last executing test programs: 3.141348734s ago: executing program 0 (id=5206): r0 = epoll_create1(0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) epoll_wait(r0, &(0x7f0000000000)=[{}], 0x300, 0x0) 3.08896768s ago: executing program 0 (id=5207): openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) io_setup(0x3, &(0x7f00000003c0)=0x0) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') io_submit(r0, 0x1, &(0x7f0000000140)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 3.025524388s ago: executing program 0 (id=5214): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000940)={0x0, 0x0, 0x0, 0xe, 0x0, "00120dd608f500001e2a000080c90a008000"}) ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, &(0x7f0000000040)=0xd) 3.015966739s ago: executing program 0 (id=5215): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020722500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='percpu_create_chunk\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 2.910525711s ago: executing program 0 (id=5216): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180100001700000000000000a54b0000850000007500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0}, 0x3) 2.910021021s ago: executing program 0 (id=5226): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b000111000000090400000195699b0009058b", @ANYRES32], 0x0) syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) 1.294065799s ago: executing program 4 (id=5255): sched_setscheduler(0x0, 0x1, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000000280), 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP") r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x41009432, &(0x7f00000001c0)) 1.252895124s ago: executing program 4 (id=5258): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f00000002c0)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) syz_emit_ethernet(0x2a, &(0x7f00000002c0)={@broadcast, @remote, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @link_local, @private=0xa010100, @random="57330377ba25", @dev={0xac, 0x14, 0x14, 0xff}}}}}, 0x0) 1.235344826s ago: executing program 4 (id=5260): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)={0x14, r1, 0x60b}, 0x14}}, 0x80) 1.225038807s ago: executing program 4 (id=5262): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000018000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='sys_enter\x00', r1}, 0x10) times(0x0) 1.207753179s ago: executing program 4 (id=5264): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) syz_mount_image$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, &(0x7f0000000240)='nolazytime') 1.154552295s ago: executing program 4 (id=5266): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000020000202505a1a44000000001010902440001010000000904000016020200000524ab"], 0x0) sched_setscheduler(0x0, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) 897.866735ms ago: executing program 1 (id=5272): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r0, &(0x7f0000000580)=ANY=[@ANYRESHEX=r0], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r0, 0x0) nanosleep(&(0x7f0000000000)={0x77359400}, 0x0) 897.702185ms ago: executing program 1 (id=5273): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) process_mrelease(0xffffffffffffffff, 0x0) 897.459395ms ago: executing program 1 (id=5274): bpf$ENABLE_STATS(0x20, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18020000000000800000000000000000850000004100000095000000000000004be98911ed523cf4451d51e400cbd30efbb0a73ceb2b050a456c3a6cfd127868ad3fe3f9a9b946c97f9fc091e4c3f4b0a0d7ed298717a480c48868162ff933958cb6a5265519fee4cb1b8b93f0b164770fd40c7a8060ce72beff7cda177e281ef0b7a1a97b2c8c5617bff8c9441a45fd951df19a9c6e933500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0xfffff000, 0xfe71, 0xffffffffffffff40, &(0x7f0000000080)="85d77444c5a569f1e21b08c0f264", 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x3b) 846.486031ms ago: executing program 1 (id=5275): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000080000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) r1 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119, 0x400}, &(0x7f0000000240), &(0x7f00000001c0)) io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0) 846.268751ms ago: executing program 1 (id=5276): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006, 0x0, 0x6, 0x3ff}]}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea018512babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7acbf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000005d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd353646000000000000000000002b0000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c30180000000000000c03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3e16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e2e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54ae54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db55474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1386f5800"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b40)={r1, 0x18000000000002a0, 0x26, 0x0, &(0x7f0000000100)="b9ff030711a5268c019e14f088a847e0ffff00124000631177fbac141416e000030a94029f03", 0x0, 0x10, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 845.765481ms ago: executing program 1 (id=5277): r0 = socket$inet(0x2, 0x2, 0x1) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000440)=0x1, 0x4) readv(r0, &(0x7f0000001580)=[{&(0x7f0000000100)=""/4, 0x4}], 0x1) sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000080)="00000095ad00", 0x6}], 0x2}, 0x0) 661.750612ms ago: executing program 3 (id=5282): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x8, 0xf, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) request_key(&(0x7f0000000180)='user\x00', &(0x7f0000000200)={'syz', 0x2}, &(0x7f0000000340)='fscrypt:', 0x0) 661.495272ms ago: executing program 3 (id=5283): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000fcffffff000000000000210085000000360000009500070000000000b83f3584230b8f5ec8921327291cf4880dd3a91af830f8a476ba1b51d4eb67103b000000000000000000000000000000640f9922d207e93470686f20ad"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r1, 0x1800000000000060, 0x0, 0x0, 0x0, 0x0, 0xc00d, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50) 661.208032ms ago: executing program 3 (id=5284): r0 = inotify_init1(0x0) creat(&(0x7f00000005c0)='./file0\x00', 0x0) inotify_add_watch(r0, &(0x7f0000000c00)='./file0\x00', 0x20000000) inotify_add_watch(r0, &(0x7f00000019c0)='./file0\x00', 0x20) 661.096972ms ago: executing program 3 (id=5285): r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r1) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) 614.385118ms ago: executing program 3 (id=5286): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000026c0)=@delchain={0x644, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}}, [@filter_kind_options=@f_route={{0xa}, {0x604, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0xa, 0xe}}, @TCA_ROUTE4_ACT={0x5f8, 0x6, [@m_simple={0x188, 0x1f, 0x0, 0x0, {{0xb}, {0x88, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x401, 0x2, 0x1, 0x2, 0x8}}, @TCA_DEF_DATA={0xd, 0x3, '@-^[\xa5&,.\x00'}, @TCA_DEF_DATA={0x7, 0x3, 'lo\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x0, 0x80000001, 0xfffffffffffffffe, 0x6, 0x2}}, @TCA_DEF_PARMS={0x18, 0x2, {0x401, 0x495, 0x20000000, 0xc9, 0x62c}}, @TCA_DEF_PARMS={0x18, 0x2, {0x6, 0x1, 0x10000000, 0x4, 0x8}}, @TCA_DEF_DATA={0xb, 0x3, 'j\xbf!*{$\x00'}]}, {0xd5, 0x6, "bb56072c27c5e2984fb9b39740c7dea2e6372a168bf1fdb8ecb6019c9f5db834fcaca18620641b7aab2922f69d2f9b062f5ec4be8a5a603fe7236ffd67f60e9e007b34e0f9cb58fc8855dae5289e4e856559f64bc5a1c5683263937fdd088e5f34874e0d2d2273a7a09810d9042b32fb69223c74e88c41fda5268c22a3107d32ee49d3a99665178abfde24d27a872b23ece9d09c9560070a6e3cca383ccb4d1a6d7c302ab3ee820e67d26e78f72566a2f9765698d783e6c14d8da6156473bc39143eaba66c1921f94f19f65bc88b127c0e"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_vlan={0x134, 0x3, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xb7e}]}, {0xf5, 0x6, "b4f5f8a000aed611d1e3ee1aaa84601c97299db7511af811242f5e599e70462ff947d7fce8171ca76d6272e5926e4bcc41c5f2a45eda585981ca0de6f00b6a83a630a32eb3d933702dde61376ab26952f74f090fb6858f97715363bfca363004ef43db3a48e84090d7517b700dc6a2a2f94e7329147f25670ca37779fb3bb34630b673bfa93845abd7c41a11e2c7d51cd033af07fdedab1b0a4fd3289168734a438364c97d0791494427d5c5c48b1f99b2933a263cfb4ca5c4ae41bb0d4ad806597b90b1569a91f0af9997eb0a37a98b616eeb9b0e0d88e3faa90e480ed36ed0731503f2a4bda6e9158fad7756a073b2ce"}, {0xc}, {0xc, 0x8, {0x3}}}}, @m_csum={0x104, 0x8, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffff800, 0xdd, 0x10000000, 0x4}, 0x2b}}]}, {0xb9, 0x6, "4c8530b4f61970da689c06a26312df6c492da62a443b3e60d222e666e87033e2acd998073932893a4243abe9e871015575017360a9830ecfb2232d104190c1680b2d7935db3e98eeb8fda548b5bb513959cfd9a3f35a136542121b41bf2eb5641dcf351162a085dc2dd873e5ec7b1fdb28b6602a6e7433e2f05c89ca536a736514819f81c14d1c7e4e62cd25c809a1b38716d82e2b023799c6fc2f08ae6e74a26bcce4f200ce8668bcfdb65e7787481db1ee75ef04"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_ife={0x84, 0x7, 0x0, 0x0, {{0x8}, {0x38, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @remote}, @TCA_IFE_SMAC={0xa, 0x4, @multicast}, @TCA_IFE_PARMS={0x1c, 0x1, {{0xffffffff, 0x1, 0xffffffffffffffff, 0x5, 0xfffffff2}}}]}, {0x25, 0x6, "3c4d628f307b84d62ea02c2a83d6801f55d9f79db5283d58343d431b68a6d23b01"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x5}}}}, @m_nat={0xfc, 0xc, 0x0, 0x0, {{0x8}, {0x4}, {0xd1, 0x6, "256c3eb62a3c42cccec027988ad7149d48e69552fccd245cb90ebe3ebe6f36a14b83b65bb651bed880b4bf769cb0b5b18dabcc7d7a108e10124a104ef74333b28537655fecc96352477fe91863d2bd9822da8b57752f8d22cb68e4c4a79e0bba55acd2df7f410043b083dc74a0d99332f2ace4931a9efd89f8b8628f63b4791715c76fbcd195be1b8852f5b1f1e7b1296b3dd78041c0da1131303d605504dce4f02686d6875be1f7027e6e45a30376aff6097249b0111683261e334758927ff3e22f0a847fd35c396b7a43571a"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_bpf={0x80, 0x1b, 0x0, 0x0, {{0x8}, {0x58, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x5}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x4, 0x3, 0x6, 0x4, 0x7}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x6, 0x7, 0x20000000, 0x0, 0x1}}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_OPS_LEN={0x6}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}, @m_connmark={0x34, 0x19, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x9d}}, @TCA_CHAIN={0x8, 0xb, 0x3}]}, 0x644}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x7e}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xb00}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 613.984078ms ago: executing program 3 (id=5287): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='uid_map\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}) madvise(&(0x7f0000569000/0x2000)=nil, 0x2000, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fd/3\x00') 91.272368ms ago: executing program 2 (id=5288): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$incfs(&(0x7f0000000100)='./file0\x00', &(0x7f0000000fc0)='./file0\x00', &(0x7f0000000200), 0x1, &(0x7f00000003c0)=ANY=[@ANYBLOB='readahead=18446744073709549568,r']) 74.140831ms ago: executing program 2 (id=5289): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@private2, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@rand_addr=' \x01\x00', 0x0, 0x32}, 0x0, @in=@multicast1}}, 0xe8) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@private2, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in6=@loopback, 0x0, 0x6c}}}, 0xe8) close(r0) 67.973151ms ago: executing program 2 (id=5290): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) time(0x0) 61.345872ms ago: executing program 2 (id=5291): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x3c, 0x2, {{0x800000, 0x0, 0xffffffff, 0x5, 0xa}, [@TCA_NETEM_RATE={0x14, 0x6, {0x7, 0x3, 0x0, 0x2}}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0x5, 0x57574410}}]}}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x90}, 0x0) 14.448207ms ago: executing program 2 (id=5292): open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x57c, &(0x7f00000013c0)="$eJzs3U1rG9caAOB3xnbifNxrB0K4t4tiyKIpaaTY7kcKXaTL0oYG2n0qbMUEy1Gw5BC7gSaLZtNNCYVSGijtvvsuQ/9Af0WgDYQSTLvoxmXkkaPEki078kei54Gxz5kZ+ZxXM+/xGY2EAuhbY9mPNOL/EfF1EjHSsm0w8o1jq/stP745lS1JrKx88mcSSb6uuX+S/z6SV/4XEb9+GXE6Xd9ubXFptlSplOfzejGSa8Xa4tKZK3OlmfJM+erE5OS5tyYn3n3n7Z7F+vrFv7/7+P4H5746ufztzw+P3U3ifBzNt7XG8RxutVbGYix/Tobi/DM7jvegsf0k2esOsC0DeZ4PRTYGjMRAnvVtrYzsZteAHfZFltZAn0rkP/Sp5jygeW3fo+vgF8aj91cvgNbHP7j62kgMN66NDi8nT10ZZde7oz1oP2vjlz/u3c2W6N3rEACbunU7Is4ODq4f/5J8/Nu+s13s82wbxj/YPfez+c8b7eY/6dr8J9rMf460yd3t2Dz/04c9aKajbP73Xtv579pNq9GBvPafxpxvKLl8pVLOxrb/RsSpGDqY1Te4n/NZuvxgpdPG1vlftmTtN+eCeT8eDh58+jHTpXrpuYJu8eh2xCtt57/J2vFP2hz/7Pm42GUbJ8r3Xu20bfP4d9bKjxGvtT3+T+5oZaVifa7T/cli43woNs+K9f66c+K3Tu3vdfzZ8T+8cfyjSev92trW2/hh+J9yp23bPf8PJJ82ygfydTdK9fr8eMSB5KP16yeePLZZb+6fxX/q5MbjX7vz/1CW2F3Gf+f4ndZdh7cW/87K4p/e0vHfeuHBh59/36n97o7/m43SqXxNN+Nftx18nucOAAAAAAAA9ps0Io5GkhbWymlaKKy+v+N4HE4r1Vr99OXqwtXpaHxWdjSG0uad7pGW90OM5++HbdYnnqlPRsSxiPhm4FCjXpiqVqb3OngAAAAAAAAAAAAAAAAAAADYJ45EDLf7/H/m94G97h2w4zb4ym/gJdc5//MtvfimJ2Bfas3/g3vYD2D3mf9D/+oi/9Pd6Aew+/z/h/4l/6F/yX/oX/If+tdW8v+nCzvYEQAAAAAAAAAAAAAAAAAAAAAAAAAAAHg5XLxwIVtWlh/fnMrq09cXF2ar189Ml2uzhbmFqcJUdf5aYaZanamUC1PVuc3+XqVavTY+EQs3ivVyrV6sLS5dmqsuXK1fujJXmilfKg/tSlQAAAAAAAAAAAAAAAAAAADwYqktLs2WKpXyvILCtgqD+6MbnQppfqLvl/68MIU9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMW/AQAA//+LGzah") 0s ago: executing program 2 (id=5293): bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x6, &(0x7f0000000480)=ANY=[@ANYBLOB="180200003f00ffff0000000000004000850000002c0000001800000004000000000000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x1400, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) kernel console output (not intermixed with test programs): 33][T10182] loop0: detected capacity change from 0 to 512 [ 174.153083][T10182] EXT4-fs: Ignoring removed mblk_io_submit option [ 174.157237][T10184] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4281'. [ 174.159506][T10182] EXT4-fs: Ignoring removed nomblk_io_submit option [ 174.175071][T10182] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 174.183650][T10182] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 174.202886][T10186] loop3: detected capacity change from 0 to 512 [ 174.210808][T10182] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 174.210858][T10186] EXT4-fs (loop3): orphan cleanup on readonly fs [ 174.225068][T10182] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.4280: Failed to acquire dquot type 1 [ 174.242150][T10182] EXT4-fs (loop0): 1 truncate cleaned up [ 174.247649][T10182] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 174.248762][T10186] EXT4-fs error (device loop3): ext4_find_extent:936: inode #4: comm syz.3.4282: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 174.273536][T10182] EXT4-fs (loop0): re-mounted. Quota mode: writeback. [ 174.280315][T10186] EXT4-fs warning (device loop3): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 174.294771][T10186] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 174.305544][T10186] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 174.305872][ T9630] EXT4-fs (loop0): unmounting filesystem. [ 174.326768][T10193] loop2: detected capacity change from 0 to 512 [ 174.338306][ T6821] EXT4-fs (loop3): unmounting filesystem. [ 174.351985][T10193] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 174.362043][T10201] loop3: detected capacity change from 0 to 512 [ 174.368208][T10193] ext4 filesystem being mounted at /304/file1 supports timestamps until 2038 (0x7fffffff) [ 174.378619][T10201] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 174.387988][T10201] EXT4-fs (loop3): ea_inode feature is not supported for Hurd [ 174.396285][ T6653] EXT4-fs (loop2): unmounting filesystem. [ 174.465120][T10215] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4293'. [ 174.485134][T10215] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4293'. [ 174.506635][T10215] bridge0: port 3(vlan2) entered blocking state [ 174.517416][T10215] bridge0: port 3(vlan2) entered disabled state [ 174.632415][T10207] loop2: detected capacity change from 0 to 40427 [ 174.644264][T10207] F2FS-fs (loop2): invalid crc value [ 174.652453][T10229] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 174.668333][T10207] F2FS-fs (loop2): Found nat_bits in checkpoint [ 174.702187][T10217] loop3: detected capacity change from 0 to 40427 [ 174.710120][T10217] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 174.713342][T10207] F2FS-fs (loop2): Start checkpoint disabled! [ 174.718910][T10217] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 174.725035][T10207] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 174.732608][T10234] netlink: 277 bytes leftover after parsing attributes in process `syz.1.4301'. [ 174.751155][T10207] syz.2.4288: attempt to access beyond end of device [ 174.751155][T10207] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 174.764850][T10207] syz.2.4288: attempt to access beyond end of device [ 174.764850][T10207] loop2: rw=2049, sector=45112, nr_sectors = 8 limit=40427 [ 174.780170][T10217] F2FS-fs (loop3): Found nat_bits in checkpoint [ 174.804975][T10241] loop1: detected capacity change from 0 to 1024 [ 174.816114][T10241] EXT4-fs: Ignoring removed orlov option [ 174.819151][ T1076] kworker/u4:4: attempt to access beyond end of device [ 174.819151][ T1076] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 174.822736][T10241] EXT4-fs (loop1): Test dummy encryption mode enabled [ 174.835482][ T1076] kworker/u4:4: attempt to access beyond end of device [ 174.835482][ T1076] loop2: rw=2049, sector=40984, nr_sectors = 8 limit=40427 [ 174.842522][T10217] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 174.862588][ T24] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 174.867926][T10241] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 174.869996][T10217] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 174.916096][ T5940] EXT4-fs (loop1): unmounting filesystem. [ 174.960648][T10249] loop2: detected capacity change from 0 to 512 [ 174.971352][T10249] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 174.980205][T10249] ext4 filesystem being mounted at /306/file0 supports timestamps until 2038 (0x7fffffff) [ 174.992741][T10249] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 12: comm syz.2.4304: path /306/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 175.014167][T10249] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 13: comm syz.2.4304: path /306/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 175.035500][T10249] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 14: comm syz.2.4304: path /306/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 175.056355][T10249] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 15: comm syz.2.4304: path /306/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 175.064374][T10258] loop3: detected capacity change from 0 to 16 [ 175.077304][T10249] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz.2.4304: path /306/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 175.084401][T10258] erofs: (device loop3): mounted with root inode @ nid 36. [ 175.103774][T10249] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 17: comm syz.2.4304: path /306/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 175.131758][T10249] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #2: block 18: comm syz.2.4304: lblock 23 mapped to illegal pblock 18 (length 1) [ 175.138222][T10261] loop3: detected capacity change from 0 to 512 [ 175.146593][T10249] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 19: comm syz.2.4304: path /306/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 175.172444][T10249] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 20: comm syz.2.4304: path /306/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 175.192772][ T24] usb 5-1: Using ep0 maxpacket: 8 [ 175.192987][T10249] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 21: comm syz.2.4304: path /306/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 175.199434][T10261] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 175.226587][T10261] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038 (0x7fffffff) [ 175.246934][ T6821] EXT4-fs (loop3): unmounting filesystem. [ 175.374924][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 175.385632][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 175.395172][ T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00 [ 175.404282][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.412847][ T24] usb 5-1: config 0 descriptor?? [ 175.864627][ T6653] EXT4-fs (loop2): unmounting filesystem. [ 175.900968][T10275] loop1: detected capacity change from 0 to 512 [ 175.921325][T10275] ext4 filesystem being mounted at /394/w5T)`)YFnA@T<3ڂ$rcnHwC" -8 supports timestamps until 2038 (0x7fffffff) [ 175.938551][ T24] logitech 0003:046D:C24F.0066: hidraw0: USB HID v0.00 Device [HID 046d:c24f] on usb-dummy_hcd.4-1/input0 [ 175.946345][T10275] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz.1.4315: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 175.950142][ T24] logitech 0003:046D:C24F.0066: no inputs found [ 175.992501][T10284] loop1: detected capacity change from 0 to 512 [ 175.998854][T10284] EXT4-fs: Ignoring removed nomblk_io_submit option [ 176.005923][T10288] loop2: detected capacity change from 0 to 16 [ 176.005954][T10284] EXT4-fs: old and new quota format mixing [ 176.012324][T10288] erofs: (device loop2): mounted with root inode @ nid 36. [ 176.161558][ T399] usb 5-1: USB disconnect, device number 46 [ 176.170006][T10306] loop3: detected capacity change from 0 to 512 [ 176.199481][T10306] ext4 filesystem being mounted at /312/w5T)`)YFnA@T<3ڂ$rcnHwC" -8 supports timestamps until 2038 (0x7fffffff) [ 176.206453][T10314] syz.1.4331[10314] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 176.216329][T10314] syz.1.4331[10314] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 176.218665][T10306] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz.3.4329: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 176.283969][T10318] loop3: detected capacity change from 0 to 512 [ 176.290341][T10318] EXT4-fs: Ignoring removed nomblk_io_submit option [ 176.297139][T10318] EXT4-fs: old and new quota format mixing [ 176.297683][ T28] kauditd_printk_skb: 57 callbacks suppressed [ 176.297695][ T28] audit: type=1326 audit(2000000001.824:1945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10321 comm="syz.1.4335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b39f7dff9 code=0x7ffc0000 [ 176.332545][ T28] audit: type=1326 audit(2000000001.842:1946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10321 comm="syz.1.4335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b39f7dff9 code=0x7ffc0000 [ 176.356216][ T28] audit: type=1326 audit(2000000001.842:1947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10321 comm="syz.1.4335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f7b39f7dff9 code=0x7ffc0000 [ 176.379647][ T28] audit: type=1326 audit(2000000001.842:1948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10321 comm="syz.1.4335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b39f7dff9 code=0x7ffc0000 [ 176.627221][T10334] loop1: detected capacity change from 0 to 128 [ 176.677902][T10338] loop2: detected capacity change from 0 to 512 [ 176.691411][T10338] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #16: comm syz.2.4343: iget: bad extended attribute block 128 [ 176.704049][T10338] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.4343: couldn't read orphan inode 16 (err -117) [ 176.716304][T10338] ext4 filesystem being mounted at /315/file1 supports timestamps until 2038 (0x7fffffff) [ 176.744551][T10338] EXT4-fs error (device loop2): ext4_search_dir:1548: inode #12: block 13: comm syz.2.4343: bad entry in directory: inode out of bounds - offset=24, inode=33554445, rec_len=16, size=4096 fake=0 [ 176.782581][T10338] Quota error (device loop2): do_check_range: Getting dqdh_entries 964 out of range 0-14 [ 176.786111][ T28] audit: type=1400 audit(2000000002.273:1949): avc: denied { link } for pid=10337 comm="syz.2.4343" name="file1" dev="loop2" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 176.792533][T10338] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 176.824592][T10338] EXT4-fs error (device loop2): ext4_acquire_dquot:6764: comm syz.2.4343: Failed to acquire dquot type 1 [ 176.835394][ T28] audit: type=1400 audit(2000000002.319:1950): avc: denied { getopt } for pid=10341 comm="syz.3.4344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 177.125906][T10396] loop1: detected capacity change from 0 to 1024 [ 177.132473][T10396] EXT4-fs: Ignoring removed orlov option [ 177.137989][T10396] EXT4-fs: Ignoring removed nomblk_io_submit option [ 177.233832][T10390] loop3: detected capacity change from 0 to 40427 [ 177.242391][T10390] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 177.252587][T10390] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 177.263586][T10390] F2FS-fs (loop3): Found nat_bits in checkpoint [ 177.307771][T10390] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 177.314666][T10390] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 177.469921][T10440] loop1: detected capacity change from 0 to 512 [ 177.477478][T10440] EXT4-fs (loop1): orphan cleanup on readonly fs [ 177.484908][T10440] EXT4-fs (loop1): 1 orphan inode deleted [ 177.707338][T10446] loop3: detected capacity change from 0 to 1024 [ 177.713850][T10446] EXT4-fs: Ignoring removed orlov option [ 177.719637][T10446] EXT4-fs (loop3): Test dummy encryption mode enabled [ 177.796858][T10455] futex_wake_op: syz.1.4405 tries to shift op by 32; fix this program [ 177.923470][T10468] loop3: detected capacity change from 0 to 256 [ 177.944952][T10468] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 178.009794][T10468] exFAT-fs (loop3): error, exfat_zeroed_cluster: out of range(sect:224 len:8) [ 178.029330][T10468] exFAT-fs (loop3): Filesystem has been set read-only [ 178.039598][T10420] loop2: detected capacity change from 0 to 131072 [ 178.055886][T10474] loop0: detected capacity change from 0 to 512 [ 178.071659][T10420] F2FS-fs (loop2): Found nat_bits in checkpoint [ 178.090731][T10474] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038 (0x7fffffff) [ 178.127343][T10420] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 178.139788][T10464] loop1: detected capacity change from 0 to 40427 [ 178.146091][ T19] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 178.162745][T10464] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 178.169037][T10464] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 178.170223][T10490] loop3: detected capacity change from 0 to 128 [ 178.216960][T10464] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 178.261850][T10464] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 178.268705][T10464] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 178.315866][T10500] syz.3.4411[10500] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 178.315938][T10500] syz.3.4411[10500] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 178.333620][ T5940] syz-executor: attempt to access beyond end of device [ 178.333620][ T5940] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 178.421760][ T19] usb 5-1: Using ep0 maxpacket: 16 [ 178.509151][T10517] loop1: detected capacity change from 0 to 256 [ 178.535290][T10521] loop0: detected capacity change from 0 to 1024 [ 178.541439][T10517] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 178.558007][T10521] EXT4-fs: Ignoring removed nobh option [ 178.559849][T10517] exFAT-fs (loop1): error, exfat_zeroed_cluster: out of range(sect:224 len:8) [ 178.572286][T10517] exFAT-fs (loop1): Filesystem has been set read-only [ 178.582200][ T19] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 178.593723][ T19] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 178.604384][T10521] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #11: comm syz.0.4417: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 178.623084][T10525] loop1: detected capacity change from 0 to 256 [ 178.629316][ T19] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 178.629514][T10525] exfat: Deprecated parameter 'utf8' [ 178.642386][T10525] exfat: Deprecated parameter 'utf8' [ 178.652697][T10525] exfat: Deprecated parameter 'utf8' [ 178.658312][T10521] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.4417: couldn't read orphan inode 11 (err -117) [ 178.674039][T10525] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 178.685921][ T60] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 178.693949][T10521] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.4417: Invalid block bitmap block 0 in block_group 0 [ 178.707753][ T19] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 178.719164][T10521] Quota error (device loop0): write_blk: dquota write failed [ 178.725356][ T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.728719][T10521] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 178.744141][T10521] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.4417: Failed to acquire dquot type 0 [ 178.756122][T10528] EXT4-fs error (device loop0): __ext4_get_inode_loc:4497: comm syz.0.4417: Invalid inode table block 8589934593 in block_group 0 [ 178.769654][T10461] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 178.786883][ T19] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 178.794677][ T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4497: comm kworker/u4:1: Invalid inode table block 8589934593 in block_group 0 [ 178.814842][T10536] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check. [ 178.933363][T10549] loop0: detected capacity change from 0 to 16 [ 178.942786][T10549] erofs: (device loop0): mounted with root inode @ nid 36. [ 178.950597][T10549] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 178.959985][T10549] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -23 in[64, 4032] out[1851] [ 178.981053][T10549] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 179.000528][T10557] loop0: detected capacity change from 0 to 256 [ 179.006799][T10557] exfat: Deprecated parameter 'utf8' [ 179.018909][T10557] exfat: Deprecated parameter 'utf8' [ 179.024290][ T19] cdc_acm 5-1:1.0: ttyACM0: USB ACM device [ 179.027596][T10557] exfat: Deprecated parameter 'utf8' [ 179.035180][ T19] usb 5-1: USB disconnect, device number 47 [ 179.052480][T10557] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 179.110009][T10568] loop0: detected capacity change from 0 to 512 [ 179.148380][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 179.164605][ T60] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 179.174402][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.192749][ T60] usb 4-1: config 0 descriptor?? [ 179.198760][T10568] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.4439: Failed to acquire dquot type 1 [ 179.224067][T10568] EXT4-fs (loop0): 1 truncate cleaned up [ 179.229589][T10568] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038 (0x7fffffff) [ 179.299396][T10572] loop0: detected capacity change from 0 to 512 [ 179.310138][T10572] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 179.326964][T10572] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 179.337596][T10572] System zones: 1-12 [ 179.343951][T10572] EXT4-fs (loop0): orphan cleanup on readonly fs [ 179.352024][T10572] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.4440: invalid indirect mapped block 12 (level 1) [ 179.394561][T10572] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.4440: invalid indirect mapped block 2 (level 2) [ 179.427829][T10572] EXT4-fs (loop0): 1 truncate cleaned up [ 179.603756][T10582] loop4: detected capacity change from 0 to 128 [ 179.715817][ T60] keytouch 0003:0926:3333.0067: fixing up Keytouch IEC report descriptor [ 179.727761][ T60] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0067/input/input70 [ 179.824285][ T60] keytouch 0003:0926:3333.0067: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0 [ 179.888687][T10596] loop0: detected capacity change from 0 to 128 [ 179.905843][T10596] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 179.920261][T10598] __nla_validate_parse: 1 callbacks suppressed [ 179.920278][T10598] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4451'. [ 179.950847][T10596] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 180.003523][T10602] loop4: detected capacity change from 0 to 128 [ 180.029449][T10606] incfs: Options parsing error. -22 [ 180.035555][T10602] ext4 filesystem being mounted at /30/mnt supports timestamps until 2038 (0x7fffffff) [ 180.057951][T10606] incfs: mount failed -22 [ 180.080441][T10602] fscrypt (loop4, inode 12): Unsupported encryption flags (0x99) [ 180.141803][T10611] netlink: 'syz.4.4456': attribute type 3 has an invalid length. [ 180.316972][T10626] loop4: detected capacity change from 0 to 256 [ 180.342729][T10626] FAT-fs (loop4): Directory bread(block 64) failed [ 180.353012][T10626] FAT-fs (loop4): Directory bread(block 65) failed [ 180.365706][T10626] FAT-fs (loop4): Directory bread(block 66) failed [ 180.378101][T10626] FAT-fs (loop4): Directory bread(block 67) failed [ 180.384452][T10626] FAT-fs (loop4): Directory bread(block 68) failed [ 180.398794][T10626] FAT-fs (loop4): Directory bread(block 69) failed [ 180.412765][T10626] FAT-fs (loop4): Directory bread(block 70) failed [ 180.419101][T10626] FAT-fs (loop4): Directory bread(block 71) failed [ 180.423446][ T24] usb 4-1: USB disconnect, device number 41 [ 180.430181][T10626] FAT-fs (loop4): Directory bread(block 72) failed [ 180.443753][T10626] FAT-fs (loop4): Directory bread(block 73) failed [ 180.586212][T10640] loop0: detected capacity change from 0 to 512 [ 180.623819][T10640] EXT4-fs (loop0): orphan cleanup on readonly fs [ 180.651151][T10640] EXT4-fs error (device loop0): ext4_find_extent:936: inode #4: comm syz.0.4469: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 180.692649][T10640] EXT4-fs warning (device loop0): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 180.730884][T10640] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 180.801196][T10646] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4471'. [ 180.905450][T10654] loop4: detected capacity change from 0 to 512 [ 180.950354][T10654] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 180.966193][T10654] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e028, mo2=0002] [ 180.990739][T10663] loop0: detected capacity change from 0 to 256 [ 180.998338][T10654] System zones: 0-1, 15-15, 18-18, 34-34 [ 181.004039][T10661] loop3: detected capacity change from 0 to 256 [ 181.012210][T10654] EXT4-fs (loop4): orphan cleanup on readonly fs [ 181.016982][T10661] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 181.030253][T10661] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 181.042333][T10654] EXT4-fs warning (device loop4): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 181.058511][T10661] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 181.062687][T10654] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 181.091525][T10654] EXT4-fs error (device loop4): ext4_orphan_get:1422: comm syz.4.4475: bad orphan inode 16 [ 181.101503][T10654] EXT4-fs (loop4): Remounting filesystem read-only [ 181.101519][T10654] ext4_test_bit(bit=15, block=18) = 1 [ 181.101531][T10654] is_bad_inode(inode)=0 [ 181.101537][T10654] NEXT_ORPHAN(inode)=0 [ 181.101552][T10654] max_ino=32 [ 181.101558][T10654] i_nlink=2 [ 181.158927][T10654] incfs: Can't find or create .index dir in ./file0 [ 181.158980][T10654] incfs: mount failed -30 [ 181.221032][T10677] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pid=10677 comm=syz.1.4485 [ 181.542940][T10682] loop4: detected capacity change from 0 to 40427 [ 181.550349][T10682] F2FS-fs (loop4): invalid crc value [ 181.570629][T10682] F2FS-fs (loop4): Found nat_bits in checkpoint [ 181.630147][T10682] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 181.641704][T10682] F2FS-fs (loop4): switch extent_cache option is not allowed [ 181.650730][ T28] kauditd_printk_skb: 9579 callbacks suppressed [ 181.650744][ T28] audit: type=1326 audit(2000000006.837:11498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10565 comm="syz.2.