb60/0xf10 [ 865.808877][ T3972] usb_new_device+0xf32/0x1810 [ 865.813462][ T3972] hub_event+0x2db1/0x4830 [ 865.817714][ T3972] process_one_work+0x73d/0xcb0 [ 865.822403][ T3972] worker_thread+0xa60/0x1260 [ 865.826912][ T3972] kthread+0x26d/0x300 [ 865.830844][ T3972] ret_from_fork+0x1f/0x30 [ 865.835071][ T3972] [ 865.837243][ T3972] Freed by task 26714: [ 865.841155][ T3972] kasan_set_track+0x4b/0x70 [ 865.845579][ T3972] kasan_save_free_info+0x2b/0x40 [ 865.850437][ T3972] ____kasan_slab_free+0x131/0x180 [ 865.855381][ T3972] __kasan_slab_free+0x11/0x20 [ 865.859981][ T3972] __kmem_cache_free+0x218/0x3b0 [ 865.864753][ T3972] kfree+0x7a/0xf0 [ 865.868315][ T3972] kvfree+0x35/0x40 [ 865.871957][ T3972] netdev_freemem+0x3f/0x60 [ 865.876301][ T3972] netdev_release+0x7f/0xb0 [ 865.880636][ T3972] device_release+0x95/0x1c0 [ 865.885063][ T3972] kobject_put+0x178/0x260 [ 865.889316][ T3972] put_device+0x1f/0x30 [ 865.893308][ T3972] free_netdev+0x393/0x480 [ 865.897560][ T3972] usbnet_disconnect+0x245/0x390 [ 865.902335][ T3972] usb_unbind_interface+0x1fa/0x8c0 [ 865.907371][ T3972] device_release_driver_internal+0x53e/0x870 [ 865.913269][ T3972] device_release_driver+0x19/0x20 [ 865.918226][ T3972] bus_remove_device+0x2fa/0x360 [ 865.923004][ T3972] device_del+0x663/0xe90 [ 865.927157][ T3972] usb_disable_device+0x380/0x720 [ 865.932016][ T3972] usb_disconnect+0x32a/0x890 [ 865.936531][ T3972] hub_event+0x1ed8/0x4830 [ 865.940826][ T3972] process_one_work+0x73d/0xcb0 [ 865.945563][ T3972] worker_thread+0xd71/0x1260 [ 865.950165][ T3972] kthread+0x26d/0x300 [ 865.954074][ T3972] ret_from_fork+0x1f/0x30 [ 865.958404][ T3972] [ 865.960489][ T3972] Last potentially related work creation: [ 865.966041][ T3972] kasan_save_stack+0x3b/0x60 [ 865.970563][ T3972] __kasan_record_aux_stack+0xb4/0xc0 [ 865.975767][ T3972] kasan_record_aux_stack_noalloc+0xb/0x10 [ 865.981489][ T3972] insert_work+0x56/0x310 [ 865.985654][ T3972] __queue_work+0x9b6/0xd70 [ 865.990081][ T3972] queue_work_on+0x105/0x170 [ 865.994506][ T3972] usbnet_link_change+0xeb/0x100 [ 865.999281][ T3972] usbnet_probe+0x1dbe/0x27c0 [ 866.003804][ T3972] usb_probe_interface+0x5b6/0xa90 [ 866.008751][ T3972] really_probe+0x2b8/0x920 [ 866.013080][ T3972] __driver_probe_device+0x1a0/0x310 [ 866.018201][ T3972] driver_probe_device+0x54/0x3d0 [ 866.023061][ T3972] __device_attach_driver+0x2e3/0x490 [ 866.028273][ T3972] bus_for_each_drv+0x183/0x200 [ 866.032954][ T3972] __device_attach+0x312/0x510 [ 866.037555][ T3972] device_initial_probe+0x1a/0x20 [ 866.042415][ T3972] bus_probe_device+0xbe/0x1e0 [ 866.047015][ T3972] device_add+0xb60/0xf10 [ 866.051182][ T3972] usb_set_configuration+0x190f/0x1e80 [ 866.056564][ T3972] usb_generic_driver_probe+0x8b/0x150 [ 866.061856][ T3972] usb_probe_device+0x144/0x260 [ 866.066544][ T3972] really_probe+0x2b8/0x920 [ 866.070884][ T3972] __driver_probe_device+0x1a0/0x310 [ 866.076004][ T3972] driver_probe_device+0x54/0x3d0 [ 866.080864][ T3972] __device_attach_driver+0x2e3/0x490 [ 866.086073][ T3972] bus_for_each_drv+0x183/0x200 [ 866.090757][ T3972] __device_attach+0x312/0x510 [ 866.095362][ T3972] device_initial_probe+0x1a/0x20 [ 866.100316][ T3972] bus_probe_device+0xbe/0x1e0 [ 866.104916][ T3972] device_add+0xb60/0xf10 [ 866.109084][ T3972] usb_new_device+0xf32/0x1810 [ 866.113768][ T3972] hub_event+0x2db1/0x4830 [ 866.118021][ T3972] process_one_work+0x73d/0xcb0 [ 866.122708][ T3972] worker_thread+0xa60/0x1260 [ 866.127221][ T3972] kthread+0x26d/0x300 [ 866.131126][ T3972] ret_from_fork+0x1f/0x30 [ 866.135379][ T3972] [ 866.137551][ T3972] The