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8185b19959 code=0x7ffc0000 [ 181.683126][ T28] audit: type=1326 audit(2000000006.865:11499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10565 comm="syz.2.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8185b74fa7 code=0x7ffc0000 [ 181.739973][ T28] audit: type=1326 audit(2000000006.865:11500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10565 comm="syz.2.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8185b19959 code=0x7ffc0000 [ 181.781013][ T28] audit: type=1326 audit(2000000006.865:11501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10565 comm="syz.2.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8185b74fa7 code=0x7ffc0000 [ 181.826210][ T28] audit: type=1326 audit(2000000006.865:11502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10565 comm="syz.2.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8185b19959 code=0x7ffc0000 [ 181.858742][ T28] audit: type=1326 audit(2000000006.865:11503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10565 comm="syz.2.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8185b74fa7 code=0x7ffc0000 [ 181.894985][ T28] audit: type=1326 audit(2000000006.865:11504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10565 comm="syz.2.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8185b19959 code=0x7ffc0000 [ 181.918847][ T28] audit: type=1326 audit(2000000006.865:11505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10565 comm="syz.2.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8185b74fa7 code=0x7ffc0000 [ 181.949750][ T28] audit: type=1326 audit(2000000006.865:11506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10565 comm="syz.2.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8185b19959 code=0x7ffc0000 [ 181.987336][ T28] audit: type=1326 audit(2000000006.865:11507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10565 comm="syz.2.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8185b74fa7 code=0x7ffc0000 [ 182.031291][T10708] loop1: detected capacity change from 0 to 512 [ 182.041736][T10708] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 182.063075][T10708] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 182.074664][T10708] System zones: 1-12 [ 182.081180][T10708] EXT4-fs (loop1): orphan cleanup on readonly fs [ 182.099810][T10708] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.4508: invalid indirect mapped block 12 (level 1) [ 182.121899][T10708] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.4508: invalid indirect mapped block 2 (level 2) [ 182.147687][T10708] EXT4-fs (loop1): 1 truncate cleaned up [ 182.187319][T10716] loop4: detected capacity change from 0 to 512 [ 182.194448][T10718] loop1: detected capacity change from 0 to 128 [ 182.210141][T10718] ext4 filesystem being mounted at /454/mnt supports timestamps until 2038 (0x7fffffff) [ 182.237275][T10716] EXT4-fs (loop4): orphan cleanup on readonly fs [ 182.249694][T10716] EXT4-fs error (device loop4): ext4_find_extent:936: inode #4: comm syz.4.4499: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 182.281860][T10716] EXT4-fs warning (device loop4): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 182.282278][T10718] fscrypt (loop1, inode 12): Unsupported encryption flags (0x99) [ 182.304052][T10716] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 182.317502][T10729] loop3: detected capacity change from 0 to 512 [ 182.532824][T10753] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4517'. [ 182.609356][T10757] loop1: detected capacity change from 0 to 512 [ 182.639412][T10739] loop4: detected capacity change from 0 to 40427 [ 182.646302][T10739] F2FS-fs (loop4): fault_type options not supported [ 182.646405][T10757] EXT4-fs (loop1): orphan cleanup on readonly fs [ 182.653325][T10739] F2FS-fs (loop4): invalid crc value [ 182.664538][T10757] EXT4-fs error (device loop1): ext4_find_extent:936: inode #4: comm syz.1.4519: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 182.667288][T10742] loop3: detected capacity change from 0 to 40427 [ 182.681729][T10757] EXT4-fs warning (device loop1): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 182.688783][T10739] F2FS-fs (loop4): Found nat_bits in checkpoint [ 182.701902][T10757] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 182.708583][T10742] F2FS-fs (loop3): invalid crc value [ 182.721508][T10742] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 182.756487][T10742] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 182.766008][T10739] F2FS-fs (loop4): Start checkpoint disabled! [ 182.772484][T10739] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 182.803874][ T43] kworker/u4:2: attempt to access beyond end of device [ 182.803874][ T43] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 182.835376][T10762] loop3: detected capacity change from 0 to 128 [ 182.843390][T10762] ext4 filesystem being mounted at /344/mnt supports timestamps until 2038 (0x7fffffff) [ 182.853235][ T326] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 182.864390][T10762] fscrypt (loop3, inode 12): Unsupported encryption flags (0x99) [ 182.895472][T10769] loop3: detected capacity change from 0 to 512 [ 182.908002][T10769] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 182.915211][T10777] loop4: detected capacity change from 0 to 1024 [ 182.924675][T10777] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 182.928750][T10769] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 182.943778][T10769] System zones: 1-12 [ 182.947934][T10769] EXT4-fs (loop3): orphan cleanup on readonly fs [ 182.954592][T10769] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.4524: invalid indirect mapped block 12 (level 1) [ 182.963558][T10777] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #11: comm syz.4.4526: missing EA_INODE flag [ 182.968353][T10769] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.4524: invalid indirect mapped block 2 (level 2) [ 182.979313][T10777] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.4526: error while reading EA inode 11 err=-117 [ 182.993160][T10769] EXT4-fs (loop3): 1 truncate cleaned up [ 183.114896][ T326] usb 3-1: Using ep0 maxpacket: 16 [ 183.243208][ T326] usb 3-1: config 0 has no interfaces? [ 183.371755][T10819] netlink: 'syz.4.4545': attribute type 15 has an invalid length. [ 183.399207][T10824] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4547'. [ 183.408092][T10824] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4547'. [ 183.416987][ T326] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 183.433102][ T326] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.441673][T10826] loop4: detected capacity change from 0 to 16 [ 183.448186][ T326] usb 3-1: Product: syz [ 183.453134][ T326] usb 3-1: Manufacturer: syz [ 183.458192][ T326] usb 3-1: SerialNumber: syz [ 183.463085][T10826] erofs: (device loop4): mounted with root inode @ nid 36. [ 183.470847][ T326] r8152-cfgselector 3-1: config 0 descriptor?? [ 183.624547][T10802] loop1: detected capacity change from 0 to 131072 [ 183.633387][T10802] F2FS-fs (loop1): Found nat_bits in checkpoint [ 183.674436][T10802] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b [ 183.756386][ T326] r8152-cfgselector 3-1: Unknown version 0x0000 [ 183.972780][ T39] r8152-cfgselector 3-1: USB disconnect, device number 39 [ 183.998662][T10828] loop4: detected capacity change from 0 to 131072 [ 184.007240][T10828] F2FS-fs (loop4): Found nat_bits in checkpoint [ 184.030976][T10828] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 184.158927][T10849] loop4: detected capacity change from 0 to 256 [ 184.169806][T10849] FAT-fs (loop4): Directory bread(block 64) failed [ 184.176391][T10849] FAT-fs (loop4): Directory bread(block 65) failed [ 184.179458][T10853] loop3: detected capacity change from 0 to 1024 [ 184.182884][T10849] FAT-fs (loop4): Directory bread(block 66) failed [ 184.195811][T10849] FAT-fs (loop4): Directory bread(block 67) failed [ 184.202492][T10849] FAT-fs (loop4): Directory bread(block 68) failed [ 184.209125][T10849] FAT-fs (loop4): Directory bread(block 69) failed [ 184.215540][T10849] FAT-fs (loop4): Directory bread(block 70) failed [ 184.221994][T10849] FAT-fs (loop4): Directory bread(block 71) failed [ 184.228579][T10849] FAT-fs (loop4): Directory bread(block 72) failed [ 184.234903][T10849] FAT-fs (loop4): Directory bread(block 73) failed [ 184.237396][ T326] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 184.536769][ T19] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 184.643721][ T39] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 184.697209][ T326] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 184.708761][ T326] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 184.719694][ T326] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 184.729894][ T326] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.739100][ T326] usb 2-1: config 0 descriptor?? [ 184.783059][T10894] loop2: detected capacity change from 0 to 512 [ 184.793590][ T19] usb 5-1: Using ep0 maxpacket: 16 [ 184.795080][T10894] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 184.806364][T10894] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e028, mo2=0002] [ 184.814458][T10894] System zones: 0-1, 15-15, 18-18, 34-34 [ 184.820756][T10894] EXT4-fs (loop2): orphan cleanup on readonly fs [ 184.827016][T10894] EXT4-fs warning (device loop2): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 184.841532][T10894] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 184.848228][T10894] EXT4-fs error (device loop2): ext4_orphan_get:1422: comm syz.2.4575: bad orphan inode 16 [ 184.858256][T10894] EXT4-fs (loop2): Remounting filesystem read-only [ 184.864833][T10894] ext4_test_bit(bit=15, block=18) = 1 [ 184.871769][T10894] is_bad_inode(inode)=0 [ 184.875743][T10894] NEXT_ORPHAN(inode)=0 [ 184.879858][T10894] max_ino=32 [ 184.882942][T10894] i_nlink=2 [ 184.894703][T10894] incfs: Can't find or create .index dir in ./file0 [ 184.901188][T10894] incfs: mount failed -30 [ 184.921633][ T39] usb 4-1: Using ep0 maxpacket: 8 [ 184.921671][ T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 184.938265][ T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 184.948019][ T19] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 184.967475][ T19] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 184.985901][ T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.005414][ T19] usb 5-1: config 0 descriptor?? [ 185.050888][T10919] loop2: detected capacity change from 0 to 256 [ 185.059031][T10919] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104b5, chksum : 0x72e3a6c8, utbl_chksum : 0xe619d30d) [ 185.082051][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 185.097653][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 185.107774][ T39] usb 4-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00 [ 185.126969][ T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.135674][ T39] usb 4-1: config 0 descriptor?? [ 185.179908][T10931] tap0: tun_chr_ioctl cmd 1074025678 [ 185.185058][T10931] tap0: group set to 0 [ 185.251765][T10933] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4593'. [ 185.261912][ T326] hid-led 0003:1D34:000A.0068: unknown main item tag 0x0 [ 185.269059][T10933] device bridge_slave_1 left promiscuous mode [ 185.275351][T10933] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.282734][T10933] device bridge_slave_0 left promiscuous mode [ 185.289350][T10933] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.403780][T10911] loop0: detected capacity change from 0 to 131072 [ 185.412424][T10911] F2FS-fs (loop0): Found nat_bits in checkpoint [ 185.446238][T10911] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 185.488731][ T326] hid-led 0003:1D34:000A.0068: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.1-1/input0 [ 185.500640][ T326] hid-led 0003:1D34:000A.0068: Dream Cheeky Webmail Notifier initialized [ 185.529346][ T19] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0069/input/input71 [ 185.616360][T10953] netlink: 'syz.0.4596': attribute type 7 has an invalid length. [ 185.660140][T10961] loop2: detected capacity change from 0 to 512 [ 185.660533][ T39] logitech 0003:046D:C24F.006A: hidraw2: USB HID v0.00 Device [HID 046d:c24f] on usb-dummy_hcd.3-1/input0 [ 185.666400][T10961] EXT4-fs: Ignoring removed mblk_io_submit option [ 185.691647][ T39] logitech 0003:046D:C24F.006A: no inputs found [ 185.743440][ T19] microsoft 0003:045E:07DA.0069: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 185.756393][T10961] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz.2.4604: inline data xattr refers to an external xattr inode [ 185.773470][ T19] usb 5-1: USB disconnect, device number 48 [ 185.779953][ T1863] usb 2-1: USB disconnect, device number 37 [ 185.791483][T10961] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.4604: couldn't read orphan inode 12 (err -117) [ 185.890368][ T39] usb 4-1: USB disconnect, device number 42 [ 186.061232][T10959] loop0: detected capacity change from 0 to 131072 [ 186.068063][T10959] F2FS-fs (loop0): Wrong CP boundary, start(512) end(198144) blocks(1024) [ 186.076443][T10959] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 186.084815][T10959] F2FS-fs (loop0): invalid crc value [ 186.091446][T10959] F2FS-fs (loop0): Found nat_bits in checkpoint [ 186.114995][T10959] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 186.121899][T10959] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 186.331263][T10979] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4605'. [ 186.340614][T10979] device bridge_slave_1 left promiscuous mode [ 186.346828][T10979] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.355629][T10979] device bridge_slave_0 left promiscuous mode [ 186.362904][T10979] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.431121][T10993] loop4: detected capacity change from 0 to 256 [ 186.451537][T10996] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4619'. [ 186.469800][T10993] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010253, chksum : 0xa98551aa, utbl_chksum : 0xe619d30d) [ 186.553403][T11004] loop0: detected capacity change from 0 to 256 [ 186.565893][T11004] FAT-fs (loop0): Directory bread(block 64) failed [ 186.572364][T11004] FAT-fs (loop0): Directory bread(block 65) failed [ 186.580025][T11004] FAT-fs (loop0): Directory bread(block 66) failed [ 186.586548][T11004] FAT-fs (loop0): Directory bread(block 67) failed [ 186.593167][T11004] FAT-fs (loop0): Directory bread(block 68) failed [ 186.599543][T11004] FAT-fs (loop0): Directory bread(block 69) failed [ 186.606182][T11004] FAT-fs (loop0): Directory bread(block 70) failed [ 186.612710][T11004] FAT-fs (loop0): Directory bread(block 71) failed [ 186.619995][T11004] FAT-fs (loop0): Directory bread(block 72) failed [ 186.628390][T11004] FAT-fs (loop0): Directory bread(block 73) failed [ 186.636183][T11008] netlink: 'syz.3.4624': attribute type 8 has an invalid length. [ 186.646078][T11008] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4624'. [ 186.748109][T10970] loop2: detected capacity change from 0 to 131072 [ 186.756397][T11020] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4639'. [ 186.757756][T10970] F2FS-fs (loop2): Found nat_bits in checkpoint [ 186.788272][T10970] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b [ 186.829774][T11030] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4633'. [ 186.964077][T11046] netlink: 76 bytes leftover after parsing attributes in process `syz.3.4640'. [ 186.977377][T11048] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4651'. [ 186.986126][T11048] device syz_tun left promiscuous mode [ 186.991418][T11048] bridge0: port 3(syz_tun) entered disabled state [ 186.998063][T11048] device bridge_slave_1 left promiscuous mode [ 187.003964][T11048] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.011259][T11048] device bridge_slave_0 left promiscuous mode [ 187.017367][T11048] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.097843][T11058] loop1: detected capacity change from 0 to 512 [ 187.129591][T11062] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4646'. [ 187.148198][T11064] loop1: detected capacity change from 0 to 128 [ 187.155845][T11064] ext4 filesystem being mounted at /487/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 187.198748][ T1863] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 187.348476][ T9739] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 187.378691][ T28] kauditd_printk_skb: 1161 callbacks suppressed [ 187.378706][ T28] audit: type=1400 audit(2000000012.188:12666): avc: denied { ioctl } for pid=11078 comm="syz.1.4657" path="socket:[57774]" dev="sockfs" ino=57774 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 187.465986][ T1863] usb 3-1: Using ep0 maxpacket: 8 [ 187.537719][T11056] loop3: detected capacity change from 0 to 131072 [ 187.546197][T11056] F2FS-fs (loop3): Found nat_bits in checkpoint [ 187.568879][T11056] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b [ 187.605041][ T1863] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 187.615801][ T1863] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 187.625276][ T1863] usb 3-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00 [ 187.634295][ T1863] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.642735][ T1863] usb 3-1: config 0 descriptor?? [ 187.776067][ T9739] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 187.786945][ T9739] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 187.795797][ T9739] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.804116][ T9739] usb 5-1: config 0 descriptor?? [ 187.808906][ T19] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 187.979137][ T39] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 188.075397][ T19] usb 2-1: Using ep0 maxpacket: 16 [ 188.161697][ T1863] logitech 0003:046D:C24F.006B: hidraw0: USB HID v0.00 Device [HID 046d:c24f] on usb-dummy_hcd.2-1/input0 [ 188.172822][ T1863] logitech 0003:046D:C24F.006B: no inputs found [ 188.235741][ T39] usb 4-1: Using ep0 maxpacket: 16 [ 188.235752][ T19] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 188.235770][ T19] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 188.259107][ T19] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 188.300238][ T9739] keytouch 0003:0926:3333.006C: fixing up Keytouch IEC report descriptor [ 188.309272][ T9739] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.006C/input/input72 [ 188.364024][ T39] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 188.371867][ T39] usb 4-1: config 0 has no interface number 0 [ 188.377971][ T39] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.381334][ T312] usb 3-1: USB disconnect, device number 40 [ 188.389017][ T39] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 188.396454][ T9739] keytouch 0003:0926:3333.006C: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0 [ 188.404156][ T39] usb 4-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 188.424594][ T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.432877][ T39] usb 4-1: config 0 descriptor?? [ 188.460301][ T19] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 188.469175][ T19] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.477387][ T19] usb 2-1: Product: syz [ 188.481352][ T19] usb 2-1: Manufacturer: syz [ 188.485800][ T19] usb 2-1: SerialNumber: syz [ 188.556545][ C0] keyboard: can't emulate rawmode for keycode 240 [ 188.609940][ C0] keyboard: can't emulate rawmode for keycode 240 [ 188.616223][ C0] keyboard: can't emulate rawmode for keycode 240 [ 188.642027][ C0] keyboard: can't emulate rawmode for keycode 240 [ 188.648301][ C0] keyboard: can't emulate rawmode for keycode 240 [ 188.654511][ C0] keyboard: can't emulate rawmode for keycode 240 [ 188.674085][ C0] keyboard: can't emulate rawmode for keycode 240 [ 188.680358][ C0] keyboard: can't emulate rawmode for keycode 240 [ 188.686574][ C0] keyboard: can't emulate rawmode for keycode 240 [ 188.965105][T11102] SELinux: syz.2.4665 (11102) set checkreqprot to 1. This is deprecated and will be rejected in a future kernel release. [ 188.977538][T11102] SELinux: https://github.com/SELinuxProject/selinux-kernel/wiki/DEPRECATE-checkreqprot [ 188.987219][ T19] usb 2-1: 0:2 : does not exist [ 189.050677][ T312] usb 5-1: USB disconnect, device number 49 [ 189.177314][ T39] input: HID 28bd:0071 Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:28BD:0071.006D/input/input73 [ 189.189659][ T39] input: HID 28bd:0071 Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:28BD:0071.006D/input/input74 [ 189.202292][ T39] uclogic 0003:28BD:0071.006D: input,hiddev96,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.3-1/input1 [ 189.407590][ T39] usb 4-1: USB disconnect, device number 43 [ 189.690747][ T19] usb 2-1: USB disconnect, device number 38 [ 189.937073][T11139] loop4: detected capacity change from 0 to 40427 [ 189.943671][T11139] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 189.951382][T11139] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 189.960584][T11139] F2FS-fs (loop4): invalid crc value [ 189.964566][T11142] loop3: detected capacity change from 0 to 512 [ 189.972906][T11142] EXT4-fs (loop3): Test dummy encryption mode enabled [ 189.980880][T11139] F2FS-fs (loop4): Found nat_bits in checkpoint [ 189.995507][T11142] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.4683: invalid block [ 190.008662][T11142] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.4683: couldn't read orphan inode 11 (err -117) [ 190.035330][T11155] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 190.051174][T11139] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 190.059269][T11139] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 190.064698][T11158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4688'. [ 190.119315][T11164] loop3: detected capacity change from 0 to 256 [ 190.128308][ T9689] syz-executor: attempt to access beyond end of device [ 190.128308][ T9689] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 190.144268][T11164] FAT-fs (loop3): Directory bread(block 64) failed [ 190.159729][T11164] FAT-fs (loop3): Directory bread(block 65) failed [ 190.172693][T11164] FAT-fs (loop3): Directory bread(block 66) failed [ 190.179153][T11164] FAT-fs (loop3): Directory bread(block 67) failed [ 190.185578][T11164] FAT-fs (loop3): Directory bread(block 68) failed [ 190.191867][T11164] FAT-fs (loop3): Directory bread(block 69) failed [ 190.198253][T11164] FAT-fs (loop3): Directory bread(block 70) failed [ 190.204581][T11164] FAT-fs (loop3): Directory bread(block 71) failed [ 190.210951][T11164] FAT-fs (loop3): Directory bread(block 72) failed [ 190.217376][T11164] FAT-fs (loop3): Directory bread(block 73) failed [ 190.304330][T11172] loop3: detected capacity change from 0 to 16 [ 190.318653][T11172] erofs: (device loop3): mounted with root inode @ nid 36. [ 190.370246][T11187] netlink: 312 bytes leftover after parsing attributes in process `syz.4.4702'. [ 192.523357][T11270] loop4: detected capacity change from 0 to 1024 [ 192.530412][T11270] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 192.556655][T11270] EXT4-fs mount: 50 callbacks suppressed [ 192.556670][T11270] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 192.604346][ T9689] EXT4-fs (loop4): unmounting filesystem. [ 192.811302][ T19] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 193.367242][ T19] usb 4-1: New USB device found, idVendor=0f19, idProduct=0105, bcdDevice= 1.00 [ 193.376080][ T19] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 193.383914][ T19] usb 4-1: Product: syz [ 193.387885][ T19] usb 4-1: Manufacturer: syz [ 193.392340][ T19] usb 4-1: SerialNumber: syz [ 193.397150][ T19] usb 4-1: config 0 descriptor?? [ 193.442286][ T19] usb-storage 4-1:0.0: USB Mass Storage device detected [ 193.449465][ T19] usb-storage 4-1:0.0: Quirks match for vid 0f19 pid 0105: 20 [ 193.656900][ T19] usb 4-1: USB disconnect, device number 44 [ 194.419215][T11305] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=514 sclass=netlink_route_socket pid=11305 comm=syz.2.4755 [ 194.474948][T11317] tap0: tun_chr_ioctl cmd 1074025678 [ 194.483663][T11315] loop1: detected capacity change from 0 to 512 [ 194.493989][T11317] tap0: group set to 0 [ 194.505240][T11315] EXT4-fs (loop1): Test dummy encryption mode enabled [ 194.539161][T11315] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.4761: invalid block [ 194.564691][T11315] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.4761: couldn't read orphan inode 11 (err -117) [ 194.576489][T11315] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 195.665672][ T19] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 195.717984][ T5940] EXT4-fs (loop1): unmounting filesystem. [ 195.750092][T11348] loop3: detected capacity change from 0 to 256 [ 195.758364][T11348] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 195.797387][T11354] loop0: detected capacity change from 0 to 1024 [ 195.835594][T11354] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 195.843978][T11354] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038 (0x7fffffff) [ 195.857122][T11354] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.4779: bg 0: block 273: padding at end of block bitmap is not set [ 195.877452][ T9630] EXT4-fs (loop0): unmounting filesystem. [ 196.032867][T11356] loop3: detected capacity change from 0 to 40427 [ 196.050690][T11356] F2FS-fs (loop3): heap/no_heap options were deprecated [ 196.060833][T11356] F2FS-fs (loop3): invalid crc value [ 196.071962][ T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.083456][T11356] F2FS-fs (loop3): Found nat_bits in checkpoint [ 196.104455][ T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 196.112394][T11381] loop4: detected capacity change from 0 to 40427 [ 196.114011][ T19] usb 3-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.00 [ 196.120804][T11381] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 196.135364][T11381] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 196.157414][ T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.160201][T11356] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 196.173154][ T19] usb 3-1: config 0 descriptor?? [ 196.179032][T11381] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 196.194144][ T6821] syz-executor: attempt to access beyond end of device [ 196.194144][ T6821] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 196.212814][T11381] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 196.219689][T11381] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 196.320986][T11383] loop0: detected capacity change from 0 to 40427 [ 196.330567][T11383] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 196.338666][T11383] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 196.347521][ T28] kauditd_printk_skb: 21 callbacks suppressed [ 196.347535][ T28] audit: type=1400 audit(2000000020.578:12669): avc: denied { ioctl } for pid=11390 comm="syz.4.4793" path="/dev/usbmon5" dev="devtmpfs" ino=154 ioctlcmd=0x9201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 196.382221][T11383] F2FS-fs (loop0): invalid crc value [ 196.406581][T11383] F2FS-fs (loop0): Found nat_bits in checkpoint [ 196.459522][T11383] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 196.466419][T11383] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 196.563340][T11397] loop3: detected capacity change from 0 to 40427 [ 196.570146][T11397] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 196.577750][T11397] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 196.586896][T11397] F2FS-fs (loop3): invalid crc value [ 196.590901][T11416] loop0: detected capacity change from 0 to 1024 [ 196.593172][T11397] F2FS-fs (loop3): Found nat_bits in checkpoint [ 196.598967][T11416] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 196.618478][T11416] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 196.638826][T11397] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 196.644634][T11424] loop1: detected capacity change from 0 to 1024 [ 196.645750][T11397] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 196.653634][T11424] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #11: comm syz.1.4803: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 196.678042][T11424] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.4803: couldn't read orphan inode 11 (err -117) [ 196.691413][T11424] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 196.701146][ T6821] syz-executor: attempt to access beyond end of device [ 196.701146][ T6821] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 196.711461][T11424] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:477: comm syz.1.4803: Invalid block bitmap block 0 in block_group 0 [ 196.715973][ T19] apple 0003:05AC:0262.006E: unbalanced delimiter at end of report description [ 196.728323][ T39] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 196.744726][T11424] Quota error (device loop1): write_blk: dquota write failed [ 196.745098][ T19] apple 0003:05AC:0262.006E: parse failed [ 196.752068][T11424] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 196.759874][ T9630] EXT4-fs (loop0): unmounting filesystem. [ 196.768477][T11424] EXT4-fs error (device loop1): ext4_acquire_dquot:6764: comm syz.1.4803: Failed to acquire dquot type 0 [ 196.777501][ T19] apple: probe of 0003:05AC:0262.006E failed with error -22 [ 196.810435][ T5940] EXT4-fs (loop1): unmounting filesystem. [ 196.817261][ T1102] Quota error (device loop1): do_check_range: Getting block 0 out of range 1-8 [ 196.826304][ T1102] EXT4-fs error (device loop1): ext4_release_dquot:6787: comm kworker/u4:5: Failed to release dquot type 0 [ 196.843640][T11431] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 196.868596][T11433] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4807'. [ 196.980674][ T39] usb 5-1: Using ep0 maxpacket: 16 [ 196.987139][T11458] loop3: detected capacity change from 0 to 512 [ 196.993578][T11458] ext4: Unknown parameter 'fowner<00000000000000000000' [ 197.003822][ T326] usb 3-1: USB disconnect, device number 41 [ 197.078347][T11451] loop0: detected capacity change from 0 to 40427 [ 197.084988][T11451] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 197.092548][T11451] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 197.101541][T11451] F2FS-fs (loop0): invalid crc value [ 197.107754][T11451] F2FS-fs (loop0): Found nat_bits in checkpoint [ 197.108964][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 197.124818][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 197.134497][ T39] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 197.142866][T11451] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 197.143591][ T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.150256][T11451] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 197.158749][ T39] usb 5-1: config 0 descriptor?? [ 197.182138][ T9630] syz-executor: attempt to access beyond end of device [ 197.182138][ T9630] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 197.430756][T11406] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 197.440405][T11406] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 198.819742][ T39] hid (null): bogus close delimiter [ 198.825120][ T39] hid (null): invalid report_size 59136 [ 198.832108][ T39] hid (null): report_id 48035 is invalid [ 198.839119][ T39] hid-generic 0003:0158:0100.006F: unknown main item tag 0x0 [ 198.846566][ T39] hid-generic 0003:0158:0100.006F: unknown main item tag 0x0 [ 198.853964][ T39] hid-generic 0003:0158:0100.006F: bogus close delimiter [ 198.860845][ T39] hid-generic 0003:0158:0100.006F: item 0 0 2 10 parsing failed [ 198.868687][ T39] hid-generic: probe of 0003:0158:0100.006F failed with error -22 [ 198.894480][T11497] loop2: detected capacity change from 0 to 40427 [ 198.901072][T11497] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 198.908625][T11497] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 198.937273][T11497] F2FS-fs (loop2): invalid crc value [ 198.943500][T11497] F2FS-fs (loop2): Found nat_bits in checkpoint [ 198.966812][T11497] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 198.973723][T11497] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 198.996349][ T6653] syz-executor: attempt to access beyond end of device [ 198.996349][ T6653] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 199.025065][T11530] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4846'. [ 199.035589][T11530] device sit1 entered promiscuous mode [ 199.048245][ T312] usb 5-1: USB disconnect, device number 50 [ 199.113472][T11542] netlink: 'syz.3.4852': attribute type 10 has an invalid length. [ 199.122536][T11542] device veth1_macvtap left promiscuous mode [ 199.149411][T11547] loop0: detected capacity change from 0 to 512 [ 199.174101][T11547] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 199.183011][T11547] ext4 filesystem being mounted at /133/file0 supports timestamps until 2038 (0x7fffffff) [ 199.203022][ T28] audit: type=1400 audit(2000000023.244:12670): avc: denied { unlink } for pid=9630 comm="syz-executor" name="file1" dev="loop0" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 199.226671][ T9630] EXT4-fs (loop0): unmounting filesystem. [ 199.247433][T11562] loop0: detected capacity change from 0 to 512 [ 199.253904][T11562] ext4: Unknown parameter 'fowner<00000000000000000000' [ 199.307397][T11567] syz.0.4862[11567] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 199.307442][T11567] syz.0.4862[11567] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 199.333017][T11572] loop2: detected capacity change from 0 to 128 [ 199.359443][ T28] audit: type=1400 audit(2000000023.394:12671): avc: denied { watch } for pid=11574 comm="syz.0.4866" path="/138/file0" dev="tmpfs" ino=754 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 199.388905][T11572] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 199.397673][T11572] ext4 filesystem being mounted at /390/mnt supports timestamps until 2038 (0x7fffffff) [ 199.410762][T11572] fscrypt (loop2, inode 12): Unsupported encryption flags (0x10) [ 199.426998][ T6653] EXT4-fs (loop2): unmounting filesystem. [ 199.432551][ T39] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 199.506791][T11597] loop0: detected capacity change from 0 to 512 [ 199.515889][T11597] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 199.523295][T11603] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4877'. [ 199.524768][T11597] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038 (0x7fffffff) [ 199.541074][T11605] syz.2.4878[11605] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 199.543089][T11605] syz.2.4878[11605] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 199.548438][T11597] EXT4-fs (loop0): re-mounted. Quota mode: writeback. [ 199.583702][ T9630] EXT4-fs error (device loop0): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /144/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 199.634324][T11611] loop1: detected capacity change from 0 to 2048 [ 199.679468][T11611] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 199.717228][ T28] audit: type=1400 audit(2000000023.731:12672): avc: denied { read } for pid=11620 comm="syz.2.4886" name="file0" dev="tmpfs" ino=2085 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 199.765313][ T5940] EXT4-fs (loop1): unmounting filesystem. [ 199.809286][ T28] audit: type=1400 audit(2000000023.815:12673): avc: denied { bind } for pid=11630 comm="syz.2.4891" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 199.845848][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 199.868580][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 199.887372][T11618] loop4: detected capacity change from 0 to 40427 [ 199.888595][ T39] usb 4-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00 [ 199.902734][ T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.905366][T11618] F2FS-fs (loop4): heap/no_heap options were deprecated [ 199.917960][ T39] usb 4-1: config 0 descriptor?? [ 199.923738][T11618] F2FS-fs (loop4): invalid crc value [ 199.932893][T11618] F2FS-fs (loop4): Found nat_bits in checkpoint [ 199.947712][T11639] loop1: detected capacity change from 0 to 512 [ 199.974529][T11639] EXT4-fs error (device loop1): __ext4_fill_super:5386: inode #2: comm syz.1.4903: casefold flag without casefold feature [ 199.983046][ T28] audit: type=1400 audit(2000000023.974:12674): avc: denied { map } for pid=11643 comm="syz.2.4895" path="/dev/ashmem" dev="devtmpfs" ino=177 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 199.996184][T11639] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 200.019283][T11618] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 200.038803][T11639] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 200.047782][ T9689] syz-executor: attempt to access beyond end of device [ 200.047782][ T9689] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 200.073454][ T28] audit: type=1400 audit(2000000024.067:12675): avc: denied { create } for pid=11638 comm="syz.1.4903" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1 [ 200.118225][ T5940] EXT4-fs (loop1): unmounting filesystem. [ 200.141161][T11649] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4898'. [ 200.209393][T11659] netlink: 'syz.2.4902': attribute type 4 has an invalid length. [ 200.227722][T11659] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.4902'. [ 200.275484][T11665] loop2: detected capacity change from 0 to 1024 [ 200.314916][T11665] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 200.326858][T11665] ext4 filesystem being mounted at /409/file1 supports timestamps until 2038 (0x7fffffff) [ 200.350478][T11665] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.4906: bg 0: block 273: padding at end of block bitmap is not set [ 200.392620][ T6653] EXT4-fs (loop2): unmounting filesystem. [ 200.434914][ T39] uclogic 0003:5543:0005.0070: unknown main item tag 0x0 [ 200.441775][ T39] uclogic 0003:5543:0005.0070: unknown main item tag 0x0 [ 200.455610][T11671] bridge0: port 1(syz_tun) entered blocking state [ 200.472625][T11671] bridge0: port 1(syz_tun) entered disabled state [ 200.479169][ T39] uclogic 0003:5543:0005.0070: No inputs registered, leaving [ 200.487189][T11671] device syz_tun entered promiscuous mode [ 200.493381][ T39] uclogic 0003:5543:0005.0070: hidraw0: USB HID v0.00 Device [HID 5543:0005] on usb-dummy_hcd.3-1/input0 [ 200.507456][T11661] loop4: detected capacity change from 0 to 40427 [ 200.519577][T11661] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 200.528516][T11661] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 200.551958][T11661] F2FS-fs (loop4): invalid crc value [ 200.573379][T11661] F2FS-fs (loop4): Found nat_bits in checkpoint [ 200.657462][ T39] usb 4-1: USB disconnect, device number 45 [ 200.669339][T11661] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 200.676196][T11661] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 200.762542][T11673] loop2: detected capacity change from 0 to 40427 [ 200.784366][T11673] F2FS-fs (loop2): heap/no_heap options were deprecated [ 200.795292][T11673] F2FS-fs (loop2): invalid crc value [ 200.813727][T11673] F2FS-fs (loop2): Found nat_bits in checkpoint [ 200.903367][T11673] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 200.947508][ T6653] syz-executor: attempt to access beyond end of device [ 200.947508][ T6653] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 200.981407][T11686] loop1: detected capacity change from 0 to 512 [ 201.043758][T11686] EXT4-fs (loop1): 1 orphan inode deleted [ 201.049435][T11686] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 201.069075][T11686] ext4 filesystem being mounted at /543/file1 supports timestamps until 2038 (0x7fffffff) [ 201.107947][ T5940] EXT4-fs (loop1): unmounting filesystem. [ 201.171688][T11705] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4919'. [ 201.218616][T11712] loop4: detected capacity change from 0 to 128 [ 201.244825][T11712] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 201.253574][T11712] ext4 filesystem being mounted at /134/mnt supports timestamps until 2038 (0x7fffffff) [ 201.274769][ T9689] EXT4-fs (loop4): unmounting filesystem. [ 201.292728][T11725] netlink: 'syz.4.4928': attribute type 10 has an invalid length. [ 201.305202][T11725] device veth1_macvtap left promiscuous mode [ 201.337498][T11735] loop4: detected capacity change from 0 to 512 [ 201.345975][T11735] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 201.358907][T11735] EXT4-fs (loop4): 1 truncate cleaned up [ 201.359345][T11740] input: syz0 as /devices/virtual/input/input75 [ 201.364410][T11735] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 201.379491][ T9689] EXT4-fs (loop4): unmounting filesystem. [ 201.394473][T11742] sch_fq: defrate 0 ignored. [ 201.411161][T11746] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4939'. [ 201.421712][T11746] device sit1 entered promiscuous mode [ 201.449309][ T312] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 201.485713][T11750] loop4: detected capacity change from 0 to 512 [ 201.493285][T11750] EXT4-fs error (device loop4): __ext4_fill_super:5386: inode #2: comm syz.4.4941: casefold flag without casefold feature [ 201.506026][T11750] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 201.515788][T11750] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 201.533151][ T9689] EXT4-fs (loop4): unmounting filesystem. [ 201.641717][ T9739] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 201.705858][ T312] usb 2-1: Using ep0 maxpacket: 32 [ 201.716566][ T19] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 201.834170][ T60] usb 5-1: new high-speed USB device number 51 using dummy_hcd [ 201.841645][ T312] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 201.852758][ T312] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 201.862488][ T312] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 201.871573][ T312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.880171][ T312] usb 2-1: config 0 descriptor?? [ 201.920201][ T312] hub 2-1:0.0: USB hub found [ 201.973116][ T19] usb 4-1: Using ep0 maxpacket: 16 [ 202.026623][ T9739] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 202.037486][ T9739] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 202.047237][ T9739] usb 3-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00 [ 202.057315][ T9739] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.065968][ T9739] usb 3-1: config 0 descriptor?? [ 202.112756][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 202.123571][ T19] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 202.138243][ T60] usb 5-1: too many configurations: 65, using maximum allowed: 8 [ 202.146009][ T19] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 202.155595][ T312] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 202.164038][ T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.172540][ T19] usb 4-1: config 0 descriptor?? [ 202.486331][ T312] usbhid 2-1:0.0: can't add hid device: -71 [ 202.492218][ T312] usbhid: probe of 2-1:0.0 failed with error -71 [ 202.529267][ T312] usb 2-1: USB disconnect, device number 39 [ 202.573027][ T9739] uclogic 0003:5543:0005.0071: unknown main item tag 0x0 [ 202.579989][ T9739] uclogic 0003:5543:0005.0071: unknown main item tag 0x0 [ 202.590056][ T9739] uclogic 0003:5543:0005.0071: No inputs registered, leaving [ 202.597953][ T9739] uclogic 0003:5543:0005.0071: hidraw0: USB HID v0.00 Device [HID 5543:0005] on usb-dummy_hcd.2-1/input0 [ 202.691000][ T19] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0072/input/input76 [ 202.775936][ T19] microsoft 0003:045E:07DA.0072: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 202.797924][ T19] usb 3-1: USB disconnect, device number 42 [ 202.871192][ T60] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 202.880143][ T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.099180][T11756] loop1: detected capacity change from 0 to 40427 [ 203.106678][T11756] F2FS-fs (loop1): invalid crc value [ 203.113078][T11756] F2FS-fs (loop1): Found nat_bits in checkpoint [ 203.121360][ T24] usb 4-1: USB disconnect, device number 46 [ 203.155344][T11756] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 203.240830][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 203.240845][ T28] audit: type=1400 audit(2000000027.023:12679): avc: denied { read } for pid=11764 comm="syz.1.4945" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 203.295305][ T28] audit: type=1400 audit(2000000027.079:12680): avc: denied { setopt } for pid=11764 comm="syz.1.4945" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 203.381860][T11779] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4951'. [ 203.400494][T11781] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4952'. [ 203.410763][T11781] device sit1 entered promiscuous mode [ 203.416837][ T60] usb 5-1: string descriptor 0 read error: -71 [ 203.423339][ T60] usb 5-1: Found UVC 0.00 device (046d:08c1) [ 203.431329][ T60] usb 5-1: No valid video chain found. [ 203.437131][ T60] usb 5-1: USB disconnect, device number 51 [ 203.525656][T11783] loop2: detected capacity change from 0 to 8192 [ 203.628282][T11795] syz.2.4959[11795] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 203.628352][T11795] syz.2.4959[11795] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 203.718447][T11804] loop3: detected capacity change from 0 to 256 [ 203.811675][T11785] loop1: detected capacity change from 0 to 40427 [ 203.818389][T11785] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 203.826346][T11785] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 203.835116][T11785] F2FS-fs (loop1): invalid crc value [ 203.850350][T11785] F2FS-fs (loop1): Found nat_bits in checkpoint [ 203.876231][T11809] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4965'. [ 203.890182][T11785] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 203.897060][T11785] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 203.930370][T11785] syz.1.4954: attempt to access beyond end of device [ 203.930370][T11785] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 203.947355][T11817] loop4: detected capacity change from 0 to 512 [ 203.954445][ T28] audit: type=1400 audit(2000000027.697:12681): avc: denied { read } for pid=11784 comm="syz.1.4954" name="file0" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 203.965140][T11817] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 203.990936][ T5940] syz-executor: attempt to access beyond end of device [ 203.990936][ T5940] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 204.010270][T11817] EXT4-fs (loop4): 1 truncate cleaned up [ 204.016112][T11817] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 204.040160][ T9689] EXT4-fs (loop4): unmounting filesystem. [ 204.111553][T11830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4973'. [ 204.133319][ T28] audit: type=1326 audit(2000000027.865:12682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11831 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90b437dff9 code=0x7ffc0000 [ 204.210588][ T28] audit: type=1326 audit(2000000027.865:12683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11831 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f90b437dff9 code=0x7ffc0000 [ 204.238219][T11840] loop1: detected capacity change from 0 to 512 [ 204.256193][T11840] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 204.279418][T11845] loop4: detected capacity change from 0 to 512 [ 204.283534][T11840] EXT4-fs (loop1): 1 truncate cleaned up [ 204.290950][T11840] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 204.297290][ T28] audit: type=1326 audit(2000000027.865:12684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11831 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90b437dff9 code=0x7ffc0000 [ 204.328835][T11840] fscrypt (loop1, inode 18): Reserved bits set in encryption policy [ 204.344739][T11848] loop2: detected capacity change from 0 to 512 [ 204.354476][T11845] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 204.365816][ T5940] EXT4-fs (loop1): unmounting filesystem. [ 204.384473][T11845] EXT4-fs (loop4): 1 truncate cleaned up [ 204.391612][T11848] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 204.410458][T11845] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 204.410711][T11848] ext4 filesystem being mounted at /429/bus supports timestamps until 2038 (0x7fffffff) [ 204.432637][ T9689] EXT4-fs (loop4): unmounting filesystem. [ 204.456831][T11848] EXT4-fs: Ignoring removed orlov option [ 204.485433][T11848] EXT4-fs: Cannot change journaled quota options when quota turned on [ 204.550211][T11861] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4983'. [ 204.570499][ T6653] EXT4-fs error (device loop2): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /429/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 204.834411][T11885] loop1: detected capacity change from 0 to 512 [ 204.878832][T11856] loop4: detected capacity change from 0 to 40427 [ 204.907032][T11856] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 204.924815][T11885] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 204.933584][T11885] ext4 filesystem being mounted at /567/file0 supports timestamps until 2038 (0x7fffffff) [ 204.943419][T11856] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 204.957976][T11856] F2FS-fs (loop4): invalid crc value [ 204.964149][ T28] audit: type=1400 audit(2000000028.632:12685): avc: denied { mounton } for pid=11884 comm="syz.1.4996" path="/567/file0/bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 204.989765][T11856] F2FS-fs (loop4): Found nat_bits in checkpoint [ 204.997330][ T5940] EXT4-fs (loop1): unmounting filesystem. [ 205.052028][ T28] audit: type=1400 audit(2000000028.670:12686): avc: denied { unlink } for pid=5940 comm="syz-executor" name="bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 205.123214][T11856] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 205.137572][T11856] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 205.137657][T11877] loop3: detected capacity change from 0 to 40427 [ 205.180593][T11877] F2FS-fs (loop3): invalid crc value [ 205.195849][T11856] syz.4.4981: attempt to access beyond end of device [ 205.195849][T11856] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 205.217687][T11877] F2FS-fs (loop3): Found nat_bits in checkpoint [ 205.259629][ T9689] syz-executor: attempt to access beyond