buggy address belongs to the object at ffff88813921e000 [ 866.137551][ T3972] which belongs to the cache kmalloc-4k of size 4096 [ 866.151528][ T3972] The buggy address is located 3296 bytes inside of [ 866.151528][ T3972] 4096-byte region [ffff88813921e000, ffff88813921f000) [ 866.164897][ T3972] [ 866.167100][ T3972] The buggy address belongs to the physical page: [ 866.173409][ T3972] page:ffffea0004e48600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x139218 [ 866.183462][ T3972] head:ffffea0004e48600 order:3 compound_mapcount:0 compound_pincount:0 [ 866.191628][ T3972] flags: 0x4000000000010200(slab|head|zone=1) [ 866.197539][ T3972] raw: 4000000000010200 ffffea0004b0e600 dead000000000002 ffff888100043380 [ 866.205949][ T3972] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 866.214366][ T3972] page dumped because: kasan: bad access detected [ 866.220623][ T3972] page_owner tracks the page as allocated [ 866.226164][ T3972] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 29793, tgid 29793 (syz-executor.4), ts 721204608014, free_ts 721188437630 [ 866.249253][ T3972] post_alloc_hook+0x213/0x220 [ 866.253969][ T3972] prep_new_page+0x1b/0x110 [ 866.258475][ T3972] get_page_from_freelist+0x27ea/0x2870 [ 866.263852][ T3972] __alloc_pages+0x3a1/0x780 [ 866.268281][ T3972] alloc_slab_page+0x6c/0xf0 [ 866.272792][ T3972] new_slab+0x90/0x3e0 [ 866.276701][ T3972] ___slab_alloc+0x6f9/0xb80 [ 866.281125][ T3972] __slab_alloc+0x5d/0xa0 [ 866.285294][ T3972] __kmem_cache_alloc_node+0x1af/0x250 [ 866.290589][ T3972] __kmalloc_node_track_caller+0xa2/0x1e0 [ 866.296140][ T3972] kmemdup+0x29/0x60 [ 866.299872][ T3972] __devinet_sysctl_register+0xac/0x2a0 [ 866.305348][ T3972] devinet_sysctl_register+0x16a/0x1e0 [ 866.310637][ T3972] inetdev_init+0x2b4/0x4e0 [ 866.314980][ T3972] inetdev_event+0x205/0x1110 [ 866.319491][ T3972] raw_notifier_call_chain+0x8c/0xf0 [ 866.324734][ T3972] page last free stack trace: [ 866.329244][ T3972] free_unref_page_prepare+0x83d/0x850 [ 866.334534][ T3972] free_unref_page+0xb2/0x5c0 [ 866.339045][ T3972] __free_pages+0x61/0xf0 [ 866.343219][ T3972] __free_slab+0xce/0x1a0 [ 866.347378][ T3972] __unfreeze_partials+0x165/0x1a0 [ 866.352466][ T3972] put_cpu_partial+0xa9/0x100 [ 866.356991][ T3972] __slab_free+0x1c8/0x280 [ 866.361223][ T3972] ___cache_free+0xc6/0xd0 [ 866.365480][ T3972] qlist_free_all+0xc5/0x140 [ 866.369901][ T3972] kasan_quarantine_reduce+0x15a/0x180 [ 866.375196][ T3972] __kasan_slab_alloc+0x24/0x80 [ 866.379886][ T3972] slab_post_alloc_hook+0x53/0x2c0 [ 866.384828][ T3972] kmem_cache_alloc+0x175/0x2c0 [ 866.389585][ T3972] getname_flags+0xba/0x520 [ 866.393860][ T3972] user_path_at_empty+0x2d/0x1a0 [ 866.398632][ T3972] __x64_sys_umount+0xf0/0x170 [ 866.403244][ T3972] [ 866.405426][ T3972] Memory state around the buggy address: [ 866.410871][ T3972] ffff88813921eb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 866.418892][ T3972] ffff88813921ec00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb 2033/05/18 03:42:58 SYZFATAL: failed to send *flatrpc.ExecutorMessageRawT: write tcp 10.128.1.177:43604->10.128.0.163:30012: write: broken pipe [ 866.426772][ T3972] >ffff88813921ec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 866.434661][ T3972] ^ [ 866.441697][ T3972] ffff88813921ed00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 866.449593][ T3972] ffff88813921ed80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 866.457503][ T3972] ================================================================== [ 866.465482][ T3972] Disabling lock debugging due to kernel taint