end of device [ 205.259629][ T9689] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 205.308741][T11877] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 205.362532][ T28] audit: type=1400 audit(2000000029.016:12687): avc: denied { map } for pid=11876 comm="syz.3.4992" path="/461/file2/hugetlb.2MB.usage_in_bytes" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 205.399463][ T6821] syz-executor: attempt to access beyond end of device [ 205.399463][ T6821] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 205.472608][T11915] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5007'. [ 205.579786][T11925] loop1: detected capacity change from 0 to 512 [ 205.591196][T11927] loop4: detected capacity change from 0 to 512 [ 205.609180][T11925] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 205.620099][T11927] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.5012: invalid indirect mapped block 256 (level 2) [ 205.635501][ T28] audit: type=1400 audit(2000000029.268:12688): avc: denied { shutdown } for pid=11929 comm="syz.3.5006" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 205.673841][T11927] EXT4-fs (loop4): 2 truncates cleaned up [ 205.679391][T11927] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 205.710929][ T9689] EXT4-fs (loop4): unmounting filesystem. [ 205.727090][T11925] EXT4-fs (loop1): 1 truncate cleaned up [ 205.732553][T11925] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 205.756178][T11933] loop3: detected capacity change from 0 to 512 [ 205.783848][T11933] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 205.796896][ T5940] EXT4-fs (loop1): unmounting filesystem. [ 205.839286][T11933] EXT4-fs (loop3): 1 truncate cleaned up [ 205.849037][T11933] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 205.890945][T11938] sch_tbf: burst 0 is lower than device veth0_to_team mtu (1514) ! [ 205.900125][ T6821] EXT4-fs (loop3): unmounting filesystem. [ 206.185231][ T24] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 206.206717][ T326] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 206.272749][T11943] loop3: detected capacity change from 0 to 40427 [ 206.279422][T11943] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 206.287083][T11943] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 206.295759][T11943] F2FS-fs (loop3): invalid crc value [ 206.301994][T11943] F2FS-fs (loop3): Found nat_bits in checkpoint [ 206.341697][T11943] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 206.348725][T11943] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 206.378358][T11943] syz.3.5014: attempt to access beyond end of device [ 206.378358][T11943] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 206.431687][ T6821] syz-executor: attempt to access beyond end of device [ 206.431687][ T6821] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 206.463180][ T24] usb 2-1: Using ep0 maxpacket: 16 [ 206.603185][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 206.615292][ T326] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 206.634230][ T326] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 206.643805][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 206.665307][ T326] usb 5-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00 [ 206.674283][ T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 206.687789][ T326] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.699425][ T24] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 206.708511][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.731823][ T326] usb 5-1: config 0 descriptor?? [ 206.736795][ T24] usb 2-1: config 0 descriptor?? [ 206.785112][T11957] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5020'. [ 207.233756][ T24] microsoft 0003:045E:07DA.0073: ignoring exceeding usage max [ 207.242051][ T24] microsoft 0003:045E:07DA.0073: ignoring exceeding usage max [ 207.250219][ T326] dragonrise 0003:0079:0011.0074: unknown main item tag 0x0 [ 207.264963][ T326] dragonrise 0003:0079:0011.0074: unknown main item tag 0x0 [ 207.272056][ T326] dragonrise 0003:0079:0011.0074: unknown main item tag 0x0 [ 207.286338][ T24] microsoft 0003:045E:07DA.0073: usage index exceeded [ 207.292904][ T24] microsoft 0003:045E:07DA.0073: item 0 4 2 0 parsing failed [ 207.307728][ T326] dragonrise 0003:0079:0011.0074: unknown main item tag 0x0 [ 207.314828][ T326] dragonrise 0003:0079:0011.0074: unknown main item tag 0x0 [ 207.329260][ T24] microsoft 0003:045E:07DA.0073: parse failed [ 207.335142][ T24] microsoft: probe of 0003:045E:07DA.0073 failed with error -22 [ 207.343375][ T326] dragonrise 0003:0079:0011.0074: hidraw0: USB HID v0.00 Device [HID 0079:0011] on usb-dummy_hcd.4-1/input0 [ 207.453442][ T326] usb 2-1: USB disconnect, device number 40 [ 207.467522][ T24] usb 5-1: USB disconnect, device number 52 [ 208.278131][T11982] loop1: detected capacity change from 0 to 40427 [ 208.285610][T11982] F2FS-fs (loop1): invalid crc value [ 208.295539][T11982] F2FS-fs (loop1): Found nat_bits in checkpoint [ 208.301987][ T312] usb 4-1: new full-speed USB device number 47 using dummy_hcd [ 208.376847][T11982] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 208.423783][ T5940] syz-executor: attempt to access beyond end of device [ 208.423783][ T5940] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 208.697625][ T312] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 208.714680][ T312] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 208.738281][ T312] usb 4-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.00 [ 208.756275][ T312] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.764662][T12010] loop4: detected capacity change from 0 to 128 [ 208.773357][ T312] usb 4-1: config 0 descriptor?? [ 208.829674][T12014] loop4: detected capacity change from 0 to 512 [ 208.858055][T12014] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 208.890057][T12014] EXT4-fs (loop4): 1 truncate cleaned up [ 208.895512][T12014] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 208.940775][ T9689] EXT4-fs (loop4): unmounting filesystem. [ 209.221355][ T24] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 209.286288][ T312] apple 0003:05AC:0240.0075: unknown main item tag 0x0 [ 209.292978][ T312] apple 0003:05AC:0240.0075: unbalanced collection at end of report description [ 209.312808][ T312] apple 0003:05AC:0240.0075: parse failed [ 209.318372][ T312] apple: probe of 0003:05AC:0240.0075 failed with error -22 [ 209.403108][ T60] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 209.488619][ T24] usb 2-1: Using ep0 maxpacket: 16 [ 209.502920][ T312] usb 4-1: USB disconnect, device number 47 [ 209.627639][ T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 209.649013][ T24] usb 2-1: config 0 has no interfaces? [ 209.659682][ T60] usb 5-1: Using ep0 maxpacket: 16 [ 209.788003][ T60] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 209.797911][ T60] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 209.828216][ T60] usb 5-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 209.841478][ T24] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=d3.06 [ 209.849704][ T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.850332][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67 [ 209.887839][ T24] usb 2-1: Product: syz [ 209.891821][ T24] usb 2-1: Manufacturer: syz [ 209.905534][ T24] usb 2-1: SerialNumber: syz [ 209.905896][ T60] ums-sddr09 5-1:1.0: USB Mass Storage device detected [ 209.916925][ T24] r8152-cfgselector 2-1: config 0 descriptor?? [ 210.122245][ T39] usb 5-1: USB disconnect, device number 53 [ 210.207681][ T24] r8152-cfgselector 2-1: Unknown version 0x0000 [ 210.365820][T11563] EXT4-fs (loop0): unmounting filesystem. [ 210.432367][T12050] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5060'. [ 210.443138][ T24] r8152-cfgselector 2-1: USB disconnect, device number 41 [ 210.587554][T12053] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.594502][T12053] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.601918][T12053] device bridge_slave_0 entered promiscuous mode [ 210.608731][T12053] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.616480][T12053] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.623890][T12053] device bridge_slave_1 entered promiscuous mode [ 210.689760][T12053] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.696653][T12053] bridge0: port 2(bridge_slave_1) entered forwarding state [ 210.703722][T12053] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.710533][T12053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 210.712032][T12060] loop4: detected capacity change from 0 to 256 [ 210.736302][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 210.743821][T12060] exfat: Deprecated parameter 'namecase' [ 210.749290][T12060] exfat: Deprecated parameter 'namecase' [ 210.756212][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.759060][T12052] loop3: detected capacity change from 0 to 40427 [ 210.763711][T12060] exfat: Deprecated parameter 'utf8' [ 210.775007][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.791287][T12052] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 210.793384][T12060] exfat: Deprecated parameter 'namecase' [ 210.801642][T12052] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 210.812095][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 210.812528][T12052] F2FS-fs (loop3): invalid crc value [ 210.825596][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.826282][T12052] F2FS-fs (loop3): Found nat_bits in checkpoint [ 210.832439][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 210.848166][T12060] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 210.868787][T12052] F2FS-fs (loop3): Start checkpoint disabled! [ 210.881637][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 210.885402][T12052] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 210.896416][T12052] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 210.896565][ T28] audit: type=1400 audit(2000000034.188:12689): avc: denied { mounton } for pid=12059 comm="syz.4.5063" path="/172/file0/file0/file0" dev="loop4" ino=1049143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 210.932448][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.939285][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 210.953184][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 210.965893][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 210.984556][T12053] device veth0_vlan entered promiscuous mode [ 210.997875][ T9739] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 211.006090][ T9739] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 211.017601][ T9739] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 211.024856][ T9739] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 211.032354][ T1076] kworker/u4:4: attempt to access beyond end of device [ 211.032354][ T1076] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 211.043266][T12053] device veth1_macvtap entered promiscuous mode [ 211.056949][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 211.080727][ T9739] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 211.092528][ T9739] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 211.150771][T12076] loop0: detected capacity change from 0 to 512 [ 211.174968][T12076] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 211.206977][T12076] EXT4-fs (loop0): 1 truncate cleaned up [ 211.219674][T12076] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 211.241422][ T10] device veth1_macvtap left promiscuous mode [ 211.248314][T12053] EXT4-fs (loop0): unmounting filesystem. [ 211.252781][ T10] device veth0_vlan left promiscuous mode [ 211.282202][T12084] input: syz0 as /devices/virtual/input/input77 [ 211.306035][ T24] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 211.431840][ T28] audit: type=1400 audit(2000000034.684:12690): avc: denied { write } for pid=12093 comm="syz.0.5075" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 211.488799][T12096] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5077'. [ 211.490091][T12075] loop4: detected capacity change from 0 to 40427 [ 211.509271][ T326] usb 4-1: new high-speed USB device number 48 using dummy_hcd [ 211.514797][T12075] F2FS-fs (loop4): fault_injection options not supported [ 211.536276][T12075] F2FS-fs (loop4): Image doesn't support compression [ 211.545011][T12075] F2FS-fs (loop4): Image doesn't support compression [ 211.562304][T12075] F2FS-fs (loop4): fault_type options not supported [ 211.570268][T12075] F2FS-fs (loop4): invalid crc value [ 211.578314][T12075] F2FS-fs (loop4): Found nat_bits in checkpoint [ 211.617853][T12075] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 211.661655][ T1102] kworker/u4:5: attempt to access beyond end of device [ 211.661655][ T1102] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 211.684888][T12075] VFS:Filesystem freeze failed [ 211.755096][ T24] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 211.765069][ T24] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 211.773898][ T326] usb 4-1: Using ep0 maxpacket: 16 [ 211.872766][ T24] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 211.881715][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 211.889680][ T24] usb 2-1: SerialNumber: syz [ 211.915437][ T326] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 211.923519][ T326] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 211.933567][ T326] usb 4-1: config 0 has no interface number 0 [ 212.129253][ T326] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 212.138120][ T326] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.146158][ T326] usb 4-1: Product: syz [ 212.150121][ T326] usb 4-1: Manufacturer: syz [ 212.155351][ T326] usb 4-1: SerialNumber: syz [ 212.160421][ T326] usb 4-1: config 0 descriptor?? [ 212.204669][ T24] usb 2-1: 0:2 : does not exist [ 212.210261][ T326] usb 4-1: Found UVC 0.00 device syz (046d:08f3) [ 212.217220][ T24] usb 2-1: USB disconnect, device number 42 [ 212.223201][ T326] usb 4-1: No valid video chain found. [ 212.709240][T12111] loop1: detected capacity change from 0 to 512 [ 212.718397][T12111] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 212.743322][T12111] EXT4-fs (loop1): 1 truncate cleaned up [ 212.748826][T12111] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 212.766355][ T5940] EXT4-fs (loop1): unmounting filesystem. [ 212.960259][ T326] usb 4-1: USB disconnect, device number 48 [ 212.991294][ T28] audit: type=1400 audit(2000000036.143:12691): avc: denied { view } for pid=12130 comm="syz.4.5092" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 213.061126][T12139] loop4: detected capacity change from 0 to 256 [ 213.092007][T12139] FAT-fs (loop4): Directory bread(block 64) failed [ 213.098345][T12139] FAT-fs (loop4): Directory bread(block 65) failed [ 213.123479][T12139] FAT-fs (loop4): Directory bread(block 66) failed [ 213.140601][T12139] FAT-fs (loop4): Directory bread(block 67) failed [ 213.157891][T12139] FAT-fs (loop4): Directory bread(block 68) failed [ 213.175362][T12139] FAT-fs (loop4): Directory bread(block 69) failed [ 213.196082][T12139] FAT-fs (loop4): Directory bread(block 70) failed [ 213.206799][T12139] FAT-fs (loop4): Directory bread(block 71) failed [ 213.224331][T12139] FAT-fs (loop4): Directory bread(block 72) failed [ 213.230848][T12139] FAT-fs (loop4): Directory bread(block 73) failed [ 213.307499][T12148] loop3: detected capacity change from 0 to 512 [ 213.348354][T12148] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 213.363650][T12149] loop4: detected capacity change from 0 to 4096 [ 213.370010][T12149] EXT4-fs: Ignoring removed nomblk_io_submit option [ 213.378324][T12149] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 213.388324][T12148] EXT4-fs (loop3): 1 truncate cleaned up [ 213.412643][T12149] EXT4-fs (loop4): unmounting filesystem. [ 213.418272][T12148] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 213.449702][ T6821] EXT4-fs (loop3): unmounting filesystem. [ 213.558075][T12161] loop4: detected capacity change from 0 to 256 [ 213.583511][T12161] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 213.664559][T12121] loop1: detected capacity change from 0 to 131072 [ 213.690690][T12121] F2FS-fs (loop1): Test dummy encryption mode enabled [ 213.701202][T12121] F2FS-fs (loop1): invalid crc value [ 213.728753][T12121] F2FS-fs (loop1): Found nat_bits in checkpoint [ 213.814011][T12121] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 213.847240][T12157] loop3: detected capacity change from 0 to 40427 [ 213.855507][T12167] loop4: detected capacity change from 0 to 256 [ 213.861993][T12157] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 213.869760][T12167] exfat: Deprecated parameter 'utf8' [ 213.882561][T12157] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 213.904046][T12167] exfat: Deprecated parameter 'namecase' [ 213.909536][T12167] exfat: Deprecated parameter 'namecase' [ 213.941330][T12167] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 213.987407][T12157] F2FS-fs (loop3): Found nat_bits in checkpoint [ 214.061138][T12157] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 214.078856][T12157] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 215.528516][T12191] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 215.543635][T12195] af_packet: tpacket_rcv: packet too big, clamped from 64993 to 3952. macoff=96 [ 215.596512][ T6653] device syz_tun left promiscuous mode [ 215.601800][ T6653] bridge0: port 1(syz_tun) entered disabled state [ 215.609187][T12209] Invalid ELF header magic: != ELF [ 215.670108][ T6653] EXT4-fs (loop2): unmounting filesystem. [ 215.684993][ T28] audit: type=1400 audit(2000000038.669:12692): avc: denied { mount } for pid=12223 comm="syz.3.5131" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1 [ 215.751514][T12214] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.759132][T12214] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.775130][T12214] device bridge_slave_0 entered promiscuous mode [ 215.781954][T12214] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.804203][T12214] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.821716][T12214] device bridge_slave_1 entered promiscuous mode [ 215.847865][T12236] loop1: detected capacity change from 0 to 1024 [ 215.891716][T12236] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 215.905045][T12230] loop3: detected capacity change from 0 to 40427 [ 215.923198][T12230] F2FS-fs (loop3): fault_injection options not supported [ 215.934465][T12230] F2FS-fs (loop3): invalid crc value [ 215.957230][T12230] F2FS-fs (loop3): Found nat_bits in checkpoint [ 215.990575][T12214] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.997422][T12214] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.004542][T12214] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.011330][T12214] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.026577][T12230] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 216.037893][T12235] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 216.058577][T12235] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 216.082810][ T6821] syz-executor: attempt to access beyond end of device [ 216.082810][ T6821] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 216.088041][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 216.104313][ T24] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.111996][T12235] EXT4-fs (loop1): This should not happen!! Data will be lost [ 216.111996][T12235] [ 216.114921][T12238] loop4: detected capacity change from 0 to 40427 [ 216.122057][T12235] EXT4-fs (loop1): Total free blocks count 0 [ 216.133815][ T24] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.141459][T12235] EXT4-fs (loop1): Free/Dirty block details [ 216.147170][T12235] EXT4-fs (loop1): free_blocks=68451041280 [ 216.153279][T12235] EXT4-fs (loop1): dirty_blocks=32 [ 216.158940][T12238] F2FS-fs (loop4): Mismatch start address, segment0(512) cp_blkaddr(175702528) [ 216.159128][T12235] EXT4-fs (loop1): Block reservation details [ 216.181805][T12238] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 216.190404][T12238] F2FS-fs (loop4): invalid crc value [ 216.195799][T12235] EXT4-fs (loop1): i_reserved_data_blocks=2 [ 216.201765][ T399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 216.207725][T12238] F2FS-fs (loop4): Found nat_bits in checkpoint [ 216.213272][ T399] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.222477][ T399] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.232517][ T399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 216.232806][T12248] loop3: detected capacity change from 0 to 256 [ 216.240879][ T399] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.253239][ T399] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.261725][ T5940] EXT4-fs (loop1): unmounting filesystem. [ 216.265890][T12238] F2FS-fs (loop4): Try to recover 1th superblock, ret: -30 [ 216.267667][ T399] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 216.274754][T12238] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 216.294094][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 216.299058][T12248] FAT-fs (loop3): Directory bread(block 64) failed [ 216.312506][T12214] device veth0_vlan entered promiscuous mode [ 216.318761][T12248] FAT-fs (loop3): Directory bread(block 65) failed [ 216.320588][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 216.332842][T12248] FAT-fs (loop3): Directory bread(block 66) failed [ 216.339667][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 216.341780][T12248] FAT-fs (loop3): Directory bread(block 67) failed [ 216.348988][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 216.360413][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 216.368487][T12248] FAT-fs (loop3): Directory bread(block 68) failed [ 216.384008][T12214] device veth1_macvtap entered promiscuous mode [ 216.391014][ T399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 216.402630][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 216.411508][T12248] FAT-fs (loop3): Directory bread(block 69) failed [ 216.418473][T12248] FAT-fs (loop3): Directory bread(block 70) failed [ 216.425648][T12248] FAT-fs (loop3): Directory bread(block 71) failed [ 216.432110][T12248] FAT-fs (loop3): Directory bread(block 72) failed [ 216.438634][T12248] FAT-fs (loop3): Directory bread(block 73) failed [ 216.439917][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 216.470592][ T10] device veth0_vlan left promiscuous mode [ 216.481193][T12259] loop2: detected capacity change from 0 to 512 [ 216.488444][T12259] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 216.516025][T12264] loop3: detected capacity change from 0 to 128 [ 216.518449][T12259] EXT4-fs (loop2): 1 truncate cleaned up [ 216.528173][T12259] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 216.543202][T12264] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 216.552418][T12214] EXT4-fs (loop2): unmounting filesystem. [ 216.555412][T12264] ext4 filesystem being mounted at /507/mnt supports timestamps until 2038 (0x7fffffff) [ 216.585263][ T28] audit: type=1400 audit(2000000039.501:12693): avc: denied { read } for pid=12270 comm="syz.2.5144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 216.613654][T12264] fscrypt (loop3, inode 12): Direct key flag not allowed with different contents and filenames modes [ 216.626833][T12274] netlink: 64 bytes leftover after parsing attributes in process `syz.4.5146'. [ 216.629566][ T28] audit: type=1400 audit(2000000039.548:12694): avc: denied { write } for pid=12270 comm="syz.2.5144" path="socket:[62924]" dev="sockfs" ino=62924 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 216.660285][ T6821] EXT4-fs (loop3): unmounting filesystem. [ 216.760371][T12295] loop1: detected capacity change from 0 to 512 [ 216.773390][T12295] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 216.805285][T12295] EXT4-fs (loop1): 1 truncate cleaned up [ 216.810817][T12295] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 216.821097][T12306] loop4: detected capacity change from 0 to 256 [ 216.828189][ T5940] EXT4-fs (loop1): unmounting filesystem. [ 216.831715][T12306] FAT-fs (loop4): Directory bread(block 64) failed [ 216.840116][T12306] FAT-fs (loop4): Directory bread(block 65) failed [ 216.846475][T12306] FAT-fs (loop4): Directory bread(block 66) failed [ 216.852743][T12306] FAT-fs (loop4): Directory bread(block 67) failed [ 216.859313][T12306] FAT-fs (loop4): Directory bread(block 68) failed [ 216.865733][T12306] FAT-fs (loop4): Directory bread(block 69) failed [ 216.872037][T12306] FAT-fs (loop4): Directory bread(block 70) failed [ 216.878418][T12306] FAT-fs (loop4): Directory bread(block 71) failed [ 216.884801][T12306] FAT-fs (loop4): Directory bread(block 72) failed [ 216.891234][T12306] FAT-fs (loop4): Directory bread(block 73) failed [ 216.924672][T12315] loop3: detected capacity change from 0 to 256 [ 216.930038][T12313] loop1: detected capacity change from 0 to 2048 [ 216.931305][T12315] exfat: Deprecated parameter 'utf8' [ 216.949948][T12315] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 217.066167][T12330] loop1: detected capacity change from 0 to 512 [ 217.072707][T12330] EXT4-fs: Ignoring removed i_version option [ 217.081794][T12330] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002] [ 217.093429][T12332] loop3: detected capacity change from 0 to 512 [ 217.095334][T12330] System zones: 1-12 [ 217.101615][T12332] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 217.112810][T12330] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.5168: bg 0: block 131: padding at end of block bitmap is not set [ 217.113287][T12332] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e11c, mo2=0002] [ 217.127628][T12330] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6173: Corrupt filesystem [ 217.135757][T12332] EXT4-fs (loop3): orphan cleanup on readonly fs [ 217.143410][T12330] EXT4-fs (loop1): 1 truncate cleaned up [ 217.155658][T12332] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.5169: bg 0: block 361: padding at end of block bitmap is not set [ 217.170449][T12332] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6173: Corrupt filesystem [ 217.179457][T12332] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.5169: attempt to clear invalid blocks 33619980 len 1 [ 217.192964][T12332] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.5169: invalid indirect mapped block 1811939328 (level 0) [ 217.202906][T12346] tap0: tun_chr_ioctl cmd 2148553947 [ 217.207374][T12332] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.5169: invalid indirect mapped block 2185560079 (level 1) [ 217.226112][T12332] EXT4-fs (loop3): 1 truncate cleaned up [ 217.253984][T12354] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 217.299214][T12362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5184'. [ 217.432630][T12379] loop1: detected capacity change from 0 to 512 [ 217.439021][T12379] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 217.450040][T12379] EXT4-fs (loop1): 1 truncate cleaned up [ 217.465938][T12382] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0) [ 217.474315][T12382] SELinux: failed to load policy [ 217.484536][ T28] audit: type=1400 audit(2000000040.343:12695): avc: denied { getattr } for pid=12383 comm="syz.1.5194" name="/" dev="incremental-fs" ino=3269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 217.485005][T12384] incfs: mount failed -22 [ 217.508518][ T28] audit: type=1400 audit(2000000040.343:12696): avc: denied { mounton } for pid=12383 comm="syz.1.5194" path="/624/file0" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 217.581514][ T312] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 217.624215][ T9739] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 217.838010][ T312] usb 5-1: Using ep0 maxpacket: 8 [ 217.880811][ T9739] usb 4-1: Using ep0 maxpacket: 16 [ 217.966334][ T312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 217.977121][ T312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 217.986583][ T312] usb 5-1: New USB device found, idVendor=054c, idProduct=0ce6, bcdDevice= 0.00 [ 217.995485][ T312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.003717][ T312] usb 5-1: config 0 descriptor?? [ 218.019812][ T9739] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 218.029703][ T9739] usb 4-1: config 0 has no interfaces? [ 218.201524][ T9739] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=d3.06 [ 218.210382][ T9739] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67 [ 218.218302][ T9739] usb 4-1: Product: syz [ 218.222258][ T9739] usb 4-1: Manufacturer: syz [ 218.226720][ T9739] usb 4-1: SerialNumber: syz [ 218.231519][ T9739] r8152-cfgselector 4-1: config 0 descriptor?? [ 218.511683][ T312] hid (null): unknown global tag 0xe [ 218.517342][ T312] playstation 0003:054C:0CE6.0076: unknown main item tag 0x0 [ 218.524574][ T9739] r8152-cfgselector 4-1: Unknown version 0x0000 [ 218.530856][ T312] playstation 0003:054C:0CE6.0076: unknown global tag 0xe [ 218.537890][ T312] playstation 0003:054C:0CE6.0076: item 0 0 1 14 parsing failed [ 218.545429][ T312] playstation 0003:054C:0CE6.0076: Parse failed [ 218.551408][ T312] playstation: probe of 0003:054C:0CE6.0076 failed with error -22 [ 218.726997][ T39] usb 5-1: USB disconnect, device number 54 [ 218.732994][ T312] r8152-cfgselector 4-1: USB disconnect, device number 49 [ 218.886070][T12408] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5205'. [ 218.909561][T12416] loop1: detected capacity change from 0 to 256 [ 218.996392][ T28] audit: type=1400 audit(2000000041.765:12697): avc: denied { accept } for pid=12423 comm="syz.2.5213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 219.217109][ T312] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 219.473647][ T312] usb 2-1: Using ep0 maxpacket: 8 [ 219.533855][T12445] loop2: detected capacity change from 0 to 40427 [ 219.541373][T12445] F2FS-fs (loop2): invalid crc value [ 219.545797][T12446] loop4: detected capacity change from 0 to 40427 [ 219.547535][T12445] F2FS-fs (loop2): Found nat_bits in checkpoint [ 219.553555][T12446] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 219.565296][T12446] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 219.575172][T12446] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 219.586838][T12445] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 219.594249][ T60] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 219.602064][ T312] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 219.610123][ T312] usb 2-1: config 179 has no interface number 0 [ 219.610981][T12446] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 219.617001][ T312] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 219.623225][T12446] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 219.636003][ T312] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 219.652905][ T312] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 255, changing to 11 [ 219.664282][ T9689] syz-executor: attempt to access beyond end of device [ 219.664282][ T9689] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 219.664584][ T312] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 59391, setting to 1024 [ 219.689374][ T312] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 219.702451][ T312] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 219.715681][ T312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.741012][T12422] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 219.748012][T12422] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 219.763552][ T312] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input78 [ 219.844949][T12465] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5228'. [ 219.853854][T12465] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5228'. [ 219.889611][T12461] loop4: detected capacity change from 0 to 40427 [ 219.896667][T12461] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 219.904411][T12461] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 219.913450][T12461] F2FS-fs (loop4): invalid crc value [ 219.919670][T12461] F2FS-fs (loop4): Found nat_bits in checkpoint [ 219.942546][T12461] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 219.949979][T12461] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 219.997842][ T9739] usb 2-1: USB disconnect, device number 43 [ 220.008237][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 220.018991][ T9739] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 220.028975][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 220.039295][ T60] usb 4-1: New USB device found, idVendor=046d, idProduct=c532, bcdDevice= 0.00 [ 220.050565][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.059190][ T60] usb 4-1: config 0 descriptor?? [ 220.114708][T12479] loop4: detected capacity change from 0 to 128 [ 220.122416][T12479] ext4 filesystem being mounted at /218/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 220.155448][T12479] EXT4-fs (loop4): re-mounted. Quota mode: none. [ 220.162161][T12479] EXT4-fs (loop4): re-mounted. Quota mode: none. [ 220.184012][T12485] loop4: detected capacity change from 0 to 256 [ 220.198388][T12487] incfs: Options parsing error. -22 [ 220.203529][T12487] incfs: mount failed -22 [ 220.211341][ T312] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 220.220336][ T28] audit: type=1400 audit(2000000042.906:12698): avc: denied { map } for pid=12488 comm="syz.4.5237" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 220.244836][ T28] audit: type=1400 audit(2000000042.906:12699): avc: denied { execute } for pid=12488 comm="syz.4.5237" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 220.273513][T12491] loop4: detected capacity change from 0 to 512 [ 220.279905][T12491] EXT4-fs: Ignoring removed i_version option [ 220.287222][T12491] EXT4-fs (loop4): 1 truncate cleaned up [ 220.367716][ T28] audit: type=1326 audit(2000000043.047:12700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12502 comm="syz.4.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90b437dff9 code=0x7ffc0000 [ 220.391418][ T28] audit: type=1326 audit(2000000043.047:12701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12502 comm="syz.4.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90b437dff9 code=0x7ffc0000 [ 220.415528][ T28] audit: type=1326 audit(2000000043.047:12702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12502 comm="syz.4.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f90b437dff9 code=0x7ffc0000 [ 220.454957][T12508] loop4: detected capacity change from 0 to 4096 [ 220.463991][T12508] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #15: comm syz.4.5245: corrupted inode contents [ 220.475850][T12508] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #15: comm syz.4.5245: mark_inode_dirty error [ 220.487132][T12508] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #15: comm syz.4.5245: corrupted inode contents [ 220.489293][ T312] usb 3-1: Using ep0 maxpacket: 16 [ 220.499000][T12508] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #15: comm syz.4.5245: mark_inode_dirty error [ 220.514978][T12508] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #15: comm syz.4.5245: corrupted inode contents [ 220.527048][T12508] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #15: comm syz.4.5245: mark_inode_dirty error [ 220.538363][T12508] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #15: comm syz.4.5245: corrupted inode contents [ 220.552257][T12508] EXT4-fs error (device loop4): ext4_truncate:4302: inode #15: comm syz.4.5245: mark_inode_dirty error [ 220.562742][T12512] loop1: detected capacity change from 0 to 2048 [ 220.563566][T12508] EXT4-fs error (device loop4) in ext4_setattr:5613: Corrupt filesystem [ 220.577628][T12512] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 220.578031][T12510] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #15: comm syz.4.5245: corrupted inode contents [ 220.629355][ T312] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 220.660331][ T312] usb 3-1: config 0 has no interfaces? [ 220.681376][T12523] loop1: detected capacity change from 0 to 128 [ 220.690554][T12525] netlink: 'syz.4.5251': attribute type 11 has an invalid length. [ 220.719280][T12533] loop4: detected capacity change from 0 to 512 [ 220.727972][T12533] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 220.740081][T12533] EXT4-fs (loop4): 1 orphan inode deleted [ 220.745647][T12533] EXT4-fs (loop4): 1 truncate cleaned up [ 220.765351][ T399] usb 4-1: USB disconnect, device number 50 [ 220.831482][ T312] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=d3.06 [ 220.841034][ T312] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67 [ 220.849145][ T312] usb 3-1: Product: syz [ 220.853288][ T312] usb 3-1: Manufacturer: syz [ 220.857817][ T312] usb 3-1: SerialNumber: syz [ 220.863105][ T312] r8152-cfgselector 3-1: config 0 descriptor?? [ 220.920030][T12554] loop1: detected capacity change from 0 to 40427 [ 220.927279][T12554] F2FS-fs (loop1): invalid crc value [ 220.933492][T12554] F2FS-fs (loop1): Found nat_bits in checkpoint [ 220.955837][T12554] F2FS-fs (loop1): Start checkpoint disabled! [ 220.962317][T12554] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 220.983495][ T43] kworker/u4:2: attempt to access beyond end of device [ 220.983495][ T43] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 221.081677][T12570] loop1: detected capacity change from 0 to 256 [ 221.098700][ T60] usb 5-1: new high-speed USB device number 55 using dummy_hcd [ 221.141624][ T312] r8152-cfgselector 3-1: Unknown version 0x0000 [ 221.355277][ T60] usb 5-1: Using ep0 maxpacket: 32 [ 221.373590][ T312] r8152-cfgselector 3-1: USB disconnect, device number 43 [ 221.494217][ T60] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 221.504172][ T60] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22 [ 221.601149][ T60] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 221.610062][ T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 221.617833][ T60] usb 5-1: SerialNumber: syz [ 221.879904][ T399] usb 5-1: USB disconnect, device number 55 [ 221.924663][T12607] incfs: Options parsing error. -22 [ 221.929771][T12607] incfs: mount failed -22 [ 221.961881][T12615] loop2: detected capacity change from 0 to 1024 [ 222.015486][T12619] ================================================================== [ 222.023368][T12619] BUG: KASAN: use-after-free in cpu_map_enqueue+0xb4/0x370 [ 222.030408][T12619] Read of size 8 at addr ffff8881090dc508 by task syz.2.5293/12619 [ 222.038125][T12619] [ 222.040297][T12619] CPU: 1 PID: 12619 Comm: syz.2.5293 Tainted: G W 6.1.99-syzkaller-00053-g5e1f4bb11f0d #0 [ 222.051413][T12619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 222.061296][T12619] Call Trace: [ 222.064417][T12619] [ 222.067206][T12619] dump_stack_lvl+0x151/0x1b7 [ 222.071711][T12619] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 222.077003][T12619] ? _printk+0xd1/0x111 [ 222.081011][T12619] ? __virt_addr_valid+0x242/0x2f0 [ 222.085943][T12619] print_report+0x158/0x4e0 [ 222.090282][T12619] ? __virt_addr_valid+0x242/0x2f0 [ 222.095232][T12619] ? kasan_complete_mode_report_info+0x90/0x1b0 [ 222.101306][T12619] ? cpu_map_enqueue+0xb4/0x370 [ 222.105993][T12619] kasan_report+0x13c/0x170 [ 222.110331][T12619] ? cpu_map_enqueue+0xb4/0x370 [ 222.115021][T12619] __asan_report_load8_noabort+0x14/0x20 [ 222.120489][T12619] cpu_map_enqueue+0xb4/0x370 [ 222.125004][T12619] xdp_do_redirect_frame+0x275/0x800 [ 222.130210][T12619] bpf_test_run_xdp_live+0xc30/0x1f70 [ 222.135418][T12619] ? __kasan_check_write+0x14/0x20 [ 222.140366][T12619] ? bpf_test_run_xdp_live+0x7ae/0x1f70 [ 222.145742][T12619] ? xdp_convert_md_to_buff+0x360/0x360 [ 222.151125][T12619] ? bpf_dispatcher_change_prog+0xd9d/0xf20 [ 222.156861][T12619] ? trace_raw_output_bpf_test_finish+0xd0/0xd0 [ 222.162934][T12619] ? __kasan_check_write+0x14/0x20 [ 222.167878][T12619] ? _copy_from_user+0x90/0xc0 [ 222.172476][T12619] bpf_prog_test_run_xdp+0x7d1/0x1130 [ 222.177689][T12619] ? dev_put+0x80/0x80 [ 222.181593][T12619] ? __kasan_check_write+0x14/0x20 [ 222.186537][T12619] ? fput+0x15b/0x1b0 [ 222.190356][T12619] ? dev_put+0x80/0x80 [ 222.194263][T12619] bpf_prog_test_run+0x3b0/0x630 [ 222.199038][T12619] ? bpf_prog_query+0x260/0x260 [ 222.203723][T12619] ? selinux_bpf+0xd2/0x100 [ 222.208062][T12619] ? security_bpf+0x82/0xb0 [ 222.212402][T12619] __sys_bpf+0x59f/0x7f0 [ 222.216483][T12619] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 222.221691][T12619] ? __x64_sys_futex+0x100/0x100 [ 222.226463][T12619] ? fpregs_restore_userregs+0x130/0x290 [ 222.231932][T12619] __x64_sys_bpf+0x7c/0x90 [ 222.236183][T12619] x64_sys_call+0x87f/0x9a0 [ 222.240523][T12619] do_syscall_64+0x3b/0xb0 [ 222.244801][T12619] ? clear_bhb_loop+0x55/0xb0 [ 222.249288][T12619] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 222.255019][T12619] RIP: 0033:0x7f29e5d7dff9 [ 222.259271][T12619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.278712][T12619] RSP: 002b:00007f29e6bb0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 222.286968][T12619] RAX: ffffffffffffffda RBX: 00007f29e5f35f80 RCX: 00007f29e5d7dff9 [ 222.294768][T12619] RDX: 0000000000000050 RSI: 00000000200000c0 RDI: 000000000000000a [ 222.302583][T12619] RBP: 00007f29e5df0296 R08: 0000000000000000 R09: 0000000000000000 [ 222.310390][T12619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.318201][T12619] R13: 0000000000000000 R14: 00007f29e5f35f80 R15: 00007ffc42066398 [ 222.326017][T12619] [ 222.328879][T12619] [ 222.331047][T12619] Allocated by task 11965: [ 222.335302][T12619] kasan_set_track+0x4b/0x70 [ 222.339728][T12619] kasan_save_alloc_info+0x1f/0x30 [ 222.344675][T12619] __kasan_kmalloc+0x9c/0xb0 [ 222.349100][T12619] __kmalloc_node+0xb4/0x1e0 [ 222.353528][T12619] bpf_map_kmalloc_node+0xd0/0x2c0 [ 222.358474][T12619] cpu_map_update_elem+0x28f/0xf50 [ 222.363422][T12619] bpf_map_update_value+0x1a3/0x410 [ 222.368456][T12619] map_update_elem+0x500/0x680 [ 222.373055][T12619] __sys_bpf+0x460/0x7f0 [ 222.377135][T12619] __x64_sys_bpf+0x7c/0x90 [ 222.381389][T12619] x64_sys_call+0x87f/0x9a0 [ 222.385729][T12619] do_syscall_64+0x3b/0xb0 [ 222.389980][T12619] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 222.395709][T12619] [ 222.397878][T12619] Freed by task 11966: [ 222.401784][T12619] kasan_set_track+0x4b/0x70 [ 222.406210][T12619] kasan_save_free_info+0x2b/0x40 [ 222.411071][T12619] ____kasan_slab_free+0x131/0x180 [ 222.416020][T12619] __kasan_slab_free+0x11/0x20 [ 222.420617][T12619] __kmem_cache_free+0x218/0x3b0 [ 222.425393][T12619] kfree+0x7a/0xf0 [ 222.428951][T12619] put_cpu_map_entry+0x6e2/0x760 [ 222.433723][T12619] cpu_map_kthread_run+0x2463/0x2520 [ 222.438847][T12619] kthread+0x26d/0x300 [ 222.442749][T12619] ret_from_fork+0x1f/0x30 [ 222.447004][T12619] [ 222.449176][T12619] Last potentially related work creation: [ 222.454728][T12619] kasan_save_stack+0x3b/0x60 [ 222.459242][T12619] __kasan_record_aux_stack+0xb4/0xc0 [ 222.464450][T12619] kasan_record_aux_stack_noalloc+0xb/0x10 [ 222.470091][T12619] insert_work+0x56/0x310 [ 222.474257][T12619] __queue_work+0x9b6/0xd70 [ 222.478597][T12619] queue_work_on+0x105/0x170 [ 222.483022][T12619] cpu_map_free+0x1e7/0x2c0 [ 222.487363][T12619] bpf_map_free_deferred+0xf7/0x1b0 [ 222.492397][T12619] process_one_work+0x73d/0xcb0 [ 222.497082][T12619] worker_thread+0xa60/0x1260 [ 222.501598][T12619] kthread+0x26d/0x300 [ 222.505517][T12619] ret_from_fork+0x1f/0x30 [ 222.509759][T12619] [ 222.511924][T12619] Second to last potentially related work creation: [ 222.518349][T12619] kasan_save_stack+0x3b/0x60 [ 222.522863][T12619] __kasan_record_aux_stack+0xb4/0xc0 [ 222.528070][T12619] kasan_record_aux_stack_noalloc+0xb/0x10 [ 222.533713][T12619] call_rcu+0xee/0x1340 [ 222.537707][T12619] cpu_map_free+0x109/0x2c0 [ 222.542042][T12619] bpf_map_free_deferred+0xf7/0x1b0 [ 222.547337][T12619] process_one_work+0x73d/0xcb0 [ 222.552025][T12619] worker_thread+0xa60/0x1260 [ 222.556538][T12619] kthread+0x26d/0x300 [ 222.560443][T12619] ret_from_fork+0x1f/0x30 [ 222.564696][T12619] [ 222.566866][T12619] The buggy address belongs to the object at ffff8881090dc500 [ 222.566866][T12619] which belongs to the cache kmalloc-192 of size 192 [ 222.580754][T12619] The buggy address is located 8 bytes inside of [ 222.580754][T12619] 192-byte region [ffff8881090dc500, ffff8881090dc5c0) [ 222.593685][T12619] [ 222.595858][T12619] The buggy address belongs to the physical page: [ 222.602109][T12619] page:ffffea0004243700 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1090dc [ 222.612174][T12619] flags: 0x4000000000000200(slab|zone=1) [ 222.617650][T12619] raw: 4000000000000200 ffffea0004d1aa40 dead000000000003 ffff888100042c00 [ 222.626064][T12619] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 222.634481][T12619] page dumped because: kasan: bad access detected [ 222.640737][T12619] page_owner tracks the page as allocated [ 222.646283][T12619] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, tgid 1 (swapper/0), ts 1199613442, free_ts 0 [ 222.662689][T12619] post_alloc_hook+0x213/0x220 [ 222.667286][T12619] prep_new_page+0x1b/0x110 [ 222.671626][T12619] get_page_from_freelist+0x27ea/0x2870 [ 222.677006][T12619] __alloc_pages+0x3a1/0x780 [ 222.681434][T12619] alloc_slab_page+0x6c/0xf0 [ 222.685885][T12619] new_slab+0x90/0x3e0 [ 222.689768][T12619] ___slab_alloc+0x6f9/0xb80 [ 222.694194][T12619] __slab_alloc+0x5d/0xa0 [ 222.698365][T12619] __kmem_cache_alloc_node+0x1af/0x250 [ 222.703654][T12619] __kmalloc_node_track_caller+0xa2/0x1e0 [ 222.709208][T12619] krealloc+0x64/0xf0 [ 222.713027][T12619] add_sysfs_param+0xcd/0x7d0 [ 222.717540][T12619] kernel_add_sysfs_param+0xb2/0x12d [ 222.722668][T12619] param_sysfs_builtin+0x210/0x2b5 [ 222.727610][T12619] param_sysfs_init+0x6a/0x6f [ 222.732121][T12619] do_one_initcall+0x18d/0x630 [ 222.736725][T12619] page_owner free stack trace missing [ 222.741939][T12619] [ 222.744100][T12619] Memory state around the buggy address: [ 222.749573][T12619] ffff8881090dc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 222.757468][T12619] ffff8881090dc480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 222.765367][T12619] >ffff8881090dc500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 222.773263][T12619] ^ [ 222.777432][T12619] ffff8881090dc580: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 222.785340][T12619] ffff8881090dc600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 222.793228][T12619] ================================================================== [ 222.801188][T12619] Disabling lock debugging due to kernel taint [ 222.807184][T12619] general protection fault, probably for non-canonical address 0xe0cf4d7f3ede05e2: 0000 [#1] PREEMPT SMP KASAN [ 222.818663][T12619] KASAN: maybe wild-memory-access in range [0x067a8bf9f6f02f10-0x067a8bf9f6f02f17] [ 222.827773][T12619] CPU: 1 PID: 12619 Comm: syz.2.5293 Tainted: G B W 6.1.99-syzkaller-00053-g5e1f4bb11f0d #0 [ 222.838878][T12619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 222.848773][T12619] RIP: 0010:cpu_map_enqueue+0x113/0x370 [ 222.854154][T12619] Code: e8 03 42 80 3c 30 00 74 08 48 89 df e8 96 d8 24 00 4c 8b 23 4f 8d 74 3c 58 4d 89 f5 49 c1 ed 03 48 b8 00 00 00 00 00 fc ff df <41> 0f b6 44 05 00 84 c0 0f 85 a8 01 00 00 4d 01 fc 41 8b 1e bf 08 [ 222.873596][T12619] RSP: 0018:ffffc90000bff600 EFLAGS: 00010207 [ 222.879503][T12619] RAX: dffffc0000000000 RBX: ffffffff86745888 RCX: 0000000000040000 [ 222.887309][T12619] RDX: ffffc9000399d000 RSI: 000000000002d29a RDI: 000000000002d29b [ 222.895120][T12619] RBP: ffffc90000bff638 R08: ffffffff81980e8e R09: fffffbfff0f6dafd [ 222.902944][T12619] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881f6f00000 [ 222.910744][T12619] R13: 00cf517f3ede05e2 R14: 067a8bf9f6f02f16 R15: 067b037800002ebe [ 222.918560][T12619] FS: 00007f29e6bb06c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 222.927322][T12619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.933744][T12619] CR2: 00007f29e6baff98 CR3: 0000000113e03000 CR4: 00000000003506a0 [ 222.941559][T12619] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 222.949776][T12619] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 222.957586][T12619] Call Trace: [ 222.960711][T12619] [ 222.963488][T12619] ? __die_body+0x62/0xb0 [ 222.967654][T12619] ? die_addr+0x9f/0xd0 [ 222.971666][T12619] ? exc_general_protection+0x317/0x4c0 [ 222.977041][T12619] ? asm_exc_general_protection+0x27/0x30 [ 222.982585][T12619] ? cpu_map_enqueue+0xce/0x370 [ 222.987279][T12619] ? cpu_map_enqueue+0x113/0x370 [ 222.992045][T12619] xdp_do_redirect_frame+0x275/0x800 [ 222.997167][T12619] bpf_test_run_xdp_live+0xc30/0x1f70 [ 223.002375][T12619] ? __kasan_check_write+0x14/0x20 [ 223.007324][T12619] ? bpf_test_run_xdp_live+0x7ae/0x1f70 [ 223.012700][T12619] ? xdp_convert_md_to_buff+0x360/0x360 [ 223.018090][T12619] ? bpf_dispatcher_change_prog+0xd9d/0xf20 [ 223.023824][T12619] ? trace_raw_output_bpf_test_finish+0xd0/0xd0 [ 223.029889][T12619] ? __kasan_check_write+0x14/0x20 [ 223.034834][T12619] ? _copy_from_user+0x90/0xc0 [ 223.039452][T12619] bpf_prog_test_run_xdp+0x7d1/0x1130 [ 223.044652][T12619] ? dev_put+0x80/0x80 [ 223.048550][T12619] ? __kasan_check_write+0x14/0x20 [ 223.053497][T12619] ? fput+0x15b/0x1b0 [ 223.057312][T12619] ? dev_put+0x80/0x80 [ 223.061219][T12619] bpf_prog_test_run+0x3b0/0x630 [ 223.065993][T12619] ? bpf_prog_query+0x260/0x260 [ 223.070678][T12619] ? selinux_bpf+0xd2/0x100 [ 223.075019][T12619] ? security_bpf+0x82/0xb0 [ 223.079358][T12619] __sys_bpf+0x59f/0x7f0 [ 223.083436][T12619] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 223.088645][T12619] ? __x64_sys_futex+0x100/0x100 [ 223.093420][T12619] ? fpregs_restore_userregs+0x130/0x290 [ 223.098889][T12619] __x64_sys_bpf+0x7c/0x90 [ 223.103140][T12619] x64_sys_call+0x87f/0x9a0 [ 223.107478][T12619] do_syscall_64+0x3b/0xb0 [ 223.111733][T12619] ? clear_bhb_loop+0x55/0xb0 [ 223.116244][T12619] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 223.121974][T12619] RIP: 0033:0x7f29e5d7dff9 [ 223.126228][T12619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.145668][T12619] RSP: 002b:00007f29e6bb0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 223.153914][T12619] RAX: ffffffffffffffda RBX: 00007f29e5f35f80 RCX: 00007f29e5d7dff9 [ 223.161724][T12619] RDX: 0000000000000050 RSI: 00000000200000c0 RDI: 000000000000000a [ 223.169536][T12619] RBP: 00007f29e5df0296 R08: 0000000000000000 R09: 0000000000000000 [ 223.177348][T12619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 223.185157][T12619] R13: 0000000000000000 R14: 00007f29e5f35f80 R15: 00007ffc42066398 [ 223.192976][T12619] [ 223.195834][T12619] Modules linked in: [ 223.199605][T12619] ---[ end trace 0000000000000000 ]--- [ 223.204881][T12619] RIP: 0010:cpu_map_enqueue+0x113/0x370 [ 223.210249][T12619] Code: e8 03 42 80 3c 30 00 74 08 48 89 df e8 96 d8 24 00 4c 8b 23 4f 8d 74 3c 58 4d 89 f5 49 c1 ed 03 48 b8 00 00 00 00 00 fc ff df <41> 0f b6 44 05 00 84 c0 0f 85 a8 01 00 00 4d 01 fc 41 8b 1e bf 08 [ 223.229710][T12619] RSP: 0018:ffffc90000bff600 EFLAGS: 00010207 [ 223.235588][T12619] RAX: dffffc0000000000 RBX: ffffffff86745888 RCX: 0000000000040000 [ 223.243413][T12619] RDX: ffffc9000399d000 RSI: 000000000002d29a RDI: 000000000002d29b [ 223.251225][T12619] RBP: ffffc90000bff638 R08: ffffffff81980e8e R09: fffffbfff0f6dafd [ 223.259035][T12619] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881f6f00000 [ 223.266834][T12619] R13: 00cf517f3ede05e2 R14: 067a8bf9f6f02f16 R15: 067b037800002ebe [ 223.274661][T12619] FS: 00007f29e6bb06c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 223.283425][T12619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.289844][T12619] CR2: 00007f29e6baff98 CR3: 0000000113e03000 CR4: 00000000003506a0 [ 223.297665][T12619] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 223.305471][T12619] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 223.313296][T12619] Kernel panic - not syncing: Fatal exception in interrupt [ 223.320522][T12619] Kernel Offset: disabled [ 223.324642][T12619] Rebooting in 86400 seconds..